To test the sign-on policy associated with your application, the GET /{{envID}}/as/authorize operation queries the authorization server and returns an HTTP Location header that contains the URL for the application’s sign-on screen. You can open the URL in a browser to view the fields for the passwordless sign-on screen.

Note: The authorize request includes the following query parameters in the request URL: client_id, response_type, redirect_uri, and scope. For more information about authorize requests, see Authorization and authentication by application type.