If a sign-on policy doesn’t already exist, create a sign-on policy for the new identity provider in the destination environment. Use a POST {{apiPath}}/environments/{{destinationEnvID}}/signOnPolicies request.

See Create Sign On Policy for more information.