You can use the POST /environments/{{envID}}/signOnPolicies endpoint to create the new sign-on policy.

In the request, the name property is required and must be unique within the environment. The description property is optional, but recommended. The default property is optional, and should be set only if you want this sign-on policy to be the default policy for all applications in the environment. If this property is not set to true in the request, the value is set automatically to false.

Note: The default property is shown in this example for illustrative purposes only. If you are working through this task, please omit the "default": "true" property from your request.

The response shows the property data for the new sign-on policy. It includes an actions HAL link to the sign-on policy actions endpoint, which is used to assign an action to the new sign-on policy. The policy must have at least one associated action before it can be assigned to an application.