You can use the POST /environments/{{envID}}/signOnPolicies endpoint to create the new sign-on policy. In the request, the name property is required and must be unique within the environment. The description property is optional, but recommended.

The response shows the property data for the new sign-on policy. It includes an actions HAL link to the sign-on policy actions endpoint, which is used to assign an action to the new sign-on policy. The policy must have at least one associated action before it can be assigned to an application.