After completing the actions specified by the sign-on policy, the authentication UI redirects to the resume endpoint, which is specified in the resumeUrl property in the flow resource.

The following sample shows the /{environmentId}/as/resume operation to return the flow back to the authorization service, specifying the flowID in the request URL and the current session token in the request header.

curl -X GET \
  'https://auth.pingone.com/{environmentId}/as/resume?flowId=' \
  -H 'Cookie: ST=<sessionToken>'