---
title: Create Experience
description: Use POST {{apiPath}}/v1/environments/{{envID}}/experiences to create a user sign-on experience, either for all users or for a particular set of users.
component: pingone-api
page_id: pingone-api:platform:experiences/create-experience
canonical_url: https://developer.pingidentity.com/pingone-api/platform/experiences/create-experience.html
llms_txt: https://developer.pingidentity.com/pingone-api/llms.txt
docs_for_agents: https://developer.pingidentity.com/build-with-ai/docs-for-agents.md
section_ids:
  headers: Headers
  body: Body
  example-request: Example Request
  example-response: Example Response
---

# Create Experience

##

```none
POST {{apiPath}}/v1/environments/{{envID}}/experiences
```

Use `POST {{apiPath}}/v1/environments/{{envID}}/experiences` to create a user sign-on experience, either for all users or for a particular set of users.

### Headers

Authorization      Bearer {{accessToken}}

Content-Type      application/json

### Body

raw ( application/json )

```json
{
  "flowType": "USERNAME_AND_PASSWORD",
  "name": "newUserPasswordFlow",
  "description": "",
  "firstFactor": {
    "passwordless": {
      "enabled": false,
      "usernameFirst": false,
      "passkeyPolicies": []
    },
    "passkeyOrBioMetric": {
      "enabled": false,
      "passkeyPolicies": []
    },
    "identityProviders": {
      "enabled": true,
      "socialProviders": [
        {
            "id": "0c9268fd-492e-4cd5-bdc8-33b1273521e1",
            "name": "OPENID_CONNECT",
            "type": "OPENID_CONNECT"

        }
      ]
    },
    "rememberMe": true,
    "sessionTimeout": {
      "enabled": true,
      "unit": "HH",
      "value": "128"
    }
  },
  "mfa": {
    "enabled": true,
    "accessPolicies": [
      {
        "id": "{{deviceAuthPolicy}}",
        "type": "STANDARD_MFA"
      }
    ],
    "sessionTimeout": {
      "enabled": true,
      "unit": "HH",
      "value": "128"
    },
    "enrollment": {
      "enabled": true,
      "required": false,
      "policies": [
        {
          "id": "{{deviceAuthPolicy}}",
          "type": "STANDARD_MFA"
        }
      ]
    }
  },
  "accountRecovery": {
    "enabled": false,
    "accessPolicies": []
  },
  "registration": {
    "enabled": true,
    "population": {
      "id": "{{popID}}"
    },
    "enrollment": {
      "enabled": true,
      "required": false,
      "policies": [
        {
          "id": "{{deviceAuthPolicy}}",
          "type": "STANDARD_MFA"
        }
      ]
    },
    "attributeList": [
      {
        "name": "email",
        "required": true
      },
      {
        "name": "password",
        "required": true
      }
    ],
    "requireAccountVerification": true,
    "botDetection": {
      "enabled": false,
      "accessPolicies": []
    },
    "termsOfService": {
      "enabled": true,
      "agreementPolicy": {
        "id": "{{agreementID}}"
      }
    }
  },
  "theme": {
    "id": "{{themeID}}"
  }
}
```

##

### Example Request

* cURL

* C#

* Go

* HTTP

* Java

* jQuery

* NodeJS

* Python

* PHP

* Ruby

* Swift

```shell
curl --location --globoff '{{apiPath}}/v1/environments/{{envID}}/experiences' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {{accessToken}}' \
--data '{
  "flowType": "USERNAME_AND_PASSWORD",
  "name": "newUserPasswordFlow",
  "description": "",
  "firstFactor": {
    "passwordless": {
      "enabled": false,
      "usernameFirst": false,
      "passkeyPolicies": []
    },
    "passkeyOrBioMetric": {
      "enabled": false,
      "passkeyPolicies": []
    },
    "identityProviders": {
      "enabled": true,
      "socialProviders": [
        {
            "id": "0c9268fd-492e-4cd5-bdc8-33b1273521e1",
            "name": "OPENID_CONNECT",
            "type": "OPENID_CONNECT"

        }
      ]
    },
    "rememberMe": true,
    "sessionTimeout": {
      "enabled": true,
      "unit": "HH",
      "value": "128"
    }
  },
  "mfa": {
    "enabled": true,
    "accessPolicies": [
      {
        "id": "{{deviceAuthPolicy}}",
        "type": "STANDARD_MFA"
      }
    ],
    "sessionTimeout": {
      "enabled": true,
      "unit": "HH",
      "value": "128"
    },
    "enrollment": {
      "enabled": true,
      "required": false,
      "policies": [
        {
          "id": "{{deviceAuthPolicy}}",
          "type": "STANDARD_MFA"
        }
      ]
    }
  },
  "accountRecovery": {
    "enabled": false,
    "accessPolicies": []
  },
  "registration": {
    "enabled": true,
    "population": {
      "id": "{{popID}}"
    },
    "enrollment": {
      "enabled": true,
      "required": false,
      "policies": [
        {
          "id": "{{deviceAuthPolicy}}",
          "type": "STANDARD_MFA"
        }
      ]
    },
    "attributeList": [
      {
        "name": "email",
        "required": true
      },
      {
        "name": "password",
        "required": true
      }
    ],
    "requireAccountVerification": true,
    "botDetection": {
      "enabled": false,
      "accessPolicies": []
    },
    "termsOfService": {
      "enabled": true,
      "agreementPolicy": {
        "id": "{{agreementID}}"
      }
    }
  },
  "theme": {
    "id": "{{themeID}}"
  }
}'
```

```csharp
var options = new RestClientOptions("{{apiPath}}/v1/environments/{{envID}}/experiences")
{
  MaxTimeout = -1,
};
var client = new RestClient(options);
var request = new RestRequest("", Method.Post);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Authorization", "Bearer {{accessToken}}");
var body = @"{" + "\n" +
@"  ""flowType"": ""USERNAME_AND_PASSWORD""," + "\n" +
@"  ""name"": ""newUserPasswordFlow""," + "\n" +
@"  ""description"": """"," + "\n" +
@"  ""firstFactor"": {" + "\n" +
@"    ""passwordless"": {" + "\n" +
@"      ""enabled"": false," + "\n" +
@"      ""usernameFirst"": false," + "\n" +
@"      ""passkeyPolicies"": []" + "\n" +
@"    }," + "\n" +
@"    ""passkeyOrBioMetric"": {" + "\n" +
@"      ""enabled"": false," + "\n" +
@"      ""passkeyPolicies"": []" + "\n" +
@"    }," + "\n" +
@"    ""identityProviders"": {" + "\n" +
@"      ""enabled"": true," + "\n" +
@"      ""socialProviders"": [" + "\n" +
@"        {" + "\n" +
@"            ""id"": ""0c9268fd-492e-4cd5-bdc8-33b1273521e1""," + "\n" +
@"            ""name"": ""OPENID_CONNECT""," + "\n" +
@"            ""type"": ""OPENID_CONNECT""" + "\n" +
@"" + "\n" +
@"        }" + "\n" +
@"      ]" + "\n" +
@"    }," + "\n" +
@"    ""rememberMe"": true," + "\n" +
@"    ""sessionTimeout"": {" + "\n" +
@"      ""enabled"": true," + "\n" +
@"      ""unit"": ""HH""," + "\n" +
@"      ""value"": ""128""" + "\n" +
@"    }" + "\n" +
@"  }," + "\n" +
@"  ""mfa"": {" + "\n" +
@"    ""enabled"": true," + "\n" +
@"    ""accessPolicies"": [" + "\n" +
@"      {" + "\n" +
@"        ""id"": ""{{deviceAuthPolicy}}""," + "\n" +
@"        ""type"": ""STANDARD_MFA""" + "\n" +
@"      }" + "\n" +
@"    ]," + "\n" +
@"    ""sessionTimeout"": {" + "\n" +
@"      ""enabled"": true," + "\n" +
@"      ""unit"": ""HH""," + "\n" +
@"      ""value"": ""128""" + "\n" +
@"    }," + "\n" +
@"    ""enrollment"": {" + "\n" +
@"      ""enabled"": true," + "\n" +
@"      ""required"": false," + "\n" +
@"      ""policies"": [" + "\n" +
@"        {" + "\n" +
@"          ""id"": ""{{deviceAuthPolicy}}""," + "\n" +
@"          ""type"": ""STANDARD_MFA""" + "\n" +
@"        }" + "\n" +
@"      ]" + "\n" +
@"    }" + "\n" +
@"  }," + "\n" +
@"  ""accountRecovery"": {" + "\n" +
@"    ""enabled"": false," + "\n" +
@"    ""accessPolicies"": []" + "\n" +
@"  }," + "\n" +
@"  ""registration"": {" + "\n" +
@"    ""enabled"": true," + "\n" +
@"    ""population"": {" + "\n" +
@"      ""id"": ""{{popID}}""" + "\n" +
@"    }," + "\n" +
@"    ""enrollment"": {" + "\n" +
@"      ""enabled"": true," + "\n" +
@"      ""required"": false," + "\n" +
@"      ""policies"": [" + "\n" +
@"        {" + "\n" +
@"          ""id"": ""{{deviceAuthPolicy}}""," + "\n" +
@"          ""type"": ""STANDARD_MFA""" + "\n" +
@"        }" + "\n" +
@"      ]" + "\n" +
@"    }," + "\n" +
@"    ""attributeList"": [" + "\n" +
@"      {" + "\n" +
@"        ""name"": ""email""," + "\n" +
@"        ""required"": true" + "\n" +
@"      }," + "\n" +
@"      {" + "\n" +
@"        ""name"": ""password""," + "\n" +
@"        ""required"": true" + "\n" +
@"      }" + "\n" +
@"    ]," + "\n" +
@"    ""requireAccountVerification"": true," + "\n" +
@"    ""botDetection"": {" + "\n" +
@"      ""enabled"": false," + "\n" +
@"      ""accessPolicies"": []" + "\n" +
@"    }," + "\n" +
@"    ""termsOfService"": {" + "\n" +
@"      ""enabled"": true," + "\n" +
@"      ""agreementPolicy"": {" + "\n" +
@"        ""id"": ""{{agreementID}}""" + "\n" +
@"      }" + "\n" +
@"    }" + "\n" +
@"  }," + "\n" +
@"  ""theme"": {" + "\n" +
@"    ""id"": ""{{themeID}}""" + "\n" +
@"  }" + "\n" +
@"}" + "\n" +
@"";
request.AddStringBody(body, DataFormat.Json);
RestResponse response = await client.ExecuteAsync(request);
Console.WriteLine(response.Content);
```

```golang
package main

import (
  "fmt"
  "strings"
  "net/http"
  "io"
)

func main() {

  url := "{{apiPath}}/v1/environments/{{envID}}/experiences"
  method := "POST"

  payload := strings.NewReader(`{
  "flowType": "USERNAME_AND_PASSWORD",
  "name": "newUserPasswordFlow",
  "description": "",
  "firstFactor": {
    "passwordless": {
      "enabled": false,
      "usernameFirst": false,
      "passkeyPolicies": []
    },
    "passkeyOrBioMetric": {
      "enabled": false,
      "passkeyPolicies": []
    },
    "identityProviders": {
      "enabled": true,
      "socialProviders": [
        {
            "id": "0c9268fd-492e-4cd5-bdc8-33b1273521e1",
            "name": "OPENID_CONNECT",
            "type": "OPENID_CONNECT"

        }
      ]
    },
    "rememberMe": true,
    "sessionTimeout": {
      "enabled": true,
      "unit": "HH",
      "value": "128"
    }
  },
  "mfa": {
    "enabled": true,
    "accessPolicies": [
      {
        "id": "{{deviceAuthPolicy}}",
        "type": "STANDARD_MFA"
      }
    ],
    "sessionTimeout": {
      "enabled": true,
      "unit": "HH",
      "value": "128"
    },
    "enrollment": {
      "enabled": true,
      "required": false,
      "policies": [
        {
          "id": "{{deviceAuthPolicy}}",
          "type": "STANDARD_MFA"
        }
      ]
    }
  },
  "accountRecovery": {
    "enabled": false,
    "accessPolicies": []
  },
  "registration": {
    "enabled": true,
    "population": {
      "id": "{{popID}}"
    },
    "enrollment": {
      "enabled": true,
      "required": false,
      "policies": [
        {
          "id": "{{deviceAuthPolicy}}",
          "type": "STANDARD_MFA"
        }
      ]
    },
    "attributeList": [
      {
        "name": "email",
        "required": true
      },
      {
        "name": "password",
        "required": true
      }
    ],
    "requireAccountVerification": true,
    "botDetection": {
      "enabled": false,
      "accessPolicies": []
    },
    "termsOfService": {
      "enabled": true,
      "agreementPolicy": {
        "id": "{{agreementID}}"
      }
    }
  },
  "theme": {
    "id": "{{themeID}}"
  }
}`)

  client := &http.Client {
  }
  req, err := http.NewRequest(method, url, payload)

  if err != nil {
    fmt.Println(err)
    return
  }
  req.Header.Add("Content-Type", "application/json")
  req.Header.Add("Authorization", "Bearer {{accessToken}}")

  res, err := client.Do(req)
  if err != nil {
    fmt.Println(err)
    return
  }
  defer res.Body.Close()

  body, err := io.ReadAll(res.Body)
  if err != nil {
    fmt.Println(err)
    return
  }
  fmt.Println(string(body))
}
```

```http
POST /v1/environments/{{envID}}/experiences HTTP/1.1
Host: {{apiPath}}
Content-Type: application/json
Authorization: Bearer {{accessToken}}

{
  "flowType": "USERNAME_AND_PASSWORD",
  "name": "newUserPasswordFlow",
  "description": "",
  "firstFactor": {
    "passwordless": {
      "enabled": false,
      "usernameFirst": false,
      "passkeyPolicies": []
    },
    "passkeyOrBioMetric": {
      "enabled": false,
      "passkeyPolicies": []
    },
    "identityProviders": {
      "enabled": true,
      "socialProviders": [
        {
            "id": "0c9268fd-492e-4cd5-bdc8-33b1273521e1",
            "name": "OPENID_CONNECT",
            "type": "OPENID_CONNECT"

        }
      ]
    },
    "rememberMe": true,
    "sessionTimeout": {
      "enabled": true,
      "unit": "HH",
      "value": "128"
    }
  },
  "mfa": {
    "enabled": true,
    "accessPolicies": [
      {
        "id": "{{deviceAuthPolicy}}",
        "type": "STANDARD_MFA"
      }
    ],
    "sessionTimeout": {
      "enabled": true,
      "unit": "HH",
      "value": "128"
    },
    "enrollment": {
      "enabled": true,
      "required": false,
      "policies": [
        {
          "id": "{{deviceAuthPolicy}}",
          "type": "STANDARD_MFA"
        }
      ]
    }
  },
  "accountRecovery": {
    "enabled": false,
    "accessPolicies": []
  },
  "registration": {
    "enabled": true,
    "population": {
      "id": "{{popID}}"
    },
    "enrollment": {
      "enabled": true,
      "required": false,
      "policies": [
        {
          "id": "{{deviceAuthPolicy}}",
          "type": "STANDARD_MFA"
        }
      ]
    },
    "attributeList": [
      {
        "name": "email",
        "required": true
      },
      {
        "name": "password",
        "required": true
      }
    ],
    "requireAccountVerification": true,
    "botDetection": {
      "enabled": false,
      "accessPolicies": []
    },
    "termsOfService": {
      "enabled": true,
      "agreementPolicy": {
        "id": "{{agreementID}}"
      }
    }
  },
  "theme": {
    "id": "{{themeID}}"
  }
}
```

```java
OkHttpClient client = new OkHttpClient().newBuilder()
  .build();
MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\n  \"flowType\": \"USERNAME_AND_PASSWORD\",\n  \"name\": \"newUserPasswordFlow\",\n  \"description\": \"\",\n  \"firstFactor\": {\n    \"passwordless\": {\n      \"enabled\": false,\n      \"usernameFirst\": false,\n      \"passkeyPolicies\": []\n    },\n    \"passkeyOrBioMetric\": {\n      \"enabled\": false,\n      \"passkeyPolicies\": []\n    },\n    \"identityProviders\": {\n      \"enabled\": true,\n      \"socialProviders\": [\n        {\n            \"id\": \"0c9268fd-492e-4cd5-bdc8-33b1273521e1\",\n            \"name\": \"OPENID_CONNECT\",\n            \"type\": \"OPENID_CONNECT\"\n\n        }\n      ]\n    },\n    \"rememberMe\": true,\n    \"sessionTimeout\": {\n      \"enabled\": true,\n      \"unit\": \"HH\",\n      \"value\": \"128\"\n    }\n  },\n  \"mfa\": {\n    \"enabled\": true,\n    \"accessPolicies\": [\n      {\n        \"id\": \"{{deviceAuthPolicy}}\",\n        \"type\": \"STANDARD_MFA\"\n      }\n    ],\n    \"sessionTimeout\": {\n      \"enabled\": true,\n      \"unit\": \"HH\",\n      \"value\": \"128\"\n    },\n    \"enrollment\": {\n      \"enabled\": true,\n      \"required\": false,\n      \"policies\": [\n        {\n          \"id\": \"{{deviceAuthPolicy}}\",\n          \"type\": \"STANDARD_MFA\"\n        }\n      ]\n    }\n  },\n  \"accountRecovery\": {\n    \"enabled\": false,\n    \"accessPolicies\": []\n  },\n  \"registration\": {\n    \"enabled\": true,\n    \"population\": {\n      \"id\": \"{{popID}}\"\n    },\n    \"enrollment\": {\n      \"enabled\": true,\n      \"required\": false,\n      \"policies\": [\n        {\n          \"id\": \"{{deviceAuthPolicy}}\",\n          \"type\": \"STANDARD_MFA\"\n        }\n      ]\n    },\n    \"attributeList\": [\n      {\n        \"name\": \"email\",\n        \"required\": true\n      },\n      {\n        \"name\": \"password\",\n        \"required\": true\n      }\n    ],\n    \"requireAccountVerification\": true,\n    \"botDetection\": {\n      \"enabled\": false,\n      \"accessPolicies\": []\n    },\n    \"termsOfService\": {\n      \"enabled\": true,\n      \"agreementPolicy\": {\n        \"id\": \"{{agreementID}}\"\n      }\n    }\n  },\n  \"theme\": {\n    \"id\": \"{{themeID}}\"\n  }\n}\n");
Request request = new Request.Builder()
  .url("{{apiPath}}/v1/environments/{{envID}}/experiences")
  .method("POST", body)
  .addHeader("Content-Type", "application/json")
  .addHeader("Authorization", "Bearer {{accessToken}}")
  .build();
Response response = client.newCall(request).execute();
```

```javascript
var settings = {
  "url": "{{apiPath}}/v1/environments/{{envID}}/experiences",
  "method": "POST",
  "timeout": 0,
  "headers": {
    "Content-Type": "application/json",
    "Authorization": "Bearer {{accessToken}}"
  },
  "data": JSON.stringify({
    "flowType": "USERNAME_AND_PASSWORD",
    "name": "newUserPasswordFlow",
    "description": "",
    "firstFactor": {
      "passwordless": {
        "enabled": false,
        "usernameFirst": false,
        "passkeyPolicies": []
      },
      "passkeyOrBioMetric": {
        "enabled": false,
        "passkeyPolicies": []
      },
      "identityProviders": {
        "enabled": true,
        "socialProviders": [
          {
            "id": "0c9268fd-492e-4cd5-bdc8-33b1273521e1",
            "name": "OPENID_CONNECT",
            "type": "OPENID_CONNECT"
          }
        ]
      },
      "rememberMe": true,
      "sessionTimeout": {
        "enabled": true,
        "unit": "HH",
        "value": "128"
      }
    },
    "mfa": {
      "enabled": true,
      "accessPolicies": [
        {
          "id": "{{deviceAuthPolicy}}",
          "type": "STANDARD_MFA"
        }
      ],
      "sessionTimeout": {
        "enabled": true,
        "unit": "HH",
        "value": "128"
      },
      "enrollment": {
        "enabled": true,
        "required": false,
        "policies": [
          {
            "id": "{{deviceAuthPolicy}}",
            "type": "STANDARD_MFA"
          }
        ]
      }
    },
    "accountRecovery": {
      "enabled": false,
      "accessPolicies": []
    },
    "registration": {
      "enabled": true,
      "population": {
        "id": "{{popID}}"
      },
      "enrollment": {
        "enabled": true,
        "required": false,
        "policies": [
          {
            "id": "{{deviceAuthPolicy}}",
            "type": "STANDARD_MFA"
          }
        ]
      },
      "attributeList": [
        {
          "name": "email",
          "required": true
        },
        {
          "name": "password",
          "required": true
        }
      ],
      "requireAccountVerification": true,
      "botDetection": {
        "enabled": false,
        "accessPolicies": []
      },
      "termsOfService": {
        "enabled": true,
        "agreementPolicy": {
          "id": "{{agreementID}}"
        }
      }
    },
    "theme": {
      "id": "{{themeID}}"
    }
  }),
};

$.ajax(settings).done(function (response) {
  console.log(response);
});
```

```javascript
var request = require('request');
var options = {
  'method': 'POST',
  'url': '{{apiPath}}/v1/environments/{{envID}}/experiences',
  'headers': {
    'Content-Type': 'application/json',
    'Authorization': 'Bearer {{accessToken}}'
  },
  body: JSON.stringify({
    "flowType": "USERNAME_AND_PASSWORD",
    "name": "newUserPasswordFlow",
    "description": "",
    "firstFactor": {
      "passwordless": {
        "enabled": false,
        "usernameFirst": false,
        "passkeyPolicies": []
      },
      "passkeyOrBioMetric": {
        "enabled": false,
        "passkeyPolicies": []
      },
      "identityProviders": {
        "enabled": true,
        "socialProviders": [
          {
            "id": "0c9268fd-492e-4cd5-bdc8-33b1273521e1",
            "name": "OPENID_CONNECT",
            "type": "OPENID_CONNECT"
          }
        ]
      },
      "rememberMe": true,
      "sessionTimeout": {
        "enabled": true,
        "unit": "HH",
        "value": "128"
      }
    },
    "mfa": {
      "enabled": true,
      "accessPolicies": [
        {
          "id": "{{deviceAuthPolicy}}",
          "type": "STANDARD_MFA"
        }
      ],
      "sessionTimeout": {
        "enabled": true,
        "unit": "HH",
        "value": "128"
      },
      "enrollment": {
        "enabled": true,
        "required": false,
        "policies": [
          {
            "id": "{{deviceAuthPolicy}}",
            "type": "STANDARD_MFA"
          }
        ]
      }
    },
    "accountRecovery": {
      "enabled": false,
      "accessPolicies": []
    },
    "registration": {
      "enabled": true,
      "population": {
        "id": "{{popID}}"
      },
      "enrollment": {
        "enabled": true,
        "required": false,
        "policies": [
          {
            "id": "{{deviceAuthPolicy}}",
            "type": "STANDARD_MFA"
          }
        ]
      },
      "attributeList": [
        {
          "name": "email",
          "required": true
        },
        {
          "name": "password",
          "required": true
        }
      ],
      "requireAccountVerification": true,
      "botDetection": {
        "enabled": false,
        "accessPolicies": []
      },
      "termsOfService": {
        "enabled": true,
        "agreementPolicy": {
          "id": "{{agreementID}}"
        }
      }
    },
    "theme": {
      "id": "{{themeID}}"
    }
  })

};
request(options, function (error, response) {
  if (error) throw new Error(error);
  console.log(response.body);
});
```

```python
import requests
import json

url = "{{apiPath}}/v1/environments/{{envID}}/experiences"

payload = json.dumps({
  "flowType": "USERNAME_AND_PASSWORD",
  "name": "newUserPasswordFlow",
  "description": "",
  "firstFactor": {
    "passwordless": {
      "enabled": False,
      "usernameFirst": False,
      "passkeyPolicies": []
    },
    "passkeyOrBioMetric": {
      "enabled": False,
      "passkeyPolicies": []
    },
    "identityProviders": {
      "enabled": True,
      "socialProviders": [
        {
          "id": "0c9268fd-492e-4cd5-bdc8-33b1273521e1",
          "name": "OPENID_CONNECT",
          "type": "OPENID_CONNECT"
        }
      ]
    },
    "rememberMe": True,
    "sessionTimeout": {
      "enabled": True,
      "unit": "HH",
      "value": "128"
    }
  },
  "mfa": {
    "enabled": True,
    "accessPolicies": [
      {
        "id": "{{deviceAuthPolicy}}",
        "type": "STANDARD_MFA"
      }
    ],
    "sessionTimeout": {
      "enabled": True,
      "unit": "HH",
      "value": "128"
    },
    "enrollment": {
      "enabled": True,
      "required": False,
      "policies": [
        {
          "id": "{{deviceAuthPolicy}}",
          "type": "STANDARD_MFA"
        }
      ]
    }
  },
  "accountRecovery": {
    "enabled": False,
    "accessPolicies": []
  },
  "registration": {
    "enabled": True,
    "population": {
      "id": "{{popID}}"
    },
    "enrollment": {
      "enabled": True,
      "required": False,
      "policies": [
        {
          "id": "{{deviceAuthPolicy}}",
          "type": "STANDARD_MFA"
        }
      ]
    },
    "attributeList": [
      {
        "name": "email",
        "required": True
      },
      {
        "name": "password",
        "required": True
      }
    ],
    "requireAccountVerification": True,
    "botDetection": {
      "enabled": False,
      "accessPolicies": []
    },
    "termsOfService": {
      "enabled": True,
      "agreementPolicy": {
        "id": "{{agreementID}}"
      }
    }
  },
  "theme": {
    "id": "{{themeID}}"
  }
})
headers = {
  'Content-Type': 'application/json',
  'Authorization': 'Bearer {{accessToken}}'
}

response = requests.request("POST", url, headers=headers, data=payload)

print(response.text)
```

```php
<?php
require_once 'HTTP/Request2.php';
$request = new HTTP_Request2();
$request->setUrl('{{apiPath}}/v1/environments/{{envID}}/experiences');
$request->setMethod(HTTP_Request2::METHOD_POST);
$request->setConfig(array(
  'follow_redirects' => TRUE
));
$request->setHeader(array(
  'Content-Type' => 'application/json',
  'Authorization' => 'Bearer {{accessToken}}'
));
$request->setBody('{\n  "flowType": "USERNAME_AND_PASSWORD",\n  "name": "newUserPasswordFlow",\n  "description": "",\n  "firstFactor": {\n    "passwordless": {\n      "enabled": false,\n      "usernameFirst": false,\n      "passkeyPolicies": []\n    },\n    "passkeyOrBioMetric": {\n      "enabled": false,\n      "passkeyPolicies": []\n    },\n    "identityProviders": {\n      "enabled": true,\n      "socialProviders": [\n        {\n            "id": "0c9268fd-492e-4cd5-bdc8-33b1273521e1",\n            "name": "OPENID_CONNECT",\n            "type": "OPENID_CONNECT"\n\n        }\n      ]\n    },\n    "rememberMe": true,\n    "sessionTimeout": {\n      "enabled": true,\n      "unit": "HH",\n      "value": "128"\n    }\n  },\n  "mfa": {\n    "enabled": true,\n    "accessPolicies": [\n      {\n        "id": "{{deviceAuthPolicy}}",\n        "type": "STANDARD_MFA"\n      }\n    ],\n    "sessionTimeout": {\n      "enabled": true,\n      "unit": "HH",\n      "value": "128"\n    },\n    "enrollment": {\n      "enabled": true,\n      "required": false,\n      "policies": [\n        {\n          "id": "{{deviceAuthPolicy}}",\n          "type": "STANDARD_MFA"\n        }\n      ]\n    }\n  },\n  "accountRecovery": {\n    "enabled": false,\n    "accessPolicies": []\n  },\n  "registration": {\n    "enabled": true,\n    "population": {\n      "id": "{{popID}}"\n    },\n    "enrollment": {\n      "enabled": true,\n      "required": false,\n      "policies": [\n        {\n          "id": "{{deviceAuthPolicy}}",\n          "type": "STANDARD_MFA"\n        }\n      ]\n    },\n    "attributeList": [\n      {\n        "name": "email",\n        "required": true\n      },\n      {\n        "name": "password",\n        "required": true\n      }\n    ],\n    "requireAccountVerification": true,\n    "botDetection": {\n      "enabled": false,\n      "accessPolicies": []\n    },\n    "termsOfService": {\n      "enabled": true,\n      "agreementPolicy": {\n        "id": "{{agreementID}}"\n      }\n    }\n  },\n  "theme": {\n    "id": "{{themeID}}"\n  }\n}');
try {
  $response = $request->send();
  if ($response->getStatus() == 200) {
    echo $response->getBody();
  }
  else {
    echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' .
    $response->getReasonPhrase();
  }
}
catch(HTTP_Request2_Exception $e) {
  echo 'Error: ' . $e->getMessage();
}
```

```ruby
require "uri"
require "json"
require "net/http"

url = URI("{{apiPath}}/v1/environments/{{envID}}/experiences")

http = Net::HTTP.new(url.host, url.port);
request = Net::HTTP::Post.new(url)
request["Content-Type"] = "application/json"
request["Authorization"] = "Bearer {{accessToken}}"
request.body = JSON.dump({
  "flowType": "USERNAME_AND_PASSWORD",
  "name": "newUserPasswordFlow",
  "description": "",
  "firstFactor": {
    "passwordless": {
      "enabled": false,
      "usernameFirst": false,
      "passkeyPolicies": []
    },
    "passkeyOrBioMetric": {
      "enabled": false,
      "passkeyPolicies": []
    },
    "identityProviders": {
      "enabled": true,
      "socialProviders": [
        {
          "id": "0c9268fd-492e-4cd5-bdc8-33b1273521e1",
          "name": "OPENID_CONNECT",
          "type": "OPENID_CONNECT"
        }
      ]
    },
    "rememberMe": true,
    "sessionTimeout": {
      "enabled": true,
      "unit": "HH",
      "value": "128"
    }
  },
  "mfa": {
    "enabled": true,
    "accessPolicies": [
      {
        "id": "{{deviceAuthPolicy}}",
        "type": "STANDARD_MFA"
      }
    ],
    "sessionTimeout": {
      "enabled": true,
      "unit": "HH",
      "value": "128"
    },
    "enrollment": {
      "enabled": true,
      "required": false,
      "policies": [
        {
          "id": "{{deviceAuthPolicy}}",
          "type": "STANDARD_MFA"
        }
      ]
    }
  },
  "accountRecovery": {
    "enabled": false,
    "accessPolicies": []
  },
  "registration": {
    "enabled": true,
    "population": {
      "id": "{{popID}}"
    },
    "enrollment": {
      "enabled": true,
      "required": false,
      "policies": [
        {
          "id": "{{deviceAuthPolicy}}",
          "type": "STANDARD_MFA"
        }
      ]
    },
    "attributeList": [
      {
        "name": "email",
        "required": true
      },
      {
        "name": "password",
        "required": true
      }
    ],
    "requireAccountVerification": true,
    "botDetection": {
      "enabled": false,
      "accessPolicies": []
    },
    "termsOfService": {
      "enabled": true,
      "agreementPolicy": {
        "id": "{{agreementID}}"
      }
    }
  },
  "theme": {
    "id": "{{themeID}}"
  }
})

response = http.request(request)
puts response.read_body
```

```swift
let parameters = "{\n  \"flowType\": \"USERNAME_AND_PASSWORD\",\n  \"name\": \"newUserPasswordFlow\",\n  \"description\": \"\",\n  \"firstFactor\": {\n    \"passwordless\": {\n      \"enabled\": false,\n      \"usernameFirst\": false,\n      \"passkeyPolicies\": []\n    },\n    \"passkeyOrBioMetric\": {\n      \"enabled\": false,\n      \"passkeyPolicies\": []\n    },\n    \"identityProviders\": {\n      \"enabled\": true,\n      \"socialProviders\": [\n        {\n            \"id\": \"0c9268fd-492e-4cd5-bdc8-33b1273521e1\",\n            \"name\": \"OPENID_CONNECT\",\n            \"type\": \"OPENID_CONNECT\"\n\n        }\n      ]\n    },\n    \"rememberMe\": true,\n    \"sessionTimeout\": {\n      \"enabled\": true,\n      \"unit\": \"HH\",\n      \"value\": \"128\"\n    }\n  },\n  \"mfa\": {\n    \"enabled\": true,\n    \"accessPolicies\": [\n      {\n        \"id\": \"{{deviceAuthPolicy}}\",\n        \"type\": \"STANDARD_MFA\"\n      }\n    ],\n    \"sessionTimeout\": {\n      \"enabled\": true,\n      \"unit\": \"HH\",\n      \"value\": \"128\"\n    },\n    \"enrollment\": {\n      \"enabled\": true,\n      \"required\": false,\n      \"policies\": [\n        {\n          \"id\": \"{{deviceAuthPolicy}}\",\n          \"type\": \"STANDARD_MFA\"\n        }\n      ]\n    }\n  },\n  \"accountRecovery\": {\n    \"enabled\": false,\n    \"accessPolicies\": []\n  },\n  \"registration\": {\n    \"enabled\": true,\n    \"population\": {\n      \"id\": \"{{popID}}\"\n    },\n    \"enrollment\": {\n      \"enabled\": true,\n      \"required\": false,\n      \"policies\": [\n        {\n          \"id\": \"{{deviceAuthPolicy}}\",\n          \"type\": \"STANDARD_MFA\"\n        }\n      ]\n    },\n    \"attributeList\": [\n      {\n        \"name\": \"email\",\n        \"required\": true\n      },\n      {\n        \"name\": \"password\",\n        \"required\": true\n      }\n    ],\n    \"requireAccountVerification\": true,\n    \"botDetection\": {\n      \"enabled\": false,\n      \"accessPolicies\": []\n    },\n    \"termsOfService\": {\n      \"enabled\": true,\n      \"agreementPolicy\": {\n        \"id\": \"{{agreementID}}\"\n      }\n    }\n  },\n  \"theme\": {\n    \"id\": \"{{themeID}}\"\n  }\n}"
let postData = parameters.data(using: .utf8)

var request = URLRequest(url: URL(string: "{{apiPath}}/v1/environments/{{envID}}/experiences")!,timeoutInterval: Double.infinity)
request.addValue("application/json", forHTTPHeaderField: "Content-Type")
request.addValue("Bearer {{accessToken}}", forHTTPHeaderField: "Authorization")

request.httpMethod = "POST"
request.httpBody = postData

let task = URLSession.shared.dataTask(with: request) { data, response, error in
  guard let data = data else {
    print(String(describing: error))
    return
  }
  print(String(data: data, encoding: .utf8)!)
}

task.resume()
```

### Example Response

201 Created

```json
{
    "_links": {
        "self": {
            "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/experiences/995be6eb-7cbb-4e6f-a1aa-75a370b23d01"
        },
        "environment": {
            "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6"
        },
        "theme": {
            "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/themes/5ab94557-59c3-4afc-bbf6-046444bd04b8"
        },
        "identityProviders.socialProviders.0": {
            "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/identityProviders/0c9268fd-492e-4cd5-bdc8-33b1273521e1"
        },
        "mfa.accessPolicies.0": {
            "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/deviceAuthenticationPolicies/f3ebf6b8-9902-4421-af59-54b1b99969fa"
        },
        "mfa.enrollment.policies.0": {
            "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/deviceAuthenticationPolicies/f3ebf6b8-9902-4421-af59-54b1b99969fa"
        },
        "population": {
            "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/populations/89a7de36-c2ce-48d6-b453-9d7a7dd4dc3a"
        },
        "registration.enrollment.policies.0": {
            "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/deviceAuthenticationPolicies/f3ebf6b8-9902-4421-af59-54b1b99969fa"
        },
        "termsOfServiceAgreement": {
            "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/agreements/363ef235-f6fe-4bc7-ae3d-63217482f57f"
        }
    },
    "id": "995be6eb-7cbb-4e6f-a1aa-75a370b23d01",
    "name": "newUserPasswordFlow",
    "description": "",
    "flowType": "USERNAME_AND_PASSWORD",
    "firstFactor": {
        "passwordless": {
            "enabled": false,
            "usernameFirst": false,
            "passkeyPolicies": []
        },
        "passkeyOrBioMetric": {
            "enabled": false,
            "passkeyPolicies": []
        },
        "identityProviders": {
            "enabled": true,
            "socialProviders": [
                {
                    "id": "0c9268fd-492e-4cd5-bdc8-33b1273521e1",
                    "name": "OPENID_CONNECT",
                    "type": "OPENID_CONNECT"
                }
            ]
        },
        "rememberMe": true,
        "sessionTimeout": {
            "unit": "HH",
            "value": "128",
            "enabled": true
        }
    },
    "mfa": {
        "enabled": true,
        "accessPolicies": [
            {
                "id": "f3ebf6b8-9902-4421-af59-54b1b99969fa",
                "type": "STANDARD_MFA"
            }
        ],
        "sessionTimeout": {
            "unit": "HH",
            "value": "128",
            "enabled": true
        },
        "enrollment": {
            "enabled": true,
            "required": false,
            "policies": [
                {
                    "id": "f3ebf6b8-9902-4421-af59-54b1b99969fa",
                    "type": "STANDARD_MFA"
                }
            ]
        }
    },
    "accountRecovery": {
        "enabled": false,
        "accessPolicies": []
    },
    "registration": {
        "enabled": true,
        "attributeList": [
            {
                "name": "email",
                "required": true
            },
            {
                "name": "password",
                "required": true
            }
        ],
        "enrollment": {
            "enabled": true,
            "required": false,
            "policies": [
                {
                    "id": "f3ebf6b8-9902-4421-af59-54b1b99969fa",
                    "type": "STANDARD_MFA"
                }
            ]
        },
        "botDetection": {
            "enabled": false,
            "accessPolicies": []
        },
        "termsOfService": {
            "enabled": true,
            "agreementPolicy": {
                "id": "363ef235-f6fe-4bc7-ae3d-63217482f57f"
            }
        },
        "requireAccountVerification": true,
        "population": {
            "id": "89a7de36-c2ce-48d6-b453-9d7a7dd4dc3a"
        }
    },
    "theme": {
        "id": "5ab94557-59c3-4afc-bbf6-046444bd04b8"
    },
    "createdAt": "2026-05-20T17:12:21.497804912Z",
    "updatedAt": "2026-05-20T17:12:21.497805092Z"
}
```
