Skip to content

OpenIAM Access

Request Access to Application via Secure

  1. Log on to secure.uhc.com.
  2. From the My Access menu, select Request New Access.

  3. Select the radio button for Platform.

  4. Click Next.

  5. In the platform drop-down select Azure.

  6. In the secondary drop-down select OptumSGS.

  7. Click Next.

  8. Select the radio button next to your primary user ID. If you do not have an SGS Cloud user ID, please refer to instructions on how to request access to the SGS Cloud at SGS cloud Documentation (optum.com).

  9. Click Next.

  10. Search for the appropriate group for the access you need. Current groups are
    AZU_SGS_OpenIAM_Demo, AZU_SGS_OpenIAM_DemoDeveloper,
    AZU_SGS_OpenIAM_OperationalSupport,
    AZU_SGS_OpenIAM_Provider.

  11. Once the group search populates, click on the group under Available Groups on the left to highlight the group.

  12. With the group highlighted, click the right-facing arrow to move the desired group to the Selected Groups box.
  13. Click Next.
  14. When prompted, select the duration for which you need access. Most groups will not allow permanent access. Depending on the group, access entitlements may be required every 14 days up to one year. Click the radio button next to On to select the access expiration.

  15. Click on the calendar icon to select the access expiration.

  16. Click OK.

  17. Provide a justification for the requested access.

  18. Click Submit.

  19. Access requests will be processed within standard Optum SLAs of 4 business days.

Logon to OpenIAM

  1. Access OpenIAM according to the appropriate link below.
    Demo: https://osgsdemoidp.optum.com/idp/saml2/sp/login?issuer=OIAM_Demo
    Provider: https://idpprovider.optum.com/idp/saml2/sp/login?issuer=oiamsso

  2. You will be redirected to the Azure logon.

  3. Logon with your optumsgs.onmicrosoft.com ID.
  4. Follow the prompts for validating your password and MFA.
  5. You will be redirected to OpenIAM after successful authentication.
  6. Based on your OpenIAM role, you may be authorized to access self service or select components of web console. All users will start at the self-service portal. If your role includes authorization to web console, you will need to manually update the URL in the address bar from /selfservice to /webconsole as shown in the example below.

Address Bar Entry: https://osgsdemoidp.optum.com/selfservice
Change to: https://osgsdemoidp.optum.com/webconsole