Home    

IAM FAQ

Q: How do I log in to the apps available in the SF Employee Gateway?

A:  Verify that you are in the Identity & Access Management IAM Platform. The URL in your browser window should read https://epu-bifrost.sfgov.org/oaam_server/login.do. Then:

  • Enter your DSW number, if you are a CCSF employee
  • Enter your email address, if you are a CCSF supplier or bidder
  • Click continue
  • Enter your password, then click continue

Q: How do I create a password that meets current CCSF password standards?

A:  Log in to the Identity and Access Management Portal.

You will be asked to complete a one-time registration process.
Please follow the on-screen instructions and complete the process.

CCSF passwords must be a minimum of 10 characters and include:

  • An upper-case value
  • A lower-case value
  • A numeric value
  • A special character (example: !, #, &, etc.)
  • Cannot contain spaces, tabs, or line breaks
  • Cannot contain your first name or last name
  • Cannot reuse any previous passwords

Q: How can I change my password?

A:  Log in to the Identity and Access Management Portal.

  • Enter your DSW number, if you are a CCSF employee
  • Enter your email ID, if you are a CCSF supplier or bidder
  • Click continue
  • Enter your password
  • Click continue
  • After logging in, select the ‘Change My Password’ tile on the left side of the page
  • Enter your current password in the field titled ‘Old Password’
  • Enter your new password in the second field titled ‘New Password’
  • Confirm your new password in the third field ‘Confirm New Password’
  • Fields 2 & 3 must match to progress to the next step
  • Select ‘continue’ to change your password. A confirmation message will appear confirming your changes are saved
  • Select cancel to abandon the changes and preserve your current password settings

Q: What should I do if I forget my Username or Password?

A:  To recover your own password, head to the Password Recovery Portal.

  • Enter your DSW number in the username field. If you are a CCSF employee your username is your DSW number Find your DSW number on the back of your employee ID badge.
  • Enter your Email ID, if you are a CCSF supplier or bidder. This is the email address you pre-registered with the Controller’s Office.
  • Click 'forgot your password?', then follow the on-screen instructions.
  • If you cannot recover your password using 'forgot your password?', please open a service ticket or contact the Department of Technology Help Desk at (628) 652-5000 or dtis.helpdesk@sfgov.org.

Q: What happens if I incorrectly answer my security questions?

A:  Your account locks for defined period of time. After too many unsuccessful attempts, your account may lock indefinitely. Please open a service ticket or contact the Department of Technology Help Desk at (628) 652-5000 or dtis.helpdesk@sfgov.org for help.

Q: What if I am locked out of my account?

A:  Please open a service ticket or contact the Department of Technology Help Desk at (628) 652-5000 or dtis.helpdesk@sfgov.org.

Q: How do I turn on dual factor-authentication?

A:  When enabled, you must designate a mobile phone number and/or a personal email address to serve as the second authentication method. Moving forward, when attempting to recover or reset a password using the ‘forgot password’ link, IAM will send a verification code to the email or phone number you designate. Enter the one-time passcode, to be directed to the password reset page. Register for enhanced protection.

Q: What is Dual-Factor Authentication?

A:  Dual-Factor Authentication is a security feature that requires two separate verification methods. Dual-factor, sometimes also called 2-Factor, is designed to reduce the risk of a security breach by providing an additional layer of security. Register for enhanced protection.

For Suppliers, dual-factor authentication is required when updating your banking information, physical address, and when adding a new person to your organization in the Supplier Portal.

Q: Why enroll in dual-factor authentication?

A:  Enabling dual-factor authentication empowers you to reset your own password independent of the Help Desk. It’s currently optional for all users as part of the password recovery process, but gives you greater autonomy when accessing your IAM credentials. Register for enhanced protection.

Q: Troubleshooting Login Issues

Issue/Error Message Possible Cause Suggested Resolution
Sorry, the identification you entered was not recognized. Please try again. IAM does not recognize your username or password Please verify your username and password, enter the correct username and password in the respective pages
The account is locked due to multiple invalid login attempts Please contact your department help desk to resolve the problem
The maximum number of sessions allowed per user are active Log out from any of your previous sessions in all browsers before logging in again
You are not authorized to login. Please contact customer service. You’ve reached the maximum number of invalid attempts for your security questions or one-time password challenge Contact your department help desk for support to unlock your account to log in again