You may currently utilize CloudHealth by first signing in against - https://console.tanzu.broadcom.com/ (Tanzu CSP) and then selecting the CloudHealth service. 

It is possible however to transition your authentication so that you directly authenticate against CloudHealth without first passing through https://console.tanzu.broadcom.com/.

This can be useful for customers that make use of Single Sign On (SSO) but wish to initiate the session from their IDP which isn't possible via Tanzu CSP currently. 

If you wish to move to authenticating directly against CloudHealth please follow these steps:

1. Open a Support Ticket and request this, as Engineering on the CloudHealth side will need to make a change in the backend to support this. Provide a time that suits for Tanzu CSP to be disabled against your CloudHealth tenant, as once Tanzu CSP has been disabled against the tenant you won't be able to launch CloudHealth via Tanzu CSP until the new SAML app is configured.
   
   
2. As part of that ticket provide your availability for a remote session to run through the setup of a SAML app or OIDC (in the case of Microsoft Azure) for CloudHealth against your tenant.
   
   
3. As part of this also provide any groups from your IDP that you wish to map to existing Usergroups within CloudHealth as these will need to be updated as the previous Service Role Bindings for Tanzu CSP will no longer function.
   
   
4. As mentioned above disabling CSP will remove your ability to launch the CloudHealth service via CSP so provide a time for the SSO setup call within 24 hours of the period you requested Tanzu CSP be disabled against your tenant. 
   
   
5. If access is required in the interim period between the Tanzu CSP being disabled against your CloudHealth tenant and the new SAML app for CloudHealth being setup, users can sign in with their email address via the manual account method by requesting a password reset via - https://apps.cloudhealthtech.com/password/reset this password will then allow them access while SSO is reconfigured.
   
   
6. For any users that will need access during the interim period, manually bind them to their Usergroup by following - How to manually map existing users to Usergroups, and FlexOrgs before Tanzu CSP is removed from the tenant.