Controlling access to HCP through the management API
You configure HCP to enable and disable the HCP management API and to control access to the API at both the system level and the tenant level.
To allow system-level users to access the management API for the HCP system to create, modify, and delete tenants and manage replication, the API must be enabled at the system level. To allow tenant-level and system-level users with administrative access to a specific HCP tenant to access the management API for that tenant, the API must be enabled at both the system and tenant levels.
You can access the HCP management API using a system-level URL (that is, a URL that starts https://admin...) only if at least one of your client IP addresses is allowed to access the management API for the HCP system. You can access the HCP management API using a tenant-level URL (that is, a URL that starts https://tenant-name...) only if at least one of your client IP addresses is allowed to access the management API for the HCP tenant specified in the URL.
You use the Management API page in the HCP System Management Console to enable the HCP management API at the system level and to configure HCP to control access to the management API for the HCP system. To display this page, in the top-level menu of the System Management Console, select
.