# Management API Security {% hint style="info" %} This is a beta feature. Enabling this feature might have other side effects for your Umbraco Cloud project. {% endhint %} Management API Security lets you secure access to the back-end services of your Umbraco Cloud project. When enabled, the following domains will be protected by an IP filter: * Git Domains: Used for version control and deployment processes, identified by the *\*.git* suffix. * Scm Domains: Used for additional back-end service operations, such as builds and deployment management. They follow the *your-project-alias.regional-identifier.scm.umbraco.io* pattern. If the IP address is not whitelisted, these domains will not be accessible. ## How to enable Management API IP filter and allow IPs 1. Go to **Management API Security** under the **Security** tab. 2. **Enable IP Filtering** for Management API on the project. ![Enable Management API IP Filtering](https://3739769070-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FPzKn70Piyd2fd5UkYZGf%2Fuploads%2Fgit-blob-3f1a10b55bc367df69376d90793ac2dce3b9e5ba%2Fmanagement_api_security.png?alt=media) 3. Once enabled, add **IP Address** for users that need access to the Management API of your project. ![Allow IPs for your Umbraco Cloud Project's back-end services](https://3739769070-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FPzKn70Piyd2fd5UkYZGf%2Fuploads%2Fgit-blob-cd9e065008149b93ee3e7e6e95ddce2881be374d%2Fmanagement_api_security_allow_ip.png?alt=media) After **IP Filtering** has been enabled, users with IPs not added to the allowlist will be denied access to the Management API. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.umbraco.com/umbraco-cloud/optimize-and-maintain-your-site/monitor-and-troubleshoot/management-api-security.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.