Added documentation for the new Management API Security settings

umbraco-cloud/SUMMARY.md

@@ -42,6 +42,7 @@
     * [New Certificate Authority for custom hostnames](set-up/project-settings/manage-hostnames/ca-record-migration.md)
     * [Rewrite rules](set-up/project-settings/manage-hostnames/rewrites-on-cloud.md)
     * [Custom Certificates](set-up/project-settings/manage-hostnames/security-certificates.md)
+  * [Management API Security](set-up/project-settings/management-api-security.md)
   * [Umbraco CI/CD Flow](set-up/project-settings/umbraco-cicd/README.md)
     * [Cloud API For CI/CD Flow](set-up/project-settings/umbraco-cicd/UmbracoCloudApi.md)
     * [Configuring a CI/CD pipeline](set-up/project-settings/umbraco-cicd/samplecicdpipeline/README.md)

umbraco-cloud/set-up/project-settings/README.md

@@ -62,7 +62,7 @@ Manage CDN Cache settings for your project. You can modify default settings, whi
 
 ### [Hostnames](manage-hostnames/)
 
-Binding hostnames to your Umbraco Cloud project is done from the **Hostnames** section in the **Settings** menu on the Umbraco Cloud Portal.
+Binding hostnames to your Umbraco Cloud project is done from the **Hostnames** section in the **Configuration** menu on the Umbraco Cloud Portal.
 
 ### [Certificates](manage-hostnames/security-certificates.md) (Only available on **Professional** or **Enterprise** plan)
 
@@ -114,6 +114,10 @@ Access to manage Public access requires your project to be on the Standard plan
 
 Manage transport security settings for your project. You can configure certain transport security options for all hostnames or specific hostnames within your project.
 
+### [Management API Security](management-api-security.md)
+
+Securing access to back-end services of your project can be done from the **Security** menu on the Umbraco Cloud Portal.
+
 ### [Secrets Management](secrets-management.md)
 
 If your Umbraco Cloud project uses sensitive information such as API keys, encryption keys, and connection strings, it is recommended to store these as secrets.\

umbraco-cloud/set-up/project-settings/management-api-security.md

@@ -0,0 +1,31 @@
+---
+description: This article explains how to enable IP filtering for your Umbraco Cloud project's back-end services, allowing access only to whitelisted IP addresses.
+---
+
+# Management API Security
+
+{% hint style="info" %}
+This is a beta feature. Enabling this feature might have other side effects for your Umbraco Cloud project.
+{% endhint %}
+
+Management API Security lets you secure access to the back-end services of your Umbraco Cloud project.
+
+When enabled, the following domains will be protected by an IP filter:
+- Git Domains: Used for version control and deployment processes, identified by the _*.git_ suffix.
+- Scm Domains: Used for additional back-end service operations, such as builds and deployment management. They follow the _your-project-alias.regional-identifier.scm.umbraco.io_ pattern.
+
+If the IP address is not whitelisted, these domains will not be accessible.
+
+## How to enable Management API IP filter and allow IPs
+
+1. Go to **Management API Security** under the **Security** tab.
+2. **Enable IP Filtering** for Management API on the project.
+
+![Enable Management API IP Filtering](../images/management_api_security.png)
+
+3. Once enabled, add **IP Address** for users that need access to the Management API of your project.
+
+![Allow IPs for your Umbraco Cloud Project's back-end services](../images/management_api_security_allow_ip.png)
+
+After **IP Filtering** has been enabled, users with IPs not added to the allowlist will be denied access to the Management API.
+