Skip to main content
Hitachi Vantara Knowledge

Tenant Management Console

The Tenant Management Console is a tenant-specific web application that lets you manage tenants and namespaces. The Console shows you tenant and namespace status in real time, so you can effectively monitor activity and take action as needed.

Using the Console, you can modify tenant and namespace settings and perform compliance activities. Changes you make through the Console take effect immediately.

Access to the Tenant Management Console is available only through HTTP with SSL security (HTTPS).

About the Console

Console access

To use the Tenant Management Console, you need either:

  • A user account defined in HCP (either locally authenticated or RADIUS authenticated).
  • If the tenant is configured to support Windows Active Directory (AD) authentication, an AD user account for a user that belongs to one or more AD groups for which corresponding group accounts are defined in HCP. In this book, such an Active Directory user account is referred to as a recognized AD user account.

The HCP user account or group accounts specify what you have permission to do in the Console. The menu options, pages, and panels you see in the Console depend on your permissions.

If an AD user belongs to multiple AD groups for which HCP group accounts exist, that user has all the permissions associated with all those group accounts.

Console sessions

A Tenant Management Console session begins when you take one of these actions:

  • Log into the Console using an HCP user account or recognized AD user account.
  • Access a Console page while logged in to Windows with a recognized AD user account. This is called single sign-on. With single sign-on, you don’t need to explicitly log into the Console.

    For single sign-on to work, your web browser must be configured to support it.

A session ends when you log out. During a session, you can perform any actions for which you have permission.

During a session, if you don’t take any action for a certain amount of time, the Console displays the Idle Timeout page. If you explicitly logged in to the session, the Console automatically logs you out and, when you click any tab on the Idle Timeout page, displays the login page. If you started the session by using single sign-on, when you click any tab, the Console displays the requested page. The exact amount of idle time allowed is configurable.

If you’ve granted HCP system-level users administrative access to the tenant, they can access the Tenant Management Console directly from the HCP System Management Console. Doing so does not start a Tenant Management Console session. Rather, it continues the current System Management Console session, and the configured idle time for that Console applies.

HCP management API

HCP includes a RESTful HTTP interface to a subset of its administrative functions. Using this interface, called the management API, you can modify your tenant and create, modify, and delete namespaces, user and group accounts, and content classes for the tenant. Additionally, you can create, modify, and delete retention classes for the tenant's namespaces.

You use the Tenant Management Console to enable the management API at the tenant level. For the API to be available, however, it must also be enabled at the system level.

To use the management API, you need a user account that includes the applicable permissions for the actions you want to take.

If the tenant is configured to support Active Directory authentication, applications can also use recognized AD user accounts to access HCP through the management API. To do this, however, an application must use the SPNEGO protocol or the AD authentication header to negotiate the AD user authentication itself. For more information about SPNEGO, see To provide credentials using the Active Directory authorization header, you use this format:

Authorization: ADAD-username:AD-password

Tenant Management Console URL

The URL for the Tenant Management Console has this format:


For example, to access the Tenant Management Console for the tenant named Finance in the HCP system with the domain name hcp‑, you would use this URL:

Using a hosts file

ypically, the HCP system uses DNS for system addressing. If this is not the case, you need to provide a mapping of the tenant hostname to an IP address for the HCP system.

You specify hostname mappings in the hosts file on the client. The location of this file depends on the client operating system:

  • On Windows, by default: c:\windows\system32\drivers\etc\hosts
  • On Unix: /etc/hosts
  • On Mac OS® X: /private/etc/host
Hostname mappings

Each entry in a hosts file maps one or more fully qualified hostnames to a single IP address. For example, if one of the IP addresses for the HCP system is, you would add this line to the hosts file on the client to enable access to the Tenant Management Console for the Finance tenant:

The following considerations apply to hosts file entries:

  • Each entry must appear on a separate line.
  • Multiple hostnames in a single line must be separated by white space. With some versions of Windows, these must be single spaces.
  • Each hostname can map to multiple IP addresses.

You can include comments in a hosts file either on separate lines or following a mapping on the same line. Each comment must start with a number sign (#). Blank lines are ignored.

For the IP addresses for the HCP system, contact your HCP system administrator.

Hostname mapping considerations

An HCP system has multiple IP addresses. You can map the tenant hostname to more than one of these IP addresses in the hosts file. The way multiple mappings are used depends on the client platform. For information about how your client handles multiple mappings in a hosts file, see your client documentation.

If any of the IP addresses listed in the hosts file are unavailable, timeouts may occur when you use a hosts file to access the Tenant Management Console.

Logging in

Depending on the tenant configuration, you can log into the Tenant Management Console with a tenant-level user account or a recognized AD user account.


  1. Open a web browser.

  2. In the address field, enter the URL for your Tenant Management Console.

    NoteIf you inadvertently use http instead of https in the URL, the browser returns an error. Enter the URL again, this time using https.
    One of these happens:
    • If all of these are true, you are automatically logged in to the Tenant Management Console, and the tenant Overview page appears:
      • You are currently logged in to Windows with a recognized AD user account.
      • The tenant is configured to support AD authentication.
      • Your web browser is configured to support single sign-on with AD.

      This is single sign-on. No further action is required.

    • If the tenant is configured to support AD authentication but any of the following apply, a message appears indicating that single sign-on was not possible:
      • Your web browser is not configured to support single sign-on.
      • You are not currently logged in to Windows with a recognized AD user account.
      • You are not on a Windows computer.

      In these cases, you need to click Console login page in the message to display the Tenant Management Console login page.

    • If the tenant is not configured to support AD authentication, the Tenant Management Console login page appears.
  3. In the Username field, type your username.

  4. In the Password field, type your case-sensitive password.

    When using an HCP user account, if you try to log in with an invalid password multiple times in a row, you are locked out of the Console. The exact number of times is configurable.
    NoteAD can also be configured to disable user accounts after a given number of authentication attempts with an invalid password.
    ImportantYou should change your password as soon as possible the first time you log into the Tenant Management Console.
  5. If the tenant is configured to support AD authentication, take either of these actions in the Domain field:

    • If you’re using an HCP user account, select the domain name of the HCP system.
    • If you’re using a recognized AD user account, select the AD domain in which your user account is defined.
    If HCP is not configured to support AD, the login page does not display the Domain field.
  6. Click Log In.


The Console displays the tenant Overview page or, if you’re using an HCP user account and are required to change your password, the Change Password page.

Using the Tenant Management Console

Tenant Management Console pages display information about the current tenant and its namespaces. Some pages also let you configure various aspects of the tenant and namespaces. (The current tenant is the one for which you’re currently logged in to the Tenant Management Console.)

Console pages have menus and hyperlinks for navigation. Each page shows a horizontal menu at the top. Some of the menu options display a secondary menu when you hover over them. To navigate to a page, you click the corresponding menu option.

You can also use shortcut keys to navigate to pages in the Tenant Management Console. Each link that has a shortcut key has the applicable letter underlined. To use the shortcut key, follow the convention for the browser you’re using.

Each page of the Tenant Management Console shows the username of the currently logged-in user in the upper right corner.

  • If you’re an AD user and your username changes in AD while you’re using the Tenant Management Console, the Console may not reflect the new username until you log out and back in. If you’re currently using any other HCP interfaces, you need to log out of those as well.
  • While the HCP system is experiencing a heavy load, the Tenant Management Console may be slower to present certain information.

Refreshing pages

Tenant Management Console pages do not automatically refresh themselves while they remain open. To see the most recent values on a page, click again on the menu option that opens that page.

NoteUsing the browser reload button to refresh a page that lets you create or modify an entity causes the Console to resubmit values you previously entered on the page.

Submitting changes

Tenant Management Console pages and panels on which you can modify information have action buttons (such as Create Retention Class and Update Settings) that submit your changes. Action buttons make the changes on a page permanent. These changes take effect immediately.

You need to submit the changes you make before switching to a different page or panel. If you switch without submitting those changes, the Console does not retain them.

For some checkbox options, selecting or deselecting the checkbox causes that change to take effect immediately.

After you submit changes, the Console displays a message indicating whether HCP successfully made the changes. To hide the message, click Dismiss in the message area.

Viewing HCP documentation

HCP documentation is available online in PDF format. To view a document from the Tenant Management Console:


  1. In the top right corner of the Tenant Management Console window, hover over the documentation icon (GUID-E5367B6B-B449-4A63-9243-F20EF51A2A80-low.png) to open a dropdown menu of the available documents.

  2. In the dropdown menu, click the document you want.

Changing your password

Depending on how your user account is set up, HCP might authenticate your username and password locally or remotely when you log in. If your account is set up for local authentication, you can change your password in the Tenant Management Console. When you change your password in this Console, it also changes for any other HCP interfaces to which your user account gives you access.

If your account is set up for remote authentication or if you use an AD user account to access the Console, you use a method outside HCP to change your password.

The next procedure describes how to change your password using the Tenant Management Console.


  1. Log into the Tenant Management Console using your existing password.

  2. In the top right corner of the Console window, click Password.

  3. On the Change Password page:

    1. In the Existing Password field, type your current password.

    2. In the New Password field, type your new password.

      Passwords can be up to 64 characters long, are case sensitive, and can contain any valid UTF-8 characters including white space. To be valid, a password must include at least one character from two of these three groups: alphabetic, numeric, and other. When changing your password, you cannot reuse your current password.
    3. In the Confirm New Password field, type your new password again.

  4. Click Update Password.

Logging out

  1. In the top right corner of the Tenant Management Console window, click Log Out.

  2. If you explicitly logged in, close the browser window to ensure that other users cannot go back into the Tenant Management Console using the credentials you used to log in.

    TipFor extra security, clear the browser cache before closing the window.


  • Was this article helpful?