Control Center
Control Center is a tenant-wide command center for Business tenant administrators. It brings three administrative views together under one tab:
| Area | Purpose |
|---|---|
| Monitoring | Traffic, request-quota usage, and cost for every API in the tenant, side by side |
| Access Review | Audit exactly what each role or user can read and write across all APIs |
| Cost Management | The tenant's subscription and credit spend, with a per-API breakdown |
Open your tenant, select the Control Center tab, then switch between Monitoring, Access Review, and Cost Management.
Control Center is one part of the wider set of Business tenant governance controls. The other controls — application access, cross-API access, and the IP allowlist — are configured per API.
Control Center is available to administrators of Business tenants. If you don't see the Control Center tab, your tenant isn't a Business tenant, or you aren't a tenant administrator.
Monitoring
Monitoring shows every API in the tenant as a single row, so you can spot error spikes, APIs nearing their request quota, and where spend is going — without opening each API.
Summary cards
| Card | Shows |
|---|---|
| Requests | Total API calls over the selected time range, and the API count |
| Error rate | Share of requests that errored, with a 4xx / 5xx breakdown |
| Subscription · this month | Total subscription cost this month, plus credit spend |
| APIs near quota | How many APIs are at or above 80% of their request quota |
Per-API table
| Column | Meaning |
|---|---|
| API | API name, plan, region, and a status badge when not online |
| Requests | Total calls in the selected time range |
| 4xx | Client errors (400–499); hover for the per-code split |
| 5xx | Server errors (500+); hover for 500 vs. other |
| Avg latency | Mean request duration over the range |
| No. of requests | Requests used this billing period against the plan limit |
| Subscription fee | Prorated monthly plan cost for the current month |
| Credits | Credit spend over the selected time range |
All amounts are in the tenant billing currency, excluding VAT.
Time range
The selector at the top right sets the window for traffic and credits: Last 24 hours, 7 days, 30 days, or a custom range (up to 90 days).
- It does not change the quota or subscription columns — those are billing-period and monthly figures by nature.
- Auto-refresh reloads the data every 30 seconds when toggled on — handy for a wall display.
Request quota
The No. of requests column shows requests used this billing period against the plan limit (for example 3.2k / 100k) with a progress bar:
- The bar turns amber at 80% and rose at 100%.
- APIs with no configured limit show no limit.
- The APIs near quota card counts APIs at or above 80%, so you can act before they're throttled.
Cost
- Subscription fee is the prorated monthly plan cost for the current month. It's a fixed monthly charge, so it doesn't move with the time range. Master and free-plan APIs show
0. - Credits is credit spend during the selected time range.
Click an API's Credits value to open the credit events ledger filtered to that API — who topped up, when, and how much. Click an API name to open that API. Sort any column by clicking its header.
Status badges
A badge next to an API name flags non-normal states. Online APIs show no badge, to keep the row quiet.
- Offline or Quota Exceeded — rose
- Suspended or Payment Pending — amber
Taking an API offline
The action at the end of each row lets an administrator flip an API between online and offline:
- Take offline — on a running API, asks you to confirm, then stops it serving immediately. API calls return
503 Service Unavailableand any hosted web app shows an offline page. No data, configuration, or schema is deleted. - Bring online — on an offline API, restores serving right away.
Only Online and Offline are switchable here. Suspended, Payment Pending, Quota Exceeded, and Deleted are governed by their own billing, quota, and support flows, so they show no action. The change applies to both the API endpoints and app hosting, and stays in effect until you bring the API back online.
Use the kill switch to immediately stop a misbehaving or compromised API without deleting anything — then bring it back online once you've resolved the issue.
Access Review
Access Review answers "who can do what" across the whole tenant. Pick a role or a user and see the effective access it has on every entity of every API — the actual outcome after roles, security policies, and public access are applied.
Choosing a subject
Use the Roles / Users tabs and the search box to pick a subject:
- A role resolves access for anyone holding that role.
- A user resolves the effective access that specific user has.
When APIs are linked within the tenant, a subject can come from several APIs; the owning API is shown beneath the name.
Reading the matrix
- Rows are entities, grouped by type: Collections, Views, Queries, Functions.
- Columns are the HTTP methods used on that entity: GET, POST, PUT, PATCH, DELETE, LISTEN.
- Each cell shows the access rule, not how many rows exist:
| Cell | Meaning |
|---|---|
| Full | Unrestricted access for that method |
| Row-filtered (amber) | A security policy narrows visible rows to those linked to the subject |
| Own records (blue) | Access applies only to records the subject created |
| None | No access |
A dot means the method doesn't apply to that entity.
Good to know
- Public entities (globe icon) are reachable even by anonymous callers.
- Service tokens that skip role checks are not reflected here — this is role- and policy-based access.
- APIs are searchable and collapsible; toggle Show entities with no access to include entities the subject can't reach at all.
- Click any cell to open a panel explaining why that access is granted — the roles and grant sources behind it, and whether a row-level security policy applies.
Use cases
- Audit a role before assigning it.
- Investigate what a specific user can actually reach.
- Find entities that are unintentionally public or world-writable.
- Confirm a security policy is filtering rows as intended.
Application access
The Access Review page also surfaces the Access panel for each application, where you gate the application itself to specific roles. This controls who is served the app, and is separate from the per-entity access shown in the matrix. See Application Access for how the gate works (and the important distinction that it gates app delivery, not data).
Cost Management
Cost Management shows what the tenant costs for a given month: the fixed subscription, credit spend, and a per-API breakdown. Pick a month with the selector at the top right. All amounts are in the tenant billing currency, excluding VAT.
Cost cards
| Card | Shows |
|---|---|
| Subscription | The fixed monthly plan cost (per-API operating fees plus any flat fee) |
| Credits | Actual credit spend so far this month |
| Estimated total | Subscription plus credits accrued so far |
Per-API breakdown
Each API row shows its current plan, prorated subscription cost, credit spend this month, the number of credit events, and its credit threshold. Sort by any column and filter by name or plan. The master API is non-billable.
Credit cap and thresholds
- Credit cap — administrators can set a tenant-wide monthly cap on combined credit spend. When spend reaches the cap, further credit purchases are blocked for the rest of the month (reversals are always allowed).
- Credit thresholds — each API can have a monthly credit threshold with alert recipients. When spend crosses it, an alert email is sent, and you can optionally pause new credit purchases for that API.
Credit events
Open Credit events (linked from Cost Management and from Monitoring) for the full ledger of every credit purchase: who purchased, against which API, when, how much, at what price, and whether it has been invoiced.
How billing is timed
The monthly fee is billed in advance (an invoice on the 1st covers that month); per-API operating costs and credits are billed in arrears (covering the previous month). Each invoice line states its own period.