Credential vault API - POST a set of credentials
Creates a new set of credentials for synthetic monitors.
The request consumes and produces an application/json
payload.
POST | SaaS | https://{your-environment-id}.live.dynatrace.com/api/v2/credentials |
Environment ActiveGateCluster ActiveGate | https://{your-activegate-domain}:9999/e/{your-environment-id}/api/v2/credentials |
Authentication
To execute this request, you need an access token with credentialVault.write
scope.
To learn how to obtain and use it, see Tokens and authentication.
Parameters
Refer to JSON models to find all JSON models that depend on the type of the model.
The JSON body of the request. Contains parameters of the new credentials set.
Request body objects
The Credentials
object
A set of credentials for synthetic monitors.
The actual set of fields depends on the type of credentials. Find the list of actual objects in the description of the type field or see Credential vault API - JSON models.
Allow ad-hoc functions to access the credential details (requires the APP_ENGINE scope).
A short description of the credentials set.
The ID of the credentials set.
The name of the credentials set.
The credentials set is available to every user (false
) or to owner only (true
).
DEPRECATED
The scope of the credentials set.
APP_ENGINE
EXTENSION
SYNTHETIC
The set of scopes of the credentials set.
Limitations: CredentialsScope.APP_ENGINE
is only available on the new Dynatrace SaaS platform - it's not available on managed or non-Grail SaaS environments.
APP_ENGINE
EXTENSION
SYNTHETIC
Defines the actual set of fields depending on the value. See one of the following objects:
CERTIFICATE
-> CertificateCredentialsPUBLIC_CERTIFICATE
-> PublicCertificateCredentialsUSERNAME_PASSWORD
-> UserPasswordCredentialsTOKEN
-> TokenCredentialsSNMPV3
-> SNMPV3CredentialsAWS_KEY_BASED
-> AWSKeyBasedCredentialsDtoAWS_ROLE_BASED
-> AWSRoleBasedCredentials
AWS_KEY_BASED
AWS_ROLE_BASED
CERTIFICATE
PUBLIC_CERTIFICATE
SNMPV3
TOKEN
USERNAME_PASSWORD
The CredentialAccessData
object
The set of entities allowed to use the credential.
APPLICATION
UNKNOWN
USER
Request body JSON model
This is a model of the request body, showing the possible elements. It has to be adjusted for usage in an actual request.
{"allowContextlessRequests": "false","allowedEntities": [{"id": "jane.doe@example.com","type": "USER"},{"id": "john.smith@example.com","type": "USER"},{"id": "my.with.credentials","type": "APPLICATION"}],"description": "Sample set of credentials for API documentation","name": "Sample credentials","ownerAccessOnly": false,"password": "1234abcd","scope": "SYNTHETIC","scopes": ["SYNTHETIC","EXTENSION_AUTHENTICATION"],"type": "USERNAME_PASSWORD","user": "john.smith@example.com"}
Response
Response codes
Success. The new credentials set has been created. The response contains the ID of the set.
Response body objects
The CredentialsId
object
A short representation of the credentials set.
The ID of the credentials set.
Response body JSON model
{"id": "CREDENTIALS_VAULT-C43F2C2E6395AD23"}
Example
In this example, the request creates a new set of credentials of the USERNAME_PASSWORD type. The username of the credentials set is john.smith and the password is abcd1234.
The API token is passed in the Authorization header.
You can download or copy the example request body to try it out on your own.
Curl
curl -X POST \https://mySampleEnv.live.dynatrace.com/api/config/v1/credentials/ \-H 'Authorization: Api-Token dt0c01.abc123.abcdefjhij1234567890' \-H 'Content-Type: application/json' \-d '{"name": "RESTtest","description": "Test credentials","password": "abcd1234","ownerAccessOnly": true,"type": "USERNAME_PASSWORD","certificate": "john.smith"}'
Request URL
https://mySampleEnv.live.dynatrace.com/api/config/v1/credentials/
Request body
{"name": "RESTtest","description": "Test credentials","password": "abcd1234","ownerAccessOnly": true,"type": "USERNAME_PASSWORD","user": "john.smith"}
Response body
{"id": "CREDENTIALS_VAULT-1E6EA5075AF7E85D"}
Response code
200