Tokens API v1 - POST a new token

This API is deprecated. Use the Access tokens API instead.

Creates a new Dynatrace API authentication token. The response contains the newly created token.

The new token is owned by the same user who owns the token used to authenticate the call.

The request consumes an application/json payload.

The request produces one of the following payload types:

  • application/json
  • text/plain
  • text/csv

Use the Accept header to set the required response type.

POSTSaaShttps://{your-environment-id}.live.dynatrace.com/api/v1/tokens
Environment ActiveGatehttps://{your-activegate-domain}:9999/e/{your-environment-id}/api/v1/tokens

Authentication

To execute this request, you need an access token with TenantTokenManagement scope.

To learn how to obtain and use it, see Tokens and authentication.

Parameters

Parameter
Type
Description
In
Required
body

The JSON body of the request. Contains parameters of the new token.

body
required

Request body objects

The CreateToken object

Element
Type
Description
Required
expiresIn

Defines a period of time.

optional
name
string

The name of the token.

required
scopes
string[]

The list of scopes to be assigned to the token.

  • InstallerDownload: PaaS integration - Installer download.
  • DataExport: Access problem and event feed, metrics, and topology.
  • PluginUpload: Upload Extension.
  • SupportAlert: PaaS integration - Support alert.
  • AdvancedSyntheticIntegration: Dynatrace module integration - Synthetic Classic.
  • ExternalSyntheticIntegration: Create and read synthetic monitors, locations, and nodes.
  • RumBrowserExtension: RUM Browser Extension.
  • LogExport: Read logs.
  • ReadConfig: Read configuration.
  • WriteConfig: Write configuration.
  • DTAQLAccess: User sessions.
  • UserSessionAnonymization: Anonymize user session data for data privacy reasons.
  • DataPrivacy: Change data privacy settings.
  • CaptureRequestData: Capture request data.
  • Davis: Dynatrace module integration - Davis.
  • DssFileManagement: Mobile symbolication file management.
  • RumJavaScriptTagManagement: Real user monitoring JavaScript tag management.
  • TenantTokenManagement: Token management.
  • ActiveGateCertManagement: ActiveGate certificate management.
  • RestRequestForwarding: Fetch data from a remote environment.
  • ReadSyntheticData: Read synthetic monitors, locations, and nodes.
  • DataImport: Data ingest, e.g.: metrics and events.
  • syntheticExecutions.write: Write synthetic monitor executions.
  • syntheticExecutions.read: Read synthetic monitor execution results.
  • auditLogs.read: Read audit logs.
  • metrics.read: Read metrics.
  • metrics.write: Write metrics.
  • entities.read: Read entities.
  • entities.write: Write entities.
  • problems.read: Read problems.
  • problems.write: Write problems.
  • events.read: Read events.
  • events.ingest: Ingest events.
  • openpipeline.events: OpenPipeline - Ingest Events (Built-in).
  • openpipeline.events.custom: OpenPipeline - Ingest Events (Custom).
  • openpipeline.events_security: OpenPipeline - Ingest Security Events (Built-in).
  • openpipeline.events_security.custom: OpenPipeline - Ingest Security Events (Custom).
  • openpipeline.events_sdlc: OpenPipeline - Ingest Software Development Lifecycle Events (Built-in).
  • openpipeline.events_sdlc.custom: OpenPipeline - Ingest Software Development Lifecycle Events (Custom).
  • bizevents.ingest: Ingest bizevents.
  • analyzers.read: Read analyzers.
  • analyzers.write: Write & execute analyzers.
  • networkZones.read: Read network zones.
  • networkZones.write: Write network zones.
  • activeGates.read: Read ActiveGates.
  • activeGates.write: Write ActiveGates.
  • activeGateTokenManagement.read: Read ActiveGate tokens.
  • activeGateTokenManagement.create: Create ActiveGate tokens.
  • activeGateTokenManagement.write: Write ActiveGate tokens.
  • agentTokenManagement.read: Read Agent tokens.
  • credentialVault.read: Read credential vault entries.
  • credentialVault.write: Write credential vault entries.
  • extensions.read: Read extensions.
  • extensions.write: Write extensions.
  • extensionConfigurations.read: Read extension monitoring configurations.
  • extensionConfigurations.write: Write extension monitoring configurations.
  • extensionEnvironment.read: Read extension environment configurations.
  • extensionEnvironment.write: Write extension environment configurations.
  • metrics.ingest: Ingest metrics.
  • attacks.read: Read attacks.
  • attacks.write: Write Application Protection settings.
  • securityProblems.read: Read security problems.
  • securityProblems.write: Write security problems.
  • syntheticLocations.read: Read synthetic locations.
  • syntheticLocations.write: Write synthetic locations.
  • settings.read: Read settings.
  • settings.write: Write settings.
  • tenantTokenRotation.write: Tenant token rotation.
  • slo.read: Read SLO.
  • slo.write: Write SLO.
  • releases.read: Read releases.
  • apiTokens.read: Read API tokens.
  • apiTokens.write: Write API tokens.
  • openTelemetryTrace.ingest: Ingest OpenTelemetry traces.
  • logs.read: Read logs.
  • logs.ingest: Ingest logs.
  • geographicRegions.read: Read Geographic regions.
  • oneAgents.read: Read OneAgents.
  • oneAgents.write: Write OneAgents.
  • traces.lookup: Look up a single trace.
  • unifiedAnalysis.read: Read Unified Analysis page.
  • hub.read: Read Hub related data.
  • hub.write: Manage metadata of Hub items.
  • hub.install: Install and update Hub items.
  • javaScriptMappingFiles.read: Read JavaScript mapping files.
  • javaScriptMappingFiles.write: Write JavaScript mapping files.
  • extensionConfigurationActions.write: Actions for extension monitoring configurations.
  • rumCookieNames.read: Read RUM cookie names.
  • adaptiveTrafficManagement.read: Read sampling configuration for Adaptive Traffic Management.
  • InstallerDownload
  • DataExport
  • PluginUpload
  • SupportAlert
  • AdvancedSyntheticIntegration
  • ExternalSyntheticIntegration
  • RumBrowserExtension
  • LogExport
  • ReadConfig
  • WriteConfig
  • DTAQLAccess
  • UserSessionAnonymization
  • DataPrivacy
  • CaptureRequestData
  • Davis
  • DssFileManagement
  • RumJavaScriptTagManagement
  • TenantTokenManagement
  • ActiveGateCertManagement
  • RestRequestForwarding
  • ReadSyntheticData
  • DataImport
  • syntheticExecutions.write
  • syntheticExecutions.read
  • auditLogs.read
  • metrics.read
  • metrics.write
  • entities.read
  • entities.write
  • problems.read
  • problems.write
  • events.read
  • events.ingest
  • openpipeline.events
  • openpipeline.events.custom
  • openpipeline.events_security
  • openpipeline.events_security.custom
  • openpipeline.events_sdlc
  • openpipeline.events_sdlc.custom
  • bizevents.ingest
  • analyzers.read
  • analyzers.write
  • networkZones.read
  • networkZones.write
  • activeGates.read
  • activeGates.write
  • activeGateTokenManagement.read
  • activeGateTokenManagement.create
  • activeGateTokenManagement.write
  • agentTokenManagement.read
  • credentialVault.read
  • credentialVault.write
  • extensions.read
  • extensions.write
  • extensionConfigurations.read
  • extensionConfigurations.write
  • extensionEnvironment.read
  • extensionEnvironment.write
  • metrics.ingest
  • attacks.read
  • attacks.write
  • securityProblems.read
  • securityProblems.write
  • syntheticLocations.read
  • syntheticLocations.write
  • settings.read
  • settings.write
  • tenantTokenRotation.write
  • slo.read
  • slo.write
  • releases.read
  • apiTokens.read
  • apiTokens.write
  • openTelemetryTrace.ingest
  • logs.read
  • logs.ingest
  • geographicRegions.read
  • oneAgents.read
  • oneAgents.write
  • traces.lookup
  • unifiedAnalysis.read
  • hub.read
  • hub.write
  • hub.install
  • javaScriptMappingFiles.read
  • javaScriptMappingFiles.write
  • extensionConfigurationActions.write
  • rumCookieNames.read
  • adaptiveTrafficManagement.read
required

The Duration object

Defines a period of time.

Element
Type
Description
Required
unit
string

The unit of time.

If not set, millisecond is used.

  • DAYS
  • HOURS
  • MILLIS
  • MINUTES
  • SECONDS
optional
value
integer

The amount of time.

required

Request body JSON model

This is a model of the request body, showing the possible elements. It has to be adjusted for usage in an actual request.

{
  "expiresIn": {
    "unit": "DAYS",
    "value": 1
  },
  "name": "string",
  "scopes": [
    "InstallerDownload"
  ]
}

Request headers

Accept header value
Description
application/json
The response contains JSON payload with token.
text/plain
The response contains token in plain text format.
accept: text/csv; header=present; charset=utf-8
The response contains token in CSV-format.
accept: text/csv; header=absent; charset=utf-8
The response contains token in CSV-format, preceded by the token heading.

Response

Response codes

Code
Type
Description
201

Success. The token has been created. The response body contains the token itself.

400

Failed. The input is invalid. Response body provides details.

4XX

Client side error.

5XX

Server side error.

Response body objects

The Token object

Element
Type
Description
token
string

Dynatrace API authentication token.

Response body JSON model

{
  "token": "abcdefjhij1234567890"
}

Example

In this example, the request creates a new token named REST example. It is valid for 24 hours and has the following scopes:

  • Access problem and event feed, metrics, and topology
  • Read configuration
  • Write configuration

The Accept header sets the response content type as text/plain.

The response code of 201 indicates that the creation was successful. The response contains the new token as plain text.

The API token is passed in the Authorization header.

You can download or copy the example request body to try it out on your own.

Curl

curl -X POST \
  https://mySampleEnv.live.dynatrace.com/api/v1/tokens/ \
  -H 'Authorization: Api-Token dt0c01.abc123.abcdefjhij1234567890' \
  -H 'Content-Type: application/json' \
  -H 'Accept: text/plain'
  -d '{
  "name": "REST example",
  "scopes": [
    "WriteConfig",
    "ReadConfig",
    "DataExport"
  ],
  "expiresIn": {
    "value": 24,
    "unit": "HOURS"
  }
}
'

Request body

{
  "name": "REST example",
  "scopes": ["WriteConfig", "ReadConfig", "DataExport"],
  "expiresIn": {
    "value": 24,
    "unit": "HOURS"
  }
}

Response body

0987654321jihgfedcba

Response code

201

Result

The new token looks like this in the Dynatrace interface:

Dynatrace API authentication token - new