The Account Management API helps you manage your account and its users. For example, you can manage access to Dynatrace environments by creating groups with various access levels and then associating these groups with users.
To be authenticated to use the Account Management API, you need a valid bearer token. Access to the API is fine-grained, meaning that you also need the proper permissions assigned to the token. See the description of each request to find out which permission is required to use it. The bearer token authenticates you via an OAuth2 client as a service user who is granted access to the API.
To obtain a token, you must create an OAuth2 client and then request the token from it. For more information, see OAuth clients.
The following token scopes are applicable to Account Management use cases.
| Name | API value |
|---|---|
Allow read access for identity resources (users and groups) |
|
Allow write access for identity resources (users and groups) |
|
Allow read access for environment resources |
|
Allow write access for environment resources |
|
Allow read access for usage and consumption resources |
|
Allow write access for usage and consumption resources |
|
Allow IAM policy configuration for environments |
|