Credential vault API - GET credentials metadata

Reference
Published Oct 06, 2022

Gets the metadata of the specified set of credentials for synthetic monitors. The credentials set itself (username/certificate and password) is not included in the response.

The request produces an application/json payload.

GET	ManagedDynatrace for Government	`https://{your-domain}/e/{your-environment-id}/api/v2/credentials/{id}`
GET	Environment and Cluster ActiveGate (default port 9999)	`https://{your-activegate-domain}:9999/e/{your-environment-id}/api/v2/credentials/{id}`

Authentication

To execute this request, you need an access token with credentialVault.read scope.

To learn how to obtain and use it, see Tokens and authentication.

Parameters

Parameter	Type	Description	In	Required
id	string	The Dynatrace entity ID of the required credentials set.	path	Required

Response

Response codes

Code	Type	Description
200	CredentialsResponseElement	Success. The response contains the metadata of the credentials set.
400	ErrorEnvelope	Failed. The input is invalid.
4XX	ErrorEnvelope	Client side error.
5XX	ErrorEnvelope	Server side error.

Response body objects

The `CredentialsResponseElement` object

Metadata of the credentials set.

Element	Type	Description
allowContextlessRequests	boolean	Allow access without app context, for example, from ad hoc functions in Workflows (requires the APP_ENGINE scope).
allowedEntities	CredentialAccessData[]	The set of entities allowed to use the credential.
credentialUsageSummary	CredentialUsageHandler[]	The list contains summary data related to the use of credentials.
description	string	A short description of the credentials set.
externalVault	ExternalVaultConfig	Configuration for external vault synchronization for username and password credentials.
id	string	The ID of the credentials set.
name	string	The name of the credentials set.
owner	string	The owner of the credential (user for which used API token was created).
ownerAccessOnly	boolean	Flag indicating that this credential is visible only to the owner.
scope	string	The scope of the credentials set. The element can hold these values `APP_ENGINE` `EXTENSION` `SYNTHETIC`
scopes	string[]	The set of scopes of the credentials set. The element can hold these values `APP_ENGINE` `EXTENSION` `SYNTHETIC`
type	string	The type of the credentials set. The element can hold these values `AWS_MONITORING_KEY_BASED` `AWS_MONITORING_ROLE_BASED` `CERTIFICATE` `PUBLIC_CERTIFICATE` `SNMPV3` `TOKEN` `UNKNOWN` `USERNAME_PASSWORD`

The `CredentialAccessData` object

The set of entities allowed to use the credential.

Element	Type	Description
id	string	-
type	string	- The element can hold these values `APPLICATION` `UNKNOWN` `USER`

The `CredentialUsageHandler` object

Keeps information about credential's usage.

Element	Type	Description
count	integer	The number of uses.
type	string	Type of usage.

The `ExternalVaultConfig` object

Configuration for external vault synchronization for username and password credentials.

Element	Type	Description
credentialsUsedForExternalSynchronization	string[]	-
passwordSecretName	string	-
sourceAuthMethod	string	Defines the actual set of fields depending on the value. See one of the following objects: `HASHICORP_VAULT_APPROLE` -> HashicorpApproleConfig `HASHICORP_VAULT_CERTIFICATE` -> HashicorpCertificateConfig `AZURE_KEY_VAULT_CLIENT_SECRET` -> AzureClientSecretConfig `CYBERARK_VAULT_USERNAME_PASSWORD` -> CyberArkUsernamePasswordConfig `CYBERARK_VAULT_ALLOWED_LOCATION` -> CyberArkAllowedLocationConfig The element can hold these values `AZURE_KEY_VAULT_CLIENT_SECRET` `CYBERARK_VAULT_ALLOWED_LOCATION` `CYBERARK_VAULT_USERNAME_PASSWORD` `HASHICORP_VAULT_APPROLE` `HASHICORP_VAULT_CERTIFICATE`
tokenSecretName	string	-
type	string	- The element can hold these values `AZURE_CERTIFICATE_MODEL` `AZURE_CLIENT_SECRET_MODEL` `CYBERARK_VAULT_ALLOWED_LOCATION_MODEL` `CYBERARK_VAULT_USERNAME_PASSWORD_MODEL` `HASHICORP_APPROLE_MODEL` `HASHICORP_CERTIFICATE_MODEL`
usernameSecretName	string	-
vaultUrl	string	-

The `ErrorEnvelope` object

Element	Type	Description
error	Error	-

The `Error` object

Element	Type	Description
code	integer	The HTTP status code
constraintViolations	ConstraintViolation[]	A list of constraint violations
message	string	The error message

The `ConstraintViolation` object

A list of constraint violations

Element	Type	Description
location	string	-
message	string	-
parameterLocation	string	- The element can hold these values `HEADER` `PATH` `PAYLOAD_BODY` `QUERY`
path	string	-

Response body JSON models

{
  "allowContextlessRequests": "false",
  "credentialUsageSummary": [
    {
      "BROWSER_MONITOR": 2,
      "HTTP_MONITOR": 3
    }
  ],
  "description": "Sample credentials for demo purposes.",
  "externalVault": {
    "passwordSecretName": "password",
    "pathToCredentials": "kv/credentials",
    "roleId": "00e4858c-ec33-bc99-4e7e-34de6967de6c",
    "secretId": "CREDENTIALS_VAULT-XXXXXXXXXXXXXXXX",
    "sourceAuthMethod": "HASHICORP_VAULT_APPROLE",
    "usernameSecretName": "username",
    "vaultNamespace": "admin",
    "vaultUrl": "https://vault-cluster.vault.fb17d2fc-be92-4230-afa2-91dbfda3cbad.aws.hashicorp.cloud:8200"
  },
  "id": "CREDENTIALS_VAULT-C43F2C2E6395AD23",
  "name": "Sample username-password credentials",
  "owner": "user@domain.com",
  "ownerAccessOnly": true,
  "scope": "SYNTHETIC",
  "type": "USERNAME_PASSWORD"
}

{
  "error": {
    "code": 1,
    "constraintViolations": [
      {
        "location": "string",
        "message": "string",
        "parameterLocation": "HEADER",
        "path": "string"
      }
    ],
    "message": "string"
  }
}

Credential vault API - GET credentials metadata

Authentication

Parameters

Response

Response codes

Response body objects

The CredentialsResponseElement object

The CredentialAccessData object

The CredentialUsageHandler object

The ExternalVaultConfig object

The ErrorEnvelope object

The Error object

The ConstraintViolation object