• Home
  • Dynatrace API
  • Configuration
  • Credential vault
  • GET all credentials

Credential vault API - GET all credentials

Lists all credentials for synthetic monitors stored in your environment.

The request produces an application/json payload.

GETManaged https://{your-domain}/e/{your-environment-id}/api/config/v1/credentials
SaaS https://{your-environment-id}.live.dynatrace.com/api/config/v1/credentials
Environment ActiveGate https://{your-activegate-domain}/e/{your-environment-id}/api/config/v1/credentials

Authentication

To execute this request, you need an access token with Read credential vault entries (credentialVault.read) scope. To learn how to obtain and use it, see Tokens and authentication.

Parameters

ParameterTypeDescriptionInRequired
typestring

Filters the result by the specified credentials type.

The element can hold these values
  • CERTIFICATE
  • USERNAME_PASSWORD
  • TOKEN
queryoptional

Response

Response codes

CodeTypeDescription
200CredentialsList

Success

Response body objects

The CredentialsList object

A list of credentials sets for Synthetic monitors.

ElementTypeDescription
credentialsCredentialsResponseElement[]

A list of credentials sets for Synthetic monitors.

The CredentialsResponseElement object

Metadata of the credentials set.

ElementTypeDescription
namestring

The name of the credentials set.

idstring

The ID of the credentials set.

Can be null.

typestring

The type of the credentials set.

The element can hold these values
  • CERTIFICATE
  • PUBLIC_CERTIFICATE
  • TOKEN
  • UNKNOWN
  • USERNAME_PASSWORD
descriptionstring

A short description of the credentials set.

ownerstring

The owner of the credential (user for which used API token was created).

ownerAccessOnlyboolean

Flag indicating that this credential is visible only to the owner.

scopestring

The scope of the credentials set.

The element can hold these values
  • ALL
  • EXTENSION
  • SYNTHETIC

Can be null.

externalVaultExternalVaultConfig

Configuration for external vault synchronization for username and password credentials.

Can be null.

credentialUsageSummaryCredentialUsageHandler[]

The list contains summary data related to the use of credentials.

The ExternalVaultConfig object

Configuration for external vault synchronization for username and password credentials.

ElementTypeDescription
sourceAuthMethodstring

Defines the actual set of fields depending on the value. See one of the following objects:

  • HASHICORP_VAULT_APPROLE -> HashicorpApproleConfig
  • HASHICORP_VAULT_CERTIFICATE -> HashicorpCertificateConfig
  • AZURE_KEY_VAULT_CLIENT_SECRET -> AzureClientSecretConfig
The element can hold these values
  • AZURE_KEY_VAULT_CLIENT_SECRET
  • HASHICORP_VAULT_APPROLE
  • HASHICORP_VAULT_CERTIFICATE

Can be null.

vaultUrlstring-

Can be null.

usernameSecretNamestring-

Can be null.

passwordSecretNamestring-

Can be null.

typestring-
The element can hold these values
  • AZURE_CERTIFICATE_MODEL
  • AZURE_CLIENT_SECRET_MODEL
  • HASHICORP_APPROLE_MODEL
  • HASHICORP_CERTIFICATE_MODEL

Can be null.

credentialsUsedForExternalSynchronizationstring[]-

Can be null.

The CredentialUsageHandler object

Keeps information about credential's usage.

ElementTypeDescription
typestring

Type of usage.

Can be null.

countinteger

The number of uses.

Can be null.

Response body JSON model

json
{ "credentials": [ { "name": "Sample username-password credentials", "id": "CREDENTIALS_VAULT-E80203F993472E6D", "type": "USERNAME_PASSWORD", "description": "Sample credentials for demo purposes", "owner": "admin", "ownerAccessOnly": "true", "scope": "SYNTHETIC", "credentialUsageSummary": [ { "HTTP_MONITOR": 4 } ] }, { "name": "Sample certificate credentials", "id": "CREDENTIALS_VAULT-842DEF439999E15B", "type": "CERTIFICATE", "description": "Sample credentials for demo purposes", "owner": "John.Doe@domain.com", "ownerAccessOnly": "true", "scope": "EXTENSION", "credentialUsageSummary": [] }, { "name": "Sample token credentials", "id": "CREDENTIALS_VAULT-854345639999E15B", "type": "TOKEN", "description": "Sample token for demo purposes", "owner": "John.Doe@domain.com", "ownerAccessOnly": "true", "scope": "SYNTHETIC", "credentialUsageSummary": [ { "HTTP_MONITOR": 4, "BROWSER_MONITOR": 11 } ] } ] }

Example

In this example, the request lists all credentials of the USERNAME_PASSWORD type from the mySampleEnv environment.

The API token is passed in the Authorization header.

The result is truncated to two entries.

Curl

shell
curl -X GET \ 'https://mySampleEnv.live.dynatrace.com/api/config/v1/credentials/?type=USERNAME_PASSWORD' \ -H 'Authorization: Api-Token dt0c01.abc123.abcdefjhij1234567890'

Request URL

plaintext
https://mySampleEnv.live.dynatrace.com/api/config/v1/credentials/?type=USERNAME_PASSWORD

Response body

json
{ "credentials": [ { "name": "easyTravel", "id": "CREDENTIALS_VAULT-9415C41E3649FE3C", "type": "USERNAME_PASSWORD", "description": "Credentials for easyTravel test app" }, { "name": "google.com", "id": "CREDENTIALS_VAULT-E6D8ED717C9689B2", "type": "USERNAME_PASSWORD", "description": "google.com" } ] }

Response code

200

Related topics
  • Configure browser monitors

    Learn about configuring browser monitors and clickpaths.

  • Configure HTTP monitors

    Learn about configuring HTTP monitors.