Credential vault API - GET all credentials

Lists all credentials for synthetic monitors stored in your environment.

The request produces an application/json payload.

GET	Managed	`https://{your-domain}/e/{your-environment-id}/api/config/v1/credentials`
	SaaS	`https://{your-environment-id}.live.dynatrace.com/api/config/v1/credentials`
	Environment ActiveGate	`https://{your-activegate-domain}/e/{your-environment-id}/api/config/v1/credentials`

Authentication

To execute this request, you need an access token with Read credential vault entries (credentialVault.read) scope. To learn how to obtain and use it, see Tokens and authentication.

Parameters

Parameter	Type	Description	In	Required
type	string	Filters the result by the specified credentials type. The element can hold these values `CERTIFICATE` `USERNAME_PASSWORD` `TOKEN`	query	optional

Response

Response codes

Code	Type	Description
200	CredentialsList	Success

Response body objects

The `CredentialsList` object

A list of credentials sets for Synthetic monitors.

Element	Type	Description
credentials	CredentialsResponseElement[]	A list of credentials sets for Synthetic monitors.

The `CredentialsResponseElement` object

Metadata of the credentials set.

Element	Type	Description
name	string	The name of the credentials set.
id	string	The ID of the credentials set. Can be `null`.
type	string	The type of the credentials set. The element can hold these values `CERTIFICATE` `PUBLIC_CERTIFICATE` `TOKEN` `UNKNOWN` `USERNAME_PASSWORD`
description	string	A short description of the credentials set.
owner	string	The owner of the credential (user for which used API token was created).
ownerAccessOnly	boolean	Flag indicating that this credential is visible only to the owner.
scope	string	The scope of the credentials set. The element can hold these values `ALL` `EXTENSION` `SYNTHETIC` Can be `null`.
externalVault	ExternalVaultConfig	Configuration for external vault synchronization for username and password credentials. Can be `null`.
credentialUsageSummary	CredentialUsageHandler[]	The list contains summary data related to the use of credentials.

The `ExternalVaultConfig` object

Configuration for external vault synchronization for username and password credentials.

Element	Type	Description
sourceAuthMethod	string	Defines the actual set of fields depending on the value. See one of the following objects: `HASHICORP_VAULT_APPROLE` -> HashicorpApproleConfig `HASHICORP_VAULT_CERTIFICATE` -> HashicorpCertificateConfig `AZURE_KEY_VAULT_CLIENT_SECRET` -> AzureClientSecretConfig The element can hold these values `AZURE_KEY_VAULT_CLIENT_SECRET` `HASHICORP_VAULT_APPROLE` `HASHICORP_VAULT_CERTIFICATE` Can be `null`.
vaultUrl	string	- Can be `null`.
usernameSecretName	string	- Can be `null`.
passwordSecretName	string	- Can be `null`.
type	string	- The element can hold these values `AZURE_CERTIFICATE_MODEL` `AZURE_CLIENT_SECRET_MODEL` `HASHICORP_APPROLE_MODEL` `HASHICORP_CERTIFICATE_MODEL` Can be `null`.
credentialsUsedForExternalSynchronization	string[]	- Can be `null`.

The `CredentialUsageHandler` object

Keeps information about credential's usage.

Element Type Description

type

string

Element	Type	Description
type	string	Type of usage. Can be `null`.
count	integer	The number of uses. Can be `null`.

Type of usage.

Can be null.

count

integer

The number of uses.

Can be null.

Response body JSON model

json
{
  "credentials": [
    {
      "name": "Sample username-password credentials",
      "id": "CREDENTIALS_VAULT-E80203F993472E6D",
      "type": "USERNAME_PASSWORD",
      "description": "Sample credentials for demo purposes",
      "owner": "admin",
      "ownerAccessOnly": "true",
      "scope": "SYNTHETIC",
      "credentialUsageSummary": [
        {
          "HTTP_MONITOR": 4
        }
      ]
    },
    {
      "name": "Sample certificate credentials",
      "id": "CREDENTIALS_VAULT-842DEF439999E15B",
      "type": "CERTIFICATE",
      "description": "Sample credentials for demo purposes",
      "owner": "John.Doe@domain.com",
      "ownerAccessOnly": "true",
      "scope": "EXTENSION",
      "credentialUsageSummary": []
    },
    {
      "name": "Sample token credentials",
      "id": "CREDENTIALS_VAULT-854345639999E15B",
      "type": "TOKEN",
      "description": "Sample token for demo purposes",
      "owner": "John.Doe@domain.com",
      "ownerAccessOnly": "true",
      "scope": "SYNTHETIC",
      "credentialUsageSummary": [
        {
          "HTTP_MONITOR": 4,
          "BROWSER_MONITOR": 11
        }
      ]
    }
  ]
}

Example

In this example, the request lists all credentials of the USERNAME_PASSWORD type from the mySampleEnv environment.

The API token is passed in the Authorization header.

The result is truncated to two entries.

Curl

shell
curl -X GET \
  'https://mySampleEnv.live.dynatrace.com/api/config/v1/credentials/?type=USERNAME_PASSWORD' \
  -H 'Authorization: Api-Token dt0c01.abc123.abcdefjhij1234567890'

Request URL

plaintext
https://mySampleEnv.live.dynatrace.com/api/config/v1/credentials/?type=USERNAME_PASSWORD

Response body

json
{
  "credentials": [
    {
      "name": "easyTravel",
      "id": "CREDENTIALS_VAULT-9415C41E3649FE3C",
      "type": "USERNAME_PASSWORD",
      "description": "Credentials for easyTravel test app"
    },
    {
      "name": "google.com",
      "id": "CREDENTIALS_VAULT-E6D8ED717C9689B2",
      "type": "USERNAME_PASSWORD",
      "description": "google.com"
    }
  ]
}

Response code

200