Tokens API v1 - POST a new token

This API is deprecated. Use the Access tokens API instead.

Creates a new Dynatrace API authentication token. The response contains the newly created token.

The new token is owned by the same user who owns the token used to authenticate the call.

The request consumes an application/json payload.

The request produces one of the following payload types:

application/json
text/plain
text/csv

Use the Accept header to set the required response type.

POST	ManagedDynatrace for Government	`https://{your-domain}/e/{your-environment-id}/api/v1/tokens`
	SaaS	`https://{your-environment-id}.live.dynatrace.com/api/v1/tokens`
	Environment ActiveGate	`https://{your-activegate-domain}/e/{your-environment-id}/api/v1/tokens`

Authentication

To execute this request, you need an access token with TenantTokenManagement scope.

To learn how to obtain and use it, see Tokens and authentication.

Parameters

Parameter	Type	Description	In	Required
body	CreateToken	The JSON body of the request. Contains parameters of the new token.	body	required

Request body objects

The `CreateToken` object

Element Type Description Required

name

string

Element	Type	Description	Required
name	string	The name of the token.	required
expiresIn	Duration	Defines a period of time.	optional
scopes	string[]	The list of scopes to be assigned to the token. `InstallerDownload`: PaaS integration - Installer download. `DataExport`: Access problem and event feed, metrics, and topology. `PluginUpload`: Upload Extension. `SupportAlert`: PaaS integration - Support alert. `AdvancedSyntheticIntegration`: Dynatrace module integration - Synthetic Classic. `ExternalSyntheticIntegration`: Create and read synthetic monitors, locations, and nodes. `AppMonIntegration`: Dynatrace module integration - AppMon. `RumBrowserExtension`: RUM Browser Extension. `LogExport`: Read logs. `ReadConfig`: Read configuration. `WriteConfig`: Write configuration. `DTAQLAccess`: User sessions. `UserSessionAnonymization`: Anonymize user session data for data privacy reasons. `DataPrivacy`: Change data privacy settings. `CaptureRequestData`: Capture request data. `Davis`: Dynatrace module integration - Davis. `DssFileManagement`: Mobile symbolication file management. `RumJavaScriptTagManagement`: Real user monitoring JavaScript tag management. `TenantTokenManagement`: Token management. `ActiveGateCertManagement`: ActiveGate certificate management. `RestRequestForwarding`: Fetch data from a remote environment. `ReadSyntheticData`: Read synthetic monitors, locations, and nodes. `DataImport`: Data ingest, e.g.: metrics and events. `syntheticExecutions.write`: Write synthetic monitor executions. `syntheticExecutions.read`: Read synthetic monitor execution results. `auditLogs.read`: Read audit logs. `metrics.read`: Read metrics. `metrics.write`: Write metrics. `entities.read`: Read entities. `entities.write`: Write entities. `problems.read`: Read problems. `problems.write`: Write problems. `events.read`: Read events. `events.ingest`: Ingest events. `networkZones.read`: Read network zones. `networkZones.write`: Write network zones. `activeGates.read`: Read ActiveGates. `activeGates.write`: Write ActiveGates. `activeGateTokenManagement.read`: Read ActiveGate tokens. `activeGateTokenManagement.create`: Create ActiveGate tokens. `activeGateTokenManagement.write`: Write ActiveGate tokens. `credentialVault.read`: Read credential vault entries. `credentialVault.write`: Write credential vault entries. `extensions.read`: Read extensions. `extensions.write`: Write extensions. `extensionConfigurations.read`: Read extension monitoring configurations. `extensionConfigurations.write`: Write extension monitoring configurations. `extensionEnvironment.read`: Read extension environment configurations. `extensionEnvironment.write`: Write extension environment configurations. `metrics.ingest`: Ingest metrics. `securityProblems.read`: Read security problems. `securityProblems.write`: Write security problems. `syntheticLocations.read`: Read synthetic locations. `syntheticLocations.write`: Write synthetic locations. `settings.read`: Read settings. `settings.write`: Write settings. `tenantTokenRotation.write`: Tenant token rotation. `slo.read`: Read SLO. `slo.write`: Write SLO. `releases.read`: Read releases. `apiTokens.read`: Read API tokens. `apiTokens.write`: Write API tokens. `openTelemetryTrace.ingest`: Ingest OpenTelemetry traces. `logs.read`: Read logs. `logs.ingest`: Ingest logs. `geographicRegions.read`: Read Geographic regions. `hub.read`: Read Hub related data. `oneAgents.read`: Read OneAgents. `oneAgents.write`: Write OneAgents. `traces.lookup`: Look up a single trace. `hub.write`: Write Hub related data. The element can hold these values `InstallerDownload` `DataExport` `PluginUpload` `SupportAlert` `AdvancedSyntheticIntegration` `ExternalSyntheticIntegration` `AppMonIntegration` `RumBrowserExtension` `LogExport` `ReadConfig` `WriteConfig` `DTAQLAccess` `UserSessionAnonymization` `DataPrivacy` `CaptureRequestData` `Davis` `DssFileManagement` `RumJavaScriptTagManagement` `TenantTokenManagement` `ActiveGateCertManagement` `RestRequestForwarding` `ReadSyntheticData` `DataImport` `syntheticExecutions.write` `syntheticExecutions.read` `auditLogs.read` `metrics.read` `metrics.write` `entities.read` `entities.write` `problems.read` `problems.write` `events.read` `events.ingest` `networkZones.read` `networkZones.write` `activeGates.read` `activeGates.write` `activeGateTokenManagement.read` `activeGateTokenManagement.create` `activeGateTokenManagement.write` `credentialVault.read` `credentialVault.write` `extensions.read` `extensions.write` `extensionConfigurations.read` `extensionConfigurations.write` `extensionEnvironment.read` `extensionEnvironment.write` `metrics.ingest` `securityProblems.read` `securityProblems.write` `syntheticLocations.read` `syntheticLocations.write` `settings.read` `settings.write` `tenantTokenRotation.write` `slo.read` `slo.write` `releases.read` `apiTokens.read` `apiTokens.write` `openTelemetryTrace.ingest` `logs.read` `logs.ingest` `geographicRegions.read` `hub.read` `oneAgents.read` `oneAgents.write` `traces.lookup` `hub.write`	required

The name of the token.

required

expiresIn

Duration

Defines a period of time.

optional

scopes

string[]

The list of scopes to be assigned to the token.

InstallerDownload: PaaS integration - Installer download.
DataExport: Access problem and event feed, metrics, and topology.
PluginUpload: Upload Extension.
SupportAlert: PaaS integration - Support alert.
AdvancedSyntheticIntegration: Dynatrace module integration - Synthetic Classic.
ExternalSyntheticIntegration: Create and read synthetic monitors, locations, and nodes.
AppMonIntegration: Dynatrace module integration - AppMon.
RumBrowserExtension: RUM Browser Extension.
LogExport: Read logs.
ReadConfig: Read configuration.
WriteConfig: Write configuration.
DTAQLAccess: User sessions.
UserSessionAnonymization: Anonymize user session data for data privacy reasons.
DataPrivacy: Change data privacy settings.
CaptureRequestData: Capture request data.
Davis: Dynatrace module integration - Davis.
DssFileManagement: Mobile symbolication file management.
RumJavaScriptTagManagement: Real user monitoring JavaScript tag management.
TenantTokenManagement: Token management.
ActiveGateCertManagement: ActiveGate certificate management.
RestRequestForwarding: Fetch data from a remote environment.
ReadSyntheticData: Read synthetic monitors, locations, and nodes.
DataImport: Data ingest, e.g.: metrics and events.
syntheticExecutions.write: Write synthetic monitor executions.
syntheticExecutions.read: Read synthetic monitor execution results.
auditLogs.read: Read audit logs.
metrics.read: Read metrics.
metrics.write: Write metrics.
entities.read: Read entities.
entities.write: Write entities.
problems.read: Read problems.
problems.write: Write problems.
events.read: Read events.
events.ingest: Ingest events.
networkZones.read: Read network zones.
networkZones.write: Write network zones.
activeGates.read: Read ActiveGates.
activeGates.write: Write ActiveGates.
activeGateTokenManagement.read: Read ActiveGate tokens.
activeGateTokenManagement.create: Create ActiveGate tokens.
activeGateTokenManagement.write: Write ActiveGate tokens.
credentialVault.read: Read credential vault entries.
credentialVault.write: Write credential vault entries.
extensions.read: Read extensions.
extensions.write: Write extensions.
extensionConfigurations.read: Read extension monitoring configurations.
extensionConfigurations.write: Write extension monitoring configurations.
extensionEnvironment.read: Read extension environment configurations.
extensionEnvironment.write: Write extension environment configurations.
metrics.ingest: Ingest metrics.
securityProblems.read: Read security problems.
securityProblems.write: Write security problems.
syntheticLocations.read: Read synthetic locations.
syntheticLocations.write: Write synthetic locations.
settings.read: Read settings.
settings.write: Write settings.
tenantTokenRotation.write: Tenant token rotation.
slo.read: Read SLO.
slo.write: Write SLO.
releases.read: Read releases.
apiTokens.read: Read API tokens.
apiTokens.write: Write API tokens.
openTelemetryTrace.ingest: Ingest OpenTelemetry traces.
logs.read: Read logs.
logs.ingest: Ingest logs.
geographicRegions.read: Read Geographic regions.
hub.read: Read Hub related data.
oneAgents.read: Read OneAgents.
oneAgents.write: Write OneAgents.
traces.lookup: Look up a single trace.
hub.write: Write Hub related data.

The element can hold these values

InstallerDownload
DataExport
PluginUpload
SupportAlert
AdvancedSyntheticIntegration
ExternalSyntheticIntegration
AppMonIntegration
RumBrowserExtension
LogExport
ReadConfig
WriteConfig
DTAQLAccess
UserSessionAnonymization
DataPrivacy
CaptureRequestData
Davis
DssFileManagement
RumJavaScriptTagManagement
TenantTokenManagement
ActiveGateCertManagement
RestRequestForwarding
ReadSyntheticData
DataImport
syntheticExecutions.write
syntheticExecutions.read
auditLogs.read
metrics.read
metrics.write
entities.read
entities.write
problems.read
problems.write
events.read
events.ingest
networkZones.read
networkZones.write
activeGates.read
activeGates.write
activeGateTokenManagement.read
activeGateTokenManagement.create
activeGateTokenManagement.write
credentialVault.read
credentialVault.write
extensions.read
extensions.write
extensionConfigurations.read
extensionConfigurations.write
extensionEnvironment.read
extensionEnvironment.write
metrics.ingest
securityProblems.read
securityProblems.write
syntheticLocations.read
syntheticLocations.write
settings.read
settings.write
tenantTokenRotation.write
slo.read
slo.write
releases.read
apiTokens.read
apiTokens.write
openTelemetryTrace.ingest
logs.read
logs.ingest
geographicRegions.read
hub.read
oneAgents.read
oneAgents.write
traces.lookup
hub.write

required

The `Duration` object

Defines a period of time.

Element Type Description Required

value

integer

Element	Type	Description	Required
value	integer	The amount of time.	required
unit	string	The unit of time. If not set, millisecond is used. The element can hold these values `DAYS` `HOURS` `MILLIS` `MINUTES` `SECONDS`	optional

The amount of time.

required

unit

string

The unit of time.

If not set, millisecond is used.

The element can hold these values

DAYS
HOURS
MILLIS
MINUTES
SECONDS

optional

Request body JSON model

This is a model of the request body, showing the possible elements. It has to be adjusted for usage in an actual request.

json
{
  "name": "string",
  "expiresIn": {
    "value": 1,
    "unit": "DAYS"
  },
  "scopes": [
    "InstallerDownload"
  ]
}

Request headers

Accept header value	Description
`application/json`	The response contains JSON payload with token.
`text/plain`	The response contains token in plain text format.
`accept: text/csv; header=present; charset=utf-8`	The response contains token in CSV-format.
`accept: text/csv; header=absent; charset=utf-8`	The response contains token in CSV-format, preceded by the token heading.

Response

Response codes

Code	Type	Description
201	Token	Success. The token has been created. The response body contains the token itself.
400	ErrorEnvelope	Failed. The input is invalid. Response body provides details.

Response body objects

The `Token` object

Element	Type	Description
token	string	Dynatrace API authentication token.

Response body JSON model

json
{
  "token": "abcdefjhij1234567890"
}

Example

In this example, the request creates a new token named REST example. It is valid for 24 hours and has the following scopes:

Access problem and event feed, metrics, and topology
Read configuration
Write configuration

The Accept header sets the response content type as text/plain.

The response code of 201 indicates that the creation was successful. The response contains the new token as plain text.

The API token is passed in the Authorization header.

You can download or copy the example request body to try it out on your own.

Curl

bash
curl -X POST \
  https://mySampleEnv.live.dynatrace.com/api/v1/tokens/ \
  -H 'Authorization: Api-Token dt0c01.abc123.abcdefjhij1234567890' \
  -H 'Content-Type: application/json' \
  -H 'Accept: text/plain'
  -d '{
  "name": "REST example",
  "scopes": [
    "WriteConfig",
    "ReadConfig",
    "DataExport"
  ],
  "expiresIn": {
    "value": 24,
    "unit": "HOURS"
  }
}
'

Request body

json
{
  "name": "REST example",
  "scopes": ["WriteConfig", "ReadConfig", "DataExport"],
  "expiresIn": {
    "value": 24,
    "unit": "HOURS"
  }
}

Response body

plaintext
0987654321jihgfedcba

Response code

201

Result

The new token looks like this in the Dynatrace interface:

Tokens API v1 - POST a new token

Authentication

Parameters

Request body objects

The CreateToken object

The Duration object

Request body JSON model

Request headers

Response

Response codes

Response body objects

The Token object

Response body JSON model

Example

Curl

Request body

Response body

Response code

Result

The `CreateToken` object

The `Duration` object

The `Token` object