Updates the specified Dynatrace API authentication token. You can:
- Change the token name.
- Add or remove token scopes.
- Revoke the token. A revoked token still exists in the environment, but it can't be used.
The request consumes an application/json
payload.
PUT | ManagedDynatrace for Government | https://{your-domain}/e/{your-environment-id}/api/v1/tokens/{id} |
SaaS | https://{your-environment-id}.live.dynatrace.com/api/v1/tokens/{id} |
Environment ActiveGate | https://{your-activegate-domain}/e/{your-environment-id}/api/v1/tokens/{id} |
Authentication
To execute this request, you need an access token with TenantTokenManagement
scope.
To learn how to obtain and use it, see Tokens and authentication.
Parameters
Parameter | Type | Description | In | Required |
---|
id | string | The ID of the token to be updated.
You can't update the token you're using for authentication of the request. | path | required |
body | UpdateToken | The JSON body of the request. Contains updated parameters of the token. | body | required |
Request body objects
The UpdateToken
object
Element | Type | Description | Required |
---|
revoked | boolean | The token is revoked (true ) or active (false ). | optional |
name | string | The name of the token. | optional |
scopes | string[] | The list of permissions assigned to the token.
Apart from the new permissions, you need to submit the existing permissions you want to keep, too. Any existing permission, missing in the payload, is revoked.
InstallerDownload : PaaS integration - Installer download.
DataExport : Access problem and event feed, metrics, and topology.
PluginUpload : Upload Extension.
SupportAlert : PaaS integration - Support alert.
AdvancedSyntheticIntegration : Dynatrace module integration - Synthetic Classic.
ExternalSyntheticIntegration : Create and read synthetic monitors, locations, and nodes.
RumBrowserExtension : RUM Browser Extension.
LogExport : Read logs.
ReadConfig : Read configuration.
WriteConfig : Write configuration.
DTAQLAccess : User sessions.
UserSessionAnonymization : Anonymize user session data for data privacy reasons.
DataPrivacy : Change data privacy settings.
CaptureRequestData : Capture request data.
Davis : Dynatrace module integration - Davis.
DssFileManagement : Mobile symbolication file management.
RumJavaScriptTagManagement : Real user monitoring JavaScript tag management.
TenantTokenManagement : Token management.
ActiveGateCertManagement : ActiveGate certificate management.
RestRequestForwarding : Fetch data from a remote environment.
ReadSyntheticData : Read synthetic monitors, locations, and nodes.
DataImport : Data ingest, e.g.: metrics and events.
syntheticExecutions.write : Write synthetic monitor executions.
syntheticExecutions.read : Read synthetic monitor execution results.
auditLogs.read : Read audit logs.
metrics.read : Read metrics.
metrics.write : Write metrics.
entities.read : Read entities.
entities.write : Write entities.
problems.read : Read problems.
problems.write : Write problems.
events.read : Read events.
events.ingest : Ingest events.
analyzers.read : Read analyzers.
analyzers.write : Write & execute analyzers.
networkZones.read : Read network zones.
networkZones.write : Write network zones.
activeGates.read : Read ActiveGates.
activeGates.write : Write ActiveGates.
activeGateTokenManagement.read : Read ActiveGate tokens.
activeGateTokenManagement.create : Create ActiveGate tokens.
activeGateTokenManagement.write : Write ActiveGate tokens.
credentialVault.read : Read credential vault entries.
credentialVault.write : Write credential vault entries.
extensions.read : Read extensions.
extensions.write : Write extensions.
extensionConfigurations.read : Read extension monitoring configurations.
extensionConfigurations.write : Write extension monitoring configurations.
extensionEnvironment.read : Read extension environment configurations.
extensionEnvironment.write : Write extension environment configurations.
metrics.ingest : Ingest metrics.
attacks.read : Read attacks.
attacks.write : Write Application Protection settings.
securityProblems.read : Read security problems.
securityProblems.write : Write security problems.
syntheticLocations.read : Read synthetic locations.
syntheticLocations.write : Write synthetic locations.
settings.read : Read settings.
settings.write : Write settings.
tenantTokenRotation.write : Tenant token rotation.
slo.read : Read SLO.
slo.write : Write SLO.
releases.read : Read releases.
apiTokens.read : Read API tokens.
apiTokens.write : Write API tokens.
openTelemetryTrace.ingest : Ingest OpenTelemetry traces.
logs.read : Read logs.
logs.ingest : Ingest logs.
geographicRegions.read : Read Geographic regions.
oneAgents.read : Read OneAgents.
oneAgents.write : Write OneAgents.
traces.lookup : Look up a single trace.
hub.read : Read Hub related data.
hub.write : Manage metadata of Hub items.
hub.install : Install and update Hub items.
javaScriptMappingFiles.read : Read JavaScript mapping files.
javaScriptMappingFiles.write : Write JavaScript mapping files.
The element can hold these valuesInstallerDownload DataExport PluginUpload SupportAlert AdvancedSyntheticIntegration ExternalSyntheticIntegration RumBrowserExtension LogExport ReadConfig WriteConfig DTAQLAccess UserSessionAnonymization DataPrivacy CaptureRequestData Davis DssFileManagement RumJavaScriptTagManagement TenantTokenManagement ActiveGateCertManagement RestRequestForwarding ReadSyntheticData DataImport syntheticExecutions.write syntheticExecutions.read auditLogs.read metrics.read metrics.write entities.read entities.write problems.read problems.write events.read events.ingest analyzers.read analyzers.write networkZones.read networkZones.write activeGates.read activeGates.write activeGateTokenManagement.read activeGateTokenManagement.create activeGateTokenManagement.write credentialVault.read credentialVault.write extensions.read extensions.write extensionConfigurations.read extensionConfigurations.write extensionEnvironment.read extensionEnvironment.write metrics.ingest attacks.read attacks.write securityProblems.read securityProblems.write syntheticLocations.read syntheticLocations.write settings.read settings.write tenantTokenRotation.write slo.read slo.write releases.read apiTokens.read apiTokens.write openTelemetryTrace.ingest logs.read logs.ingest geographicRegions.read oneAgents.read oneAgents.write traces.lookup hub.read hub.write hub.install javaScriptMappingFiles.read javaScriptMappingFiles.write
| optional |
Request body JSON model
This is a model of the request body, showing the possible elements. It has to be adjusted for usage in an actual request.
{
"revoked": true,
"name": "string",
"scopes": [
"InstallerDownload"
]
}
Response
Response codes
Code | Type | Description |
---|
204 | | Success. The token has been updated. |
400 | ErrorEnvelope | Failed. You can't update the token you're using for authentication of the request. |
404 | ErrorEnvelope | Failed. The requested token has not been found. |
Example
In this example, the request queries the metadata of the admin token, which has the ID of d5836312-5790-4e80-afcf-09971954c3ea. It assigns two new scopes: Real user monitoring JavaScript tag management and ActiveGate certificate management. The name and validity of the token remain intact. The response code of 204 indicates that the update was successful.
The token, as displayed in the Dynatrace interface, has the following settings before the edit:

The API token is passed in the Authorization header.
You can download or copy the example request body to try it out on your own.
Curl
curl -X PUT \
https://mySampleEnv.live.dynatrace.com/api/v1/tokens/d5836312-5790-4e80-afcf-09971954c3ea \
-H 'Authorization: Api-Token dt0c01.abc123.abcdefjhij1234567890' \
-H 'Content-Type: application/json' \
-d '{
"scopes": [
"ExternalSyntheticIntegration",
"DataPrivacy",
"WriteConfig",
"DssFileManagement",
"LogExport",
"DTAQLAccess",
"ReadConfig",
"CaptureRequestData",
"ReadSyntheticData",
"DataExport",
"UserSessionAnonymization",
"MaintenanceWindows",
"LogImport",
"TenantTokenManagement",
"ActiveGateCertManagement",
"RumJavaScriptTagManagement"
]
}
'
Request URL
https://mySampleEnv.live.dynatrace.com/api/v1/tokens/d5836312-5790-4e80-afcf-09971954c3ea
Request body
{
"scopes": [
"ExternalSyntheticIntegration",
"DataPrivacy",
"WriteConfig",
"DssFileManagement",
"LogExport",
"DTAQLAccess",
"ReadConfig",
"CaptureRequestData",
"ReadSyntheticData",
"DataExport",
"UserSessionAnonymization",
"MaintenanceWindows",
"LogImport",
"TenantTokenManagement",
"ActiveGateCertManagement",
"RumJavaScriptTagManagement"
]
}
Response code
204
Result
The updated token, as displayed in the Dynatrace interface, has the following parameters:
