Tokens API v1 - PUT an existing token

Updates the specified Dynatrace API authentication token. You can:

Change the token name.
Add or remove token permissions.
Revoke the token. A revoked token still exists in the environment, but it can't be used.

The request consumes an application/json payload.

PUT	Managed https://{your-domain}/e/{your-environment-id}/api/v1/tokens/{id} SaaS https://{your-environment-id}.live.dynatrace.com/api/v1/tokens/{id}

Authentication

To execute this request, you need the Token management (TenantTokenManagement) permission assigned to your API token. To learn how to obtain and use it, see Tokens and authentication.

Parameters

Parameter	Type	Description	In	Required
id	string	The ID of the token to be updated. You can't update the token you're using for authentication of the request.	path	required
body	UpdateToken	The JSON body of the request. Contains updated parameters of the token.	body	optional

Parameter

Type

Description

Required

string

The ID of the token to be updated.

You can't update the token you're using for authentication of the request.

path

required

body

UpdateToken

The JSON body of the request. Contains updated parameters of the token.

body

optional

Body format

Request parametersJSON model

The UpdateToken object

Element Type Description Required

revoked

boolean

Element	Type	Description	Required
revoked	boolean	The token is revoked (`true`) or active (`false`).	optional
name	string	The name of the token.	optional
scopes	string[]	The list of permissions assigned to the token. Apart from the new permissions, you need to submit the existing permissions you want to keep, too. Any existing permission, missing in the payload, is revoked. `InstallerDownload`: PaaS integration - Installer download. `DataExport`: Access problem and event feed, metrics, and topology. `PluginUpload`: Upload Extension. `SupportAlert`: PaaS integration - Support alert. `DcrumIntegration`: Dynatrace module integration - NAM. `AdvancedSyntheticIntegration`: Dynatrace module integration - Synthetic Classic. `ExternalSyntheticIntegration`: Create and read synthetic monitors, locations, and nodes. `AppMonIntegration`: Dynatrace module integration - AppMon. `LogExport`: Read log content. `ReadConfig`: Read configuration. `WriteConfig`: Write configuration. `DTAQLAccess`: User sessions. `UserSessionAnonymization`: Anonymize user session data for data privacy reasons. `DataPrivacy`: Change data privacy settings. `CaptureRequestData`: Capture request data. `Davis`: Dynatrace module integration - Davis. `DssFileManagement`: Mobile symbolication file management. `LogImport`: Log import. `RumJavaScriptTagManagement`: Real user monitoring JavaScript tag management. `TenantTokenManagement`: Token management. `ActiveGateCertManagement`: ActiveGate certificate management. `RestRequestForwarding`: Fetch data from a remote environment. `ReadSyntheticData`: Read synthetic monitors, locations, and nodes. `DataImport`: Data ingest, e.g.: metrics and events. `auditLogs.read`: Read audit logs. `metrics.read`: Read metrics. `metrics.write`: Write metrics. `entities.read`: Read entities. `entities.write`: Write entities. `problems.read`: Read problems. `problems.write`: Write problems. `networkZones.read`: Read network zones. `networkZones.write`: Write network zones. `activeGates.read`: Read ActiveGates. `activeGates.write`: Write ActiveGates. `credentialVault.read`: Read credential vault entries. `credentialVault.write`: Write credential vault entries. `extensions.read`: Read extensions. `extensions.write`: Write extensions. `extensionConfigurations.read`: Read extension monitoring configurations. `extensionConfigurations.write`: Write extension monitoring configurations. `extensionEnvironment.read`: Read extension environment configurations. `extensionEnvironment.write`: Write extension environment configurations. `metrics.ingest`: Ingest metrics. `securityProblems.read`: Read security problems. `securityProblems.write`: Write security problems. `syntheticLocations.read`: Read synthetic locations. `syntheticLocations.write`: Write synthetic locations. `tenantTokenRotation.write`: Tenant token rotation. `slo.read`: Read SLO. `slo.write`: Write SLO. `releases.read`: Read releases. `apiTokens.read`: Read API tokens. `apiTokens.write`: Write API tokens. The element can hold these values InstallerDownload DataExport PluginUpload SupportAlert DcrumIntegration AdvancedSyntheticIntegration ExternalSyntheticIntegration AppMonIntegration LogExport ReadConfig WriteConfig DTAQLAccess UserSessionAnonymization DataPrivacy CaptureRequestData Davis DssFileManagement LogImport RumJavaScriptTagManagement TenantTokenManagement ActiveGateCertManagement RestRequestForwarding ReadSyntheticData DataImport auditLogs.read metrics.read metrics.write entities.read entities.write problems.read problems.write networkZones.read networkZones.write activeGates.read activeGates.write credentialVault.read credentialVault.write extensions.read extensions.write extensionConfigurations.read extensionConfigurations.write extensionEnvironment.read extensionEnvironment.write metrics.ingest securityProblems.read securityProblems.write syntheticLocations.read syntheticLocations.write tenantTokenRotation.write slo.read slo.write releases.read apiTokens.read apiTokens.write	optional

The token is revoked (true) or active (false).

optional

name

string

The name of the token.

optional

scopes

string[]

The list of permissions assigned to the token.

Apart from the new permissions, you need to submit the existing permissions you want to keep, too. Any existing permission, missing in the payload, is revoked.

InstallerDownload: PaaS integration - Installer download.
DataExport: Access problem and event feed, metrics, and topology.
PluginUpload: Upload Extension.
SupportAlert: PaaS integration - Support alert.
DcrumIntegration: Dynatrace module integration - NAM.
AdvancedSyntheticIntegration: Dynatrace module integration - Synthetic Classic.
ExternalSyntheticIntegration: Create and read synthetic monitors, locations, and nodes.
AppMonIntegration: Dynatrace module integration - AppMon.
LogExport: Read log content.
ReadConfig: Read configuration.
WriteConfig: Write configuration.
DTAQLAccess: User sessions.
UserSessionAnonymization: Anonymize user session data for data privacy reasons.
DataPrivacy: Change data privacy settings.
CaptureRequestData: Capture request data.
Davis: Dynatrace module integration - Davis.
DssFileManagement: Mobile symbolication file management.
LogImport: Log import.
RumJavaScriptTagManagement: Real user monitoring JavaScript tag management.
TenantTokenManagement: Token management.
ActiveGateCertManagement: ActiveGate certificate management.
RestRequestForwarding: Fetch data from a remote environment.
ReadSyntheticData: Read synthetic monitors, locations, and nodes.
DataImport: Data ingest, e.g.: metrics and events.
auditLogs.read: Read audit logs.
metrics.read: Read metrics.
metrics.write: Write metrics.
entities.read: Read entities.
entities.write: Write entities.
problems.read: Read problems.
problems.write: Write problems.
networkZones.read: Read network zones.
networkZones.write: Write network zones.
activeGates.read: Read ActiveGates.
activeGates.write: Write ActiveGates.
credentialVault.read: Read credential vault entries.
credentialVault.write: Write credential vault entries.
extensions.read: Read extensions.
extensions.write: Write extensions.
extensionConfigurations.read: Read extension monitoring configurations.
extensionConfigurations.write: Write extension monitoring configurations.
extensionEnvironment.read: Read extension environment configurations.
extensionEnvironment.write: Write extension environment configurations.
metrics.ingest: Ingest metrics.
securityProblems.read: Read security problems.
securityProblems.write: Write security problems.
syntheticLocations.read: Read synthetic locations.
syntheticLocations.write: Write synthetic locations.
tenantTokenRotation.write: Tenant token rotation.
slo.read: Read SLO.
slo.write: Write SLO.
releases.read: Read releases.
apiTokens.read: Read API tokens.
apiTokens.write: Write API tokens.

The element can hold these values

InstallerDownload
DataExport
PluginUpload
SupportAlert
DcrumIntegration
AdvancedSyntheticIntegration
ExternalSyntheticIntegration
AppMonIntegration
LogExport
ReadConfig
WriteConfig
DTAQLAccess
UserSessionAnonymization
DataPrivacy
CaptureRequestData
Davis
DssFileManagement
LogImport
RumJavaScriptTagManagement
TenantTokenManagement
ActiveGateCertManagement
RestRequestForwarding
ReadSyntheticData
DataImport
auditLogs.read
metrics.read
metrics.write
entities.read
entities.write
problems.read
problems.write
networkZones.read
networkZones.write
activeGates.read
activeGates.write
credentialVault.read
credentialVault.write
extensions.read
extensions.write
extensionConfigurations.read
extensionConfigurations.write
extensionEnvironment.read
extensionEnvironment.write
metrics.ingest
securityProblems.read
securityProblems.write
syntheticLocations.read
syntheticLocations.write
tenantTokenRotation.write
slo.read
slo.write
releases.read
apiTokens.read
apiTokens.write

optional

This is a model of the request body, showing the possible elements. It has to be adjusted for usage in an actual request. See the Example expandable section for working sample request.

      
  {
  "revoked": true,
  "name": "string",
  "scopes": [
    "string"
  ]
}

Response

Response codes

Code	Description
204	Success. The token has been updated.
400	Failed. You can't update the token you're using for authentication of the request.
404	Failed. The requested token has not been found.

Response body

A successful request doesn't return any content.

Example

In this example, the request queries the metadata of the admin token, which has the ID of d5836312-5790-4e80-afcf-09971954c3ea. It assigns two new permissions: Real user monitoring JavaScript tag management and ActiveGate certificate management. The name and validity of the token remain intact. The response code of 204 indicates that the update was successful.

The token, as displayed in the Dynatrace interface, has the following settings before the edit:

Dynatrace API authentication token

The API token is passed in the Authorization header.

You can download or copy the example request body to try it out on your own.

Curl

curl -X PUT \
  https://mySampleEnv.live.dynatrace.com/api/v1/tokens/d5836312-5790-4e80-afcf-09971954c3ea \
  -H 'Authorization: Api-Token abcdefjhij1234567890' \
  -H 'Content-Type: application/json' \
  -d '{
  "scopes": [
    "ExternalSyntheticIntegration",
    "DataPrivacy",
    "WriteConfig",
    "DssFileManagement",
    "LogExport",
    "DTAQLAccess",
    "ReadConfig",
    "CaptureRequestData",
    "ReadSyntheticData",
    "DataExport",
    "UserSessionAnonymization",
    "MaintenanceWindows",
    "LogImport",
    "TenantTokenManagement",
    "ActiveGateCertManagement",
    "RumJavaScriptTagManagement"
  ]
}
'

Request URL

https://mySampleEnv.live.dynatrace.com/api/v1/tokens/d5836312-5790-4e80-afcf-09971954c3ea

Request body


        api-examples/env/token/put-token.json

Download

{
  "scopes": [
    "ExternalSyntheticIntegration",
    "DataPrivacy",
    "WriteConfig",
    "DssFileManagement",
    "LogExport",
    "DTAQLAccess",
    "ReadConfig",
    "CaptureRequestData",
    "ReadSyntheticData",
    "DataExport",
    "UserSessionAnonymization",
    "MaintenanceWindows",
    "LogImport",
    "TenantTokenManagement",
    "ActiveGateCertManagement",
    "RumJavaScriptTagManagement"
  ]
}

Response code

204

Result

The updated token, as displayed in the Dynatrace interface, has the following parameters: Dynatrace API authentication token - updated