Tokens API - GET token metadata

Lists metadata of a Dynatrace API authentication token by the ID of the token. The token itself is not exposed.

Alternatively, you can retrieve metadata by submitting the token itself with the POST token metadata call.

The request produces an application/json payload.

  • Managed https://{your-domain}/e/{your-environment-id}/api/v1/tokens/{id}
  • SaaS https://{your-environment-id}{id}


To execute this request, you need the Token management (TenantTokenManagement) permission assigned to your API token. To learn how to obtain and use it, see Tokens and authentication.


Parameter Type Description In Required
id string

The ID of the required token.

path required

Response format

The TokenMetadata object

Metadata of a token.

Element Type Description
id string

The ID of the token.

name string

The name of the token.

userId string

The owner of the token.

revoked boolean

Revocation status of the token. Revoked tokens are disabled.

created integer

The creation time as a unix timestamp in milliseconds.

expires integer

The expiration time as a unix timestamp in milliseconds.

lastUse integer

The unix timestamp in milliseconds when the token was last used.

scopes string[]

The list of permissions, assigned to the token.

Possible values

Possible values for the scopes element in the TokenMetadata object:

  • ActiveGateCertManagement
  • AdvancedSyntheticIntegration
  • AppMonIntegration
  • CaptureRequestData
  • DTAQLAccess
  • DataExport
  • DataImport
  • DataPrivacy
  • Davis
  • DcrumIntegration
  • DiagnosticExport
  • DssFileManagement
  • ExternalSyntheticIntegration
  • InstallerDownload
  • LogExport
  • LogImport
  • MemoryDump
  • Mobile
  • PluginUpload
  • ReadConfig
  • ReadSyntheticData
  • RestRequestForwarding
  • RumBrowserExtension
  • RumJavaScriptTagManagement
  • SupportAlert
  • TenantTokenManagement
  • UserSessionAnonymization
  • ViewDashboard
  • ViewReport
  • WriteConfig
  • WriteSyntheticData
  • activeGates.write
  • credentialVault.write
  • entities.write
  • networkZones.write
  • syntheticLocations.write


In this example, the request queries the metadata of the admin token, which has the ID of d5836312-5790-4e80-afcf-09971954c3ea.

The API token is passed in the Authorization header.

The token, as displayed in the Dynatrace interface, has the following settings:

Dynatrace API authentication token


curl -X GET \ \
  -H 'Authorization: Api-Token abcdefjhij1234567890'

Request URL

Response body

  "id": "d5836312-5790-4e80-afcf-09971954c3ea",
  "name": "admin",
  "userId": "",
  "created": "2019-03-13T09:45:40Z",
  "lastUse": "2019-04-04T09:13:23Z",
  "scopes": [

Response code