Tokens API - POST token lookup

Lists metadata of a Dynatrace API authentication token by the token itself.

Alternatively, you can retrieve metadata by submitting the ID of the token with the GET token metadata call.

The request consumes and produces an application/json payload.

  • Managed https://{your-domain}/e/{your-environment-id}/api/v1/tokens/lookup
  • SaaS https://{your-environment-id}


To execute this request, you need any permission assigned to your API token. To learn how to obtain and use it, see Tokens and authentication.


Parameter Type Description In Required
body Token

The JSON body of the request. Contains the required token.

body optional

The Token object

Element Type Description Required
token string

Dynatrace API authentication token.


Response format

The TokenMetadata object

Metadata of a token.

Element Type Description
id string

The ID of the token.

name string

The name of the token.

userId string

The owner of the token.

revoked boolean

Revocation status of the token. Revoked tokens are disabled.

created integer

The creation time as a unix timestamp in milliseconds.

expires integer

The expiration time as a unix timestamp in milliseconds.

lastUse integer

The unix timestamp in milliseconds when the token was last used.

scopes string[]

The list of permissions, assigned to the token.

Possible values

Possible values for the scopes element in the TokenMetadata object:

  • ActiveGateCertManagement
  • AdvancedSyntheticIntegration
  • AppMonIntegration
  • CaptureRequestData
  • DTAQLAccess
  • DataExport
  • DataImport
  • DataPrivacy
  • Davis
  • DcrumIntegration
  • DiagnosticExport
  • DssFileManagement
  • ExternalSyntheticIntegration
  • InstallerDownload
  • LogExport
  • LogImport
  • MemoryDump
  • Mobile
  • PluginUpload
  • ReadConfig
  • ReadSyntheticData
  • RestRequestForwarding
  • RumBrowserExtension
  • RumJavaScriptTagManagement
  • SupportAlert
  • TenantTokenManagement
  • UserSessionAnonymization
  • ViewDashboard
  • ViewReport
  • WriteConfig
  • WriteSyntheticData
  • activeGates.write
  • credentialVault.write
  • entities.write
  • networkZones.write
  • syntheticLocations.write


In this example, the request queries the metadata of the abcdefjhij1234567890 token.

The API token is passed in the Authorization header.

The token, as displayed in the Dynatrace interface, has the following settings:

Dynatrace API authentication token


curl -X POST \ \
  -H 'Authorization: Api-Token abcdefjhij1234567890' \
  -H 'Content-Type: application/json' \  
  -d '{
  "token": "abcdefjhij1234567890"

Request URL

Response body

  "id": "d5836312-5790-4e80-afcf-09971954c3ea",
  "name": "admin",
  "userId": "",
  "created": "2019-03-13T09:45:40Z",
  "lastUse": "2019-04-04T09:13:23Z",
  "scopes": [

Response code