Tokens API - PUT an existing token

Updates the specified Dynatrace API authentication token. You can:

  • Change the token name.
  • Add or remove token permissions.
  • Revoke the token. A revoked token still exists in the environment, but it can't be used.

The request consumes an application/json payload.

PUT
  • Managed https://{your-domain}/e/{your-environment-id}/api/v1/tokens/{id}
  • SaaS https://{your-environment-id}.live.dynatrace.com/api/v1/tokens/{id}

Authentication

To execute this request, you need the Tenant Token Management permission assigned to your API token. See the Authentication page to learn how to obtain and use it.

Parameters

Parameter Type Description In Required
id string

The ID of the token to be updated.

You can't update the token you're using for authentication of the request.

path required
body UpdateTenantToken

The JSON body of the request. Contains updated parameters of the token.

body required

The UpdateTenantToken object

Update of an existing token.

Element Type Description Required
revoked boolean

The token is revoked (true) or active (false).

optional
name string

The name of the token.

optional
scopes string[]

The list of permissions assigned to the token.

Apart from the new permissions, you need to submit the existing permissions you want to keep, too. Any existing permission, missing in the payload, is revoked.

  • ActiveGateCertManagement: ActiveGate certificate management.
  • CaptureRequestData: Capture request data.
  • DTAQLAccess: User sessions.
  • DataExport: Access problem and event feed, metrics, and topology.
  • DataPrivacy: Change data privacy settings.
  • DssFileManagement: Mobile symbolication file management.
  • ExternalSyntheticIntegration: Create and configure Synthetic monitors.
  • LogExport: Access logs.
  • LogImport: Log import.
  • MaintenanceWindows: Configure maintenance windows.
  • ReadConfig: Read configuration.
  • ReadSyntheticData: Read synthetic monitors, locations, and nodes.
  • RumJavaScriptTagManagement: Real user monitoring JavaScript tag management.
  • TenantTokenManagement: Token management.
  • UserSessionAnonymization: Anonymize user session data for data privacy reasons.
  • WriteConfig: Write configuration.
optional

Possible values

Possible values for the items element in the UpdateTenantToken object:

  • ActiveGateCertManagement
  • CaptureRequestData
  • DTAQLAccess
  • DataExport
  • DataImport
  • DataPrivacy
  • DssFileManagement
  • ExternalSyntheticIntegration
  • LogExport
  • LogImport
  • MaintenanceWindows
  • ReadConfig
  • ReadSyntheticData
  • RumJavaScriptTagManagement
  • TenantTokenManagement
  • UserSessionAnonymization
  • WriteConfig

Response format

A successful request doesn't return any content.

Example

In this example, the request queries the metadata of the admin token, which has the ID of d5836312-5790-4e80-afcf-09971954c3ea. It assigns two new permissions: Real user monitoring JavaScript tag management and ActiveGate certificate management. The name and validity of the token remain intact. The response code of 204 indicates that the update was successful.

The token, as displayed in the Dynatrace interface, has the following settings before the edit

Dynatrace API authentication token

The API token is passed in the Authorization header.

You can download or copy the example request body to try it out on your own.

Curl

curl -X PUT \
  https://mySampleEnv.live.dynatrace.com/api/v1/tokens/d5836312-5790-4e80-afcf-09971954c3ea \
  -H 'Authorization: Api-Token abcdefjhij1234567890' \
  -H 'Content-Type: application/json' \
  -d '{
  "scopes": [
    "ExternalSyntheticIntegration",
    "DataPrivacy",
    "WriteConfig",
    "DssFileManagement",
    "LogExport",
    "DTAQLAccess",
    "ReadConfig",
    "CaptureRequestData",
    "ReadSyntheticData",
    "DataExport",
    "UserSessionAnonymization",
    "MaintenanceWindows",
    "LogImport",
    "TenantTokenManagement",
    "ActiveGateCertManagement",
    "RumJavaScriptTagManagement"
  ]
}
'

Request URL

PUT https://mySampleEnv.live.dynatrace.com/api/v1/tokens/d5836312-5790-4e80-afcf-09971954c3ea

Request body

api-examples/env/token/put-token.json
Download
{
  "scopes": [
    "ExternalSyntheticIntegration",
    "DataPrivacy",
    "WriteConfig",
    "DssFileManagement",
    "LogExport",
    "DTAQLAccess",
    "ReadConfig",
    "CaptureRequestData",
    "ReadSyntheticData",
    "DataExport",
    "UserSessionAnonymization",
    "MaintenanceWindows",
    "LogImport",
    "TenantTokenManagement",
    "ActiveGateCertManagement",
    "RumJavaScriptTagManagement"
  ]
}

Response code

204

Result

The updated token, as displayed in the Dynatrace interface, has the following parameters: Dynatrace API authentication token - updated