Personal access token

Normally, access tokens require admin rights to generate. With personal access tokens, however, you can generate a token for API usage without admin rights. Available scopes are bound to your permissions, meaning that you can only use the API counterparts of features you're already authorized to use. You're also limited to the data from management zones you have access to.

A personal access token is bound to you. You can't generate a personal access token for another user.

Enable personal access tokens

Admin rights are required to enable this feature. After it's enabled, any user can generate a personal access token.

To enable personal access tokens

  1. In the Dynatrace menu, go to Settings and select Integration > Token settings.
  2. Turn on Enable personal access tokens.

Generate personal access tokens

To generate a personal access token

  1. Select the user menu in the upper-right corner of the page.

  2. Select Personal access tokens.

  3. Select Generate new token.

  4. Enter a name for your token.

  5. Select the required permissions for the token.

  6. Select Generate.

  7. Copy the generated token to the clipboard. Store the token in a password manager for future use.

    You can only access your token once upon creation. You can't reveal it afterwards.

You can assign multiple permissions to a single token, or you can generate several tokens, each with different permissions—check your organization's security policies for the best practice. You can generate up to five personal access tokens.

Alternatively, you can use the POST a token call of the API authentication tokens API to generate a personal access token.

Dynatrace doesn't enforce unique token names. You can create multiple tokens with the same name. Be sure to provide a meaningful name for each token you generate. Proper naming helps you to efficiently manage your tokens and perhaps delete them when they're no longer needed.

Available scopes

Dynatrace provides the following permissions for personal access tokens. You can set them in the UI as described above or via the API authentication tokens API.

Name API value Description
Read API tokens apiTokens.read Grants access to GET requests of the API authentication tokens API.
Write API tokens apiTokens.write Grants access to POST, PUT, and DELETE requests of the API authentication tokens API.
Read entities entities.read Grants access to GET requests of the Monitored entities and Custom tags APIs.
Write entities entities.write Grants access to POST, PUT, and DELETE requests of the Monitored entities and Custom tags APIs.
Read metrics metrics.read Grants access to GET requests of the Metrics API v2.
Write metrics metrics.write Grants access to the DELETE a custom metric request of the Metrics API v2.
Read network zones networkZones.read Grants access to GET requests of the Network zones API.
Write network zones networkZones.write Grants access to POST, PUT, and DELETE requests of the Network zones API.
Read problems problems.read Grants access to GET requests of the Problems API v2.
Write problems problems.write Grants access to POST, PUT, and DELETE requests of the Problems API v2.
Read releases releases.read Grants access to the Releases API.
Read security problems securityProblems.read Grants access to GET requests of the Security problems API.
Write security problems securityProblems.write Grants access to POST requests of the Security problems API.
Read settings settings.read Grants access to GET requests of the Settings API.
Write settings settings.write Grants access to POST and DELETE requests of the Settings API.
Read SLO slo.read Grants access to GET requests of the Service level objectives API.
Write SLO slo.write Grants access to POST, PUT, and DELETE requests of the Service level objectives API.