To get authenticated to use the Cluster API, you need a valid API token. Access to the API is controlled by scope, meaning that you also need the proper permissions assigned to the token. See the description of each request to find out which permissions are required to use it.
Generate a token
To generate an API token
Dynatrace provides the following permissions for API tokens. You can set them in the UI, as described above, or via Tokens API. You can assign multiple permissions to a single token, or you can generate several tokens, each with different access levels and use them accordingly—check with your organization's security policies for the best practice. We recommend to keep tokens with a dedicated single scope to limit potential damage in case of leakage.
|Cluster token management||
||Allows to access Tokens API and manage tokens.|
|Service Provider API||
||Allows access to Cluster Management API operations.|
Your API call can get authenticated in two ways: per call via an HTTP header or query parameter, or per login via cluster API screen.
You can authenticate by attaching the token to the Authorization HTTP header preceding the Api-Token realm.
--header 'Authorization: Api-Token abcdefjhij1234567890'
The following example shows authentication via HTTP header.
curl --request GET \ --url https://myManaged.cluster.com/api/cluster/v1/tokens \ --header 'Authorization: Api-Token abcdefjhij1234567890' \
You can authenticate by adding the token as the value of the api-token query parameter.
curl --request GET \ --url 'https://myManaged.cluster.com/api/cluster/v1/tokens?limit=1000&user=Pete&permissions=ClusterTokenManagement&api-token=abcdefjhij1234567890' \
Cluster API screen
- In the upper-right corner, open the User menu and select Cluster Management API.
- From the dropdown menu box in the top bar, select API definition: Cluster Management API or Cluster API.
- In the API explorer, click Authorize.
The Available authorizations dialog appears.
- Paste your token into the appropriate field and click Authorize.
Once completed, from the same dialog box you can click Logout to discontinue the authentication.