Solved: Which permissions should I assign for api-tokens?

kohei-saito · ‎08 May 2019

Hi,

there are various permissions for api-token to use safely Dynatrace API, and I can assign multiple permissions to a single token.

However, I don't know which permission allows which access well.

Here is the list of permissions(as of May 08 2019).

For example, I know empirically that "Access problem and event feed, metrics and topology" should be enabled when I need to read the data points of a certain metric via TimeseriesAPI, and "User sessions" is needed to fetch UserSessions API.

I'd like to know which permission is needed for each of Dynatrace API endpoints.

Where can I know that?

Thanks,

Kohei Saito

suresh230591 · ‎08 May 2019

Hi,

I think these switches/permission are self explanatory. If you want to use all the API exposed by dynatrace then you have to enable all the switches. You can go to API Explorer and see what APIs are available for your environment and which you want to use then assign the permission accordingly.

Here is the link for API explorer blog https://www.dynatrace.com/news/blog/announcing-the-dynatrace-api-explorer-and-openapi-specification/

Thanks

Suresh

kohei-saito · ‎08 May 2019

Hi @Suresh K.,

thanks for your prompt response!

Well it is better to click on lock icons in API Explorer and check what permission should be needed, if I want to restrict permissions for each token.

Thanks,

Kohei

wolfgang_beer · ‎08 May 2019

I will take care that we get an improved description for each API access scope. I agree that the description is not sufficient today.