HTT 401 Error: Unauthorized Dynatrace Account Management API

erh_inetum · ‎19 Feb 2024

Hi,

I'm trying to get information from users using Dynatrace Account Management API without success.

Following this link https://docs.dynatrace.com/docs/dynatrace-api/basics/dynatrace-api-authentication/account-api-authen... I've created this request in Postman that generates a bearer successfully:

But when I try to get information about the users I get HTTP 401 Unauthorized error:

I get the same error if I lauch this request using swagger:

Does anyone know what is missing?

Thanks in advance.

Regards,

Elena.

dannemca · ‎19 Feb 2024

When creating the OAuth client, you set all the required scope in UI. Then you will get the client_id, client_secret and resource.

You then use these values in your POST request to get the access_token, which is a really long string. No need to set the scopes again there.

Make sure to copy the entire string from "access_token" value in result json.

From your screenshot, seems you are copying just part of it.

Can you confirm and let us know?

Site Reliability Engineer @ Kyndryl

erh_inetum · ‎19 Feb 2024

Hi @dannemca ,

Thanks for your answer.

I confirm you I'm copying the entire string (1094 characters length).

Thanks,

Elena.

erh_inetum · ‎20 Feb 2024

Hi,

More information about this.

It's very strange. Using the same bearer, if I launch this request

curl -X 'GET' \  'https://api.dynatrace.com/sub/v2/accounts/xxxxxxxxxxxxxxxxxxx/subscriptions' \  -H 'accept: application/json' \  -H 'Authorization: Bearer MY_BEARER

to view my suscriptions, I get HTTP 200 OK but no data is returned:

This is the scope defined:

account-idm-read account-idm-write account-env-read account-env-write account-uac-read account-uac-write iam-policies-management iam:policies:write iam:policies:read iam:bindings:write iam:bindings:read iam:effective-permissions:read app-engine:apps:run settings:objects:read settings:objects:write settings:schemas:read oauth2:clients:manage

Thanks.