Solved: Re: Dynatrace App Current user information

StephenLHChan · ‎18 Jul 2023

Hey,

We are trying to build an app. We need the current user information, like name, login id/email, user groups, for further processing. Is there any SDK available that can return me this kind of information?

Thanks.

Stephen

Iplinsky · ‎18 Jul 2023

I am not shure, but you can do it by APIs

Dynatrace Certified

sinisa_zubic · ‎19 Jul 2023

Hi @StephenLHChan

The team is currently working on an SDK which should give you such kind of information. Unfortunately I can't give you an ETA for it.

Best,
Sini

jellypuno · ‎19 Jul 2023

following this thread... 👀

s_wasserbauer · ‎01 Aug 2023

Hi @StephenLHChan, the SDK package is planned for 23CQ3.

In the meanwhile, you could use the service documented in the swagger spec:

https://{environmentid}.apps.dynatrace.com/platform/swagger-ui/index.html?urls.primaryName=Identity%20and%20Access%20Management

StephenLHChan · ‎01 Aug 2023

Hi @s_wasserbauer and @sinisa_zubic ,

Are you guys talking the same SDK?

Apologize if there is any misleading at my question.

@s_wasserbauer gave the url which is the endpoint get all users' information but what I am looking for is if there is a way to get the current user information who use the app.

For example, userA click on the app and the SDK will return userA's information to me. And, I will know userA had used the app. I may then ingest logs/ custom events to Dynatrace after userA triggered certain actions.

It is to fulfil some audit requirements at my company.

Thanks!

sinisa_zubic · ‎07 Aug 2023

Yes we are talking about the same SDK. @s_wasserbauer should know more details

s_wasserbauer · ‎07 Aug 2023

Hi @StephenLHChan

Sorry for the confusion.
Yes, the SDK package will provide information as:

currently logged in user
Environment ID and URL
App ID, name, version

May I ask for your use case, why do you need the user groups too?

StephenLHChan · ‎14 Aug 2023

hi @s_wasserbauer

it is for access right control. If I know the user group of the users, I can limited certain pages of the app only to some users.

s_wasserbauer · ‎21 Aug 2023

Thanks @StephenLHChan for the insights! This won't be part of this package for now, but I'll discuss this with the team.

muzztafa · ‎23 Jul 2024

Hi @s_wasserbauer ,

Has there been any update on the SDK yet?

DaveOps · ‎17 Sep 2024

There is a problem with the permission scope for this API that can't be assigned to an oauth client.

s_wasserbauer · ‎22 Aug 2024

The package providing this information (except user groups) is now available: https://developer.dynatrace.com/develop/sdks/app-environment/

DaveOps · ‎03 Sep 2024

I also have the same use case to shield of pages for default users; I would like to be able to access the user groups through the SDK.

educampver · ‎10 Sep 2024

Hi @DaveOps, a new SDK will soon be available to access the user groups. I'll let you know when it's out.

Best, Edu.

DaveOps · ‎16 Sep 2024

It seems this API is not available any more:

import { effectivePermissionsClient } from '@dynatrace-sdk/client-platform-management-service';

Outdated docs:
https://developer.dynatrace.com/develop/security/query-user-permissions/

Is there a workaround for this?

educampver · ‎16 Sep 2024

Hi @DaveOps, what do you mean it's not available? Here's the NPM package https://www.npmjs.com/package/@dynatrace-sdk/client-platform-management-service. Additionally I tried what's in our documentation and it works as expected. What issue are you having?

DaveOps · ‎17 Sep 2024

I am using and older version 1.0.1; that could be the issue.

DaveOps · ‎16 Sep 2024

Is there a way to get the user account_id ?

educampver · ‎16 Sep 2024

Hi @DaveOps, you can use this https://developer.dynatrace.com/develop/sdks/app-environment/#getcurrentuserdetails.

Zoltan · ‎04 Mar 2025

Hi,

I followed the description here:

https://developer.dynatrace.com/develop/sdks/app-environment/#getcurrentuserdetails

I'm getting this error in the console

Missing getCurrentUserDetails function from web runtime.

and this as the response obj

{id: 'dt.missing.user.id', name: 'dt.missing.user.name', email: 'dt.missing.user.email'}

Is there something I'm missing?

Thanks,

Zoltan

Thanks,

Zoltan

s_wasserbauer · ‎10 Mar 2025

Hi Zoltan, can you please share more details on this?

Are you running the app in detached mode? Can you share the basic structure (anonymized) of the browser URL please?
This happens when the context of the platform is missing. E.g. running scripts outside of the platform.

DaveOps · ‎17 Sep 2024

I created a solution to address the user permission problem and will share some of the important parts.
The approach involves checking if a user is part of an admin group returning a boolean. This is a simple way of differentiating between 2 types of users.

Created an appFunction that fetches user groups with the getUserGroupsV2 function. This function checks if a user belongs to an admin group.

export const getUserGroupsV2 = async (accountUuid: string, userEmail: string, bearerToken: string) => {
  const url = `https://api.dynatrace.com/iam/v1/accounts/${accountUuid}/users/${userEmail}`;

  try {
    const response = await fetch(`${url}`, {
      method: 'GET',
      headers: {
        'Content-Type': 'application/json',
        'Authorization': `Bearer ${bearerToken}`
      }
    });

    if (!response.ok) {
      const errorText = await response.text();
      console.error('Error response:', errorText);
      throw new Error(`HTTP error! status: ${response.status}`);
    }

    return await response.json(); 
  } catch (error) {
    console.error('Error fetching groups:', error);
    throw error;
  }
};

Make an oauth request to get the bearer token:

export const getOAuth2Token = async (client_id: string, client_secret: string, scope: string, resource: string) => {
  const url = 'https://sso.dynatrace.com/sso/oauth2/token';

  const params = new URLSearchParams({
    grant_type: 'client_credentials',
    scope: scope,
    client_id: client_id,
    client_secret: client_secret,
    resource: resource,
  });

  try {
    const response = await fetch(url, {
      method: 'POST',
      headers: {
        'Content-Type': 'application/x-www-form-urlencoded',
      },
      body: params.toString()
    });

    if (!response.ok) {
      const errorText = await response.text();
      console.error('Error response:', errorText);
      throw new Error(`HTTP error! status: ${response.status}`);
    }

    const data = await response.json(); 
    return data;
  } catch (error) {
    console.error('Error fetching OAuth2 token:', error);
    throw error;
  }
};

With a couple of helper functions:

const belongsToGroup = (user: User, groupName: string) => {
    if (user && user.groups && Array.isArray(user.groups)) {
        return user.groups.some(group => group.groupName.toLocaleLowerCase() === groupName.toLocaleLowerCase());
    }
    return false;
}

export const isSecurityAdmin = (user: User) => {
    return belongsToGroup(user, 'Security Admin');
}

You can store the oauth credentials in a .env for development purposes however I would recommend adding additional features to fetch and update the settings using the client-app-settings from the sdk.

// example

import { appSettingsObjectsClient, EffectiveAppSettingsValuesList, AppSettingsObjectResponse } from '@dynatrace-sdk/client-app-settings';

export const fetchConfig = async (schemaId: string): Promise<any[] | null> => {
    try {
        const response: EffectiveAppSettingsValuesList = await appSettingsObjectsClient.getEffectiveAppSettingsValues({
            schemaIds: schemaId,
        });

        if (response.items.length === 0) {
            console.warn(`No configuration found for ${schemaId}.`);
            return null;
        }

        console.log(`fetchConfig for schemaId: ${schemaId}`, response.items);

        return response.items;
    } catch (error) {
        console.error(`Error fetching configuration for schemaId: ${schemaId}`, error);
        return null;
    }
};

export const updateAppSettings = async (
    objectId: string,
    value: { [key: string]: any },
    optimisticLockingVersion: string
): Promise<boolean> => {
    let result = false;

    console.log('updateAppSettings', objectId, value);

    try {
        const putResponse: any = await appSettingsObjectsClient.putAppSettingsObjectByObjectId({
            objectId: objectId,
            optimisticLockingVersion: optimisticLockingVersion,
            body: {
                value: value
            }
        });

        if (putResponse) {
            console.log('Configuration updated:', putResponse);
            result = true;
        } else {
            console.warn('No response received from PUT request.');
        }
    } catch (putError) {
        console.error('Error during PUT:', putError);
    }

    return result;
};

The front-end parts:

// .... snippet

import React, { useEffect, useState } from 'react';
import { getCurrentUserDetails } from "@dynatrace-sdk/app-environment";
import { useAppFunction } from '@dynatrace-sdk/react-hooks';

// .... snippet
const [loading, setLoading] = useState(true);
const [userEmail, setUserEmail] = useState<string | null>(null);
const { setPermissions } = useAppState(); // custom hook to store state 

// .... snippet
// implement your own appFunction to fetch permissions that uses the getUserGroupsV2 function.
const fetchPermissions = useAppFunction({
    name: "backend",
    data: { query: "fetch-permissions", blob: userEmail },
  }, { autoFetch: false, autoFetchOnUpdate: true });

// .... snippet
useEffect(() => {
    const fetchUserData = async () => {
      try {
        const userDetails = await getCurrentUserDetails();
        console.log('User details:', userDetails);
        if (userDetails.email) {
          setUserEmail(userDetails.email);
          fetchPermissions.refetch();
        }
      } catch (error) {
        console.error('Failed to fetch data', error);
      } finally {
        setLoading(false);
      }
    }
    fetchUserData();
  }, []);

  useEffect(() => {
    if (fetchPermissions.data) {
      const { permissions } = fetchPermissions.data as PermissionsResponse;
      setPermissions(permissions);
    }
  }, [fetchPermissions]);

Based on the permissions you can toggle menu items:

{permissions?.admin && (
          <AppHeader.ActionItemGroup>
            <AppHeader.ActionButton
              prefixIcon={<SettingIcon />}
              showLabel={true}
              onClick={() => navigate('/settings')}
              aria-label="App Settings"
            >
              Settings
            </AppHeader.ActionButton>
          </AppHeader.ActionItemGroup>
)}