cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Getting Access Token Usage Information

Raj
Contributor

This question is in reference to monitor the access token usage where we have the option for extracting the last used time for a token however, there is no option to check how many times a token was used within a month and using which scope in case a token has multiple scopes associated with it. The only option which seems is to monitor the access token or PAT (Personal Access Token) is by checking its last used time and scope (all scopes are given and not the one which was used) either from Web UI option of Access tokens or from Access Tokens - API tokens option under Environment API V2.

To test this, we did some hits using API and pulled audit logs but no activity was captured in audit logs related to use of access token but nothing found.

So is there a way we can get this information? If not, then it seems to be security breach as usage of tokens are not being captured which any customer would like to review monthly/quarterly.

4 REPLIES 4

DanielS
DynaMight Champion
DynaMight Champion

Hi Raj,

This is a good observation , the information we can get from the token via API is the following:

{
  "lastUsedIpAddress": "34.197.2.44",
  "modifiedDate": "2020-11-12T08:15:30.144Z",
  "additionalMetadata": {
    "dashboardId": "82402bab-7370-4359-924d-88ed13c8919a"
  },
  "expirationDate": "2020-11-12T08:15:30.144Z",
  "personalAccessToken": true,
  "lastUsedDate": "2020-11-12T08:15:30.144Z",
  "creationDate": "2020-11-05T08:15:30.144Z",
  "name": "myToken",
  "id": "dt0c01.ST2EY72KQINMH574WMNVI7YN",
  "owner": "john.smith",
  "scopes": [
    "metrics.read"
  ],
  "enabled": true
}

I suggest you to create a new idea and it could be voted.

I leave the link to that forum.

The true delight is in the finding out rather than in the knowing.

Sure Daniel, I will post an idea for this. 😊

DanielS
DynaMight Champion
DynaMight Champion

I will vote for it. I have several clients with security as a top priority. And this info is very valuable as well for Personal Access Tokens.

The true delight is in the finding out rather than in the knowing.

Raj
Contributor

Requesting @DanielS and everyone who has faced this or wants this to be implemented in future release, please KUDO this product idea: https://community.dynatrace.com/t5/Dynatrace-product-ideas/Getting-Access-Token-Usage-Information-fo...