FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Accessing the credential vault from a workflow

Go to solution
ScottD
Participant

‎23 Mar 2023 07:32 PM - last edited on ‎30 May 2023 09:16 AM by Community Team

When I pass an Authorization header in an "HTTP Request" workflow action using the credential vault format that can be used with HTTP monitors, I get HTTP 401 errors:

{
"Accept": "application/json; charset=utf-8",
"Content-Type": "application/json; charset=utf-8",
"Authorization": "Api-Token {CREDENTIALS_VAULT-54B131CE41C87603|token}"
}

If I hard-code the API token itself in the workflow's Authorization header instead, it works fine:

{
"Accept": "application/json; charset=utf-8",
"Content-Type": "application/json; charset=utf-8",
"Authorization": "Api-Token dt0c01.GNLBY51QNGTC9TVHRNUH3U2Y.3IYAIBF5L2QTRMVG3A4B2LHULQLUMK32A4EJ12567VIEHK4PNVWLNJQXUAPGUBGI"
}

The credential vault entity ID being used is valid, and the API token being referenced has the correct scope. I'm working with the /synthetic/executions/batch API in this case, but I expect the issue applies to other use cases as well.

Is there a way to use the credential vault in a workflow, the way you can with HTTP monitors? Or will this be possible in the future? I do not want to have to hard-code API tokens into workflows.

The credential vault and token values shown above are not real, BTW.

Reply
6 REPLIES 6

Go to solution
michal_zawislak
Dynatrace Advisor
Dynatrace Advisor

‎24 Mar 2023 07:34 AM

Hi ScottD,

Unfortunately, there's no way to access vault credentials (or any settings) in the `HTTP Request` action. However, there is a plan to add support for it soon.

Your AutomationEngine ally!
Reply

Go to solution
ScottD
Participant
In response to michal_zawislak

‎12 May 2023 05:45 PM

Is this possible yet? I have the same question as it pertains to Notebooks; I'm trying to set up a Dynatrace API call in a Notebook code section. It works, but only if I hard-code the token.

Reply

Go to solution
duke
Observer
In response to michal_zawislak

‎11 Oct 2023 03:36 AM

Hi Michal_zawislak,
How's the current process working? We utilize API calls within our workflow scripts, and are interested in have a finer level access control and using Dynatrace credential vault for security concerns.

0 Kudos
Reply

Go to solution
michal_zawislak
Dynatrace Advisor
Dynatrace Advisor
In response to duke

‎11 Oct 2023 07:36 AM

 

Hi @duke,

We're working on the possibility of using the credential vault in the "HTTP Request" action as we speak.

I'm not sure, but if by "workflow scripts" you mean running "Run Javascript" actions, could you please try using the @dynatrace-sdk/client-classic-environment-v2 SDK?

Please let me know if that answers your question.

Your AutomationEngine ally!
Reply

Go to solution
duke
Observer
In response to michal_zawislak

‎11 Oct 2023 09:07 AM

Hi @michal_zawislak, thanks that works. Appreciate for the prompt response. However found it's working on Workflow but not the Notebooks, wondering what's the diff between those two apps? And is there a way to perform it in Notebooks.

0 Kudos
Reply

Go to solution
michal_zawislak
Dynatrace Advisor
Dynatrace Advisor
In response to duke

‎12 Oct 2023 07:33 AM

Hi @duke, I'm glad it works! 

There are a few differences between those two apps, but at this point, it's hard to tell which one plays a role here. Could you please share an error you're getting when running your script in Notebooks? It would help to narrow down the root cause. 

Your AutomationEngine ally!
0 Kudos
Reply
Ask a question

Featured Posts