Solved: Accessing the credential vault from a workflow

ScottD · ‎23 Mar 2023

When I pass an Authorization header in an "HTTP Request" workflow action using the credential vault format that can be used with HTTP monitors, I get HTTP 401 errors:

{
"Accept": "application/json; charset=utf-8",
"Content-Type": "application/json; charset=utf-8",
"Authorization": "Api-Token {CREDENTIALS_VAULT-54B131CE41C87603|token}"
}

If I hard-code the API token itself in the workflow's Authorization header instead, it works fine:

{
"Accept": "application/json; charset=utf-8",
"Content-Type": "application/json; charset=utf-8",
"Authorization": "Api-Token dt0c01.GNLBY51QNGTC9TVHRNUH3U2Y.3IYAIBF5L2QTRMVG3A4B2LHULQLUMK32A4EJ12567VIEHK4PNVWLNJQXUAPGUBGI"
}

The credential vault entity ID being used is valid, and the API token being referenced has the correct scope. I'm working with the /synthetic/executions/batch API in this case, but I expect the issue applies to other use cases as well.

Is there a way to use the credential vault in a workflow, the way you can with HTTP monitors? Or will this be possible in the future? I do not want to have to hard-code API tokens into workflows.

The credential vault and token values shown above are not real, BTW.

michal_zawislak · ‎24 Mar 2023

Hi ScottD,

Unfortunately, there's no way to access vault credentials (or any settings) in the `HTTP Request` action. However, there is a plan to add support for it soon.

Senior Software Engineer @ Dynatrace

ScottD · ‎12 May 2023

Is this possible yet? I have the same question as it pertains to Notebooks; I'm trying to set up a Dynatrace API call in a Notebook code section. It works, but only if I hard-code the token.