Showing results for 
Show  only  | Search instead for 
Did you mean: 

How to use the User management APIs - what is the bearer field value?


I am trying to use the user management APIs, as they are shown in this page:


when i click authorize at the top right it ask for a bearer, http, what is that?


should i enter a PAT, an API token or what exactly?


i also went to th eaccount management APIs section and generated client ID and secret, but as per your documentation, i am having issues to generate the Token from there, you have this snippet in there, is this snippet correct? does not look correct to me, why there is this strange string at the end on the parameters list: %3Adtaccount% ?


POST /sso/oauth2/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded

grant_type=client_credentials&client_id={your client id}&client_secret={your client secret}&scope=account-idm-read+account-idm-write&resource=urn%3Adtaccount%{your account UID}





Hi davide_piras,


The resource parameter is simply to let dynatrace SSO know that the token will be scoped to a particular account as users can be on multiple accounts.  What you see is URL encoded.  It will look something like this:  urn:dtaccount:00000000000-0000-0000-000000-0000000000000 where the "0"'s would be replaced with our account UUID.  Once you make the request you will get a JSON payload payload with a field called "access_token".  You can copy this and paste it into the the swagger and run the request.




Thanks Ryan, the documentation page doesn't only have that error, also the scope to be used is not:


but the correct value is:

scope=account-idm-read account-idm-write

without a plus,


I got help from the consultant in the in-product chat, i understand url is encoded but as it is not clickable anyway and values should be replaced, that page would be more helpful if explaining clearly in details which value in each parameter for instance with a screenshot from Postman, SoapUI or whatever other http client...


anyway all worked now for me and i could successfully retrieve that token.




Hi Davide,


I really appreciate the feedback.  I'll take this back to the team and see if we can come up with some simpler explanation.