Showing results for 
Show  only  | Search instead for 
Did you mean: 

The shell script in html format is returned after the oneagent download command is executed


wget -O "https://xxxxxx/e/1bde8062-2746-42a9-a9c6-xxxxx/api/v1/deployment/installer/agent/unix/default/latest..." --header="Authorization: Api-Token" script:




<script language="JavaScript" type="text/javascript">
    function redirectF()
        var target="HTTPS://xxx/e/xxx8/api/v1/deployment/installer/agent/unix/default/latest/metainfo?";
        document.cookie="RELAYSTATE=" + escape(target) + ";secure";


<body onload="redirectF()">




Dynatrace Helper
Dynatrace Helper

Hi @samandqq,

Sorry for the late response. Assuming your path is /e/1bde8062-2746-42a9-a9c6-xxxxx/api/v1/deployment/installer/agent/unix/default/latest?arch=x86&flavor=default, that should be the right one.

I presume you copied the wget call from the UI, but did you still verify the access token is correct? Usually there should be a clear error message if it is not, but it might be worth verifying that.

Other than that, that HTML document should actually not originate from Dynatrace, could it be that you have some else (proxy?) in place which enforces an SSO login?

You could also use curl instead of wget and pass the ".-ivk" parameters to get more insight on the connection and verify you are actually talking to the Dynatrace machine and not a proxy. Verify the certificates as well.

Dynatrace Champion
Dynatrace Champion

Hi @samandqq ,


To me this looks like there is some MitM device interfering.


I just tested against my own Managed Cluster, and was unable to reproduce this.

  • A valid token without the correct access gets the expected http/403 forbidden
  • A valid token with the correct access gets the install package
  • An invalid token gets the expected http/401 unauthorized.

As an API endpoint accepting tokens only, a redirect to SSO should not be returned.  However, an MitM device such as a proxy that requires authentication would redirect to authentication without any awareness that the requested URL is an API endpoint.


I second @alexander_dt recommendation to switch to using curl with the -ikvvv switches to see exactly what you are connecting to.


-- Erik

Dynatrace Helper
Dynatrace Helper

@samandqq, did you manage to fix it? Was it a proxy?

Yes, it's proxy, thanks a lot.

Featured Posts