HTTP synthetic monitoring failure

ubaidmundewadi · ‎07 Oct 2025

Hello Dynatrace Team,

I'm setting up a HTTP synthetic monitoring for my application that requires credentials to login.

I have provided the username and password under authentication and authorization section

But still, it is failing with 401 error

It's an internal enterprise application and I'm testing it from private location

Your guidance on this topic will be really helpful

Regards,

Ubaid Mundewadi

JulioEVA · ‎07 Oct 2025

Hello Ubaid,

From what you said since you're getting a 401 error that should mean that the private location has access to the endpoint that you're trying to reach, but it does indicate that there's some problem with the credentials.

I would start simple and double check the credentials that you're using to try and authenticate, make sure they are enabled to be used from the private location and there are no typos.

You can find more detailed info on authentication and authorization for synthetic monitors in our documentation: https://docs.dynatrace.com/docs/observe/digital-experience/synthetic-monitoring/general-information/...

Let me know how it goes!
- Julio

ubaidmundewadi · ‎07 Oct 2025

Hello Julio,

Thanks for your response

The credentials I'm entering is 100% correct.

Basically, we have created an automation user having a login id and password

We are also providing a client certificate

Your guidance on this topic will be really helpful

Regards,

Ubaid Mundewadi

JulioEVA · ‎07 Oct 2025

I see, in this case it may have to do with the certificate, have you tried turning on the "Accept any SSL certificate" option? extracted from our documentation here's some info regarding SSL certificates:

Accept any SSL certificate

By default, HTTP monitors fail when SSL certificates are invalid. Turn on the Accept any SSL certificate option to make the monitor accept any SSL certificates, regardless of whether they're valid.

Reasons for SSL certificate invalidity

Depending on your setting, your HTTP monitor can fail or succeed when an SSL certificate is invalid for any of these reasons, among others:

Certificate is self signed
Certificate has expired
Certificate is inactive
Certificate lifetime is greater than 398 days
Missing hostname
Invalid/incomplete certificate chain
Untrusted certificate authority
Insecure signature algorithm

Documentation: https://docs.dynatrace.com/docs/observe/digital-experience/synthetic-monitoring/http-monitors-classi...

ubaidmundewadi · ‎07 Oct 2025

Yes, it's turned on

A solution to this problem will be really appreciated 😊

Thanks

HannahM · ‎08 Oct 2025

Please open a chat or support ticket so we can check this scenario. Thanks

Synthetic SME and community advocate.

HannahM · ‎13 Oct 2025

You can open a support ticket by selecting Support > Create a ticket from the menu bar.

Synthetic SME and community advocate.

t_pawlak · ‎08 Oct 2025

Hi,

Here are some things you should check before opening a support ticket:

1. Certificate + Basic Auth combination

Some applications require either client certificate or Basic Auth — not both at the same time.
Try first with only the certificate (no Basic Auth) and see if it works.
Then try only Basic Auth (without certificate).

2. Username format

In enterprise setups, sometimes the full login format is required, such as

DOMAIN\user

or

user@domain.com

Make sure the credentials in the vault match the expected format exactly.

3. Additional headers

Check if the application expects a different type of authentication, for example Authorization: Bearer ... instead of Basic.
Many web apps don’t actually use standard Basic Auth but rely on NTLM, Kerberos, or SAML.

4. Client certificate mapping

Some applications validate that the client certificate matches the user (CN, SAN, Issuer).
In that case, just providing a username and password won’t be enough — the certificate also needs to be correctly mapped on the server side.

5. Test from the Private Location host

Log in to the host where your Synthetic Private Location is running and try with curl:

curl -vk --cert client.crt --key client.key -u "user:password" https://your-app.local

If curl also returns 401, the issue is with the application/certificate configuration rather than Dynatrace.

ubaidmundewadi · ‎12 Oct 2025

Hello @t_pawlak ,

Thanks for your message

1) I tried the combination of Certificate and Basic Auth - It didn't work still 401 error

2) I have entered the username and password with correct formatting - Didn't work

3) We are leveraging Microsoft Entra id to login to the application, how can I if the application expects a different type of authentication

4) The certificates are correctly mapped on the server side

5) I don't have access to the Private host, so can't try with curl

@HannahM where can i create a support ticket to dynatrace?

Is the issue caused because of MFA

I'm using a technical user (which we generally use for automation). And we can't disable MFA as recently from 1st October Azure has made MFA mandatory

Please help us troubleshoot this issue as we need the synthetic monitoring enabled for our application

Regards,

Ubaid Mundewadi