Why do I need an access token and an environment ID?

Dynatrace relies on unique character strings to identify your monitoring environment. This is necessary to enable, for example, external integration of your Dynatrace monitoring environment with 3rd party messaging services, Dynatrace REST API, PaaS environments, VoiceOps/ChatOps, and other reporting tools.

All external access to your Dynatrace monitoring environment relies on two major pieces of information: the environment ID and an access token.

Environment ID

Each environment that you monitor with Dynatrace is identified with a unique character string (i.e., your environment ID). The Dynatrace API relies heavily on environment IDs to ensure that it pulls monitoring data from and pushes relevant external events to the correct Dynatrace environments.

Within Dynatrace SaaS, your Dynatrace environment ID (otherwise known as a tenant ID), is included at the beginning of your Dynatrace environment´s URL (see highlight in image below).

In case you are operating your own Dynatrace Managed installation, you can find your environment id within your custom domain path after the /e/ subpath (see highlight in image below).

You can also find your environment ID listed on your Dynatrace account page along with your licensing details. To find this page, click the User menu button in the upper-right corner of the menu bar and select Account settings.

Environment IDs for PaaS, Linux/AIX/Solaris, & containerized environments

If your environment is PaaS-based, built on Linux/AIX/Solaris, or is containerized, follow these steps to locate your environment ID.

Select Deploy Dynatrace from the navigation menu.

If you have a PaaS-based infrastructure: Click the Set up PaaS integration button. Your environment ID appears in the Environment ID text box.

If your infrastructure is based on Linux/AIX/Solaris: Click Start installation and select your operating system (Linux/AIX/Solaris). Your environment ID appears at the beginning of the URL included in the Use this command on the target host text box.

If you have a containerized infrastructure: Click Start installation and select Linux. Your environment ID appears at the beginning of the URL included in the Use this command on the target host text box.

Access token

Authentication required for Dynatrace OneAgent downloads or for accessing the Dynatrace API is achieved using access keys called tokens. Dynatrace defines the scope of tokens to limit access to specific product functionality for security reasons. A PaaS token, for example, allows the download of OneAgent for PaaS and installation of OneAgent on multiple hosts, but it doesn’t enable you to access the rest of the Dynatrace API.

There are some situations where required tokens are automatically created and other situations where they must be generated manually. For example, OneAgent for Windows ships with a token automatically. Conversely, OneAgent for PaaS requires that you manually generate an access token.

User-generated tokens

In the case of user-generated tokens, be sure to provide a meaningful name for each token you define. You’ll need to reference them later by name and this will help you to efficiently manage your tokens, search for tokens, and perhaps delete them in the future if they’re no longer needed.

To generate and manage access tokens

  1. Select Settings from the navigation menu.
  2. Click Integration. A list of integration options appears.
  3. Select Dynatrace API, Platform as a Service, or Dynatrace modules to generate a token for the Dynatrace API, a token for PaaS, or a token for DCRUM or Synthetic.
  4. Click the corresponding Generate token button.
  5. Type a meaningful name in the text field.
  6. Click the Generate button. The token appears in the list below.

At any time, you can copy an access token that you created by expanding Edit next to the token name and clicking the Copy button next to the token. Token management view also allows you to Disable/enable or delete tokens.

Locate existing access tokens

As is the case with environment IDs (see above), access tokens also appear in URLs, though at the end of URLs rather than at the beginning. For example, note the access token at the end of URL that appears in the Use this command on the target host text field in the image below.