Dynatrace · OAuth Scopes

Dynatrace OAuth Scopes

OAuth 2.0 derived

Dynatrace publishes 3 OAuth 2.0 scopes via the clientCredentials flow. Scopes are the fine-grained permissions an application requests at authorization time to act against the Dynatrace API on a user’s behalf.

Tokens are issued from https://sso.dynatrace.com/sso/oauth2/token.

This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.

AI OperationsAnalyticsAPMApplication Performance MonitoringApplication SecurityAutomationCloud MonitoringDigital Experience ManagementIntelligenceObservability
Scopes: 3 Flows: clientCredentials Method: derived

OAuth endpoints

Token URL
https://sso.dynatrace.com/sso/oauth2/token
Flows
clientCredentials

Scopes (3)

ScopeDescriptionFlows
account-env-read Read access to environment information clientCredentials
account-idm-read Read access to account identity and management data clientCredentials
account-idm-write Write access to manage users, groups, and permissions clientCredentials

Source

OAuth Scopes

dynatrace-scopes.yml Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/dynatrace-account-management-api-openapi.yml
schemes:
- name: oauth2
  source: openapi/dynatrace-account-management-api-openapi.yml
  flows:
  - flow: clientCredentials
    tokenUrl: https://sso.dynatrace.com/sso/oauth2/token
  description: 'OAuth 2.0 authentication for the Account Management API. Use the client credentials
    flow to obtain a bearer token. Required scopes vary by endpoint: account-idm-read for GET
    operations, account-idm-write for POST/PUT/DELETE operations.'
scopes:
- scope: account-env-read
  description: Read access to environment information
  flows:
  - clientCredentials
  sources:
  - openapi/dynatrace-account-management-api-openapi.yml
- scope: account-idm-read
  description: Read access to account identity and management data
  flows:
  - clientCredentials
  sources:
  - openapi/dynatrace-account-management-api-openapi.yml
- scope: account-idm-write
  description: Write access to manage users, groups, and permissions
  flows:
  - clientCredentials
  sources:
  - openapi/dynatrace-account-management-api-openapi.yml