Create an access token for a service account

v2 (latest)

POST https://api.ap1.datadoghq.com/api/v2/service_accounts/{service_account_id}/access_tokenshttps://api.ap2.datadoghq.com/api/v2/service_accounts/{service_account_id}/access_tokenshttps://api.datadoghq.eu/api/v2/service_accounts/{service_account_id}/access_tokenshttps://api.ddog-gov.com/api/v2/service_accounts/{service_account_id}/access_tokenshttps://api.us2.ddog-gov.com/api/v2/service_accounts/{service_account_id}/access_tokenshttps://api.datadoghq.com/api/v2/service_accounts/{service_account_id}/access_tokenshttps://api.us3.datadoghq.com/api/v2/service_accounts/{service_account_id}/access_tokenshttps://api.us5.datadoghq.com/api/v2/service_accounts/{service_account_id}/access_tokens

Overview

Create an access token for a service account. This endpoint requires the service_account_write permission.

Arguments

Path Parameters

Name

Type

Description

service_account_id [required]

string

The ID of the service account.

Request

Body Data (required)

Expand All

Field

Type

Description

data [required]

object

Object used to create a service account access token.

{
  "data": {
    "type": "service_access_tokens",
    "attributes": {
      "name": "Example-Service-Account",
      "scopes": [
        "dashboards_read"
      ]
    }
  }
}

Response

Created

Response for creating an access token. Includes the token key.

Expand All

Field

Type

Description

data

object

Datadog access token, including the token key.

{
  "data": {
    "attributes": {
      "created_at": "2024-01-01T00:00:00+00:00",
      "expires_at": "2025-12-31T23:59:59+00:00",
      "key": "string",
      "name": "My Access Token",
      "public_portion": "ddsat_abc123",
      "scopes": [
        "dashboards_read",
        "dashboards_write"
      ]
    },
    "id": "string",
    "relationships": {
      "owned_by": {
        "data": {
          "id": "00000000-0000-0000-2345-000000000000",
          "type": "service_account"
        }
      }
    },
    "type": "service_access_tokens"
  }
}

Bad Request

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Forbidden

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Not Found

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Too many requests

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Code Example

                          ## default
# 

# Path parameters
export service_account_id="00000000-0000-1234-0000-000000000000"
# Curl command
curl -X POST "https://api.ap1.datadoghq.com"https://api.ap2.datadoghq.com"https://api.datadoghq.eu"https://api.ddog-gov.com"https://api.us2.ddog-gov.com"https://api.datadoghq.com"https://api.us3.datadoghq.com"https://api.us5.datadoghq.com/api/v2/service_accounts/${service_account_id}/access_tokens" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "DD-API-KEY: ${DD_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DD_APP_KEY}" \
-d @- << EOF
{
  "data": {
    "attributes": {
      "name": "Service Account Access Token",
      "scopes": [
        "dashboards_read",
        "dashboards_write"
      ]
    },
    "type": "service_access_tokens"
  }
}
EOF

                        

// Create an access token for a service account returns "Created" response

package main

import (
	"context"
	"encoding/json"
	"fmt"
	"os"

	"github.com/DataDog/datadog-api-client-go/v2/api/datadog"
	"github.com/DataDog/datadog-api-client-go/v2/api/datadogV2"
)

func main() {
	// there is a valid "service_account_user" in the system
	ServiceAccountUserDataID := os.Getenv("SERVICE_ACCOUNT_USER_DATA_ID")

	body := datadogV2.ServiceAccountAccessTokenCreateRequest{
		Data: datadogV2.ServiceAccountAccessTokenCreateData{
			Type: datadogV2.PERSONALACCESSTOKENSTYPE_PERSONAL_ACCESS_TOKENS,
			Attributes: datadogV2.ServiceAccountAccessTokenCreateAttributes{
				Name: "Example-Service-Account",
				Scopes: []string{
					"dashboards_read",
				},
			},
		},
	}
	ctx := datadog.NewDefaultContext(context.Background())
	configuration := datadog.NewConfiguration()
	apiClient := datadog.NewAPIClient(configuration)
	api := datadogV2.NewServiceAccountsApi(apiClient)
	resp, r, err := api.CreateServiceAccountAccessToken(ctx, ServiceAccountUserDataID, body)

	if err != nil {
		fmt.Fprintf(os.Stderr, "Error when calling `ServiceAccountsApi.CreateServiceAccountAccessToken`: %v\n", err)
		fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
	}

	responseContent, _ := json.MarshalIndent(resp, "", "  ")
	fmt.Fprintf(os.Stdout, "Response from `ServiceAccountsApi.CreateServiceAccountAccessToken`:\n%s\n", responseContent)
}

Instructions

First install the library and its dependencies and then save the example to main.go and run following commands:

    DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" go run "main.go"

// Create an access token for a service account returns "Created" response

import com.datadog.api.client.ApiClient;
import com.datadog.api.client.ApiException;
import com.datadog.api.client.v2.api.ServiceAccountsApi;
import com.datadog.api.client.v2.model.PersonalAccessTokenCreateResponse;
import com.datadog.api.client.v2.model.PersonalAccessTokensType;
import com.datadog.api.client.v2.model.ServiceAccountAccessTokenCreateAttributes;
import com.datadog.api.client.v2.model.ServiceAccountAccessTokenCreateData;
import com.datadog.api.client.v2.model.ServiceAccountAccessTokenCreateRequest;
import java.util.Collections;

public class Example {
  public static void main(String[] args) {
    ApiClient defaultClient = ApiClient.getDefaultApiClient();
    ServiceAccountsApi apiInstance = new ServiceAccountsApi(defaultClient);

    // there is a valid "service_account_user" in the system
    String SERVICE_ACCOUNT_USER_DATA_ID = System.getenv("SERVICE_ACCOUNT_USER_DATA_ID");

    ServiceAccountAccessTokenCreateRequest body =
        new ServiceAccountAccessTokenCreateRequest()
            .data(
                new ServiceAccountAccessTokenCreateData()
                    .type(PersonalAccessTokensType.PERSONAL_ACCESS_TOKENS)
                    .attributes(
                        new ServiceAccountAccessTokenCreateAttributes()
                            .name("Example-Service-Account")
                            .scopes(Collections.singletonList("dashboards_read"))));

    try {
      PersonalAccessTokenCreateResponse result =
          apiInstance.createServiceAccountAccessToken(SERVICE_ACCOUNT_USER_DATA_ID, body);
      System.out.println(result);
    } catch (ApiException e) {
      System.err.println(
          "Exception when calling ServiceAccountsApi#createServiceAccountAccessToken");
      System.err.println("Status code: " + e.getCode());
      System.err.println("Reason: " + e.getResponseBody());
      System.err.println("Response headers: " + e.getResponseHeaders());
      e.printStackTrace();
    }
  }
}

Instructions

First install the library and its dependencies and then save the example to Example.java and run following commands:

    DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" java "Example.java"

"""
Create an access token for a service account returns "Created" response
"""

from os import environ
from datadog_api_client import ApiClient, Configuration
from datadog_api_client.v2.api.service_accounts_api import ServiceAccountsApi
from datadog_api_client.v2.model.personal_access_tokens_type import PersonalAccessTokensType
from datadog_api_client.v2.model.service_account_access_token_create_attributes import (
    ServiceAccountAccessTokenCreateAttributes,
)
from datadog_api_client.v2.model.service_account_access_token_create_data import ServiceAccountAccessTokenCreateData
from datadog_api_client.v2.model.service_account_access_token_create_request import (
    ServiceAccountAccessTokenCreateRequest,
)

# there is a valid "service_account_user" in the system
SERVICE_ACCOUNT_USER_DATA_ID = environ["SERVICE_ACCOUNT_USER_DATA_ID"]

body = ServiceAccountAccessTokenCreateRequest(
    data=ServiceAccountAccessTokenCreateData(
        type=PersonalAccessTokensType.PERSONAL_ACCESS_TOKENS,
        attributes=ServiceAccountAccessTokenCreateAttributes(
            name="Example-Service-Account",
            scopes=[
                "dashboards_read",
            ],
        ),
    ),
)

configuration = Configuration()
with ApiClient(configuration) as api_client:
    api_instance = ServiceAccountsApi(api_client)
    response = api_instance.create_service_account_access_token(
        service_account_id=SERVICE_ACCOUNT_USER_DATA_ID, body=body
    )

    print(response)

Instructions

First install the library and its dependencies and then save the example to example.py and run following commands:

    DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" python3 "example.py"

# Create an access token for a service account returns "Created" response

require "datadog_api_client"
api_instance = DatadogAPIClient::V2::ServiceAccountsAPI.new

# there is a valid "service_account_user" in the system
SERVICE_ACCOUNT_USER_DATA_ID = ENV["SERVICE_ACCOUNT_USER_DATA_ID"]

body = DatadogAPIClient::V2::ServiceAccountAccessTokenCreateRequest.new({
  data: DatadogAPIClient::V2::ServiceAccountAccessTokenCreateData.new({
    type: DatadogAPIClient::V2::PersonalAccessTokensType::PERSONAL_ACCESS_TOKENS,
    attributes: DatadogAPIClient::V2::ServiceAccountAccessTokenCreateAttributes.new({
      name: "Example-Service-Account",
      scopes: [
        "dashboards_read",
      ],
    }),
  }),
})
p api_instance.create_service_account_access_token(SERVICE_ACCOUNT_USER_DATA_ID, body)

Instructions

First install the library and its dependencies and then save the example to example.rb and run following commands:

    DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" rb "example.rb"

// Create an access token for a service account returns "Created" response
use datadog_api_client::datadog;
use datadog_api_client::datadogV2::api_service_accounts::ServiceAccountsAPI;
use datadog_api_client::datadogV2::model::PersonalAccessTokensType;
use datadog_api_client::datadogV2::model::ServiceAccountAccessTokenCreateAttributes;
use datadog_api_client::datadogV2::model::ServiceAccountAccessTokenCreateData;
use datadog_api_client::datadogV2::model::ServiceAccountAccessTokenCreateRequest;

#[tokio::main]
async fn main() {
    // there is a valid "service_account_user" in the system
    let service_account_user_data_id = std::env::var("SERVICE_ACCOUNT_USER_DATA_ID").unwrap();
    let body =
        ServiceAccountAccessTokenCreateRequest::new(ServiceAccountAccessTokenCreateData::new(
            ServiceAccountAccessTokenCreateAttributes::new(
                "Example-Service-Account".to_string(),
                vec!["dashboards_read".to_string()],
            ),
            PersonalAccessTokensType::PERSONAL_ACCESS_TOKENS,
        ));
    let configuration = datadog::Configuration::new();
    let api = ServiceAccountsAPI::with_config(configuration);
    let resp = api
        .create_service_account_access_token(service_account_user_data_id.clone(), body)
        .await;
    if let Ok(value) = resp {
        println!("{:#?}", value);
    } else {
        println!("{:#?}", resp.unwrap_err());
    }
}

Instructions

First install the library and its dependencies and then save the example to src/main.rs and run following commands:

    DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" cargo run

/**
 * Create an access token for a service account returns "Created" response
 */

import { client, v2 } from "@datadog/datadog-api-client";

const configuration = client.createConfiguration();
const apiInstance = new v2.ServiceAccountsApi(configuration);

// there is a valid "service_account_user" in the system
const SERVICE_ACCOUNT_USER_DATA_ID = process.env
  .SERVICE_ACCOUNT_USER_DATA_ID as string;

const params: v2.ServiceAccountsApiCreateServiceAccountAccessTokenRequest = {
  body: {
    data: {
      type: "personal_access_tokens",
      attributes: {
        name: "Example-Service-Account",
        scopes: ["dashboards_read"],
      },
    },
  },
  serviceAccountId: SERVICE_ACCOUNT_USER_DATA_ID,
};

apiInstance
  .createServiceAccountAccessToken(params)
  .then((data: v2.PersonalAccessTokenCreateResponse) => {
    console.log(
      "API called successfully. Returned data: " + JSON.stringify(data)
    );
  })
  .catch((error: any) => console.error(error));

Instructions

First install the library and its dependencies and then save the example to example.ts and run following commands:

    DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" tsc "example.ts"

Create an access token for a service account

Overview

Arguments

Path Parameters

Request

Body Data (required)

Response

Code Example

Create an access token for a service account returns "Created" response

Create an access token for a service account returns "Created" response

Instructions

Create an access token for a service account returns "Created" response

Instructions

Create an access token for a service account returns "Created" response

Instructions

Create an access token for a service account returns "Created" response

Instructions

Create an access token for a service account returns "Created" response

Instructions

Create an access token for a service account returns "Created" response

Instructions

How can I help you today?