## Dynatrace integration Dynatrace is a software intelligence platform that provides application performance monitoring, infrastructure monitoring, and digital experience management. Integrating Dynatrace with Frontegg lets your application read metrics, monitored entities, detected problems, and settings objects from the Dynatrace Environment API. The integration uses the OAuth 2.0 **Client Credentials** flow — there is no user consent screen and no redirect URL. You provide the Client ID, Client Secret, and your Dynatrace environment ID directly in the Frontegg portal. Prerequisites - A Dynatrace account with access to the [Account Management](https://account.dynatrace.com) portal - An active user with the `account-user-management` permission to be set as the OAuth client subject ### Connect Dynatrace #### Step 1: Find your environment ID Sign in to the [Dynatrace Account Management](https://account.dynatrace.com) portal. Open **Settings → Environments** and copy the environment identifier from the **Environment** column — this is the subdomain of your Dynatrace tenant URL (for example, `abc12345` from `https://abc12345.live.dynatrace.com`). You will paste this value into the **Dynatrace environment ID** field in the Frontegg portal. ![Dynatrace environments list](/assets/dynatrace-1.a2b4aa6b4be77384c8912f25f274c11aff09c637a6f3a4c35543aafb31fd2332.1ce25488.png) #### Step 2: Open OAuth clients In the top navigation, click **Identity & access management** and select **OAuth clients** from the dropdown. ![Identity and access management menu](/assets/dynatrace-2.24dd35c7713b641ea4deee17a65f0de90fa289ef643078cedab95841f877f234.1ce25488.png) #### Step 3: Create a new OAuth client Click **Create client** in the top-right corner of the OAuth clients page. ![OAuth clients page](/assets/dynatrace-3.132f26f3be785f706518c569662af3c7b4ccae86ec69f5a938ff67ad3684c0c1.1ce25488.png) #### Step 4: Fill in client details Enter the following values: - **Subject user email** — Email of an active user (or service user) with the `account-user-management` permission. Tokens issued for this client will act on behalf of this user. - **Description** — A descriptive name, for example `Frontegg Integration`. ![Create OAuth client form](/assets/dynatrace-4.16b8fd88b0a2a0899a3f6700c6a60a1d34fdbe358d8ad06c7eed58b68f918f47.1ce25488.png) #### Step 5: Select required permissions Scroll down to the **Permissions** section and check the four scopes used by the integration. Under **Settings Service**, check: | Scope | Description | | --- | --- | | `settings:objects:read` | Read settings objects for a schema | ![Settings Service scope](/assets/dynatrace-5.ebf8455788bc1ce55c468018415e9528287fc97f156c79182f1bebd3dc2a0d95.1ce25488.png) Under **[DEPRECATED] Environment Api**, check: | Scope | Description | | --- | --- | | `environment-api:entities:read` | Read monitored entities and entity types | | `environment-api:metrics:read` | Read metrics and metric data points | | `environment-api:problems:read` | Read detected problems and anomalies | Despite the [DEPRECATED] label Dynatrace marks the **Environment Api** group as deprecated in the new platform UI, but these scopes are still required for the v2 Environment API endpoints used by this integration. ![Entities scope checked](/assets/dynatrace-6.36830d2991e89caf67cdd87dd6a50c3ab812ba274506091fc93747781a23579f.1ce25488.png) ![Metrics and problems scopes checked](/assets/dynatrace-7.45623c2d83e700c9b2a229fd03bf44133a96172d3af0ab3899338609e31fc970.1ce25488.png) #### Step 6: Copy credentials Click **Create client** at the bottom of the form. Dynatrace generates the OAuth client and displays the **Client ID** and **Client secret**. Save the Client secret immediately The Client secret is shown only once. Copy it before clicking **Finish** — Dynatrace cannot recover it later, and you would have to create a new client. ![OAuth client created with Client ID and Client secret](/assets/dynatrace-8.80238b8529f8528ddaa16671df914d1eb232878c54610e610080d106b59002ee.1ce25488.png) ### Configure the Frontegg portal Open the **Frontegg portal** and navigate to [ENVIRONMENT] → Integrations → Dynatrace, then enter: 1. **Client ID** — the `dt0s02.*` identifier from the previous step. 2. **Client Secret** — the value shown on the **OAuth client created** screen. 3. **Dynatrace environment ID** — the environment subdomain you copied in Step 1 (for example, `abc12345`). 4. Select the required **scopes**. 5. Click **Save**. Keep your credentials secure Never share or commit your Client Secret to version control. ### Additional resources - [Dynatrace OAuth clients documentation](https://docs.dynatrace.com/docs/manage/identity-access-management/access-tokens-and-oauth-clients/oauth-clients) - [Dynatrace Environment API v2](https://docs.dynatrace.com/docs/dynatrace-api/environment-api) - [Dynatrace Account Management](https://account.dynatrace.com)