Header background

Monitor your OAuth 2.0 protected APIs with Dynatrace Synthetic

As microservices and automation continue to drive API usage, most organizations have either already introduced, or plan to introduce, an API testing process.

With Dynatrace Synthetic you can easily create API tests with synthetic monitors. Now we’re making it easier for you to test APIs that are secured by OAuth 2.0!

What is OAuth?

OAuth is an open standard for access delegation that is currently used by Amazon, Google, Microsoft, PayPal, FacebookTwitter, and other companies.

Note that the word “authentication” hasn’t yet been mentioned. And why are we referring to OAuth while discussing APIs?

By definition RESTful APIs should be stateless, meaning that each request should be individually validated for authentication/authorization by the receiving server.

This is the key. OAuth provides an authorization method (not authentication) for such requests.

This is where OAuth shines. Because API security is a primary concern these days, OAuth is listed as one of the recommended authorization methods for API requests.

How to monitor an OAuth protected API with Dynatrace Synthetic

To monitor an API that’s secured with OAuth 2.0, the monitor needs to execute a request that authorizes with an OAuth 2.0 instance. You can now do this by creating a pre-populated request directly in the Dynatrace web UI. Just fill in the necessary information in the OAuth 2.0 authorization request.

Once you’ve created an OAuth 2.0 authorization request, you can use the request in future requests by selecting OAuth from the list, which will add the required pre-execution script.

What you need to get started

  • A synthetic monitoring location that’s based on ActiveGate version 1.173+

What’s next

Stay tuned for more Synthetic news including:

  • Synthetic credentials vault
  • New synthetic public locations
  • Public locations provided by a new cloud vendor

…and much more!