DataDog · api-clients-generation-pipeline · May 5, 2026
@@ -791,11 +791,6 @@ components:
           items:
             $ref: "#/components/schemas/ResourceProviderConfig"
           type: array
-        secretless_auth_enabled:
-          description: |-
-            (Preview) When enabled, Datadog authenticates with this app registration using federated workload identity credentials instead of a client secret.
-          example: true
-          type: boolean
         tenant_name:
           description: Your Azure Active Directory ID.
           example: "testc44-1234-5678-9101-cc00736ftest"

@@ -81822,6 +81822,61 @@ components:
       description: The title of the event.
       example: "The event title"
       type: string
+    ValidateV2Attributes:
+      description: Attributes of the API key validation response.
+      properties:
+        api_key_id:
+          description: The UUID of the API key.
+          example: "a1b2c3d4-e5f6-47a8-b9c0-d1e2f3a4b5c6"
+          type: string
+        api_key_scopes:
+          description: List of scope names associated with the API key.
+          example:
+            - "remote_config_read"
+          items:
+            type: string
+          type: array
+        valid:
+          description: Whether the API key is valid.
+          example: true
+          type: boolean
+      required:
+        - valid
+        - api_key_scopes
+        - api_key_id
+      type: object
+    ValidateV2Data:
+      description: Data object containing the API key validation result.
+      properties:
+        attributes:
+          $ref: "#/components/schemas/ValidateV2Attributes"
+        id:
+          description: The UUID of the organization associated with the API key.
+          example: "550e8400-e29b-41d4-a716-446655440000"
+          type: string
+        type:
+          $ref: "#/components/schemas/ValidateV2Type"
+      required:
+        - id
+        - type
+        - attributes
+      type: object
+    ValidateV2Response:
+      description: Response for the API key validation endpoint.
+      properties:
+        data:
+          $ref: "#/components/schemas/ValidateV2Data"
+      required:
+        - data
+      type: object
+    ValidateV2Type:
+      description: Resource type for the API key validation response.
+      enum:
+        - validate_v2
+      example: validate_v2
+      type: string
+      x-enum-varnames:
+        - ValidateV2
     ValidationError:
       description: Represents a single validation error, including a human-readable title and metadata.
       properties:
@@ -134478,6 +134533,47 @@ paths:
         operator: OR
         permissions:
           - teams_read
+  /api/v2/validate:
+    get:
+      description: Check if the API key is valid. Returns the organization UUID, API key ID, and associated scopes.
+      operationId: ValidateV2
+      responses:
+        "200":
+          content:
+            application/json:
+              examples:
+                default:
+                  value:
+                    data:
+                      attributes:
+                        api_key_id: "a1b2c3d4-e5f6-47a8-b9c0-d1e2f3a4b5c6"
+                        api_key_scopes:
+                          - "remote_config_read"
+                        valid: true
+                      id: "550e8400-e29b-41d4-a716-446655440000"
+                      type: "validate_v2"
+              schema:
+                $ref: "#/components/schemas/ValidateV2Response"
+          description: OK
+        "403":
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/JSONAPIErrorResponse"
+          description: Forbidden
+        "429":
+          $ref: "#/components/responses/TooManyRequestsResponse"
+      security:
+        - apiKeyAuth: []
+      summary: Validate API key
+      tags:
+        - Key Management
+      "x-permission":
+        operator: OPEN
+        permissions: []
+      x-unstable: |-
+        **Note**: This endpoint is in preview and is subject to change.
+        If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).
   /api/v2/widgets/{experience_type}:
     get:
       description: Search and list widgets for a given experience type. Supports filtering by widget type, creator, title, and tags, as well as sorting and pagination.

@@ -33,7 +33,6 @@ public static void main(String[] args) {
                     new ResourceProviderConfig()
                         .metricsEnabled(true)
                         .namespace("Microsoft.Compute")))
-            .secretlessAuthEnabled(true)
             .tenantName("testc44-1234-5678-9101-cc00736ftest")
             .usageMetricsEnabled(true);
 

@@ -25,7 +25,6 @@ public static void main(String[] args) {
             .newClientId("9b1deb4d-3b7d-4bad-9bdd-2b0d7b3dcb6d")
             .newTenantName("9b1deb4d-3b7d-4bad-9bdd-2b0d7b3dcb6d")
             .resourceCollectionEnabled(true)
-            .secretlessAuthEnabled(true)
             .tenantName("9b1deb4d-3b7d-4bad-9bdd-2b0d7b3dcb6d");
 
     try {

@@ -0,0 +1,25 @@
+// Validate API key returns "OK" response
+
+import com.datadog.api.client.ApiClient;
+import com.datadog.api.client.ApiException;
+import com.datadog.api.client.v2.api.KeyManagementApi;
+import com.datadog.api.client.v2.model.ValidateV2Response;
+
+public class Example {
+  public static void main(String[] args) {
+    ApiClient defaultClient = ApiClient.getDefaultApiClient();
+    defaultClient.setUnstableOperationEnabled("v2.validateV2", true);
+    KeyManagementApi apiInstance = new KeyManagementApi(defaultClient);
+
+    try {
+      ValidateV2Response result = apiInstance.validateV2();
+      System.out.println(result);
+    } catch (ApiException e) {
+      System.err.println("Exception when calling KeyManagementApi#validateV2");
+      System.err.println("Status code: " + e.getCode());
+      System.err.println("Reason: " + e.getResponseBody());
+      System.err.println("Response headers: " + e.getResponseHeaders());
+      e.printStackTrace();
+    }
+  }
+}
@@ -803,6 +803,7 @@ public class ApiClient {
           put("v2.updateLLMObsExperiment", false);
           put("v2.updateLLMObsProject", false);
           put("v2.anonymizeUsers", false);
+          put("v2.validateV2", false);
           put("v2.createOpenAPI", false);
           put("v2.deleteOpenAPI", false);
           put("v2.getOpenAPI", false);

@@ -35,7 +35,6 @@
   AzureAccount.JSON_PROPERTY_NEW_TENANT_NAME,
   AzureAccount.JSON_PROPERTY_RESOURCE_COLLECTION_ENABLED,
   AzureAccount.JSON_PROPERTY_RESOURCE_PROVIDER_CONFIGS,
-  AzureAccount.JSON_PROPERTY_SECRETLESS_AUTH_ENABLED,
   AzureAccount.JSON_PROPERTY_TENANT_NAME,
   AzureAccount.JSON_PROPERTY_USAGE_METRICS_ENABLED
 })
@@ -89,9 +88,6 @@ public class AzureAccount {
   public static final String JSON_PROPERTY_RESOURCE_PROVIDER_CONFIGS = "resource_provider_configs";
   private List<ResourceProviderConfig> resourceProviderConfigs = null;
 
-  public static final String JSON_PROPERTY_SECRETLESS_AUTH_ENABLED = "secretless_auth_enabled";
-  private Boolean secretlessAuthEnabled;
-
   public static final String JSON_PROPERTY_TENANT_NAME = "tenant_name";
   private String tenantName;
 
@@ -442,28 +438,6 @@ public void setResourceProviderConfigs(List<ResourceProviderConfig> resourceProv
     this.resourceProviderConfigs = resourceProviderConfigs;
   }
 
-  public AzureAccount secretlessAuthEnabled(Boolean secretlessAuthEnabled) {
-    this.secretlessAuthEnabled = secretlessAuthEnabled;
-    return this;
-  }
-
-  /**
-   * (Preview) When enabled, Datadog authenticates with this app registration using federated
-   * workload identity credentials instead of a client secret.
-   *
-   * @return secretlessAuthEnabled
-   */
-  @jakarta.annotation.Nullable
-  @JsonProperty(JSON_PROPERTY_SECRETLESS_AUTH_ENABLED)
-  @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS)
-  public Boolean getSecretlessAuthEnabled() {
-    return secretlessAuthEnabled;
-  }
-
-  public void setSecretlessAuthEnabled(Boolean secretlessAuthEnabled) {
-    this.secretlessAuthEnabled = secretlessAuthEnabled;
-  }
-
   public AzureAccount tenantName(String tenantName) {
     this.tenantName = tenantName;
     return this;
@@ -577,7 +551,6 @@ public boolean equals(Object o) {
         && Objects.equals(this.newTenantName, azureAccount.newTenantName)
         && Objects.equals(this.resourceCollectionEnabled, azureAccount.resourceCollectionEnabled)
         && Objects.equals(this.resourceProviderConfigs, azureAccount.resourceProviderConfigs)
-        && Objects.equals(this.secretlessAuthEnabled, azureAccount.secretlessAuthEnabled)
         && Objects.equals(this.tenantName, azureAccount.tenantName)
         && Objects.equals(this.usageMetricsEnabled, azureAccount.usageMetricsEnabled)
         && Objects.equals(this.additionalProperties, azureAccount.additionalProperties);
@@ -601,7 +574,6 @@ public int hashCode() {
         newTenantName,
         resourceCollectionEnabled,
         resourceProviderConfigs,
-        secretlessAuthEnabled,
         tenantName,
         usageMetricsEnabled,
         additionalProperties);
@@ -638,9 +610,6 @@ public String toString() {
     sb.append("    resourceProviderConfigs: ")
         .append(toIndentedString(resourceProviderConfigs))
         .append("\n");
-    sb.append("    secretlessAuthEnabled: ")
-        .append(toIndentedString(secretlessAuthEnabled))
-        .append("\n");
     sb.append("    tenantName: ").append(toIndentedString(tenantName)).append("\n");
     sb.append("    usageMetricsEnabled: ")
         .append(toIndentedString(usageMetricsEnabled))

@@ -20,6 +20,7 @@
 import com.datadog.api.client.v2.model.PersonalAccessTokenResponse;
 import com.datadog.api.client.v2.model.PersonalAccessTokenUpdateRequest;
 import com.datadog.api.client.v2.model.PersonalAccessTokensSort;
+import com.datadog.api.client.v2.model.ValidateV2Response;
 import jakarta.ws.rs.client.Invocation;
 import jakarta.ws.rs.core.GenericType;
 import java.util.ArrayList;
@@ -3464,4 +3465,131 @@ public ApiResponse<PersonalAccessTokenResponse> updatePersonalAccessTokenWithHtt
         false,
         new GenericType<PersonalAccessTokenResponse>() {});
   }
+
+  /**
+   * Validate API key.
+   *
+   * <p>See {@link #validateV2WithHttpInfo}.
+   *
+   * @return ValidateV2Response
+   * @throws ApiException if fails to make API call
+   */
+  public ValidateV2Response validateV2() throws ApiException {
+    return validateV2WithHttpInfo().getData();
+  }
+
+  /**
+   * Validate API key.
+   *
+   * <p>See {@link #validateV2WithHttpInfoAsync}.
+   *
+   * @return CompletableFuture&lt;ValidateV2Response&gt;
+   */
+  public CompletableFuture<ValidateV2Response> validateV2Async() {
+    return validateV2WithHttpInfoAsync()
+        .thenApply(
+            response -> {
+              return response.getData();
+            });
+  }
+
+  /**
+   * Check if the API key is valid. Returns the organization UUID, API key ID, and associated
+   * scopes.
+   *
+   * @return ApiResponse&lt;ValidateV2Response&gt;
+   * @throws ApiException if fails to make API call
+   * @http.response.details
+   *     <table border="1">
+   *    <caption>Response details</caption>
+   *       <tr><td> Status Code </td><td> Description </td><td> Response Headers </td></tr>
+   *       <tr><td> 200 </td><td> OK </td><td>  -  </td></tr>
+   *       <tr><td> 403 </td><td> Forbidden </td><td>  -  </td></tr>
+   *       <tr><td> 429 </td><td> Too many requests </td><td>  -  </td></tr>
+   *     </table>
+   */
+  public ApiResponse<ValidateV2Response> validateV2WithHttpInfo() throws ApiException {
+    // Check if unstable operation is enabled
+    String operationId = "validateV2";
+    if (apiClient.isUnstableOperationEnabled("v2." + operationId)) {
+      apiClient.getLogger().warning(String.format("Using unstable operation '%s'", operationId));
+    } else {
+      throw new ApiException(0, String.format("Unstable operation '%s' is disabled", operationId));
+    }
+    Object localVarPostBody = null;
+    // create path and map variables
+    String localVarPath = "/api/v2/validate";
+
+    Map<String, String> localVarHeaderParams = new HashMap<String, String>();
+
+    Invocation.Builder builder =
+        apiClient.createBuilder(
+            "v2.KeyManagementApi.validateV2",
+            localVarPath,
+            new ArrayList<Pair>(),
+            localVarHeaderParams,
+            new HashMap<String, String>(),
+            new String[] {"application/json"},
+            new String[] {"apiKeyAuth"});
+    return apiClient.invokeAPI(
+        "GET",
+        builder,
+        localVarHeaderParams,
+        new String[] {},
+        localVarPostBody,
+        new HashMap<String, Object>(),
+        false,
+        new GenericType<ValidateV2Response>() {});
+  }
+
+  /**
+   * Validate API key.
+   *
+   * <p>See {@link #validateV2WithHttpInfo}.
+   *
+   * @return CompletableFuture&lt;ApiResponse&lt;ValidateV2Response&gt;&gt;
+   */
+  public CompletableFuture<ApiResponse<ValidateV2Response>> validateV2WithHttpInfoAsync() {
+    // Check if unstable operation is enabled
+    String operationId = "validateV2";
+    if (apiClient.isUnstableOperationEnabled("v2." + operationId)) {
+      apiClient.getLogger().warning(String.format("Using unstable operation '%s'", operationId));
+    } else {
+      CompletableFuture<ApiResponse<ValidateV2Response>> result = new CompletableFuture<>();
+      result.completeExceptionally(
+          new ApiException(0, String.format("Unstable operation '%s' is disabled", operationId)));
+      return result;
+    }
+    Object localVarPostBody = null;
+    // create path and map variables
+    String localVarPath = "/api/v2/validate";
+
+    Map<String, String> localVarHeaderParams = new HashMap<String, String>();
+
+    Invocation.Builder builder;
+    try {
+      builder =
+          apiClient.createBuilder(
+              "v2.KeyManagementApi.validateV2",
+              localVarPath,
+              new ArrayList<Pair>(),
+              localVarHeaderParams,
+              new HashMap<String, String>(),
+              new String[] {"application/json"},
+              new String[] {"apiKeyAuth"});
+    } catch (ApiException ex) {
+      CompletableFuture<ApiResponse<ValidateV2Response>> result = new CompletableFuture<>();
+      result.completeExceptionally(ex);
+      return result;
+    }
+    return apiClient.invokeAPIAsync(
+        "GET",
+        builder,
+        localVarHeaderParams,
+        new String[] {},
+        localVarPostBody,
+        new HashMap<String, Object>(),
+        false,
+        new GenericType<ValidateV2Response>() {});
+  }
 }