Creating and Managing API Client in CrowdStrike's Console

Copy

• Copy for LLM

  Copy page as Markdown for LLMs
• View as Markdown

  Open this page as Markdown
• Open in ChatGPT

  Get insights from ChatGPT
• Open in Claude

  Get insights from Claude

1. Introduction

ClientId and ClientSecret are required in order to make requests using the OAuth2.0 workflow to CrowdStrike's API client.

2. Prerequisites

Before you begin, ensure you have:

• Access to the CrowdStrike Falcon Console
• Administrator privileges

3. Creating API Client

Step 1: Access the CrowdStrike Falcon UI Console

• Log in to your CrowdStrike Console instance with administrative privileges.

Step 2: Create an API Client, generate ClientId/ClientSecret with proper scope

• Go to the Support and resources > Resources and tools > API Client and keys section where an API Client can be managed.
• Create an API Client
• Provide a Client name and a related description with read permissions for the following Scopes
  • Alerts
  • Apps
  • Custom IOA rules
  • Detections
  • Device control policy
  • Hosts
  • Assets
  • Indicators
  • Incidents
  • IOC Management
  • IOCs (Indicators of Compromise)
  • Zero Trust Assessment
• The following scope should be given write access:
  • Hosts
• Create the new API Client.
• Securely store the generated Client ID, Secret and Base URL

4. Configure the Integration

URL This is the Base URL from where the Falcon API Client credentials came. CrowdStrike Base URLs

ClientId This is the Client Id gathered in step 2

ClientSecret This is the Client Secret gathered in step 2

Note The token_url should not be set/configured when configuration the Integration.

5. Important Links in CrowdStrike's Documentation

• CrowdStrike OAuth2-Based APIs