Creating and Managing API Client in CrowdStrike's Console

1. Introduction

ClientId and ClientSecret are required in order to make requests using the OAuth2.0 workflow to CrowdStrike's API client.

2. Prerequisites

Before you begin, ensure you have:

• Access to the CrowdStrike Falcon Console
• Administrator privileges

3. Creating API Client

Step 1: Access the CrowdStrike Falcon UI Console

• Log in to your CrowdStrike Console instance with administrative privileges.

Step 2: Create an API Client, generate ClientId/ClientSecret with proper scope

• Go to the Support and resources > Resources and tools > API Client and keys section where an API Client can be managed.
• Create an API Client
• Provide a Client name and a related description with read permissions for the following Scopes
  • Alerts
  • Apps
  • Custom IOA rules
  • Detections
  • Device control policy
  • Hosts
  • Assets
  • Indicators
  • Incidents
  • IOC Management
  • IOCs (Indicators of Compromise)
  • Zero Trust Assessment
• The following scope should be given write access:
  • Hosts
• Create the new API Client.
• Securely store the generated Client ID, Secret and Base URL

4. Configure the Integration

URL This is the Base URL from where the Falcon API Client credentials came. CrowdStrike Base URLs

ClientId This is the Client Id gathered in step 2

ClientSecret This is the Client Secret gathered in step 2

Note The token_url should not be set/configured when configuration the Integration.

5. Important Links in CrowdStrike's Documentation

• CrowdStrike OAuth2-Based APIs