# Creating and Managing API Client in CrowdStrike's Console ## 1. Introduction ClientId and ClientSecret are required in order to make requests using the OAuth2.0 workflow to CrowdStrike's API client. ## 2. Prerequisites Before you begin, ensure you have: - Access to the CrowdStrike Falcon Console - Administrator privileges ## 3. Creating API Client ### Step 1: Access the CrowdStrike Falcon UI Console - Log in to your CrowdStrike Console instance with administrative privileges. ### Step 2: Create an API Client, generate ClientId/ClientSecret with proper scope - Go to the **Support and resources > Resources and tools > API Client and keys** section where an API Client can be managed. - Create an API Client - Provide a Client name and a related description with the following scope permissions: #### Permissions Required: | Scope | Read | Write | Purpose | | --- | --- | --- | --- | | **Alerts** | ✅ | ❌ | Query alert data and threat/EDR events | | **Hosts** | ✅ | ✅ | Query endpoint information and quarantine endpoints from network. Excluding the write permissions disables the quarantine feature. | | **Assets** | ✅ | ❌ | Query application data | | **IOC Management** | ✅ | ✅ | Query, create and delete Indicators of Compromise (IOC). Excluding the write permissions disables creating and deleting IOCs. | | **Zero Trust Assessment** | ✅ | ❌ | Query security posture scores | - Confirm the new API Client - Securely store the generated Client ID, Secret and Base URL ## 4. Configure the Integration **URL** This is the Base URL from where the Falcon API Client credentials came. [CrowdStrike Base URLs](https://falcon.us-2.crowdstrike.com/documentation/page/a2a7fc0e/crowdstrike-oauth2-based-apis#k9578c40) **ClientId** This is the Client Id gathered in step 2 **ClientSecret** This is the Client Secret gathered in step 2 ***Note*** The token_url should not be set/configured when configuration the Integration. ## 5. Important Links in CrowdStrike's Documentation - [CrowdStrike OAuth2-Based APIs](https://falcon.us-2.crowdstrike.com/documentation/page/a2a7fc0e/crowdstrike-oauth2-based-apis)