CrowdStrike Falcon IDP

Connection Requirements

1 - Domain

The domain of the CrowdStrike.

Default: https://api.crowdstrike.com

The domain may change depending on the region where the server is located. You can find the domain information where we created the Client ID and Client Secret information.

2 - Client ID

Generated Client ID for a user that has the permissions to fetch asset details.

3 - Client Secret

Generated Client Secret Key for a user that has the permissions to fetch asset details.

To define a CrowdStrike API client, you must be assigned the Falcon Administrator role to view, create, or modify API clients or keys. Secrets are only shown when a new API Client is created or reset.

You can follow the steps below.

  1. When logged into the Falcon UI, navigate to Support > API Clients and Keys.

  2. From there you can view existing clients, add new API clients, or view the audit log. When you click

  3. Add new API Client” you will be prompted to give a descriptive name and select the appropriate API scopes. read scope for "Identity Protection Entities" should suffice.

  4. After you click save, you will be presented with the Client ID and Client Secret.

The secret will only shown once and must be saved somewhere.

4 - SSL

Use SSL for connection (optional, default: Encrypted).

5 - Timeout

Timeout for return API call (default: 30)

Attention

Please perform a connection test to ensure there is a valid connection to the CrowdStrike Falcon IDP host. When the discovery operation finalized you will be able to see the details on Assets page.

PreviousCrowdStrike Falcon DiscoverNextCrowdStrike Falcon Spotlight

Last updated

Was this helpful?