# Falcon CrowdStrike IDP

## Connection Requirements

{% stepper %}
{% step %}

### Domain

The domain of the CrowdStrike.

{% hint style="info" %}
Default:\
<https://api.crowdstrike.com>
{% endhint %}
{% endstep %}

{% step %}

### Client ID

Generated Client ID for a user that has the permissions to fetch asset details.
{% endstep %}

{% step %}

### Client Secret

Generated Client Secret Key for a user that has the permissions to fetch asset details.

{% hint style="info" %}
You can follow the steps below. To define a CrowdStrike API client, you must be assigned the Falcon Administrator role to view, create, or modify API clients or keys. Secrets are only shown when a new API Client is created or reset.
{% endhint %}

When logged into the Falcon UI, navigate to Support > API Clients and Keys and then:

* View existing clients, add new API clients, or view the audit log.
* Click “Add new API Client”, give a descriptive name and select the appropriate API scopes. The read scope for "Identity Protection Entities" should suffice.
* After you click save, you will be presented with the Client ID and Client Secret.

{% hint style="info" %}
Note: The secret will only be shown once and must be saved somewhere.
{% endhint %}
{% endstep %}

{% step %}

### SSL

Use SSL for connection (optional, default: Encrypted).
{% endstep %}

{% step %}

### Timeout

Timeout for return API call (default: 30)
{% endstep %}
{% endstepper %}

{% hint style="warning" %}
Required Permissions

The value supplied in API Key must be associated with the following credentials:

* Identity Protection Assessment: Read
* Identity Protection Detections: Read
* Identity Protection Enforcement: Read
* Identity Protection Entities: Read
* Identity Protection GraphQL: Write
* Identity Protection Health: Read
* Identity Protection on-premise enablement: Read
* Identity Protection Timeline: Read
  {% endhint %}

{% hint style="warning" %}
Attention

Please perform a connection test to ensure there is a valid connection to the host. When the discovery operation is finalized, you will be able to see the details on the Assets page.
{% endhint %}