Skip to main content
The following steps will integrate CrowdStrike Falcon by using an OAuth2 API Client & Key with the below API permissions. Currently setup is limited to using an API Client with a client id, secret, base url, and domain.

Required Permissions

APIScopePermissionDescription
US-1 / US-2 (EU-1 Untested)HostsReadSearch for hosts in your environment by platform, hostname, IP, and other criteria.

Setting Up CrowdStrike Falcon Device Integration

In Tier Zero Code, go to “Integrations” and click on the CrowdStrike Falcon device integration then enable and configure integration. Image In the CrowdStrike Falcon Configuration, you’ll need the following fields:
Client ID
string
required
The Client ID from the “OAuth2 API Clients” creation confirmation.
Secret
string
required
The secret value from the “OAuth2 API Clients” creation confirmation.
Base URL
string
required
The base url from the “OAuth2 API Clients” creation confirmation.
Tenant Domain
string
required
The primary domain for the CrowdStrike tenant.