Credentials: CrowdStrike Spotlight
Instructions on how to generate credentials for CrowdStrike Spotlight VMS with the required permissions.
For Leen to authenticate with CrowdStrike Spotlight, we require the following:
- Base URL: The base URL that corresponds to the cloud where your integration is hosted. It has the format of
https://api[<deployment>].crowdstrike.com
. Most likely one of the following based on the region: - Client ID: OAuth2 based Client ID.
- Client Secret: Oauth2 based Client Secret.
Leen requires certain access permissions(scopes). These credentials are associated with the scopes.
User setup and Permissions
Here is how you can create API keys with the minimum required permissions for the integration:
Create an API Client with scopes
In the CrowdStrike Falcon console, navigate to the API Clients and Keys
page and click on Create API client
.
Here, enter the details to define your API client - Client Name
(required, can be anything eg. leen
) and Description
(optional).
Along with that we setup the necessary API Scopes:
- Vulnerabilities - Read
- Hosts - Read
- Host Groups - Read
- User Management - Read
- Prevention Policies - Read
- Device Control Policies - Read
- Real Time Response Policies - Read
- Sensor Update Policies - Read
Click Create
to save the API client and generate the Client ID
and Client Secret
.
Enter Credentials
After creating the API Client credentials, Copy the Base URL, Client ID and Client Secret into the CrowdStrike Spotlight VMS connector in their respective fields.