Using the built in credentials setup for Crowdstrike OAuth2 fails. I have tested the creds from the command line and the URL, ClientID and Client Secret are all correct.
The first screenshot was created in the node “HTTP Request”
The second in the Credentials → Add credential → OAuth2 API (This is referenced in the first screenshot)
Hope this stuff helps someone!!
If ANYONE knows how to setup MS Sentinel and has step-by-step guide, I’d be appreciative.
For the URL for the Crowdstrike credential you don’t need to include /oauth/token which could be part of that problem, We should probably make it clearer that it is just the URL for Crowdstrikes api.