oauth2 - CrowdStrike/falconpy GitHub Wiki

CrowdStrike Falcon CrowdStrike Subreddit

Using the OAuth2 service collection

Uber class support Service class support Documentation Version Page Updated

Unlike regular Service Classes, the OAuth2 Service Class inherits from the FalconInterface object, meaning the OAuth2 Service Class also represents the authorization object used by regular Service Classes for all authentication processing and state management.

Table of Contents

Operation ID Description
oauth2RevokeToken
PEP 8 revoke
Revoke a previously issued OAuth2 access token before the end of its standard 30-minute lifespan.
oauth2AccessToken
PEP 8 token
Generate an OAuth2 access token

Passing credentials

WARNING

client_id and client_secret are keyword arguments that contain your CrowdStrike API credentials. Please note that all examples below do not hard code these values. (These values are ingested as strings.)

CrowdStrike does not recommend hard coding API credentials or customer identifiers within source code.

oauth2RevokeToken

Revoke a previously issued OAuth2 access token before the end of its standard 30-minute lifespan.

PEP8 method name

revoke

Endpoint

Method Route
POST /oauth2/revoke

Content-Type

  • Consumes: application/x-www-form-urlencoded
  • Produces: application/json

Keyword Arguments

Name Service Uber Type Data type Description
data
Service Class Support

Uber Class Support
formData string Full data payload in JSON format containing the OAuth2 access token you want to revoke.
client_id
Service Class Support

Uber Class Support
formData string API client ID for the access token you want to revoke.

Not Required
token
Service Class Support

Uber Class Support
formData string The OAuth2 access token you want to revoke.

Usage

Service class example (PEP8 syntax)
from falconpy import OAuth2

# Do not hardcode API credentials!
falcon = OAuth2(client_id=CLIENT_ID,
                client_secret=CLIENT_SECRET
                )

response = falcon.revoke(token="string", client_id="string")

print(response)
Service class example (Operation ID syntax)
from falconpy import OAuth2

# Do not hardcode API credentials!
falcon = OAuth2(client_id=CLIENT_ID,
                client_secret=CLIENT_SECRET
                )

response = falcon.oauth2RevokeToken(token="string", client_id="string")

print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

PAYLOAD = {
    "client_id": "string",
    "token": "string"
}

response = falcon.command("oauth2RevokeToken", data=PAYLOAD)

print(response)

oauth2AccessToken

Generate an OAuth2 access token

PEP8 method name

token

Endpoint

Method Route
POST /oauth2/token

Content-Type

  • Consumes: application/x-www-form-urlencoded
  • Produces: application/json

Keyword Arguments

Name Service Uber Type Data type Description
data
Service Class Support

Uber Class Support
formData string Full data payload in JSON format containing your API credentials. CID scoping can also be provided here.

Usage

Service class example (PEP8 syntax)

This example will generate a token using the credentials provided when creating an instance of the Service Class.

from falconpy import OAuth2

# Do not hardcode API credentials!
falcon = OAuth2(client_id=CLIENT_ID,
                client_secret=CLIENT_SECRET
                )

response = falcon.token()
print(response)
Service class example (Operation ID syntax)

This example will generate a token using the credentials provided when creating an instance of the Service Class.

from falconpy import OAuth2

# Do not hardcode API credentials!
falcon = OAuth2(client_id=CLIENT_ID,
                client_secret=CLIENT_SECRET
                )

response = falcon.oauth2AccessToken()
print(response)
Uber class example

This example demonstrates generating a token that is potentially different than the token generated when you create an instance of the Uber class.

from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

PAYLOAD = {
    "client_id": "string",
    "client_secret": "string",
    "member_cid": "string"
}

response = falcon.command("oauth2AccessToken", data=PAYLOAD)
print(response)
⚠️ **GitHub.com Fallback** ⚠️