CrowdStrike and Microsoft Entra ID (Azure Active Directory) integration
Save yourself the work of writing custom integrations for CrowdStrike and Microsoft Entra ID (Azure Active Directory) and use n8n instead. Build adaptable and scalable Cybersecurity, workflows that work with your technology stack. All within a building experience you will love.
How to connect CrowdStrike and Microsoft Entra ID (Azure Active Directory)
Create a new workflow and add the first step
In n8n, click the "Add workflow" button in the Workflows tab to create a new workflow. Add the starting point – a trigger on when your workflow should run: an app event, a schedule, a webhook call, another workflow, an AI chat, or a manual trigger. Sometimes, the HTTP Request node might already serve as your starting point.
Build your own CrowdStrike and Microsoft Entra ID (Azure Active Directory) integration
Create custom CrowdStrike and Microsoft Entra ID (Azure Active Directory) workflows by choosing triggers and actions. Nodes come with global operations and settings, as well as app-specific parameters that can be configured. You can also use the HTTP Request node to query data from any app or service with a REST API.
Supported API Endpoints for CrowdStrike
GetDeviceDetails
Retrieve device details for a specific host.
QueryDevicesByFilter
Query devices by filter.
PerformDeviceAction
Perform a device action such as 'Contain' or 'Lift Containment'.
GetDeviceSnapshots
Get snapshots of device status.
GetDeviceDetailsById
Retrieve device details for a specific host by device ID.
GetAlerts
Retrieve a list of alerts.
GetAlertDetails
Retrieve details of a specific alert.
AcknowledgeAlert
Acknowledge a specific alert.
UpdateAlert
Update details of a specific alert.
DeleteAlert
Delete a specific alert.
QueryDetections
Retrieve detections based on provided query parameters.
GetDetectionDetails
Retrieve details for a specific detection.
UpdateDetection
Update details of a specific detection.
AcknowledgeDetection
Acknowledge a specific detection.
DeleteDetection
Delete a specific detection.
GetUsers
Retrieve a list of users.
GetUserDetails
Retrieve details of a specific user.
CreateUser
Create a new user.
UpdateUser
Update details of a specific user.
DeleteUser
Delete a specific user.
To set up CrowdStrike integration, add the HTTP Request node to your workflow canvas and authenticate it using a predefined credential type. This allows you to perform custom operations, without additional authentication setup. The HTTP Request node makes custom API calls to CrowdStrike to query the data you need using the URLs you provide.
Take a look at the CrowdStrike official documentation to get a full list of all API endpoints
Supported API Endpoints for Microsoft Entra ID (Azure Active Directory)
List Users
Retrieve a list of user objects.
Create User
Create a new user.
Get User
Retrieve the properties and relationships of user object.
Update User
Update the properties of a user object.
Delete User
Delete a user.
List Groups
Retrieve a list of group objects.
Create Group
Create a new group.
Get Group
Retrieve the properties and relationships of a group object.
Update Group
Update the properties of a group object.
Delete Group
Delete a group.
List Applications
Retrieve a list of application objects.
Create Application
Create a new application.
Get Application
Retrieve the properties and relationships of an application object.
Update Application
Update the properties of an application object.
Delete Application
Delete an application.
List Group Members
Retrieve a list of the members of a group.
Add Group Member
Add a member to a group.
Get Group Member
Retrieve a member of a group.
Remove Group Member
Remove a member from a group.
Update Group Member
Update the properties of a group member.
To set up Microsoft Entra ID (Azure Active Directory) integration, add the HTTP Request node to your workflow canvas and authenticate it using a predefined credential type. This allows you to perform custom operations, without additional authentication setup. The HTTP Request node makes custom API calls to Microsoft Entra ID (Azure Active Directory) to query the data you need using the URLs you provide.
Take a look at the Microsoft Entra ID (Azure Active Directory) official documentation to get a full list of all API endpoints
CrowdStrike and Microsoft Entra ID (Azure Active Directory) integration details
Microsoft Entra ID (Azure Active Directory)
Azure Active Directory (Azure AD) is Microsoft's cloud-based identity and access management service. It provides secure authentication and authorization for users, enabling them to access applications, resources, and services in the Azure cloud and other integrated applications.
Microsoft Entra ID (Azure Active Directory) credentials docs
Using predefined credential types
See Microsoft Entra ID (Azure Active Directory) integrations
Related categories
FAQ
Can CrowdStrike connect with Microsoft Entra ID (Azure Active Directory)?
Can I use CrowdStrike’s API with n8n?
Can I use Microsoft Entra ID (Azure Active Directory)’s API with n8n?
Is n8n secure for integrating CrowdStrike and Microsoft Entra ID (Azure Active Directory)?
How to get started with CrowdStrike and Microsoft Entra ID (Azure Active Directory) integration in n8n.io?
Looking to integrate CrowdStrike and Microsoft Entra ID (Azure Active Directory) in your company?
The world's most popular workflow automation platform for technical teams including
Why use n8n to integrate CrowdStrike with Microsoft Entra ID (Azure Active Directory)
Build complex workflows, really fast
