To IBM SOAR community,
I'm trying to call Crowdstrike API using Utility functions SOAP to request OAUTH2 token.
Using the following script:
inputs.rest_method = "POST"
inputs.rest_url = "https://api.*.crowdstrike.com/oauth2/token"
inputs.rest_body = '{"client_id": "xxxx", "client_secret": "xxxx"}'
inputs.rest_headers = """
Accept: application/json
Content-Type: application/x-www-form-urlencoded
"""
inputs.rest_verify = True
I got the following error:
Traceback (most recent call last):
File "/opt/app-root/lib/python3.6/site-packages/resilient_lib/components/requests_common.py", line 197, in execute
response.raise_for_status()
File "/opt/app-root/lib/python3.6/site-packages/requests/models.py", line 960, in raise_for_status
raise HTTPError(http_error_msg, response=self)
requests.exceptions.HTTPError: 400 Client Error: Bad Request for url:
https://api*.crowdstrike.com/oauth2/tokenDuring handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/opt/app-root/lib/python3.6/site-packages/fn_utilities/components/utilities_call_rest_api.py", line 58, in _call_rest_api_function
headers_dict, cookies_dict, rest_body, rest_verify, rest_timeout)
File "/opt/app-root/lib/python3.6/site-packages/fn_utilities/components/utilities_call_rest_api.py", line 116, in make_rest_call
timeout=rest_timeout)
File "/opt/app-root/lib/python3.6/site-packages/resilient_lib/components/requests_common.py", line 205, in execute
raise IntegrationError(msg)
resilient_lib.components.integration_errors.IntegrationError: '400 Client Error: Bad Request for url:
https://api*.crowdstrike.com/oauth2/token'When I manually generate the Crowdstrike token and make API requests with GET method, it works. But I cannot request CS token using this script.
Can you please tell me what's the error in my script? and if the body input format is correct.
This is the curl request that works with Crowdstrike:
curl -X POST "https://api*.crowdstrike.com/oauth2/token" -H "accept: application/json" -H "Content-Type: application/x-www-form-urlencoded" -d "client_id=xxxx&client_secret=xxxx"
Thank you so much.
------------------------------
Meryam Harraz
------------------------------