Required Permissions

The following scopes need to be applied to the API client created in CrowdStrike:

Important
To use any of the Identity Protection API functionality, you must enable the Identity Protection GraphQL write scope.

Scope	Read	Write
Identity Protection Assessment	Yes	No
Identity Protection Automation	Yes	No
Identity Protection Detections	Yes	No
Identity Protection Enforcement	Yes	No
Identity Protection Entities	Yes	No
Identity Protection GraphQL	Yes	No
Identity Protection Health	Yes	No
Identity Protection On-premise Enablement	Yes	No
Identity Protection Timeline	Yes	No

For example, your permissions may look like the following:

Feedback is provided as an informational resource only and does not form part of SailPoint's official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.


	You are here:

Required Permissions

Documentation Feedback