# Generate CrowdStrike Falcon CSPM Read-Only Credentials

In this guide, you will create an API client with read-only credentials for Crowdstrike OAuth2. \
\
At the end of this configuration, you will provide Radiant Security with the following values:

* **Client ID**
* **Secret**
* **Base URL**

### **Create the credentials in CrowdStrike Falcon**

1. Access CrowdStrike Falcon as Admin.
2. Expand the side menu and click **Support and resources**.
3. Under **Resources** **and** **tools**, click **API clients and keys.**
4. Click **Create API**.
5. Enter a **Client** **Name** to help identify the credential.
6. Under **Scope**, select **CSPM Registration - Read**.
7. Click **Create.**
8. Copy and store the **Client ID,** **Secret**, and **Base URL** values.

### Share the credentials with Radiant Security

1. Log into [Radiant Security](https://app.radiantsecurity.ai/).
2. From the navigation menu, select **Settings** > **Credentials** and click **+ Add Credential**.
3. Select the **Crowdstrike OAuth2** credential type from the list and click **Configure Credential**.
4. Give the credential an identifiable name (e.g. `Crowdstrike Falcon CSPM Credentials`) and paste the values (**Client** **ID**, **Client** **Secret** **Key**, and **Base URL**) that you copied from the **Create the credentials in CrowdStrike Falcon** section. Leave the **Prefix** value empty.
5. Click **Add Credential** to save the changes.