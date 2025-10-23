Cloudflare Zero Trust can integrate with Crowdstrike to require that users connect to certain applications from managed devices. This service-to-service posture check uses the WARP client to read endpoint data from Crowdstrike. Devices are identified by their serial numbers. If multiple devices have the same serial number, Cloudflare cannot accurately match a WARP device with a third-party provider device. You must ensure that each of your devices has a unique serial number.

Prerequisites

Device posture with Crowdstrike requires:

Falcon Enterprise plan or above

Crowdstrike agent is deployed on the device.

Cloudflare WARP client is deployed on the device. For a list of supported modes and operating systems, refer to Service providers.

Set up CrowdStrike as a service provider

1. Obtain CrowdStrike settings

The following CrowdStrike values are needed to set up the CrowdStrike posture check:

Client ID

Client Secret

Base URL

Customer ID

To retrieve those values:

Log in to your Falcon Dashboard. Go to Support and resources > API Clients and Keys. Select Create API client and enter any name for the client. Turn on the following API permissions: Scope Permission Hosts Read Zero Trust Assessment Read Select Create. Copy the Client ID, Client Secret, and Base URL to a safe place. Go to Host setup and management > Sensor downloads and copy your Customer ID.

2. Add CrowdStrike as a service provider

In Zero Trust ↗ , go to Settings > WARP Client. Scroll down to Third-party service provider integrations and select Add new. Select Crowdstrike. Enter any name for the provider. This name will be used throughout the dashboard to reference this connection.

Enter the Client ID and Client secret you noted down above. In Rest API URL, enter your Base URL. Enter your Customer ID. Choose a Polling frequency for how often Cloudflare Zero Trust should query CrowdStrike for information. Select Test and save.

3. Configure the posture check

In Zero Trust ↗ , go to Settings > WARP Client > Service provider checks. Select Add new. Select the Crowdstrike provider. Enter any name for the posture check. Configure the attributes required for the device to pass the posture check. Select Save. To test, go to Logs > Posture and verify that the service provider posture check is returning the expected results.

You can now use this posture check in a device posture policy.

Device posture attributes

Device posture data is gathered from the CrowdStrike Zero Trust Assessment APIs ↗. To learn more about how scores are calculated, refer to the CrowdStrike Zero Trust Assessment ↗ documentation.