General
Frame’s web API service is based on standard RESTful HTTPS calls. All API endpoints require signed authentication via HTTP headers.
The typical workflow for an API call is as follows:
- Authenticate with the Frame Web API Gateway to sign the HTTPS API request
a. Create a signature with theclient_id
, theclient_secret
, and a timestamp (The client_id and client_secret are provided by Frame) - Make the HTTPS REST call to the Web API resource endpoint using the
client_id
, timestamp, and the signature in the HTTP header (Created in step 1a) - The Frame Web API Gateway verifies the signature of the HTTPS request and will then send the response of the previous call
Additional Notes:
- For more info on how to properly sign your requests (For step 1), please refer to the Authentication section at the end of this documentation.
- Our current ‘V1 alpha version’ Web API is available through the relative /v1alpha/ path on our API Gateway. All resource endpoints below will contain this path. As new versions are released, this path will be updated and communicated to customers using the API.
Frame Web API Resource endpoints
Accounts
This resource endpoint is used for managing vendor accounts and all related resources.
List accounts
GET /v1alpha/accounts/ HTTP/1.1
In the current API version, this is the only supported account call. This call will list all accounts owned by a Frame Platform Ultimate (Super Admin) account (associated with the client_id
). The response includes both the account names and and account IDs (the account ID is required by other API calls).
To make this call, you will need to send an HTTPS GET request to the /v1alpha/accounts/
path.
GET https://api.fra.me/v1alpha/accounts/ HTTP/1.1
Host: api.fra.me
X-Frame-Timestamp: 1475183415
X-Frame-ClientId: cd7bc83b-a9d9-4db5-b3cc-8a144399553a.img.mainframe2.com
X-Frame-Signature: 5891b5b522d5df086d0ff0b110fbd9d21bb4fc7163af34d08286a2e846f6be03
[
{
"account_id": "ABCD-1234-DEFF-5678",
"name": "Superadmin",
"email": "[email protected]"
},
{
"account_id": "FBDA-4321-DECB-0987",
"name":"bizAdmin",
"email": "[email protected]"
}
]
SESSIONS
The sessions resource endpoint is used for managing session activity on an account that belongs to a specific Super Admin account.
Note The account ID is required for this call. To retrieve the account ID, you must first call the /v1alpha/accounts/
API to retrieve a list of your accounts and their associated account IDs.
List Sessions
GET /v1alpha/accounts/<account_id>/sessions HTTP/1.1
Each call to this API will generate a list of links for reports on account session activity along with key data points (links will be generated for each month in CSV format). To get the list of session links, an HTTP GET request must be called at /v1alpha/accounts/<account_id>/sessions
path.
GET https://api.fra.me/v1alpha/accounts/<account_id>/sessions HTTP/1.1
Host: api.fra.me
X-Frame-Timestamp: 1475183415
X-Frame-ClientId: cd7bc83b-a9d9-4db5-b3cc-8a144399553a.img.mainframe2.com
X-Frame-Signature: 5891b5b522d5df086d0ff0b110fbd9d21bb4fc7163af34d08286a2e846f6be03
[
{
"url": "https://session-reports.s3.amazonaws.com/p01/BaEnVDpRkje9KZLv.2016.1.506c0.csv.zip?Signature=xxxxx12345&Expires=1470306685&AWSAccessKeyId=zzzzzzzzzz",
"month": 1,
"year": 2016
},
{
"url": "https://session-reports.s3.amazonaws.com/p01/BaEnVDpRkje9KZLv.2016.2.c1676.csv.zip?Signature=yyyyy12345&Expires=1470306685&AWSAccessKeyId=zzzzzzzzzz",
"month": 2,
"year": 2016
},
{
"url": "https://session-reports.s3.amazonaws.com/p01/BaEnVDpRkje9KZLv.2016.3.e0645.csv.zip?Signature=zzzzz12345&Expires=1470306685&AWSAccessKeyId=zzzzzzzzzz",
"month": 3,
"year": 2016
}
]
recent_sessions
GET /v1alpha/accounts/<account_id>/recent_sessions
Returns a list of sessions that were closed within last 24 hours and which have not yet been added to the monthly CSV file.This CSV file has the same structure as monthly CSV session reports.
GET /v1alpha/accounts/<account_id>/recent_sessions HTTP/1.1
Host: api.fra.me
X-Frame-Timestamp: 1475183415
X-Frame-ClientId: cd7bc83b-a9d9-4db5-b3cc-8a144399553a.img.mainframe2.com
X-Frame-Signature: 5891b5b522d5df086d0ff0b110fbd9d21bb4fc7163af34d08286a2e846f6be03
HTTP 200 OK
Vary: Accept
Content-Type: text/csv
Content-Disposition: attachment; filename="Wr1qgbPa99Pal7E8.recent_sessions.csv"
"username","application","geo_distance","city","starttime","session_duration","state","avg_bandwidth","avg_latency","avg_video_bitrate","avg_framerate","resolution","user_agent","remote_ip","system_type","session_type","additional_apps","user_data","account_email","account_name","account_id","region","country","session id","storage used"
....DATA...
USAGE
The usage resource endpoint lists the total number of hours used by a specific account.
List usage hours
GET
To generate the list of usage hours, an HTTPS request must be sent to the relative /v1alpha/accounts/<account_id>/usage
path.
Note The account ID is required for this call. To retrieve the account ID, you must first call the /v1alpha/accounts/
API to retrieve a list of your accounts and their associated account IDs.
GET /v1alpha/accounts/xxxxxxxxxx/usage?date_from=2016-08-10&date_to=2016-08-11 HTTP/1.1
Host: api.fra.me
X-Frame-ClientId: cd7bc83b-a9d9-4db5-b3cc-8a144399553a.img.mainframe2.com
X-Frame-Signature: 5891b5b522d5df086d0ff0b110fbd9d21bb4fc7163af34d08286a2e846f6be03
[
{
"datacenter":"aws-va",
"time":"2016-08-10T00:00:00",
"hours_used":1,
"instance_type":"g2.2xlarge",
"server_type":"production"
},
{
"datacenter":"aws-va",
"time":"2016-08-10T00:00:00",
"hours_used":3,
"instance_type":"t2.small",
"server_type":"utility"
}
]
Usage Date Range
To filter the results on a range of dates, the parameters date_from
and date_to
should be passed. Both fields are formatted in the date ISO format (yyyy-MM-dd) and specified in the PST time zone.
Note that the time returned in the time property is also in the PST time zone.
The date range filter parameters date_from and date_to are both required. The date_from default value is 1970-01-01 and the date_to default value is NOW.
Parameters:
Parameter | Format |
---|---|
date_from | yyyy-MM-dd |
date_to | yyyy-MM-dd |
Team Members
The team members resource endpoint lists the team members that are associated with a particular Frame account.
List team members
GET
To generate the list of team members, an HTTPS request must be sent to the relative /v1alpha/accounts/<account_id>/team_members
path. The list returned includes the name, email address, and status for each of the users attached to an account.
GET /v1alpha/accounts/xxxxxxxxxx/team_members
HTTP/1.1
Host: api.fra.me
X-Frame-Timestamp: 1475183415
X-Frame-ClientId: cd7bc83b-a9d9-4db5-b3cc-8a144399553a.img.mainframe2.com
X-Frame-Signature: 5891b5b522d5df086d0ff0b110fbd9d21bb4fc7163af34d08286a2e846f6be03
[
{"name":"AAA BBB","email":"[email protected]","status":"active"},
{"name":"CCC DDD","email":"[email protected]","status":"pending"},
{"name":"EEE FFF","email":"[email protected]","status":"active"},
{"name":"GGG HHH","email":"[email protected]","status":"pending"}
]
Applications
The Applications endpoint lists the currently onboarded applications for an account, the application name and a link to the application icon.
GET /v1alpha/accounts/xxxxxxxxxx/applications
Host: api.fra.me
X-Frame-Timestamp: 1475183415
X-Frame-ClientId: cd7bc83b-a9d9-4db5-b3cc-8a144399553a.img.mainframe2.com
X-Frame-Signature: 5891b5b522d5df086d0ff0b110fbd9d21bb4fc7163af34d08286a2e846f6be03
[{"icon":"https://d35ys0o2xppy2a.cloudfront.net/app_icons/images/000/010/986/thumb/f2c8090fec3dd286cf42d31298eac229.png?1436945663","name":"Notepad"},{"icon":"https://d35ys0o2xppy2a.cloudfront.net/app_icons/images/000/010/987/thumb/c70fb940280066c1dd489854365bb3b7.png?1436945663","name":"Google Chrome"}]
API Authentication
All Gateway API calls require authentication for each 3rd party service (use by individual users is not currently supported) and all API calls require signed requests for authentication.
Each API request must be signed and include the necessary information for proper signature verification. To sign an API request call, a client_id
and client_secret
are required to generate a signature and are also used for signature verification.
To provision your API credentials:
Login as your Platform Ultimate account. Credentials apply by Platform Ultimate Account, so if you have multiple Platform Ultimate accounts, you will need credentials for each one.


Go to the Account menu


Scroll to API Credentials and select "Add New"


Select All and Click ADD.
The new ID and credentials will appear. Be sure to copy them now because they cannot be shown again. You can, however, delete old credentials and create new ones.
The client_id
is a unique string that Frame’s API uses for client/service identification. It is used by the authentication system to identify the proper account and API client permissions.
The client_secret
is an HMAC-SHA256 key used to generate the signature and required by the signature verification process.
A signature is created by applying the HMAC-SHA256 algorithm on a string that is constructed from the client_id
and a timestamp. The timestamp is the current time in seconds since epoch.
The proper steps for creating a signature would be:
- Get the current timestamp
- Create a string by concatenating the timestamp with the
client_id
(timestamp + client_id) - Apply HMAC-SHA256 on the newly created string using the
client_secret
In order to verify the signature, the API Gateway requires the newly created signature, the client_id
, and the timestamp (The client_secret
should NOT be included). This information should be sent in the HTTP request headers.
Header | Description |
---|---|
X-Frame-ClientId | API client identification, client_id. |
X-Frame-Timestamp | Timestamp used in signature calculation. |
X-Frame-Signature | Calculated signature. |
API client authentication example:
#!/bin/env python
import hashlib
import hmac
import time
import requests
import base64
# Client credentials
client_id = "cd7bc83b-a9d9-4db5-b3cc-8a144399553a.img.mainframe2.com"
client_secret = "5891b5b522d5df086d0ff0b110fbd9d21bb4fc7163af34d08286a2e846f6be03"
# Create signature
timestamp = int(time.time())
to_sign = "%s%s" % (timestamp, client_id)
signature = hmac.new(client_secret, to_sign, hashlib.sha256).hexdigest()
# Prepare http request headers
headers = { "X-Frame-ClientId": client_id, "X-Frame-Timestamp": str(timestamp), "X-Frame-Signature": signature }
# Make request
r = requests.get("https://api.fra.me/v1alpha/accounts", headers=headers)
accounts = r.json()
for account in accounts:
print account
Updated 3 years ago