Feedback Introducing OAuth 2.0 Authentication in the Frame.io Python SDK
We’re excited to announce that the Frame.io Python SDK (frameio) now includes built-in OAuth 2.0 authentication. No more managing tokens manually or dealing with 401 errors anymore— the SDK handles the full lifecycle for you.
What’s New
The new frameio.auth module supports three OAuth 2.0 flows:
| Flow | Best For |
|---|---|
| Server-to-Server | Backend services, scripts, automation — no user interaction needed |
| Web App | Server-side apps (Flask, Django, FastAPI) where users sign in |
| SPA (PKCE) | Browser apps, CLIs, or anything that can't store a client secret |
Every flow has both sync and async variants, so it works whether you’re building a simple script or an async web service.
How to Try It
1. Install or upgrade the SDK
pip install frameio --upgrade
2. Get your credentials
Head to the Adobe Developer Console and create a project with Frame.io API access. You’ll need:
-
Client ID (all flows)
-
Client Secret (Server-to-Server and Web App)
-
Redirect URI (Web App and SPA — must be registered in your Adobe project)
3. Authenticate
Server-to-Server (simplest — great for scripts and backend services):
from frameio import Frameio
from frameio.auth import ServerToServerAuth
auth = ServerToServerAuth(
client_id="YOUR_CLIENT_ID",
client_secret="YOUR_CLIENT_SECRET",
)
client = Frameio(token=auth.get_token)
# That's it. Tokens refresh automatically.
me = client.users.me()
print(f"Authenticated as {me.name}")
Web App (for apps where users sign in):
import secrets
from frameio import Frameio
from frameio.auth import WebAppAuth
auth = WebAppAuth(
client_id="YOUR_CLIENT_ID",
client_secret="YOUR_CLIENT_SECRET",
redirect_uri="https://yourapp.com/callback",
)
# Step 1: Redirect user to Adobe sign-in
url = auth.get_authorization_url(state=secrets.token_urlsafe(32))
# Step 2: In your callback handler, exchange the code
auth.exchange_code(code=request.args["code"])
# Step 3: Use the client
client = Frameio(token=auth.get_token)
SPA / PKCE (for apps that can’t store a secret):
import secrets
from frameio import Frameio
from frameio.auth import SPAAuth
auth = SPAAuth(
client_id="YOUR_CLIENT_ID",
redirect_uri="https://yourapp.com/callback",
)
result = auth.get_authorization_url(state=secrets.token_urlsafe(32))
# Redirect user to result.url, store result.code_verifier
# In your callback:
auth.exchange_code(code="CODE_FROM_CALLBACK", code_verifier=result.code_verifier)
client = Frameio(token=auth.get_token)
Key Features
-
Automatic token refresh — tokens are refreshed transparently before they expire
-
Token persistence —
export_tokens()andimport_tokens()let you save and restore tokens across app restarts -
Token revocation —
auth.revoke()invalidates tokens with Adobe IMS -
Async support — every flow has an async variant (
AsyncServerToServerAuth,AsyncWebAppAuth,AsyncSPAAuth) -
Thread-safe — multiple threads can call
get_token()concurrently; only one refresh happens at a time
Error Handling
The module includes specific exceptions so you can handle failures precisely:
from frameio.auth import AuthenticationError, TokenExpiredError
try:
client = Frameio(token=auth.get_token)
assets = client.files.list(project_id="...")
except TokenExpiredError:
# Refresh token expired — redirect user to sign in again
pass
except AuthenticationError as e:
print(f"Auth failed: {e.error_code} — {e.error_description}")
Resources
-
Python Authentication Guide — full walkthrough with Flask examples
-
SDK Reference — API reference for all auth classes (to be updated very soon)
Feedback
We’d love to hear how it works for you. If you run into issues or have feature requests reply to this post!
