Hello All, I run a platform / agency with about 50 photographer and filmmaker on it. I want to be able to send the content that they uploaded to my platform to Frame.Io. However, I want to deposit this content on their own Adobe / Frame.io accounts, in other words, I want them to use their own Frame.io accounts. I have researched the documentation but it sounds like in order to do this each creator will need to set up their own Adobe Developer Account (https://developer.adobe.com/dep/guides/dev-console/create-project/). Can someone confirm if this is true or not or if possible, please send along some previous “topic” posts that I can reference. Thank you, Michael
Hi @bebourdain what you are asking for is something that we don’t support at this time (such as dropbx’s request links). We have a few partners that have built something like this to help folks get files into their Frame.io accounts such as MASV & SiloSync.
Hi Charlie, thank you for the reply. Would it be possible for you to confirm if the below setup will work:
If a creator provides to me:
Credentials
OAuth Web App
CREDENTIAL
PLATFORM: WEBAPP
API Key (Client ID): XXXXXXXXXXXXXXXXXXXXXX
and, then we provide to them:
A. Redirect URI
B. Redirect URI Pattern
They can set this up as their own individual API setups and we can deposit photos on their account.
Thank you in advance, Michael
hi @bebourdain at the moment the API is centered around OAuth2.0 which is User Access. Meaning a user must be present in the account in order to interact with it via the API.
In your case we have User A (you) and User B (creator). Even if you generate all of the above, User A will need to be invited to User B’s account in order to access it. What you’re probably looking for is what we used to have as a Developer Token (which was still user scoped) in that User B could generate a token that provided specific access to their account, based on different scopes, without the need for other users to be a part of it. It essentially gives other users permission on the behalf of User B.
We dont have that functionality atm, but we are looking into ways to provide it in a round about way.
My suggestion would be to use @silosync_io’s MiniSync or SiloLINK as it is working as a proxy for the user. They can generate a link for others to upload to, which is what you’re looking for essentially.
Hey Charlie, thank you for the note. I’m not sure I am following fully - - apologies for not getting this straight away.
What I am thinking about is a Zapier like set up. When a trigger is detected, we do XYZ automatically. My understanding is that on Zapier, the user is not signed in and present at that moment in time. Or am I incorrect on that?
If the concept is that there needs to be a person present and logged in at that moment in time to use the API, then why use the API? If someone needs to be present and logged in, you could just log in directly to Frame.io and do what you’re trying to do rather than use the API.
Am I reading and understanding this correctly or do I have some gaps in my understanding?
My thought process is this, everyone of the photographers and filmmakers we work with has Adobe Creative Cloud. They use it daily as well as use Frame.io regularly. I have had about a dozen calls with them and they really do not want to swap into a new tool like ZiFlow, Page Proof, Review Studio, etc. My team and I are open to any suggestions to find a solution here to get something to work within the Frame.io environment.
Is there anyways or any work around (my team and I truly do not care how dirty or round about it would be. We will build any supplemental infrastructure needed) to do automated actions where they do not need to be present and logged in and we can send things on their behalf?
Thank you for all your responses, I really appreciate them. Sorry that I am not understanding straight off the bat.
Sincerely, Michael
HI @bebourdain when I said “user must be present,” I did not mean “the user must be online / actively signed in at the exact moment the automation runs.”
What I meant is: the user must complete a one-time OAuth consent step at least once (the same way you “connect” an app in Zapier). After that, your system can run unattended.
Also a user needs to be Added/invited to an account/project in order to have permissions to interact with it.
Essentially if User A wants to upload to User B’s account (either via the web app OR via the API), they need to be added/invited to the account/project otherwise there is no way for them to access User B’s account (no permissions). OAuth code flow is explicitly “act on behalf of the user, with their permission.”
Something you could do is to have one central place that acts as a middleground for everyone which securely stores sensitive information (like auth tokens and such) that everyone grants permission to and acts on everyone’s behalf. This is the only way to get proper permissions without User A being added to User B’s account (or everyone’s account for that matter).
Theoretical approach
- User A hosts a small service (AWS is a common choice: Lambda + queue + database).
- User A is the one who create the Web App credentials in Dev Console (not the creators)
- Each creator connects their own Frame.io account once via OAuth:
- They click “Connect Frame.io”
- They get redirected to Adobe/Frame.io login and approve your app’s requested scopes (consent screen).
- User A’s service stores an auth token and a refresh token for that creator (securely)
- During setup, each creator also selects a destination in their Frame.io account (workspace/project/folder(s)). User A stores this mapping.
- User A configures a Frame.io webhook to watch for new files in a specific source workspace (webhooks are workspace-scoped) in their own Frame.io account.
- When a new file lands in the source folder, the webhook event triggers User A’s service, which:
- Shows the file information w/
media_links.originalto get the download_url - For each connected creator:
- Uses their refresh token to mint an access token
- Uploads/copies the file into their selected destination
Here’s a mermaid diagram that could show it working.
Hope this helps.
Okay, cool, I think I am almost there and understand. I am getting hung up on points 5 and 6 - - I think that is just a naming/definition thing but we can return to that in a moment.
The top paragraphs about OAuth and “act on behalf of the user, with their permission” makes perfect sense. “With everyone grants permission to and acts on everyone’s behalf” is exactly what we started out trying to do but as I was reading the documentation, I got stuck and I did not want to go down a rabbit hole wasting time, which is what promoted my post.
We have done steps 1-3.
Would it be possible for you clarify steps 4-5 with a little bit more detail? Where I am not understanding is how do we get content from my platform’s AWS account into Frame.io.
I had a hard time following the mermaid, here are some screenshots of my current understanding:
Below is what we originally designed originally and what we are hoping to achieve:
Thank you again Charlie for all of your help, Michael
Hi Charlie, checking in to see if it would be possible to clarify points 4 and 5? I think it’s just a naming mix up and with a little bit of clarification, I can get this sorted. Thank you in advance for all of your help.
Thank you, Michael
hi @bebourdain I have not had a chance to get more clarification on this. Should have some time later today/tomorrow to chime in!