概念および基本

Transmission Control Protocol / Internet Protocol - standardized components and layers that enable global data transfer. For more information, we recommend this accessible, high-level resource.

Transport Layer Security / Secure Socket Layer - while technically different, they’re commonly referenced interchangeably today. TLS represents the evolution of SSL, though the original acronym remains widely used. For more information about TLS, consult this overview.

A computer that provides or stores information for other computers. When you access Frame.io through a web browser, your browser requests content from Frame.io’s server, which responds accordingly. Every action within Frame.io triggers a communication between your browser and our server, which processes your request and returns appropriate results. When uploading media to Frame.io, you’re sending it to our servers.

A client application requests information from or sends data to a server. When implementing the C2C API, you’ll be developing a C2C client.

Hypertext Transfer Protocol / Secure - operates within the application layer of the TCP/IP model. The difference between HTTP and HTTPS is security—HTTPS incorporates TLS/SSL verification into network communications. HTTP has evolved through various versions, establishing new standards over time. Version 1.1 remains the global standard and should be used for Frame.io API communications.

REST (Representational State Transfer) is a design methodology for developing APIs based on HTTP request-response patterns. REST often serves as shorthand for the general approach of using HTTP for program-to-program interaction—as distinguished from browser-webpage communication—even when the API doesn’t strictly adhere to REST principles.

JavaScript Object Notation - a standardized data exchange format. Though initially developed for JavaScript objects, it has become a universal standard for networked communications. The C2C API delivers responses as JSON data.

Amazon’s Simple Storage Service provides cloud-based data storage solutions. S3 stores Frame.io’s video and audio media, and serves as the destination for integration uploads.

• Protocol
• Host
• Port
• Resource

• Headers
• Content-Type/Mimetype
• Request and Response Payloads
• HTTP verb applications: GET, POST, PUT, DELETE, etc.
• Form Data

Authentication verifies that requests come from claimed sources. When you log into websites with username/password credentials, you’re authenticating yourself by demonstrating password knowledge. Multi-factor authentication—such as receiving verification codes via text message—represents additional authentication mechanisms.

Authorization confirms permission to perform specific actions. When you add collaborators to Frame.io projects or Google documents, you’re authorizing their access. Frame.io or Google have previously authenticated these users’ identities, enabling you to confidently authorize their participation.

OAuth (Open Authorization) provides a standardized framework for authorization management by integrating with third-party authentication services.

Scopes define the authorized actions available to users. When connecting devices to Frame.io, you’ll request and receive specific scopes that authorize particular operations. For example, the asset_create scope permits asset creation and uploading. Conceptually, scopes function as permission sets.