The Nutanix Frame™ desktop-as-a-service platform enables customers to implement proper user authentication and authorization security practices with Role-Based Access Control (RBAC) through a set of security roles defined within the Frame platform. In this blog, we'll explain how RBAC works in Frame and discuss the best practices for using third-party SAML2 identity providers and authorization rules to implement RBAC. The Frame-defined security roles specify the level of access to Frame entity types (customer, organization, account) and what can be done in those entity types. Using these Frame roles, you can configure one or more SAML2 or OAuth2 identity providers (IdPs) and then define authorization rules that grant authenticated users one or more of the Frame roles on specific Frame entities.
Welcome to part two of Building a Frame Web Application! In the previous blog post we focused on making sure we had the proper development environment set up. We also made our first API call, which successfully connected to the Frame backplane to provide us with information about a resource we controlled. It's now time to develop a deeper understanding of how we're making these API calls, and putting them together to do something that's actually useful.
There are contexts in which managing your Frame account by hand isn't enough. Sometimes you need a deeper integration to seamlessly manage all of your services. That's where Frame APIs come in.
In this two-part blog series we will introduce you to the Frame API, both what it is and how to use it. Some programming knowledge is helpful, but not strictly required. The only requirement is knowing your way around a computer.