API Keys & External Integrations

APIBEST PRACTICESDOCUMENTATIONINTEGRATIONOPENFRAME

Phase 8 — Integrations · Step 2

Section

June 23, 2026

Published

Vladislav Marchenko

Vladislav Marchenko

Head Of Marketing

API Keys & External Integrations

Phase 8 — Integrations · OpenFrame Onboarding

Sometimes the integration you need isn't a pre-built connector — it's your own script, a custom dashboard, or another system that needs to talk to OpenFrame directly. That's what API keys are for: they let external code authenticate to OpenFrame's API. This guide covers generating a key, keeping it safe, and where to find the endpoints.


Before you start

  • You need an Admin role.
  • Know what the key is for (which script or system will use it) so you can name it clearly and set a sensible expiry.

Where it lives

Go to Settings → API Keys Management. You'll see the API Keys page — a table of your existing keys with Name, Status, Key ID, Usage, Created, and Expires, plus two buttons: API Documentation and Create API Key.


Create a key

  1. Click Create API Key.
  2. API Key Name (required) — name it for what uses it, e.g. Ticketing webhook or Nightly inventory export. Future-you needs to know which key to revoke if something leaks.
  3. Description (optional) — a line on its purpose.
  4. Expiration Date (optional) — set one for keys tied to a temporary integration or a vendor; leave blank for a long-lived internal key. Short-lived is safer.
  5. Click Create API Key.

Copy the key immediately. Like every good system, OpenFrame shows the full secret once, at creation. Copy it straight into your integration's secret store or password manager. If you lose it, you don't recover it — you delete the key and make a new one.


Using the API

Click API Documentation (top of the API Keys page) for the endpoints, request/response shapes, and authentication details. The API is how external systems do things like:

  • Create tickets from outside OpenFrame — wire another monitoring tool, a form, or an email parser to open tickets via the external ticket-creation endpoint.
  • Pull data on a schedule — export device inventory, ticket status, or monitoring results into your own reporting.
  • Receive webhook payloads — have OpenFrame notify your systems when something happens, so you're not polling.

Authenticate each request with the API key you generated (per your IdP/API docs' scheme — typically a header). Treat the key like a password.


Managing keys

Back on the API Keys table you can see each key's Status and Usage and revoke one you no longer trust. Good hygiene:

  • One key per integration, named clearly — so revoking one doesn't break everything else.
  • Rotate keys periodically, and immediately if one may have leaked.
  • Set expirations on anything temporary.
  • Never commit a key to source control or paste it into a ticket/chat.

Quick checklist

  • Opened Settings → API Keys Management
  • Created a key with a clear name (and expiry if temporary)
  • Copied the secret once into a secure store
  • Checked API Documentation for the endpoints you need
  • Used one key per integration and planned for rotation

What's next

That completes Phase 8 — Integrations — OpenFrame is now wired to your identity provider and open to your own systems via the API. Next is Phase 9 — Security & Access Control, locking down roles, AI guardrails, and audit logging before you go to production.


Based on OpenFrame v0.9.19. API capabilities and the exact endpoints evolve — always check the in-product API Documentation for the current contract.

Vladislav Marchenko

Head Of Marketing

Hi all! My name is Vlad and I’ve been brought on to head the marketing team at Flamingo. Thankfully, this isn’t the first time I will be building a marketing department from scratch, so the experience should come in handy. Now it’s time to dive into the world of MSPs and find myself in this new world.

Related Content

Product Releases

Webinars

Case Studies

Blog Posts

Frequently Asked Questions

MSP AI Agents

Yes. In production MSP shops today, 10% to 25% of tickets close before a human opens them. Thread alone has processed 173 million tickets across 750-plus MSP partners at 96% triage accuracy, handing back 490,000-plus technician hours. Agents own the low-risk, high-volume work (password resets, MFA enrollment, known installs, onboarding and offboarding) and flag anything that touches production data or needs judgment for a human to take.
On a five-person desk, reported deployments show $78,000 to $130,000 in annual direct labor savings, roughly 30% fewer escalations, and 15% to 20% better SLA compliance. Broader MSP adoption data adds ticket handling time cut by 45% and five to 12 points of margin, all from reclaimed capacity rather than headcount cuts.

AI MSP

Start with a readiness assessment, not a tool purchase. Confirm your ticket history is clean and your RMM, PSA, and monitoring systems connect. Then pick one high-volume, low-risk workflow, usually ticket triage, and pilot it on internal tickets before any client sees it.
Automate high-volume, low-risk tasks first. Ticket triage and alert noise reduction top the list because they run constantly and a human still resolves the underlying issue. Save security approvals, billing changes, and client-facing actions for later, always with a human in the loop.

AI Safety

It can be, with governance. Keep a human in the loop on high-risk actions, log every automated step for audit, and choose platforms that keep your data yours with no vendor lock-in. Pilot on internal data first so you catch issues before client systems are involved.

AI for MSPs

Set a baseline before rollout, then track tickets closed per technician, mean time to resolution, percentage of tickets resolved with no human touch, technician hours reclaimed, and cost per ticket. AI-driven automation commonly cuts operational cost per ticket by 25 to 40%.

About OpenFrame

OpenFrame isn't built to plug into your stack. It replaces it. Instead of duct-taping a dozen tools together (RMM, MDM, SIEM, patching, remote access, each its own login and bill), we bundle it into one unified platform: RMM, MDM, monitoring, automation, remote access, patch management, security monitoring, and ticketing, plus built-in AI copilots. So "does it integrate with X?" usually means: you won't need X anymore.

IT Documentation

Hudu is IT documentation software that MSPs and internal IT teams use to centralize client documentation, network details, encrypted passwords, IT assets, and SOP runbooks in one searchable platform, so technicians find what they need without digging through scattered files.

RMM Automation

Yes. Connected to your RMM over a webhook or API, an AI agent reads each alert, enriches it with device and history, and opens a pre-filled ticket in your helpdesk when human attention is needed, routed to the right board and priority.

MSP Password Manager

There is no single best. For most MSPs, Bitwarden balances low cost and no lock-in, 1Password offers the most polished multi-tenant console, and Keeper adds built-in privileged access. The right pick depends on your budget, client base, and need for PAM.