Badges/Onboarding-Issuer: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
No edit summary
 
(15 intermediate revisions by 6 users not shown)
Line 1: Line 1:
== A. Mozilla Open Badge Infrastructure (OBI) ==
== Quick Start ==
NOTE: The documentation below is for general on-boarding. If you want the more technical documentation - see our [https://github.com/mozilla/openbadges/wiki/Issuer-API github pages].


=== I. BACKGROUND ===
If you or your organization has the technical resources, you can host [https://github.com/mozilla/openbadges-badgekit Mozilla BadgeKit] on your servers by downloading the code from Github - a tutorial for this process can be found [https://github.com/mozilla/openbadges-badgekit/wiki/BadgeKit-Tutorial here].
 
Alternatively, there are a number of other badge issuing options available if you wish to set something up sooner. Here are some services being offered from our issuing partners: http://bit.ly/Badge_Issuing_Platforms
 
If you just want to play around with creating badges and are familiar with JSON syntax, check out the [http://badgelab.herokuapp.com/ Badge Lab]. It's a customized tutorial that walks you through creating your very own "hand-made" Open Badge.
 
== Mozilla Open Badge Infrastructure (OBI) ==
 
NOTE: For a general introduction to badge issuing with the Mozilla OBI, read on. For more technical documentation, please see our [https://github.com/mozilla/openbadges/blob/development/docs/apis/issuer_api.md github pages].
 
=== Background ===
   
   
==== Why Are We Doing This? ====   
==== Why Are We Doing This? ====   
* Learners are learning everywhere -- but most of that learning doesn't "count"
Learning happens everywhere. Yet it's often difficult to be recognized for skills and achievements that are gained outside of school. Mozilla's Open Badges project is working to solve that problem by making it easy for anyone anywhere to issue, earn, and display badges. The results: broad recognition of 21st century skills and experiences, unlocking of career and educational opportunities, and learners everywhere being able to level up in their lives and work.
* Skills assessment and communication is limited in current system, e.g. GPA, GED, Bachelor or Master degrees, static resume
* There are few alternatives to the current accreditation/credentialing system
* Learning doesn’t happen simply between K - 12 and university; learning happens over the course of a lifetime and frequently in informal settings


==== Goals ====
==== Goals ====
* Develop badges as an alternative accreditation/credentialing system
* Develop badges as a system for alternative accreditation, credentialing, and recognition;
* Develop badges as a micro-accreditation/micro-credentialing system 
* Help badges expand beyond siloed environments to be broadly shareable;
* Avoid silos; ie badges stuck in one learning system
* Truly support earners learning everywhere;
* Truly support learners learning everywhere == Support badges issued from multiple issuers across the Web 
* Optimize the value of these representations by allowing badges to be remixable and shareable with different audiences;
* Optimize the value of those badges == Make badges remixable and shareable with different audiences/sites 
* Develop a supporting infrastructure to standardize the process and support each earner;
* Develop a supporting infrastructure to standardize the process and support each learner collecting badges from multiple issuers and sharing sub-collections out across various displayers. 
* Create an infrastructure that is open and as decentralized as possible to give earners control and support of the entire ecosystem;
* Create an infrastructure that is open and as decentralized as possible to give learners control and support of the entire ecosystem  
* Provide software and development tools to help organizations implement badging systems.


==== Description ====  
==== Description ====  


Enabling learners to earn badges wherever they're learning across the web requires support for multiple individual badge issuers. Empowering learners to use their badges as legitimate credentials requires support for sharing of badges across many display sites. The Open Badges framework is designed to allow any learner to collect badges from multiple sites, tied to a single identity, and then share them out across various sites -- from their personal blog or website to social networking profiles. It is critical for this infrastructure to be open to give learners control over their own learning and credentials, allow anyone to issue badges, and for each learner to carry the badges with them across the web and other contexts.  
The Open Badges framework is designed to make badging flexible enough to represent the full range of learning and experience in online and offline life. This requires support for multiple, potentially significantly varied, badge issuers. Empowering earners to use their badges as legitimate credentials also requires support for sharing of badges across many display sites.  
 
Earners can share badges across such varied online environments as personal blogs and social networking channels, tying a variety of achievements to a single identity. It is critical for the infrastructure to be open, to give earners control over how they represent their own learning and experiences, to allow anyone to issue badges, and for each earner to be able to carry their badges with them throughout their online life.
 
The participants in a badging system are characterized using a few broad groups:
* Issuers - they create badges, make them available to earners and award them.
* Earners - they apply for badges and decide where to display them.
* Displayers - they display badges earned by particular earners (this also involves verifying badges).


=== II. TECH SPECS ===   
You will see these roles described throughout the material you read on Open Badges. This page is aimed at providing an overview of badging for ''issuers'', with an introduction to the technical aspects of issuing.
 
Last but not least, although not involved directly in badging systems, let's not forget this group of people:
* Consumers - they include anyone looking at a badge (or badges) earned
** examples include potential employers, college admin and peers.
 
=== Tech Specs ===   
* The OBI is built in node.js using express.   
* The OBI is built in node.js using express.   
* [https://wiki.mozilla.org/Badges/Onboarding-Issuer#C._Badge Badges] are represented by JSON data blobs embedded in PNG files in the [http://beta.openbadges.org/backpack/ Backpack]
* Badges are represented by JSON data blobs embedded in PNG files in the [http://beta.openbadges.org/backpack/ Backpack]
* [https://wiki.mozilla.org/Badges/Onboarding-Issuer#I._Identity Identity] management is handled by Mozilla’s Persona (fka BrowserID) [link: https://browserid.org/, http://identity.mozilla.com/]
* Identity management is handled by [http://identity.mozilla.com/ Mozilla Persona]
 
=== III. OPEN BADGES ECOSYSTEM ===


==== Diagram ====  
=== Open Badges Ecosystem ===
   
   
[[Image:Tech-diagram-v3 updated.png|700px|Open Badges -- Tech-diagram-v3 updated.png]]'''<br>'''
[[Image:Tech-diagram-v3 updated.png|700px|Open Badges -- Tech-diagram-v3 updated.png]]'''<br>'''


==== Overview ====
Here's an overview of how badging works:
* Issuer issues a badge on their site, then prompts the Badge Earner to push the badge into their Backpack for portability.
* An issuer makes a badge available to their community of earners on their website. When awarded the badge, an earner sends it to their Backpack.
** Issuer does this through the [https://github.com/mozilla/openbadges/wiki/Issuer-API Issuer API] which provides script to present the Badge Earner with a modal dialog that requests their consent to add the Issuer's badge(s) to their Backpack.
** The badge becomes portable through the [https://github.com/mozilla/openbadges/wiki/Issuer-API Issuer API] script, presenting the earner with a modal dialog that requests their consent to add the badge to their Backpack.
* Issuer can also push badges to the [https://github.com/mozilla/openbadges/wiki/Badge-Baking Mozilla Baking Service] where the assertion url representing JSON blobs is embedded into PNG files
** If the issuer wants the earner to be able to store the badge outside the OBI, they can optionally push it to the [https://github.com/mozilla/openbadges/wiki/Badge-Baking Mozilla Baking Service] where the assertion URL representing JSON blobs is embedded into PNG files. Otherwise badge baking is handled through the Issuer API.
** n.b. Only necessary if Issuer wants the Earner to have the ability to store badges outside of the OBI. Otherwise Badge Baking handled through the [https://github.com/mozilla/openbadges/wiki/Issuer-API Issuer API].  
* Displayers pull unpacked badges (JSON) out of the Backpack based on earner action and privacy settings.   
* Displayers pull unpacked badges (JSON) out of the Backpack based on privacy settings and Earner action.   
* Public badges are discoverable based on earner’s email address, optionally through the [https://github.com/mozilla/openbadges/wiki/Displayer-API Displayer API].
* Public badges are discoverable by Earner’s email address
* Earners can share their badges through their Backpack and grant permission for a particular site to display that collection of badges.  
* Earners can share badges through the Backpack, thus granting permission for a particular site to display that set of badges   
* Displayers authenticate badges with the issuer using a verification check.
* Displayers authenticate badges with the Issuer using the [https://wiki.mozilla.org/Badges/Onboarding-Issuer#G._Verification Verification] check
 
''Badge issuing is significantly simplified using BadgeKit, Mozilla's new set of badging tools. The BadgeKit Web app lets issuers create and publish badges through an intuitive interface. An issuer can then present those badges using the BadgeKit API, which also handles reviewing applications - [[Badges/badgekit|Read more about BadgeKit]].''


=== IV. DEFINITIONS/KEY TERMS ===  
=== Definitions and Concepts ===  
;Badge
The core currency of exchange. A single credential demonstrating a skill, achievement, quality or affiliation.
;Open Badge Infrastructure (OBI)
Open infrastructure technology to support independent Badge Issuers, Display sites as well as the reference implementation of the Badge Backpack. Includes the Metadata Spec, APIs, Verification Framework and Badge Backpack. 
;[https://wiki.mozilla.org/Badges/Onboarding-Issuer#D._Backpack Badge Backpack]
The core authorized data store and management interface of Mozilla’s reference implementation of the Badge Backpack. Each Earner has their own Backpack where all their badge data is stored.
;[https://wiki.mozilla.org/Badges/Onboarding-Issuer#E._Metadata_Spec Metadata Spec]
The definition of what makes up a badge. Each badge is a chunk of metadata that describes the badge, including badge name, image, description, criteria URL, Issuer, etc.
;[https://github.com/mozilla/openbadges/wiki/Badge-Baking Badge Baking]
Embedding the assertion url (the pointer to all the metadata) into a PNG file to make a fully robust, portable badge
;[https://github.com/mozilla/openbadges/wiki/Issuer-API Issuer API]
The interface specifications for pushing badges into the Backpack
[https://github.com/mozilla/openbadges/wiki/Displayer-API Displayer API]
The interface specifications for pulling badges out of the Backpack (Display sites/widgets)
;Verification API
Communication channels and framework to support badge verification (was this badge issued to this person on this date? Has it expired? etc.)
;Endorsement API
Communication channels and framework to support badge endorsement (was this badge signed? is the signature valid?)
* n.b. Endorsement employs the same signing mechanism as Badge Verification
* n.b. This is not part of [https://wiki.mozilla.org/Badges/PublicBeta Public Beta] release but on the [https://wiki.mozilla.org/Badges/roadmap roadmap] for development in 2012.
;Badge Earner
A person storing their badges within the Open Badge Infrastructure. This Earner has had interactions with Issuers to earn badges, then logs in via their Backpack to manage those badges, and can share out to various Display sites as well. Learners are a type of Badge Earners.
;Issuer
Organization, consortium or individual who issues badges into the OBI.
;Displayer
Website run by an organization, consortium or individual, that pulls badges from the OBI and displays them for an Earner. Displayers could range from social networking sites like Facebook or career social networks, to job search/application sites to personal blogs or sites.
;Endorser
An organization, consortium or individual who “endorses” a badge by signing it with their private encryption key. Trusted third party signers may emerge.


== B. Issuer ==
'''Badge'''


An organization, consortium, group or individual who issues badges into the OBI. The OBI is open and supports any independent Issuer that conforms to the necessary badge and issuing specifications.  
A digital representation of a skill, learning achievement or experience. Badges can represent competencies and involvements recognized in online or offline life. Each badge is associated with an image and some metadata. The metadata provides information about what the badge represents and the evidence used to support it.


=== I. BACKGROUND ===
'''Open Badge Infrastructure (OBI)'''
* Issuer badge systems are independent of the Infrastructure - how you assess work, decide who earns badges, issue badges within your site, display badges within your site, etc. - that's all up to each Issuer 
* We are intentionally pushing the innovation to the edges - meaning the Issuers have complete control over how their badge system works 
* We want to support innovation, not constrain it 
* The touchpoint with the OBI is pushing each badge into the designated Backpack for the earner
* Issuers do not need to register with the OBI - they simply push badges into earner Backpacks utilizing the Issuer Javascript API.


=== II. REQUIREMENTS ===
Open infrastructure technology supports independent badge issuers and displayers. Includes the metadata specification, APIs, verification framework, Backpack and software tools.
* Issuers must have web server capable of serving requests to the general internet
 
* Issuers must have hosting ability
 
* Issuers must have ability to make a POST request from their server backend and read a JSON response.
'''''ROLES'''''
* Issuers must have email addresses for Earners and must be able to email Earners  
 
* Issuers must have badges (or be able to convert their badges) into the format (metadata spec) that the Assertion expects.   
'''Earner'''
* Earners must be registered with whatever Backpack the Issuer is trying to push badges to, or (for later versions) the Issuer must ask Earner which Backpack they want to push badges to and honor that request  
 
Someone who earns a badge (either by applying or being directly issued with it). The earner can use their Backpack to manage and share their badges.
 
'''Issuer'''
 
Organization or individual who issues Open Badges to their community. The issuer is responsible for defining badges, making them available to earners and handling applications for them.
* Badge issuing can involve participants with various specific roles, such as application assessors, badge creators and administrators.
 
'''Displayer'''
 
A website, organization, or person who accesses publicly shared Open Badges and displays them for badge earners.
 
 
'''''TOOLS'''''
 
'''Mozilla Backpack'''
 
The core authorized data store and management interface of Mozilla’s reference implementation of the Backpack. Each earner has their own Backpack where their badge data is stored.
 
'''[https://github.com/mozilla/openbadges-specification/blob/master/Assertion/latest.md Assertion Specification]'''
 
Badge metadata is represented as an [https://wiki.mozilla.org/Badges/Onboarding-Issuer#Metadata assertion]. The assertion specification defines the information within a badge. An assertion includes multiple items of data, such as: badge name and description, issuer, date, criteria URL, evidence URL and badge image URL. The assertion should carry all the information needed to process a badge. This ensures that badges can be fully understood and verified no matter where they are shared.
 
'''[https://github.com/mozilla/openbadges/wiki/Badge-Baking Badge Baking]'''
 
A badge is an image combined with assertion data - badge baking embeds assertion data into an image to produce a portable badge.
 
'''[https://github.com/mozilla/openbadges/wiki/Issuer-API Issuer API]'''
 
The Issuer API provides a script for issuers to let earners send badges to the Backpack.
 
'''[https://github.com/mozilla/openbadges/wiki/Displayer-API Displayer API]'''
 
The Displayer API provides specifications for displaying badges beyond the Backpack.
 
'''[https://wiki.mozilla.org/Badges/Onboarding-Issuer#Verification Verification]
 
Displayers are responsible for verifying badges, i.e. checking that a badge is valid and was issued to the person claiming it.
 
'''[[Badges/badgekit|BadgeKit]]'''
 
A new set of tools to simplify badging for issuers - provides an interface for creating and managing badges/ assessing badge applications. The BadgeKit API lets issuers control interaction with their own community of badge earners while supporting much of the badge admin process through a Web app.
 
See also the [https://github.com/mozilla/openbadges-badgekit/wiki/BadgeKit-and-Open-Badges-Resources BadgeKit and Open Badges Resource list]
 
To explore the concepts and terms in badging and badge issuing, check out the [https://github.com/mozilla/openbadges-badgekit/wiki/Glossary Badging and BadgeKit Glossary]
 
== Issuing Badges ==
 
An issuer is an organization or individual who designs and issues badges within the ecosystem. The OBI is open and supports any independent issuer who conforms to the necessary badge and issuing specifications. Additionally, issuers can now benefit from the [https://wiki.mozilla.org/Badges/badgekit BadgeKit] tools, providing they meet specific technical requirements.
 
=== Background ===
* Issuers determine the badging approach that will work best for their communities.
* Touchpoints with the OBI occur through interfaces, including sending badges to Backpacks and optionally using BadgeKit.
* Issuers do not need to register with the OBI - they simply utilize the JavaScript APIs.
 
=== Requirements ===
* Issuers must have Web hosting facilities including:
** A server capable of serving requests to the general Internet.
** The ability to make a POST request from their server backend and read a JSON response.
** Email addresses for earners (and the ability to email them).  
** Badges structured in the format that the assertion expects - when using BadgeKit this structuring is automated.   
** Earners must be registered with the backpack implementation that the issuer is trying to send their badges to. ''In the future, the issuer will need to ask the earner which backpack they want to push badges to and honor that request.''
* For verification:
* For verification:
** If doing Hosted Assertions (currently available)
** For Hosted Assertions - issuers must maintain a server with the Badge Assertion information (at the unique badge URL) to verify each badge.  
*** Issuers must maintain a server with the Badge Assertion information (at the unique badge URL) to verify each badge   
** For Signed Assertions:
** If doing Signed Assertions (on development roadmap)
*** Issuers must generate public/private key pair and maintain the hosted public key.
*** Issuers must generate public/private key pair and maintain the hosted public key
*** Issuers must sign the badges themselves, sign the whole package, and push badges to earner backpacks through the Issuer JavaScript API.
*** Issuers must sign the badges themselves; sign the whole package and push badge to Earner Backpacks through the Issuer Javascript API.  
* Issuers looking to use [[Badges/badgekit|BadgeKit]] have a specific range of options and requirements regarding hosting and technical provision - see the following blog post for more information: [http://openbadges.tumblr.com/post/78764181250/announcing-mozilla-badgekit Announcing Mozilla BadgeKit].


=== III. BADGE CREATION FLOW ===
=== Badge Creation Flow ===


# Have an email address for the Earner
Issuers need to:
# Create and host an Assertion on your site
# Have an email address for the earner.
# Create and host an assertion on site.
# Create and host the badge PNG; this is a single PNG for all badges, not a single physical PNG per issued badge.  
# Create and host the badge PNG; this is a single PNG for all badges, not a single physical PNG per issued badge.  
# Integrate your site with the Backpack via the Issuer API
# Integrate your site with the Backpack via the Issuer API


n.b. The Issuer API is a script that can be dropped-in to any Badge Issuer's website to provide a way for Earners to add an Issuer's badges to their Backpack. There's no need to bake the badges yourself. The API takes care of it for you.
''The Issuer API is a script that can be dropped into any badge issuer's website to provide a way for earners to add an issuer's badges to their Mozilla Backpack (or federated backpacks). There's no need to bake the badges independently as the API takes care of this.''
 
'''''The badge creation flow varies significantly for issuers using [[Badges/badgekit|BadgeKit]]. Issuer admins can design and define the data for a badge within the BadgeKit Web app, with BadgeKit handling metadata structuring. Issuers can then present available badges to their earners using the BadgeKit API.'''''
 
=== Open Badges related Widgets created by the community ===


=== IV. OPEN BADGES Related Widgets created by the community ===
A number of Open Badges widgets and utilities have been developed for integrating badges with various technologies including WordPress, Drupal, Django, Rails, PHP, Java, Moodle, Mahara, Joomla, Blackboard, Google Sites, Canvas, iOS, Android and AJAX.  
* https://github.com/lmorchard/django-badger -- Issuing app for Django
* https://github.com/PRX/badges_engine -- Rails Engine for issuing.
* https://github.com/openmichigan/open_badges -- Drupal module for managing/issuing badges
n.b. Updated list can be found here: https://github.com/mozilla/openbadges/wiki/Open-Badges-related-widgets


=== V. Open Badger ===
See [https://github.com/mozilla/openbadges/wiki/Open-Badges-related-widgets the list] on GitHub (which is regularly updated).
OpenBadger is a lightweight OBI compliant badge issuing platform. It will make creating and issuing badges easy for non-technical users.
We've done some [https://github.com/mozilla/OpenBadger/wiki/Speculation speculation] but more to come on the [https://github.com/mozilla/openbadger Open Badger github].


== C. Badge ==
=== BadgeKit ===


The core currency of exchange. A single credential demonstrating a skill, achievement, quality or affiliation.
[https://wiki.mozilla.org/Badges/badgekit BadgeKit] builds on a range of tools which have been under continual development for some time, through projects such as Chicago Summer of Learning. These tools include [https://github.com/mozilla/openbadger/blob/v2.0/docs/api.md Open Badger] and [https://github.com/mozilla/aestimia Aestimia].
* Representation - Assertion url representing chunks of JSON data embedded into a PNG file
* [https://github.com/mozilla/openbadges/wiki/Assertions Badge Assertion aka Badge Manifest] - Earner identity information (<algorithm>$<hash(email + salt)>) plus badge information (JSON metadata)
* Verified Badge - Badges that have an assertion URL. OBI currently supports verification of badges through Hosted Assertions. i.e. When Issuer pushes badge to the OBI, metadata is pushed to a unique and persistent url aka assertion url. Issuer maintains Badge Assertion and Displayers can ping the assertion URL to confirm verification.
** n.b. Signed Assertion is on the [https://wiki.mozilla.org/Badges/roadmap development roadmap].  
* Endorsed Badge - Badges that have been signed by a third party/endorser. The Backpack verifies the signature against the signer’s public key and if confirmed, accepts the badge as an endorsed badge. The endorsement information is represented with the badge as a layer of trust on the badge’s validity. 
** n.b. On [https://wiki.mozilla.org/Badges/roadmap development roadmap] for 2012


== D. Backpack ==
== Backpack ==


Backpack is an authorized data storage plus a management interface for earners of Open Badges. Each earner will have their own Backpack that holds all of their badges and gives them an interface to manage, control and share their badges.     
The Mozilla Backpack is an authorized data storage space and management interface for earners of Open Badges. Each earner can access their own Backpack - that lets them manage and share their badges.     
* The Backpack as well as the entire system is open source and federated. Earners or Issuers can take the [https://github.com/mozilla/openbadges code] and fork it.
* The Backpack is open source and federated. Earners or issuers can take the [https://github.com/mozilla/openbadges code] and fork it.
* Earners may decide to create and host their own Backpack so that they have complete control over their badges.
* Earners may decide to create and host their own Backpack so that they have complete control over their badges.
* Mozilla has built a reference or default Backpack which will hold all of the badge Assertions (hashed user email + badge data) for each earner.
* Mozilla has built a reference or default Backpack (the "Mozilla Backpack") which holds all of the badge assertions (hashed user email + badge data) for each earner.
 
== Metadata ==
 
Badge metadata is defined as an assertion, which contains multiple required and optional fields. The structure has evolved over time - see the [https://github.com/mozilla/openbadges-specification/blob/master/Assertion/latest.md assertion specification] for complete details.
 
Issuers can put a reasonable amount of extra material into a badge, but that material must be static - once the badge is issued, any change to the information must not change. This is to prevent someone from issuing one badge, then sneakily changing it later to another badge unbeknownst to the earner.  


== E. Metadata Spec ==
== Badge Images and Baking ==


=== I. OVERVIEW ===
* A baked badge is a JSON blob of metadata embedded in a PNG file
* A badge is an assertion url representing chunks of JSON data embedded into a PNG file
* This allows the badge to be more easily portable - a collection of information that can be emailed, carrying its details with it.
* The metadata should carry all the information needed to understand a badge. This ensures that badges can be fully understood and verified no matter where they are shared or used.
* Ultimately, this is important for decentralization of the system and will allow earners to have more control over where their badges live.
* This is the data presented in the Assertion URL on the Issuer's server


=== II. FIELDS ===
=== Baking Service ===
* Required
** recipient: Salted hash of the email address for the earner receiving the badge.
** salt: The salt used in the hash construction of the recipient’s email address.
** badge: The structure describing the badge. 
*** version: The version of the badge
*** name: Human-readable name of the badge being issued. Maximum of 128 characters.
*** image: URL for image representing the badge. Should be a square and in PNG format. Maximum size of 256kb.
*** description: Description of the badge being issued. Maximum of 128 characters.
*** criteria: URL describing the badge and criteria for earning the badge (Not the specific instance of the badge).
*** issuer: Information about the Issuer: 
**** origin: Origin of the Issuer. This is the <protocol>://<host>:<port>. Must match the origin of the Hosted Assertion (and in the future, the origin of the public key).
**** name : Human-readable name of the issuing agent.
* Optional
** evidence: Earner-specific URL with information about this specific badge instance. Should contain information about how the specific Earer earned the badge.
** expires: Date when the badge expires. If omitted, the badge never expires.
*** The badge is not removed from the Earner’s Backpack after the expiration date – there will be some visual/technical indicator that the badge is expired and needs to be re-upped. Must be formatted "YYYY-MM-DD" or a unix timestamp
** issued_on: Date when badge was issued. If omitted, the issue date will be set to the date the badge was pushed to the Backpack. Must be formatted "YYYY-MM-DD" or a unix timestamp
** issuer: Information about the Issuer:
*** org: (OPTIONAL) Organization for which the badge is being issued. An example is if a scout badge is being issued, the "name" of the Issuer could be "Boy Scouts" and the "org" could be "Troop #218"
*** contact: (OPTIONAL) A human-monitored email address associated with the Issuer.
* n.b. We've discussed having an additional field that is customizable by the Earner - so that the Earner could add a personal evidence URL, or could add additional information or context to the badge. This would NOT be something that the Issuer would include in the Badge Assertion (so it is not listed above) and would most likely be managed by the Earner through the Backpack.
* n.b. Issuers can put a reasonable amount of extra material into the badge, but that material must be static -- once the badge is issued, any change to that information must not change. This is to prevent someone from issuing one badge, then sneakily changing it later to another badge unbeknownst to the Earner. There currently isn't a method for updating the information received in the badge, though it's not off the table.


== F. PNG Files / Badge Baking Service ==
* To bake a badge, you must host a badge [https://github.com/mozilla/openbadges-specification/blob/master/Assertion/latest.md assertion] on your site.
** The system is designed to:
*** avoid SPAMing the earner with unwanted badges, and
*** give earners ultimate control over where the badges go.
* Mozilla provides the "tools" for unpacking the PNG file through the OBI. 
* PNG files will be unpacked in the Backpack where each earner can view, manage, and organize their badges (and see all the metadata behind each badge).
* PNG files are unpacked so that displayers just have the raw data to work with on their end.


=== I. BACKGROUND ===
''If you are building a new system, we strongly recommend using the JavaScript Issuer API or BadgeKit for awarding badges. The tools and APIs take care of the badge baking.''
* Each badge is a JSON blob of metadata embedded in a PNG file 
* This allows the badge to be more easily portable - an actual 'thing' that can be emailed around, carrying all the information with it 
* Ultimately, this is important for decentralization of the system - so that Earners have more control over where their badges live 


=== II. BETA: BAKING SERVICE ===
=== Badge Image Standards ===
* For beta, Mozilla will be providing a [https://github.com/mozilla/openbadges/wiki/Badge-Baking 'baking' service] to package the JSON into a PNG file 
* REQUIREMENTS: To bake a badge, you must be hosting a Badge Assertion on your site.
** See the Assertions page for details: https://github.com/mozilla/openbadges/wiki/Assertions
* Issuers will still send the Badge Assertion to Mozilla, but instead of sending it directly to the Backpack, they will now send it to the Mozilla Baking Service. Then Mozilla will package it into a PNG and deliver back to the Issuer who can then send to the Earner 
** The purpose of this is:
*** A) to avoid SPAMing the Earner with unwanted badges (which we can control in beta) and
*** B) to give the Earners ultimate control over where the badges go. 
** n.b. If you are building a new system, we strongly recommend using the Javascript Issuer API for awarding badges. The API takes care of the badge baking for the Issuer.
* Mozilla will provide the 'tools' for unpacking the PNG file through the OBI 
* PNG files will be unpacked in the Backpack where each Earner can view, manage and organize their badges (and see all the metadata behind each badge) 
* PNG files will be unpacked for the Displayer API so that Displayers will just have the raw data to work with on their end.


=== III. BADGE IMAGE STANDARDS ===
* Image must be a PNG.   
* Image must be a PNG (for Beta).   
* Images should be square and not exceed 256kb. They should have dimensions not smaller that 90 x 90.
** Potentially: In later iterations, we can convert to a PNG
* Image is provided as a URL to the image on the issuer server, stored within the metadata.  
* Images should be square and not exceed 256kb
* Mozilla will cache the image in at least two sizes.  
* Looking at standardizing dimensions to 90 x 90  
* When a badge is displayed, it will be loaded from the Mozilla cache to avoid extra burden on the issuer servers. This also helps if the issuer is not available or the link is broken.
* Image is provided as a URL to the image on the Issuer server in the metadata   
* When using BadgeKit, issuers can design badges inside the Web app using a graphical tool, or can upload images prepared elsewhere.
* Mozilla will cache the image in at least 2 sizes   
* When a badge is displayed, it will be loaded from the Mozilla cache to avoid extra burden on the Issuer servers, also in case the Issuer is not available or link is broken


== G. Verification ==  
== Verification ==  
 
Badge verification involves checking that a badge was issued to the person displaying it, using their email address. Verification affects both issuers and displayers.


=== I. OVERVIEW === 
* To avoid gaming and duplication, the OBI is built to support badge verification.   
* To avoid gaming and duplication, the OBI is built to support badge verification.   
* This handles the questions of "Did this Issuer issue this badge to this Earner on this date? Is this badge still valid or has it expired?" 
* This is essential to allow earners to prove the authenticity and validity of their badges. Badges can also have expiry dates, allowing organizations to issue badges for skills which are only valid for a set period of time.
* The OBI provides the channel for this verification to happen through the Backpack, but must communicate with the Issuer.   
* The OBI provides the channel for this verification to happen through the Backpack, by communicating with the issuer.   
* Issuer must be online to verify badges. (we are exploring a cache to cover verification for x amount of time) 
* Verification is typically carried out by displayers, who should not display a badge that cannot be verified.
* Most verification will be done by the Displayers. Displayers should not display a badge that cannot be verified.
 
=== Verification Method ===
 
The OBI currently supports verification of badges through hosted and signed assertions. The assertion data for a badge contains verification information. For hosted assertions, this includes a URL field representing the assertion hosted on the issuer's server. For signed assertions, it includes a link to the issuer's public key. Displayers can utilize this data to verify badge earners.
 
The verification process is as follows:
 
'''''For hosted assertions''''':
# Displayer carries out a GET request on the verification URL from the assertion.
#* If the response is not 200 OK or if the data at the URL is not structurally valid, the badge is treated as invalid.
# Displayer analyses content of data at assertion verification URL, which includes recipient email address.
#* Verification can now be achieved by comparing the salted hash value for the recipient (according to the verification data) to the salted hash for the email of the person claiming the badge.
# The displayer can optionally check further information in the verification data, including an expiry date if there is one.
 
'''''For signed assertions''''':
# Displayer unpacks JWS object specified in the assertion verification fields.
#* If the data fails to parse as JSON data, verification fails.
# Displayer extracts the verify.url property from the JSON, carries out a GET request on it and stores the public key.
#* If the HTTP status is not 200 OK, verification fails.
# Displayer uses the public key to perform JWS verification on the JWS object - if this fails, the badge is considered invalid.
# Displayer retrieves the revocation list and checks that the badge ID is not included.
 
For more about assertions and verification, see the [https://github.com/mozilla/openbadges-specification/blob/master/Assertion/latest.md Specification].


=== II. VERIFICATION METHOD ===
''Note: for baked badges, verification also involves extracting the assertion URL from the badge image - see the [https://github.com/mozilla/openbadges-verifier Verifier] for more on this.''
* OBI currently supports verification of badges through Hosted Assertions. i.e. When Issuer pushes a badge to the OBI, metadata is pushed to a unique and persistent url aka assertion url. Issuer maintains the Badge Assertion and Displayers can ping the assertion URL to verify the badge.
 
** Displayer puts the Earner’s email through a salted hash function and sees if it matches with the hash value indicated for the recipient in the badge metadata. If values match, the badge belongs to the Earner that claims it, if not, it is being spoofed. 
=== Functional Flow ===   
** Cons: Overhead for Issuer to maintain unique and persistent url for each badge.
* In the future we will support Signed Assertions, which will mean signing a badge assertion with your private key and hosting a public key at a well known, public URL.
** Pros: Less overhead for Issuer, just need to host public key
* Further down the road, we will probably try to support DNSSEC for public key discovery.
* Unverified Badge handling
** If badge is passed through by an Issuer and the signature (when we support this method of verification) is invalid, OBI rejects it.
** If badge is verified initially but somewhere down the line it becomes unverified, OBI notifies user. [Needs to be worked out more.]
=== III. FUNCTIONAL FLOW ===   


# Badge (within it, its assertion) exists in the Backpack   
# Badge (including assertion) exists in the Backpack.  
# User attempts to display badge via a display site widget   
# User attempts to display badge via a display site widget.  
# Display site takes the earner’s email and puts it through a salted hash function.  
# Display site takes the earner’s email and puts it through a salted hash function.  
## eg. hash (‘hipjoe@example.com’ + salt)  
#* eg. hash (‘hipjoe@example.com’ + salt)  
# Display site compares the resulting value with the value indicated for the recipient in the badge metadata.  
# Display site compares the resulting value with the value indicated for the recipient in the badge metadata.  
# If values match, badge is verified and Displayer displays the badge. If not, Displayer should reject the badge.
# If values match, badge is verified and displayer displays the badge. If not, displayer should reject the badge.
 
== Displayers ==
 
Displayers are key to the value of Open Badges for earners. The OBI is designed to support display of badges acquired in various different types of context, letting earners paint a more detailed, complete picture of their skills and experiences.  


== H. Displayers ==
* Badges are not siloed or limited to one site but can be combined with badges from multiple issuers and then shared for different audiences and purposes.  
* Display of badges is where a significant part of the value lies - badges are not siloed or 'stuck' within one site but can be combined with badges from multiple Issuers and then shared out for different audiences/purposes   
* Each earner controls where their badges are displayed through the Backpack.  
* Earner will control where badges are displayed through the Backpack   
* Each earner can create collections of badges and share with displayers that have connected to the [https://github.com/mozilla/openbadges/wiki/Displayer-API Displayer API].  
* Earner can create groups of badges and share through the Backpack to Displayers that have connected via the [https://github.com/mozilla/openbadges/wiki/Displayer-API Displayer API]   
* Earners can also make badges public; those badges are discoverable by displayers if they have the earner's email address.  
* Earners can also make badges public - in that case, those badges would be discoverable by Displayers if they had the Earner’s email address   
* If a site has an earner's email address, they can query that person's Backpack for all of that earner's public badges. The response is a JSON representation of the badges.
* At its most basic: if a site has an Earner's email address, they will be able to query the Backpack for all of Earner's public badges. They will get back JSON representation of the badges


== I. Identity ==
== Identity ==


=== I. OVERVIEW ===
* Identity is a critical component because we need to recognize earners as they collect badges from different issuers.
* Identity is a critical part of the OBI because we need to know/recognize an Earner all across the web as they collect badges from different Issuers/sites 
* It's important to us that identity be open and decentralized.  
* Identity needs to be open and decentralized   
* We are utilizing verified email as a form of identity through the Mozilla product Persona.  
* We are utilizing verified email as identity through the use of the Mozilla product called Persona  
** Additional info: https://wiki.mozilla.org/Identity   
** Mozilla.com is working on a solution called Persona, fka BrowserID, the first version of the Mozilla Verified Email Identity
* Many sites already use email addresses for logins, even those that don't generally collect them.
** Additional info: https://browserid.org/, https://wiki.mozilla.org/Identity
* We don't need to retain any profile or personal information about the earner; all we need is their email address.  
* People understand the concept of an email address
** c.f. They have difficulty understanding OpenID  
* Many sites already use email for login 
** Even those that don't generally collect it (for resetting password)
* We don't need to retain any profile or personal information about the Earner, all we need is the email address.  


=== II. FUNCTIONAL FLOW FOR VERIFYING IDENTITY IN BACKPACK ===   
=== Verifying Identity in Backpack ===   


# User validates identity to Mozilla's Verified Email   
# User validates identity to Mozilla's Verified Email.  
# User creates an account with Mozilla (same as sync account)   
# User creates an account with Mozilla (same as sync account).  
# User asserts which email addresses he or she owns.   
# User asserts which email addresses he or she owns.   
# User does an SMTP challenge (system emails user a token link they must click) to prove ownership
# User does an SMTP challenge (system emails user a token link they must click) to prove ownership.

Latest revision as of 14:42, 29 October 2014

Quick Start

If you or your organization has the technical resources, you can host Mozilla BadgeKit on your servers by downloading the code from Github - a tutorial for this process can be found here.

Alternatively, there are a number of other badge issuing options available if you wish to set something up sooner. Here are some services being offered from our issuing partners: http://bit.ly/Badge_Issuing_Platforms

If you just want to play around with creating badges and are familiar with JSON syntax, check out the Badge Lab. It's a customized tutorial that walks you through creating your very own "hand-made" Open Badge.

Mozilla Open Badge Infrastructure (OBI)

NOTE: For a general introduction to badge issuing with the Mozilla OBI, read on. For more technical documentation, please see our github pages.

Background

Why Are We Doing This?

Learning happens everywhere. Yet it's often difficult to be recognized for skills and achievements that are gained outside of school. Mozilla's Open Badges project is working to solve that problem by making it easy for anyone anywhere to issue, earn, and display badges. The results: broad recognition of 21st century skills and experiences, unlocking of career and educational opportunities, and learners everywhere being able to level up in their lives and work.

Goals

  • Develop badges as a system for alternative accreditation, credentialing, and recognition;
  • Help badges expand beyond siloed environments to be broadly shareable;
  • Truly support earners learning everywhere;
  • Optimize the value of these representations by allowing badges to be remixable and shareable with different audiences;
  • Develop a supporting infrastructure to standardize the process and support each earner;
  • Create an infrastructure that is open and as decentralized as possible to give earners control and support of the entire ecosystem;
  • Provide software and development tools to help organizations implement badging systems.

Description

The Open Badges framework is designed to make badging flexible enough to represent the full range of learning and experience in online and offline life. This requires support for multiple, potentially significantly varied, badge issuers. Empowering earners to use their badges as legitimate credentials also requires support for sharing of badges across many display sites.

Earners can share badges across such varied online environments as personal blogs and social networking channels, tying a variety of achievements to a single identity. It is critical for the infrastructure to be open, to give earners control over how they represent their own learning and experiences, to allow anyone to issue badges, and for each earner to be able to carry their badges with them throughout their online life.

The participants in a badging system are characterized using a few broad groups:

  • Issuers - they create badges, make them available to earners and award them.
  • Earners - they apply for badges and decide where to display them.
  • Displayers - they display badges earned by particular earners (this also involves verifying badges).

You will see these roles described throughout the material you read on Open Badges. This page is aimed at providing an overview of badging for issuers, with an introduction to the technical aspects of issuing.

Last but not least, although not involved directly in badging systems, let's not forget this group of people:

  • Consumers - they include anyone looking at a badge (or badges) earned
    • examples include potential employers, college admin and peers.

Tech Specs

  • The OBI is built in node.js using express.
  • Badges are represented by JSON data blobs embedded in PNG files in the Backpack
  • Identity management is handled by Mozilla Persona

Open Badges Ecosystem

Open Badges -- Tech-diagram-v3 updated.png

Here's an overview of how badging works:

  • An issuer makes a badge available to their community of earners on their website. When awarded the badge, an earner sends it to their Backpack.
    • The badge becomes portable through the Issuer API script, presenting the earner with a modal dialog that requests their consent to add the badge to their Backpack.
    • If the issuer wants the earner to be able to store the badge outside the OBI, they can optionally push it to the Mozilla Baking Service where the assertion URL representing JSON blobs is embedded into PNG files. Otherwise badge baking is handled through the Issuer API.
  • Displayers pull unpacked badges (JSON) out of the Backpack based on earner action and privacy settings.
  • Public badges are discoverable based on earner’s email address, optionally through the Displayer API.
  • Earners can share their badges through their Backpack and grant permission for a particular site to display that collection of badges.
  • Displayers authenticate badges with the issuer using a verification check.

Badge issuing is significantly simplified using BadgeKit, Mozilla's new set of badging tools. The BadgeKit Web app lets issuers create and publish badges through an intuitive interface. An issuer can then present those badges using the BadgeKit API, which also handles reviewing applications - Read more about BadgeKit.

Definitions and Concepts

Badge

A digital representation of a skill, learning achievement or experience. Badges can represent competencies and involvements recognized in online or offline life. Each badge is associated with an image and some metadata. The metadata provides information about what the badge represents and the evidence used to support it.

Open Badge Infrastructure (OBI)

Open infrastructure technology supports independent badge issuers and displayers. Includes the metadata specification, APIs, verification framework, Backpack and software tools.


ROLES

Earner

Someone who earns a badge (either by applying or being directly issued with it). The earner can use their Backpack to manage and share their badges.

Issuer

Organization or individual who issues Open Badges to their community. The issuer is responsible for defining badges, making them available to earners and handling applications for them.

  • Badge issuing can involve participants with various specific roles, such as application assessors, badge creators and administrators.

Displayer

A website, organization, or person who accesses publicly shared Open Badges and displays them for badge earners.


TOOLS

Mozilla Backpack

The core authorized data store and management interface of Mozilla’s reference implementation of the Backpack. Each earner has their own Backpack where their badge data is stored.

Assertion Specification

Badge metadata is represented as an assertion. The assertion specification defines the information within a badge. An assertion includes multiple items of data, such as: badge name and description, issuer, date, criteria URL, evidence URL and badge image URL. The assertion should carry all the information needed to process a badge. This ensures that badges can be fully understood and verified no matter where they are shared.

Badge Baking

A badge is an image combined with assertion data - badge baking embeds assertion data into an image to produce a portable badge.

Issuer API

The Issuer API provides a script for issuers to let earners send badges to the Backpack.

Displayer API

The Displayer API provides specifications for displaying badges beyond the Backpack.

Verification

Displayers are responsible for verifying badges, i.e. checking that a badge is valid and was issued to the person claiming it.

BadgeKit

A new set of tools to simplify badging for issuers - provides an interface for creating and managing badges/ assessing badge applications. The BadgeKit API lets issuers control interaction with their own community of badge earners while supporting much of the badge admin process through a Web app.

See also the BadgeKit and Open Badges Resource list

To explore the concepts and terms in badging and badge issuing, check out the Badging and BadgeKit Glossary

Issuing Badges

An issuer is an organization or individual who designs and issues badges within the ecosystem. The OBI is open and supports any independent issuer who conforms to the necessary badge and issuing specifications. Additionally, issuers can now benefit from the BadgeKit tools, providing they meet specific technical requirements.

Background

  • Issuers determine the badging approach that will work best for their communities.
  • Touchpoints with the OBI occur through interfaces, including sending badges to Backpacks and optionally using BadgeKit.
  • Issuers do not need to register with the OBI - they simply utilize the JavaScript APIs.

Requirements

  • Issuers must have Web hosting facilities including:
    • A server capable of serving requests to the general Internet.
    • The ability to make a POST request from their server backend and read a JSON response.
    • Email addresses for earners (and the ability to email them).
    • Badges structured in the format that the assertion expects - when using BadgeKit this structuring is automated.
    • Earners must be registered with the backpack implementation that the issuer is trying to send their badges to. In the future, the issuer will need to ask the earner which backpack they want to push badges to and honor that request.
  • For verification:
    • For Hosted Assertions - issuers must maintain a server with the Badge Assertion information (at the unique badge URL) to verify each badge.
    • For Signed Assertions:
      • Issuers must generate public/private key pair and maintain the hosted public key.
      • Issuers must sign the badges themselves, sign the whole package, and push badges to earner backpacks through the Issuer JavaScript API.
  • Issuers looking to use BadgeKit have a specific range of options and requirements regarding hosting and technical provision - see the following blog post for more information: Announcing Mozilla BadgeKit.

Badge Creation Flow

Issuers need to:

  1. Have an email address for the earner.
  2. Create and host an assertion on site.
  3. Create and host the badge PNG; this is a single PNG for all badges, not a single physical PNG per issued badge.
  4. Integrate your site with the Backpack via the Issuer API

The Issuer API is a script that can be dropped into any badge issuer's website to provide a way for earners to add an issuer's badges to their Mozilla Backpack (or federated backpacks). There's no need to bake the badges independently as the API takes care of this.

The badge creation flow varies significantly for issuers using BadgeKit. Issuer admins can design and define the data for a badge within the BadgeKit Web app, with BadgeKit handling metadata structuring. Issuers can then present available badges to their earners using the BadgeKit API.

Open Badges related Widgets created by the community

A number of Open Badges widgets and utilities have been developed for integrating badges with various technologies including WordPress, Drupal, Django, Rails, PHP, Java, Moodle, Mahara, Joomla, Blackboard, Google Sites, Canvas, iOS, Android and AJAX.

See the list on GitHub (which is regularly updated).

BadgeKit

BadgeKit builds on a range of tools which have been under continual development for some time, through projects such as Chicago Summer of Learning. These tools include Open Badger and Aestimia.

Backpack

The Mozilla Backpack is an authorized data storage space and management interface for earners of Open Badges. Each earner can access their own Backpack - that lets them manage and share their badges.

  • The Backpack is open source and federated. Earners or issuers can take the code and fork it.
  • Earners may decide to create and host their own Backpack so that they have complete control over their badges.
  • Mozilla has built a reference or default Backpack (the "Mozilla Backpack") which holds all of the badge assertions (hashed user email + badge data) for each earner.

Metadata

Badge metadata is defined as an assertion, which contains multiple required and optional fields. The structure has evolved over time - see the assertion specification for complete details.

Issuers can put a reasonable amount of extra material into a badge, but that material must be static - once the badge is issued, any change to the information must not change. This is to prevent someone from issuing one badge, then sneakily changing it later to another badge unbeknownst to the earner.

Badge Images and Baking

  • A baked badge is a JSON blob of metadata embedded in a PNG file.
  • This allows the badge to be more easily portable - a collection of information that can be emailed, carrying its details with it.
  • Ultimately, this is important for decentralization of the system and will allow earners to have more control over where their badges live.

Baking Service

  • To bake a badge, you must host a badge assertion on your site.
    • The system is designed to:
      • avoid SPAMing the earner with unwanted badges, and
      • give earners ultimate control over where the badges go.
  • Mozilla provides the "tools" for unpacking the PNG file through the OBI.
  • PNG files will be unpacked in the Backpack where each earner can view, manage, and organize their badges (and see all the metadata behind each badge).
  • PNG files are unpacked so that displayers just have the raw data to work with on their end.

If you are building a new system, we strongly recommend using the JavaScript Issuer API or BadgeKit for awarding badges. The tools and APIs take care of the badge baking.

Badge Image Standards

  • Image must be a PNG.
  • Images should be square and not exceed 256kb. They should have dimensions not smaller that 90 x 90.
  • Image is provided as a URL to the image on the issuer server, stored within the metadata.
  • Mozilla will cache the image in at least two sizes.
  • When a badge is displayed, it will be loaded from the Mozilla cache to avoid extra burden on the issuer servers. This also helps if the issuer is not available or the link is broken.
  • When using BadgeKit, issuers can design badges inside the Web app using a graphical tool, or can upload images prepared elsewhere.

Verification

Badge verification involves checking that a badge was issued to the person displaying it, using their email address. Verification affects both issuers and displayers.

  • To avoid gaming and duplication, the OBI is built to support badge verification.
  • This is essential to allow earners to prove the authenticity and validity of their badges. Badges can also have expiry dates, allowing organizations to issue badges for skills which are only valid for a set period of time.
  • The OBI provides the channel for this verification to happen through the Backpack, by communicating with the issuer.
  • Verification is typically carried out by displayers, who should not display a badge that cannot be verified.

Verification Method

The OBI currently supports verification of badges through hosted and signed assertions. The assertion data for a badge contains verification information. For hosted assertions, this includes a URL field representing the assertion hosted on the issuer's server. For signed assertions, it includes a link to the issuer's public key. Displayers can utilize this data to verify badge earners.

The verification process is as follows:

For hosted assertions:

  1. Displayer carries out a GET request on the verification URL from the assertion.
    • If the response is not 200 OK or if the data at the URL is not structurally valid, the badge is treated as invalid.
  2. Displayer analyses content of data at assertion verification URL, which includes recipient email address.
    • Verification can now be achieved by comparing the salted hash value for the recipient (according to the verification data) to the salted hash for the email of the person claiming the badge.
  3. The displayer can optionally check further information in the verification data, including an expiry date if there is one.

For signed assertions:

  1. Displayer unpacks JWS object specified in the assertion verification fields.
    • If the data fails to parse as JSON data, verification fails.
  2. Displayer extracts the verify.url property from the JSON, carries out a GET request on it and stores the public key.
    • If the HTTP status is not 200 OK, verification fails.
  3. Displayer uses the public key to perform JWS verification on the JWS object - if this fails, the badge is considered invalid.
  4. Displayer retrieves the revocation list and checks that the badge ID is not included.

For more about assertions and verification, see the Specification.

Note: for baked badges, verification also involves extracting the assertion URL from the badge image - see the Verifier for more on this.

Functional Flow

  1. Badge (including assertion) exists in the Backpack.
  2. User attempts to display badge via a display site widget.
  3. Display site takes the earner’s email and puts it through a salted hash function.
    • eg. hash (‘hipjoe@example.com’ + salt)
  4. Display site compares the resulting value with the value indicated for the recipient in the badge metadata.
  5. If values match, badge is verified and displayer displays the badge. If not, displayer should reject the badge.

Displayers

Displayers are key to the value of Open Badges for earners. The OBI is designed to support display of badges acquired in various different types of context, letting earners paint a more detailed, complete picture of their skills and experiences.

  • Badges are not siloed or limited to one site but can be combined with badges from multiple issuers and then shared for different audiences and purposes.
  • Each earner controls where their badges are displayed through the Backpack.
  • Each earner can create collections of badges and share with displayers that have connected to the Displayer API.
  • Earners can also make badges public; those badges are discoverable by displayers if they have the earner's email address.
  • If a site has an earner's email address, they can query that person's Backpack for all of that earner's public badges. The response is a JSON representation of the badges.

Identity

  • Identity is a critical component because we need to recognize earners as they collect badges from different issuers.
  • It's important to us that identity be open and decentralized.
  • We are utilizing verified email as a form of identity through the Mozilla product Persona.
  • Many sites already use email addresses for logins, even those that don't generally collect them.
  • We don't need to retain any profile or personal information about the earner; all we need is their email address.

Verifying Identity in Backpack

  1. User validates identity to Mozilla's Verified Email.
  2. User creates an account with Mozilla (same as sync account).
  3. User asserts which email addresses he or she owns.
  4. User does an SMTP challenge (system emails user a token link they must click) to prove ownership.
Retrieved from "https://wiki.mozilla.org/index.php?title=Badges/Onboarding-Issuer&oldid=1029114"