Changes

Badges/Onboarding-Issuer

2,619 bytes removed, 19:55, 20 March 2014

General updating/ restructuring - in progress.

== A. Mozilla Open Badge Infrastructure (OBI) == NOTE: The documentation below is for general on-boarding. ~~If you want~~ For an overview of badge issuing with the Mozilla OBI, read on. For more technical documentation, please see our [https://github.com/mozilla/openbadges/blob/development/docs/apis/issuer_api.md github pages].

=== ~~I. BACKGROUND~~ Background ===

==== Why Are We Doing This? ====

* Develop badges as a system for alternative accreditation, credentialing, and recognition;

* Help badges expand beyond siloed environments to be broadly shareable;

* Truly support ~~learners~~ earners learning everywhere;

* Optimize the value of those badges by allowing badges to be remixable and shareable with different audiences;

* Develop a supporting infrastructure to standardize the process and support each ~~learner~~earner;* Create an infrastructure that is open and as decentralized as possible to give ~~learners~~ earners control and support of the entire ecosystem;* Provide software and development tools to help organizations implement badging systems.

==== Description ====

~~Enabling learners~~ The Open Badges framework is designed to enable people to earn badges ~~wherever they're learning~~ across the ~~web~~ Web - this requires support for multiple individual badge issuers. Empowering ~~learners~~ earners to use their badges as legitimate credentials also requires support for sharing of badges across many display sites. The ~~Open Badges~~ framework ~~is designed to allow any learner~~ potentially allows the earner to both collect and display badges ~~from~~ in multiple ~~sites~~contexts, tied to a single identity~~, and then~~ . Earners can share ~~them out~~ badges across ~~various sites, including~~ such varied online environments as personal blogs to and social networking channels. It is critical for this infrastructure to be open , to give ~~learners~~ earners control over how they represent their own learning and ~~credentials~~experiences, to allow anyone to issue badges, and for each ~~learner~~ earner to carry their badges with them ~~across the Web and other contexts~~throughout their online life.

=== ~~II. TECH SPECS~~ Tech Specs ===

* The OBI is built in node.js using express.

* ~~[https://wiki.mozilla.org/~~Badges~~/Onboarding-Issuer#C._Badge Badges]~~ are represented by JSON data blobs embedded in PNG files in the [http://beta.openbadges.org/backpack/ Backpack]* ~~[https://wiki.mozilla.org/Badges/Onboarding-Issuer#I._Identity~~ Identity] management is handled by ~~Mozilla’s Persona (fka BrowserID)~~ [~~link: https://browserid.org/,~~ http://identity.mozilla.com/Mozilla Persona]

=== ~~III. OPEN BADGES ECOSYSTEM ===~~ ~~==== Diagram =~~Open Badges Ecosystem ===

[[Image:Tech-diagram-v3 updated.png|700px|Open Badges -- Tech-diagram-v3 updated.png]]'''<br>'''

~~==== Overview ====~~* An ~~issuing organization or individual~~ issuer makes a badge ~~or series~~ available to their community of ~~badges available~~ earners on their website ~~and prompts their community to earn them~~. ~~The~~ When awarded the badge, an earner sends ~~the badge~~ it to their Backpack.** The badge becomes portable through the [https://github.com/mozilla/openbadges/wiki/Issuer-API Issuer API] ~~which provides~~ script ~~to present~~ , presenting the earner with a modal dialog that requests their consent to add the ~~issuer's~~ badge~~(s)~~ to their Backpack.** ~~Issuer~~ If the issuer wants the earner to be able to store the badge outside the OBI, they can ~~also~~ optionally push ~~badges~~ it to the [https://github.com/mozilla/openbadges/wiki/Badge-Baking Mozilla Baking Service] where the assertion URL representing JSON blobs is embedded into PNG files** n.b. This is only necessary if the issuer wants the earner to have the ability to store badges outside of the OBI. Otherwise badge baking is handled through the ~~[https://github.com/mozilla/openbadges/wiki/Issuer-API~~ Issuer API].

* Displayers pull unpacked badges (JSON) out of the Backpack based on earner action and privacy settings.

* Public badges are discoverable based on earner’s email address.

* Earners can share their badges through their Backpack and grant permission for a particular site to display that collection of badges.

* Displayers authenticate badges with the ~~Issuer~~ issuer using a verification check. ''Badge issuing is significantly simplified using BadgeKit, Mozilla's new set of badging tools. The BadgeKit Web app lets issuers create and publish badges through an intuitive interface. An issuer can then present those badges using the BadgeKit API, which also handles reviewing applications - [~~https:~~[Badges/~~/wiki~~badgekit|Read more about BadgeKit]].~~mozilla~~'' === Definitions and Concepts === '''Badge''' A digital representation of a skill, learning achievement or experience.~~org/~~Badges~~/Onboarding-Issuer#G~~can represent competencies and involvements recognized in online or offline life. Each badge is associated with an image and some metadata. The metadata provides information about what the badge represents and the evidence used to support it. '''Open Badge Infrastructure (OBI)''' Open infrastructure technology supports independent badge issuers and displayers.~~_Verification Verification] check~~Includes the metadata specification, APIs, verification framework, Backpack and software tools. '''''ROLES''''' '''Earner'''

Someone who earns a badge (either by applying or being directly issued with it). The earner can use their Backpack to manage and share their badges. '''Issuer''~~BadgeKit, Mozilla~~'~~s new set of badging tools~~ Organization or individual who issues Open Badges to their communities. The issuer is responsible for defining badges, making them available to earners and handling applications for badges.* Badge issuing can ~~significantly simplify the issuing process - [[Badges/badgekit|Read more about BadgeKit]]~~involve participants with various specific roles, such as application assessors, badge creators and administrators. '''Displayer'''

~~=== IV. DEFINITIONS/KEY TERMS ===~~

~~;Badge~~

~~The core currency of exchange. A single signal that demonstrates a skill, achievement, interest, or affiliation.~~

~~;Open Badge Infrastructure (OBI)~~

Open infrastructure technology supports independent badge issuers, display sites, and reference implementation of the badges Backpack. Includes the metadata spec, APIs, verification framework, and badges Backpack.

~~;[https://wiki.mozilla.org/Badges/Onboarding-Issuer#D._Mozilla-Backpack Mozilla Backpack]~~

~~The core authorized data store and management interface of Mozilla’s reference implementation of the Backpack. Each earner has their own Backpack where their badges data is stored.~~

~~;[https://wiki.mozilla.org/Badges/Onboarding-Issuer#E._Metadata_Spec Metadata Spec]~~

The definition of the information behind the badge. Each badge features a set of metadata that describes the badge, including badge name, badge issuer, date of issue, criteria URL, evidence URL, and standards URL.

~~;[https://github.com/mozilla/openbadges/wiki/Badge-Baking Badge Baking]~~

~~Embedding the assertion URL (which points to all metadata) into a PNG file to create a fully robust, portable badge.~~

~~;[https://github.com/mozilla/openbadges/wiki/Issuer-API Issuer API]~~

~~Interface specifications for sending badges to the Backpack.~~

~~;[https://github.com/mozilla/openbadges/wiki/Displayer-API Displayer API]~~

~~The interface specifications for expanding badges beyond the Backpack (including display sites and widgets).~~

~~;Verification API~~

~~Communication channels and framework to support badge verification.~~

~~;Endorsement API~~

~~Communication channels and framework to support badge endorsement, including focuses on valid signatures.~~

* n.b. Endorsement employs the same signing mechanism as Badge Verification

~~;Badge Earner~~

A learner who stores their badges and engages with the Open Badges Infrastructure. This learner has had interactions with issuers to earn badges and uses their Backpack to manage and share those badges.

~~;Issuer~~

~~Organization or individual who issues Open Badges to their communities.~~

~~;Displayer~~

A website, organization, or person who accesses publicly shared Open Badges and displays them for badge earners.

~~;Endorser~~

~~An organization or individual who “endorses” a badge by signing it with their private encryption key. Trusted third party signers may emerge.~~

~~;[[Badges/badgekit|BadgeKit]]~~

A new set of tools to simplify badging for issuers - provides an interface for creating and managing badges/ assessing badge applications. The BadgeKit API lets issuers control interaction with their own community of badge earners.

~~== B. Issuer ==~~

'''''TOOLS''''' '''Mozilla Backpack''' The core authorized data store and management interface of Mozilla’s reference implementation of the Backpack. Each earner has their own Backpack where their badge data is stored. '''[https://github.com/mozilla/openbadges-specification/blob/master/Assertion/latest.md Assertion Specification]''' Badge metadata is represented as an [https://wiki.mozilla.org/Badges/Onboarding-Issuer#Assertion assertion]. The assertion specification defines the information within a badge. An ~~organization or individual who issues designs~~ assertion includes multiple items of data, such as: badge name and description, issuer, date, criteria URL, evidence URL and ~~issues~~ badge image URL. The assertion should carry all the information needed to understand a badge. This ensures that badges can be fully understood and verified no matter where they are shared. '''[https://github.com/mozilla/openbadges/wiki/Badge-Baking Badge Baking]''' A badge is an image combined with assertion data - badge baking embeds an assertion into an image to produce a portable badge. '''[https://github.com/mozilla/openbadges/wiki/Issuer-API Issuer API]''' The Issuer API provides a script for issuers to let earners send badges to the ~~ecosystem~~Backpack. '''[https://github.com/mozilla/openbadges/wiki/Displayer-API Displayer API]''' The ~~OBI is open~~ Displayer API provides specifications for displaying badges beyond the Backpack. '''[https://github.com/mozilla/openbadges-verifier Verification] The Verifier extracts badge data to verify earners. '''[[Badges/badgekit|BadgeKit]]''' A new set of tools to simplify badging for issuers - provides an interface for creating and ~~supports any independent issuer who conforms to~~ managing badges/ assessing badge applications. The BadgeKit API lets issuers control interaction with their own community of badge earners while supporting much of the ~~necessary~~ badge admin process through a Web app. See also the [https://github.com/mozilla/openbadges-badgekit/wiki/BadgeKit-and-Open-Badges-Resources BadgeKit and ~~issuing specifications.~~ Open Badges Resource list]

~~=== I. BACKGROUND ===~~* Issuers completely determine To explore the ~~content~~ concepts and terms in badging and ~~criteria behind their~~ badge ~~systems. They know their communities best.~~* The touchpoint with issuing, check out the ~~OBI occurs when earners send their badges to the designated Backpack.~~* Issuers do not need to register with the OBI; they simply send badges to earner's Backpacks utilizing the Issuer Javascript API[https://github.com/mozilla/openbadges-badgekit/wiki/Glossary Badging and BadgeKit Glossary]

==Issuing Badges = II= An issuer is an organization or individual who designs and issues badges within the ecosystem. ~~REQUIREMENTS~~ The OBI is open and supports any independent issuer who conforms to the necessary badge and issuing specifications. Additionally, issuers can now benefit from the [https://wiki.mozilla.org/Badges/badgekit BadgeKit] tools, providing they meet specific technical requirements. === Background ===* Issuers determine the badging approach that will work best for their communities.* Touchpoints with the OBI occur through various interfaces, including sending badges to Backpacks and using BadgeKit.* Issuers do not need to register with the OBI - they simply utilize the JavaScript APIs. === Requirements ===* Issuers must have ~~web~~ Web hosting facilities including:** A server capable of serving requests to the general Internet.* ~~Issuers must have hosting ability.~~* ~~Issuers must have~~ The ability to make a POST request from their server backend and read a JSON response.* ~~Issuers must have email~~ * Email addresses for earners (and ~~must be able~~ the ability to email ~~earners~~them). * ~~Issuers must have badges (or be able to convert their badges) into~~ * Badges structured in the format ~~(metadata spec)~~ that the ~~Assertion~~ assertion expects- when using BadgeKit this structuring is automated. ** Earners must be registered with the backpack implementation that the issuer is trying to send their badges to. ''In the future, the issuer will need to ask the earner which backpack they want to push badges their to and honor that request. ''

* For verification:

** ~~If doing~~ For Hosted Assertions ~~(currently available).~~*** Issuers - issuers must maintain a server with the Badge Assertion information (at the unique badge URL) to verify each badge. ** ~~If doing~~ For Signed Assertions.:

*** Issuers must generate public/private key pair and maintain the hosted public key.

*** Issuers must sign the badges themselves, sign the whole package, and push badges to earner backpacks through the Issuer ~~Javascript~~ JavaScript API.

* Issuers looking to use [[Badges/badgekit|BadgeKit]] have a specific range of options and requirements regarding hosting and technical provision - see the following blog post for more information: [http://openbadges.tumblr.com/post/78764181250/announcing-mozilla-badgekit Announcing Mozilla BadgeKit].

=== ~~III. BADGE CREATION FLOW~~ Badge Creation Flow ===

# Have an email address for the earner.

# Integrate your site with the Backpack via the Issuer API

''The Issuer API is a script that can be dropped into any badge issuer's website to provide a way for earners to add an issuer's badges to their Backpack or federated backpacks. There's no need to bake the badges independently as the API takes care of this.''

'''''The badge creation flow varies significantly for issuers using [[Badges/badgekit|BadgeKit]]. Issuer admins can design and define the data for a badge within the BadgeKit Web app, with BadgeKit handling badge ~~assertions~~data structuring. Issuers can then present available badges to their earners using the BadgeKit API.'''''

=== ~~IV. OPEN BADGES Related~~ Open Badges related Widgets created by the community ===* https://github.com/lmorchard/django-badger -- Issuing app for Django* https://github.com/PRX/badges_engine -- Rails Engine for issuing.* https://github.com/openmichigan/open_badges -- Drupal module for managing/issuing badges~~n.b. Updated list can be found here: https://github.com/mozilla/openbadges/wiki/Open-Badges-related-widgets~~

~~=== V.~~ A number of Open ~~Badger ===OpenBadger will be a lightweight OBI compliant badge issuing platform. It will soon make creating~~ Badges widgets and ~~issuing~~ utilities have been developed for integrating badges ~~easy for non-technical users.We've done some [https://github.com/mozilla/OpenBadger/wiki/Speculation speculation] but more to come on the [https://github.com/mozilla/openbadger Open Badger github]~~with various technologies including WordPress, Drupal, Django, Rails, PHP, Java, Moodle, Mahara, Joomla, Blackboard, Google Sites, Canvas, iOS, Android and AJAX.

~~== C~~See [https://github.com/mozilla/openbadges/wiki/Open-Badges-related-widgets the list] on GitHub (which is regularly updated). ~~Badge ==~~

* Representation - Assertion URL representing chunks of JSON data embedded into a PNG file.* [https://github.com/mozilla/openbadges/wiki/Assertions Badge Assertion aka Badge Manifest] - Earner identity information (<algorithm>$<hash(email + salt)>) plus badge information (JSON metadata). * Verified Badge - Badges that have an Assertion URL. The OBI currently supports verification of badges through Hosted Assertions. When the issuer sends a badge, metadata is pushed to a unique and persistent URL (the assertion URL). The issuer maintains badge Assertion and displayers can ping the assertion URL to confirm verification. * Endorsed Badge - Badges that have been signed by a third party or endorser. The Backpack verifies the signature against the signer’s public key, and if confirmed, accepts the badge as an endorsed badge. The endorsement information is represented with the badge as a layer of trust on the badge’s validity. ** n.b. On [https://wiki.mozilla.org/Badges/roadmap development roadmap] for 2013.=== BadgeKit ===

~~== D~~[https://wiki.mozilla.org/Badges/badgekit BadgeKit] builds on a range of tools which have been under continual development for some time through projects such as Chicago Summer of Learning. These tools include [https://github.com/mozilla/openbadger/blob/v2.0/docs/api.md Open Badger] and [https://github.com/mozilla/aestimia Aestimia]. ~~Backpack ==~~

== Backpack == The Mozilla Backpack is an authorized data storage space and management interface for earners of Open Badges. Each earner can access their own Backpack - that ~~holds all of their badges and gives~~ lets them ~~an interface to~~ manage and share their badges.

* The Backpack is open source and federated. Earners or issuers can take the [https://github.com/mozilla/openbadges code] and fork it.

* Earners may decide to create and host their own Backpack so that they have complete control over their badges.

* Mozilla has built a reference or default Backpack (the "Mozilla Backpack") which holds all of the badge Assertions (hashed user email + badge data) for each earner.

== ~~E. Metadata Spec~~ Assertion ==

~~=== I. OVERVIEW ===~~* A badge Badge metadata is defined as an assertion ~~URL representing chunks of JSON data embedded into a PNG file~~, which contains multiple required and optional fields.* The ~~metadata should carry all~~ structure has evolved over time - see the ~~information needed to understand a badge~~[https://github. ~~This ensures that badges can be fully understood and verified no matter where they are shared~~com/mozilla/openbadges-specification/blob/master/Assertion/latest.* This is the data presented in the Assertion URL on the issuer's servermd assertion specification] for complete details.

~~=== II. FIELDS ===~~* Required** recipient: Salted hash Issuers can put a reasonable amount of ~~the email address for the earner receiving~~ extra material into the badge.** salt: The salt used in the hash construction of the recipient’s email address.** badge: The structure describing the badge. *** version: The version of the badge*** name: Human, but that material must be static -~~readable name of~~ once the badge ~~being issued. Maximum of 128 characters.~~*** image: URL for image representing the badge. Should be a square and in PNG format. Maximum size is ~~256kb.~~*** description: Description of the badge being issued~~. Maximum of 128 characters.~~*** criteria: URL describing the badge and criteria for earning the badge (, any change to that information must not ~~the specific instance of the badge).~~*** issuer: Information about the issuer: **** origin: Origin of the issuerchange. This is ~~the <protocol>://<host>:<port>. Must match the origin of the Hosted Assertion (and in the future, the origin of the public key).~~**** name : Human-readable name of the issuing agent.* Optional** evidence: Earner-specific URL with information about this specific badge instance. Should contain information about how the individual earner earned the badge.** expires: Date when the badge expires. If omitted, the badge never expires. *** standard: Information about a governing institution or standard that a badge is related to.*** The badge is not removed prevent someone from ~~the earner’s Backpack after the expiration date; there will be some visual/technical indicator that the~~ issuing one badge ~~is expired and needs to be re-upped. Must be formatted "YYYY-MM-DD" or a unix timestamp.~~** issued_on: Date when badge was issued. If omitted, ~~the issue date will be set~~ then sneakily changing it later to ~~the date the~~ another badge ~~was pushed~~ unbeknownst to the ~~Backpack. Must be formatted "YYYY-MM-DD" or a unix timestamp.~~** issuer: Information about the Issuer:*** org: (OPTIONAL) Organization for which the badge is being issued. An example is if a scout badge is being issued, the "name" of the Issuer could be "Boy Scouts" and the "org" could be "Troop #218".*** contact: (OPTIONAL) A human-monitored email address associated with the Issuerearner.

Issuers can put a reasonable amount of extra material into the badge, but that material must be static -- once the badge is issued, any change to that information must not change. This is to prevent someone from issuing one badge, then sneakily changing it later to another badge unbeknownst to the earner. == Badge Images and Baking ==

~~== F. PNG Files / Badge Baking Service ==~~

~~=== I. BACKGROUND ===~~

* Each badge is a JSON blob of metadata embedded in a PNG file.

* This allows the badge to be more easily portable - an actual collection of information that can be emailed around and portable while still carrying its details with it.

* Ultimately, this is important for decentralization of the system and will allow earners to have more control over where their badges live.

=== ~~II. BETA: BAKING SERVICE~~ Baking Service ===

* ~~REQUIREMENTS:~~ To bake a badge, you must ~~be hosting~~ host a badge Assertion on your site. ** See the Assertions page for details: https://github.com/mozilla/openbadges-specification/~~wiki~~blob/master/~~Assertions~~* Issuers will still send the badge Assertion to Mozilla, but instead of sending it directly to the Backpack, they will now send it to the Mozilla Baking Service. Then Mozilla will package it into a PNG and deliver back to the issuer who can then send to the earner/latest. md** The ~~purpose of this~~ system isdesigned to:*** ~~A) to~~ avoid SPAMing the ~~Earner~~ earner with unwanted badges, and *** ~~B) to~~ give ~~the Earners~~ earners ultimate control over where the badges go. ** n.b. If you are building a new system, we strongly recommend using the Javascript Issuer API for awarding badges. The API takes care of the badge baking for the Issuer.

* Mozilla provides the "tools" for unpacking the PNG file through the OBI.

* PNG files will be unpacked in the Backpack where each earner can view, manage, and organize their badges (and see all the metadata behind each badge).

* PNG files will be unpacked for the Displayer API so that Displayers will just have the raw data to work with on their end.

''If you are building a new system, we strongly recommend using the JavaScript Issuer API or BadgeKit for awarding badges. The tools and APIs take care of the badge baking.'' === ~~III. BADGE IMAGE STANDARDS~~ Badge Image Standards ===

* Image must be a PNG.

* Images should be square and not exceed 256kb. They should have dimensions not smaller that 90 x 90.

* Image is provided as a URL to the image on the issuer server in the metadata.

* Mozilla will cache the image in at least two sizes.

* When a badge is displayed, it will be loaded from the Mozilla cache to avoid extra burden on the issuer servers. This also helps if the issuer is not available or the link is broken. * When using BadgeKit, issuers can design badges inside the Web app using a graphical tool, or can upload images prepared elsewhere.

== G. Verification ==

~~=== I. OVERVIEW ===~~

* To avoid gaming and duplication, the OBI is built to support badge verification.

* This ~~helps handle~~ is essential to allow earners to prove the ~~questions~~ authenticity and validity of ~~"Did this Issuer issue this badge~~ their badges. Badges can also have expiry dates, allowing issuer to ~~this earner on this date? Is this badge still valid or has it expired?"~~ implement time-sensitive badges, for example in continuous professional development scenarios.* The OBI provides the channel for this verification to happen through the Backpack but must communicate with the ~~Issuer~~issuer.

* The issuer must be online to verify badges. (We are exploring a cache to cover verification for a set amount of time).

* Most verification will be done by displayers. Displayers should not display a badge that cannot be verified.

=== ~~II. VERIFICATION METHOD~~ Verification Method ===

* The OBI currently supports verification of badges through Hosted Assertions. When an issuer sends a badge using the OBI, metadata is pushed to a unique and persistent URL (the Assertion URL). The issuer maintains the badge Assertion and displayers can ping the assertion URL to verify the badge.

** A displayer puts the earner’s email address through a salted hash function and sees if it matches with the hash value indicated for the recipient in the badge metadata. If values match, the badge belongs to the earner and can be claimed.

** If a badge is verified initially but it becomes unverified in the future, the earner is notified.

=== ~~III. FUNCTIONAL FLOW~~ Functional Flow ===

# Badge (within it, its assertion) exists in the Backpack.

# If values match, badge is verified and displayer displays the badge. If not, displayer should reject the badge.

== H. Displayers ==

* Display of badges is where a significant part of the value of this approach lies. Badges are not siloed or limited to one site but can be combined with badges from multiple issuers and then shared for different audiences and purposes.

* Each earner will control where badges are displayed through the Backpack.

* If a site has an earner's email address, they will be able to query that person's Backpack for all of that earner's public badges. They will get back JSON representation of the badges.

== I. Identity ==

~~=== I. OVERVIEW ===~~

* Identity is a critical component because we need to recognize earners as they earn badges from different issuers.

* It's important to us that identity be open and decentralized.

* We are utilizing verified email as a form of identity through the Mozilla product Persona.

** Additional info: ~~https://browserid.org/,~~ https://wiki.mozilla.org/Identity

* Many sites already use email addresses for logins, even those that don't generally collect them.

* We don't need to retain any profile or personal information about the earner; all we need is their email address.

=== ~~II. FUNCTIONAL FLOW FOR VERIFYING IDENTITY IN BACKPACK~~ Verifying Identity in Backpack ===

# User validates identity to Mozilla's Verified Email.

Suesmith

Confirm

20

edits

Changes

Badges/Onboarding-Issuer

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

How to Contribute

MozillaWiki

Around Mozilla

Tools