Introducing — BadgeBot: The World’s First Open Badges Issuing Twitter Bot
One of the often discussed challenges of Open Badges is what to use to identify the recipients (or earners) of badges. For a long while, Open Badges could only be issued to email addresses. For at least a couple of reasons this was not a great solution: 1) email is not an identifier, 2) what happens when the badge earner doesn’t have access to that email anymore or leaves a job or school?
Then, in late 2016, the recipient property was expanded to include URLs. Most platforms still use email but this opened up the possibility of using other identifiers that could be verified using a URL. This means that profile URLs from services like Twitter could be used as the value for the recipients of Open Badges.
With that in mind, it seemed like a good idea to dust off an old concept of Twitter issued badges that I’d shelved. Inspired by the community-based learning at Participate.com, I started thinking about what it would look like if people could issue badges to each other or to themselves with the help of a bot that would listen to their requests and respond with Open Badges. Out of this came Badgebot.io, the world’s first Open Badges issuing Twitter bot.
This week at the ePIC 2019 Open Recognition conference in Lille, France, Badgebot.io was launched in coordination with the addition of Twitter authentication to the Badgr backpack. It was launched with two badges:
- You Rock! Badge — The inaugural BadgeBot badge which Twitter users can send to other users to recognize them for being awesome.
- ePIC 2019 Badge — A self-issuing badge in which attendees of the conference can request be issued to their Twitter accounts.
@badgebotio is a Twitter app that checks its timeline for tweets that meet the criteria of these badges. If the criteria are met, the bot generates the badge data, saves it to a public GitHub gist file and then posts a status update mentioning the earner/recipient. The earned badge is available for viewing, sharing, downloading (as a baked Open Badge), and sending to the Badgr backpack on a page at badgebot.io (See a list of You Rock! Badge earners).
BadgeBot is a tool that encourages Open Recognition and uses the Open Badges specification to provide earners with portable and verifiable credential data. Open Recognition embraces concepts like recognizing skills, achievements, roles, participation, etc… that happen anywhere, at any time by anyone. It expands credentialing beyond the existing top-to-bottom systems to the possibilities of leveling out opportunities and the recognition of human value in a myriad of other ways including peer-to-peer and self-recognition.
Depending on the decision of the issuing platform, Open Badges can be verified by referencing the hosted JSON data or if the badge is cryptographically signed, by verifying the hosted private key. Either way, the issuing platform is on the hook for hosting badge data. Otherwise, the badge is not verifiable and if a badge is not verifiable, it may no longer be valid. This would be a problem for a prototype app like BadgeBot which may not be available forever to host badge data.
When it comes to hosting data, BadgeBot takes a different angle than other Open Badges issuing platforms. Badgebot.io is a displayer of the badges and the evidence for each badge is the tweet that generated it. It hosts data on public gists. In fact, Badgebot.io doesn’t use a database at all. It runs entirely on Twitter and Github gists. This makes sense because you can host public JSON files in gists, gists have revisions so you can see if the badge data changed at all (making them even more verifiable), and Github has an api to access, write and update gists. This means that Open Badges issued by Badgebot (example) have readily accessible, verifiable, public data tied to a public Twitter stream.
Because the data is public and the Twitter activity is public, there are no private badges issued by BadgeBot. But this also means that there is complete transparency. Badge earners don’t need a login for badgebot.io to control their badges. Each earned badge has its own unique hashtag that badge earners may use to delete their badges by simply tweeting it to @badgebotio. BadgeBot will only accept that request from the username who is the recipient of the badge. Once the tweet is received, it will delete the gist that is hosting the assertion data.
There are some shortcomings to discuss (in terms of using outside services like Twitter and Github). Twitter is (rightfully) persnickety about bot apps. Even inadvertently breaking rules will get you grounded. This week, BadgeBot was turned off twice due to code issues that caused duplication of tweets that looked like spam. Also, right now even though the bot sends updates with mentions of the username, the user doesn’t receive a notification.
Updates to gists are not always available in real-time and this can delay when a badge is accessible. Querying a gist can sometimes be slow so a page at badgebot.io may take a few seconds longer to load. And while hosting the data on gists seems like an ideal longer-term solution and it’s great that Microsoft provides this service, that may not always be the case.
So this isn’t a foolproof solution by any means, but it can spur some thinking about Open Recognition and other ways to use services to issue and understand Open Badges. The code is open and available at Badgebot’s github account. You will see that several issues have already been submitted. Feel free to submit more issues and/or roll your sleeves up and submit some pull requests. If you are interested in supporting BadgeBot resources, pushing the concept forward, and/or creating a badge to be issued on BadgeBot, please DM @badgebotio, contribute to Open Recognition Alliance (ORA), or reach out to me directly. In the meantime, please follow @badgebotio and send some YouRock! Badges to the people you admire.