Reading the TrustScore¶
When users finish the process in Traity, they will redirected to the url you specified in the callback_url
parameter during the widget session’s link initialization. A GET call will be made to that url
and it will include a parameter called request that will be needed to read user’s TraityScore from your site.
There are two approaches to read a user’s score. One is using the secret you got while creating your app in our Developers’ dashboard and second one is to use the decentralized option, where you can use your own blockchain keys to sign the request and get access to the user’s score. In both cases, a bearer token will be generated and you will be to read the users score by making a GET http request to the following URI:
https://rg.traity.com/score
a) Using your application secret:
If you are using your app secret, you just need to generate a new JWT token signed with it.
This new token should contain the payload you just received and should be included inside the Authorization header as a bearer token as follows:
require 'jwt'
authorization = JWT.encode({ request: params[:request] }, ENV['APP_SECRET'], 'HS512')
response = Faraday.get('https://rg.traity.com/score',
nil,
'Authorization': "Bearer #{authorization}").body
score = JSON.parse(response)
require 'jwt'
authorization = JWT.encode({ request: params[:request] }, ENV['APP_SECRET'], 'HS512')
response = Faraday.get('https://rg.traity.com/score',
nil,
'Authorization': "Bearer #{authorization}").body
score = JSON.parse(response)
<?php
// php-jwt is used in this example: https://github.com/firebase/php-jwt
use \Firebase\JWT\JWT;
$url = 'https://rg.traity.com/score';
$authorization = JWT::encode(array('request' => $_GET['request']), APP_SECRET);
$header = array('Accept: application/json',
'Authorization: Bearer '.$authorization);
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_HTTPHEADER, $header);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_HTTPGET, true);
$reply = curl_exec($curl);
//error handling for cURL
if ($reply === false) {
throw new Exception('Curl error: ' . curl_error($curl));
}
curl_close($curl);
$decoded_data = json_decode($reply, true);
echo '<pre>';
print_r($decoded_data);
?>
Successful requests made to the score endpoint will return responses similar to this:
{
"score": 89.0,
"breakdown": {
"online_identity": 72.0,
"behavioural_reputation": 63.0
"network": 80.0,
}
}
Warning
User’s permission will last 24 hours starting at the moment the process of building the TrustScore is completed. An error will be raised if score is tried to be accessed with the same token after that period of time.
See also
Reputation Gateway is based on REY, the decentralized risk scoring protocol. More information about the permission JWT token and its different claims can be found at https://rey.readthedocs.io/en/latest/contents/reference.html