API
This document contains the technical specification of the WOT API v0.4 and it's aimed at developers implementing software that uses WOT services.
Contents
Terms and conditions
Before you continue, notice that in addition to the Terms of Service, which apply to all WOT services, the API Terms of Service apply for using the API.
Registration
You need an API key to use the public API. In order to request a key, you need a WOT account. Once you have an account, you can request your API key from this page. After you have requested a key, you will see an API tab in your profile where you can update the information and access the key.
Note: any previous public APIs that did not require registration are deprecated.
Introduction
The WOT reputation system computes website reputations using information received from users and other sources. This section contains a brief introduction to some of the concepts you will need to know to develop applications that use reputation data.
Targets
Reputations are computed for websites, or targets, which are identified primarily by their DNS names. If a DNS name is not available for a target, an IPv4 or IPv6 address may be used instead. WOT also supports Internationalized Domain Names (IDN), which must be encoded to an ASCII representation as described in RFC 3490. For example:
ääkkönen.fi = xn--kknen-fraa0m.fi
Reputations
Reputations are measured for targets in several components, or applications. For each {target, application} pair, the system computes two values: a reputation estimate and the confidence in the reputation. Together, these indicate the amount of trust in the target in the given component.
Components
Reputation components are identified by numbers. These are the current components and their interpretations:
| Component | Description | Example |
|---|---|---|
| 0 | “Trustworthiness” | “Do you trust this website? Is it safe to use? Does it deliver what it promises?” |
| 1 | “Vendor reliability” | “Is the site safe for buying and selling, or for business transactions in general?” |
| 2 | “Privacy” | “Can you trust the site owner, safely supply personal information, and download files? ” |
| 4 | “Child safety” | “Does the site contain age-inappropriate material?” |
Reputation and confidence
The reputation r ∊ {0, ..., 100} is the estimate of the collective trust for the target in the given component. The higher the value, the more the community trusts the website. The confidence c ∊ {0, ..., 100} indicates the estimated reliability of the reputation r for the {target, application} pair. Again, the higher the value, the more reliable the system considers the reputation estimate. These are the current interpretations for these values:
| Reputation | Description | Symbol |
|---|---|---|
| ≥ 80 | “Excellent” | 
|
| ≥ 60 | “Good” | 
|
| ≥ 40 | “Unsatisfactory” | 
|
| ≥ 20 | “Poor” | 
|
| ≥ 0 | “Very poor” | 
|
| Confidence | Description | Symbol |
| ≥ 45 | “5 / 5” | 
|
| ≥ 34 | “4 / 5” | 
|
| ≥ 23 | “3 / 5” | 
|
| ≥ 12 | “2 / 5” | 
|
| ≥ 6 | “1 / 5” | 
|
| ≥ 0 | “0 / 5” | 
|
Requests
The API consists of a number of interfaces, all of which are called using normal HTTP GET requests to api.mywot.com and return a response in XML or JSON format if successful. HTTP status codes are used for returning error information and parameters are passed using standard URL conventions. The request format is as follows:
http://api.mywot.com/version/interface?param1=value1¶m2=value2
TLS encryption can be used with all interfaces if requests are made from a secure web page to the reputation API, for example.
Documentation: Reputation API
public_link_json2
The public_link_json2 API is used for requesting reputations for multiple targets.
Parameters
| hosts |
| A list of target names separated with a forward slash (“/”). For example, www.example.com/another.example.net/onemore.example.org/. The value must end with a slash and must include at most 100 target names. Note: the full request path must also be less than 8 KiB or it will be rejected. |
| callback (optional) |
| The name of the callback function for a response in the JSONP (JSON with Padding) format. |
| key |
| Your API key. |
Return codes
If the call is successful, the returned HTTP status code is 200. If a server-side error occurred, the status code is 500. If the request included an invalid API key or incorrect parameters, the status code is 403.
Output
The API returns a reputations and confidences for all applications in a JSON or a JSONP format, depending on whether the callback parameter is specified in the request. The format is as follows:
- The response object has one attribute for each target, named by the unchanged target name given in the hosts parameter.
- Each target object has a target attribute, which contains the normalized target name.
- Each target object also has zero or more application attributes with names ∊ {“0”,“1”, ...}.
- Each application attribute contains an array with {r, c} values for the application. If the reputation for an application is not known, the corresponding application attribute is omitted from the output.
Example
Request:
http://api.mywot.com/0.4/public_link_json2?hosts=example.COM/www.EXAMPLE.NET/&callback=process&key=<your API key>
Response:
process({
"example.COM": {
"target": "example.com",
"0": [ 91, 53 ],
"4": [ 93, 53 ]
},
"www.EXAMPLE.NET": {
"target": "example.net",
"0": [ 96, 43 ]
}
})
