Klout quietly transforming into platform via APIs, OAuth

Klout is quietly piloting with developers its new OAuth API and KloutPass authentication verification as first steps in a larger strategy to become a platform and offer its data through other apps.

Klout.com is working on a new API and a feature called KloutPass that will eventually open the site’s trove of end-user influence data for developers to integrate into Web-based and mobile applications.

The company, which calculates an end-user’s social media influence, last week quietly released a developer preview of its new OAuth API, based on the OAuth 2.0 protocol recently approved by the Internet Engineering Task Force.

In addition, Klout released KloutPass, which uses the OAuth API to allow developers to authenticate and register application users via Klout.

Together the two will form a pipeline for app developers to get at Klout data securely via  user authentication and integrate that data with other applications or services.

The company says is has 7,000 developers currently working with its API platform, which now features Partner API v2 (version 1 will be retired Dec. 31).

There are plans for a more widespread general pilot and a consumer launch of the OAuth API and KloutPass, but there is no set timeframe, according to the company.

Klout wants to turn from being a destination Web site where users can check their influence, into a platform where that data can be shared within client-based applications or between applications such as helping retailers determine discounts for Klout-scored influencers who might then promote products they have purchased.

“The biggest piece we want to impress is that this is part of a larger platform play,” said Tyler Singletary, developer evangelist and business integration manager at Klout. “We are not trying to take over identity log-ins from Facebook or Twitter, we’re trying to bring the Klout.com experience to other places, be it shopping or a blogger who wants to integrate that score.”

Development of the OAuth API and KloutPass came about as the company tried to figure out how to help developers integrate with Facebook-based applications and comply with Facebook’s terms of service, which forbid developers from sharing Facebook IDs.

“We could not trade a Facebook ID for a Klout score,” said Singletary.

KloutPass button

Now, developers can register their keys for the OAuth API with Klout (which uses Mashery’s API platform) and then have access to client-side or server-side user authentication, both of which use a button to kickoff the OAuth flows. Klout offers two flows for authentication: implicit grant, with a JavaScript SDK (other platforms and languages are coming), and AuthCode (server-side).

The OAuth API and KloutPass can be used with any application.

“KloutPass just gives you back a KloutID, the unique identifier we have for users, that is all it does. You use that to look up scores, topics and influence,” said Singletary. KloutPass also passes a token, but for now it is blank does not have a payload that can be queried or inititate a specific action.

“In the future, now that you are authenticated and have a token you can do other things on the user’s behalf,” he said.

That might include giving a +K, which is influencer recognition, on behalf of a user, or something similar to Klout Perks, rewards that brands hand out to influential end-users.

“You have to have this authenticated state to perform that action, so our first step is to get to that authenticated state from another web site.,” said Singletary.

He said going forward that Klout’s APIs will be “absolutely essential to our strategy.”

See also: