The API provides methods for managing your trustmap and querying trust data. It's available at:


Authentication where required, is via remote key over HTTPS. We provide JSON or XML response formats. Users are referred to by contextual identifier. These are strings that identify users in a particular context (a popular web service). The simplest is @username, which refers to a user's Twitter account. Tags are specified without the "#" symbol and without spaces. For example, #foo becomes "foo".

URL & request methods

All methods are available over GET and POST. Public requests that don't require authentication should be made to:


Secure requests that do require authentication should be made to:


URL encoding

All parameter values should be converted to UTF-8 and URL encoded. For example @thruflo should be encoded as:


Rate limit

The API is limited to 1 request per IP address per second. If that's not enough, because you're going to need to pay some of our hosting bills ;)