Best Practices
We have compiled some tips to get you started building your Conversations application the right way.
Read the Conversations API Terms of Use
The Conversations API Terms of Use is written in plain language and communicates important technical restrictions and requirements, in addition to other terms that will impact how you build your Conversations API application.
Help us end inauthentic content
At Bazaarvoice we believe that authentic consumer generated content represents the author's genuine, unbiased, and transparent opinion about their experience with a product or service. We expect all Conversations API applications to conform to our Authenticity policy. You can learn how to increase the likelihood that your content is considered authentic at the Authenticity tutorial.
Per the Bazaarvoice Authenticity Policy, you must send a device fingerprint and author IP address attached to each submission. If you fail to send a device fingerprint and author IP address with your submission, Bazaarvoice may take any action deemed necessary in Bazaarvoice’s sole discretion to protect the integrity of the network. Such actions may include but are not limited to: rejection of your content, halting syndication of your content on the Bazaarvoice network, revocation of your API key, or revocation of your API license.
Submit content in real-time
Always submit all consumer generated content to Bazaarvoice as soon as you receive it. Submission time is based on when the content is submitted to Bazaarvoice. The API provides no way to include an alternate submission time, meaning content not submitted immediately to Bazaarvoice will not have an accurate submission time. Further, modifying or filtering the consumer generated content you send to Bazaarvoice is a violation of our Terms of Use and Authenticity policy.
One set of API keys per application
You should never share an API key between multiple applications. For example, using the same key in your desktop site and mobile site. There are several reasons for this:
- Keys are used to track API usage metrics, so sharing a key will conflate application traffic.
- If you ever need to disable and replace a key, you will have more work to do.
- Keys have a rate limit, so you will be sharing the limit between multiple applications.
Escape all consumer generated content to protect against XSS
Escaping consumer generated content prior to displaying it in your application is an effective way to protect against Cross-Site Scripting (XSS) attacks and is essential to building a secure application.
We do not pre-emptively escape content returned by the API because we make no assumptions about the environment where the data will be displayed or the extent to which our API consumers would like it escaped. Instead, it is your responsibility to escape the data appropriately for your intended use case.
The Open Web Application Security Project (OWASP) provides specific guidance on escaping content to protect against XSS attacks.
Be mindful of the Conversations API rate limit
The Bazaarvoice platform is a multi-tenant system in which many clients share the same system resources. It is important that excessive usage is limited to protect the stability of the network for everybody. Without a rate limit, poorly constructed applications or unforeseen circumstances could have negative consequences on network performance and availability.
Learn more about the rate limit at the Rate Limit tutorial.
Take advantage of caching
Caching your Conversations API data can provide many benefits, including reducing the number of HTTPS requests you need to make, speeding up your application from the perspective of your users, reducing costs, helping you avoid rate limit issues and more.
Read our Caching tutorial to learn more about the benefits of caching and about several common caching techniques.
Use the 'Locale' parameter when submitting
The Locale
parameter tells our system in what language content is written. Our system uses that information to route the content to our human moderators. Without the Locale
parameter, our system defaults to English, which will result in non-English content being rejected because the moderator who processes it will be unable to read it. Even if your content is in English, it is still a good practice to use the Locale
parameter, because doing so makes your intention explicit and will make localizing your application easier should the need arise.
The Internationalization tutorial has more information on the Locale
parameter.
Maximize your ROI with BV Pixel
By implementing BV Pixel (our API analytics solution), you will get access to Bazaarvoice Conversion Impact reporting (ROI reporting) as well as Traffic reporting & analytics. Learn how by reading the BV Pixel tutorial.
Regularly rebuild your data store replica
Bazaarvoice is the primary data source for Conversations data. If you would like to maintain your own replica, then you must refresh it at least every two weeks. This reduces the likelihood of your replica drifting out of sync with the Bazaarvoice primary data store.
We provide several alternatives to iterating through the Conversations API results to make this easier:
Updated 22 days ago