API Key Management

This page explains how to use the API Key Management application in the Bazaarvoice Portal to view and manage API keys.

Overview

Our key process allows any member of a client instance to request keys; however, they will not be able to use those keys until they are enabled. Through the use of the API Key Management app, designated technical administrators on the client side must take an active role in enabling the keys that have been requested for the client instance.

Accessing the API Key Management application

Log on to Portal.

If you do not have a Portal account, ask the Bazaarvoice account administrator listed in your Portal profile to create an account for you. To learn about Portal, refer to the Bazaarvoice knowledge base.

Click ⚙️ Gear icon and select API under Developer.

📘

To complete the steps in the following sections, the following conditions must be true:

  • Your client instance must have API access. If your client instance does not have API access, contact your Bazaarvoice representative.
  • Your Portal user account must have the Technical Contributor or Technical Administrator role assigned. Refer to the knowledge base for details about these roles. To verify your role assignment, contact the account administrator listed in your Portal profile.
  • Your Portal user account must have the Ratings and Reviews solution assigned. Refer to the knowledge base for details about assigning solutions. To verify your role assignment, contact the account administrator listed in your Portal profile

Request API Keys via the API Key Management application

  1. Click the Request API key button.
  2. Follow the instructions in the request form to request a new API key. After you submit the request, you receive an email summarizing the API key's details.
  3. Register your application with Bazaarvoice. For Privacy API, Clients need to register their application for OAuth2 client credentials.
  4. Wait for a technical admin to approve your keys.

Register your application with Bazaarvoice

In order to receive your OAuth2 Client Credentials(client_id and client_secret), register your application by contacting our Support team at https://support.bazaarvoice.com.

Copy/paste the template below into your support case and then manually replace the <PLACE_HOLDER> tokens with the appropriate information.

Please register an application for use with the <API_NAME>

BAZAARVOICE PORTAL USER EMAIL ADDRESS: \<EMAIL_ADDRESS>  
DEVELOPER COUNTRY: \<DEVELOPER_COUNTRY>  
CLIENT INSTANCE NAMES: \<NAME_1>, \<NAME_2>, \<NAME_N>

APP DISPLAY NAME: \<DISPLAY_NAME>

APP DESCRIPTION:  
<DESCRIPTION>

REDIRECT URIS:(Mandatory for 3-legged OAuth only)  
\<URI_1>  
\<URI_2>  
\<URN_N>

Thanks,

<SIGNATURE>

Refer to the table below for information about each value. All values are required.

Bazaarvoice API namePrivacy API
Bazaarvoice Portal user email addressThis is the email address associated with a Bazaarvoice Portal account. You must have an account prior to registering an application. This email address will receive emails associated with the API.
Developer countryThe country where the developer is located.
Client instance namesThis name should match the client instance you want your keys to have access to. You can find client instance names in the Portal or Workbench client picker menu.

Ex: acme-en_us, acme-fr_fr
App Display NameThis is a human readable name that will be displayed to users when they grant access to your application.

Ex: Acme Privacy App
App DescriptionA brief explanation of how this application will be used.

Ex: App for custom privacy regulations compliance dashboard.
Redirect URIsOne or more complete URLs to a resource implemented by your application. This is where the application will redirect to after a user authenticates with their credentials. One per line. You can omit this field if you are developing a 2-legged OAuth2 privacy application.

MANDATORY for 3-legged OAuth2

https://dev.example.com/privacy/app
https://stg.example.com/privacy/app
https://www.example.com/privacy/app

Wait for your technical administrator to approve your keys

After you request keys, your company's technical administrator needs to approve your keys. Your keys are automatically created in a pending state until they are approved. You may check on the status of your request by viewing your list of keys in the API Key Management application in Portal.

Learning about API key management permissions

Depending on your role in the Bazaarvoice Portal, your ability to view, edit, approve, or request keys will differ. Refer to the Bazaarvoice knowledge base to learn about the API key management actions each role can perform in the Bazaarvoice Portal.

Viewing keys

📘

You can only view the keys that you have access to. Many users are technical contributors, which means you can only view keys that you requested. If you are a technical administrator, you can view all the keys for your client instance. If your key is in a Pending state, it means that a technical administrator must approve your key.

  1. Use the filters to narrow down the list of keys based on API type, project name, status, etc.
  2. Use the search bar if you know the exact API key value to search for. You can use asterisks as wildcards. For example, searching for cAuS* returns all keys that begin with "cAuS". Note that search is case sensitive.
  3. Use the sort functionality to order the keys by project name, locked status, requester name, and other options.
  4. Click a key's project name to view detailed information about the key.

Enable or disable keys

When users request keys, the technical administrator for the account must approve the keys before they can be used. To approve keys as a technical administrator:

  1. Use the Key details > Status filter to narrow the list of keys to ones with a Pending state.
  2. Click the project name of a key to open its detailed view.
  3. Select Enable key.
  4. Click Save.

You can also disable keys from the detail view