Authentication

The Bazaarvoice Transactions API provides 2-legged for OAuth2 authentication.

Introduction

The following tutorial explains how to use OAuth2 with the Bazaarvoice Transactions API using a two-legged workflow, which authenticates directly between the OAuth2 API and your Transactions application.

Use the 2-legged workflow if you want to authenticate your application without a Bazaarvoice Portal user involved in supplying credentials. Due to its automation advantages, Bazaarvoice expects that the 2-legged workflow best fits the majority of client use cases for the Transactions API.


Requesting Client ID and Client Secret

Clients are required to contact BV support to generate their Client ID and Client Secret for accessing BV APIs. Please reach out to BV support for assistance in obtaining these credentials.


Bazaarvoice has implemented 2-legged OAuth2, an open standard for access delegation. This style of OAuth is referred to as “2-legged” because it consists of two roles:

  • The Client Application : This is an application that would like to access data or interact with a Bazaarvoice service.
  • The OAuth2 API: A Bazaarvoice service that implements the OAuth2 standard and intermediates with the Client Application.

2-legged OAuth2 offers certain advantages including:

Authentication is handled server to client and does not require an end user to manually supply credentials.
● As a well-known open standard, OAuth2 is easier to implement than a custom solution.

Resources

Refer to these resources for more information on OAuth2:

  1. OAuth2 2-legged specification
  2. OAuth.net
  3. OAuth Bible on GitHub