Authentication

The following tutorial explains how to use OAuth2 with the Bazaarvoice Transactions API using a two-legged workflow, which authenticates directly between the OAuth2 API and your Transactions application.

The Bazaarvoice Transactions API supports 2-legged OAuth2 authentication. Use the 2-legged workflow to authenticate your application without requiring a Bazaarvoice Portal user to provide credentials. This method is ideal for most use cases due to its automation benefits.

⚠️

Caution:

The Transactions API does not use API passkeys for authorization. Only OAuth2 client credentials are required for authentication.

What is 2-legged OAuth2 authentication

Bazaarvoice uses 2-legged OAuth2, an open standard for access delegation. In this approach, authentication involves two primary components:

  • Client Application: An application that needs to access data or interact with a Bazaarvoice service.
  • OAuth2 API: A Bazaarvoice service that implements the OAuth2 standard and acts as an intermediary for the client application.

This method is referred to as 2-legged because it does not involve an end user as a third party in the authentication process.

Key benefits

  • Server-to-server authentication: Credentials are exchanged between the client application and Bazaarvoice services without requiring end-user input.
  • Standards-based integration: As a widely adopted standard, OAuth2 is simpler to implement and maintain compared to custom authentication solutions.

Request OAuth2 credentials

In order to receive your OAuth2 Client Credentials(client_id and client_secret), register your application. To get started, contact Bazaarvoice Support.

Use the template below in your support case and replace each with the correct information.

Please register an application for the (Example: Transactions API).

BAZAARVOICE PORTAL USER EMAIL ADDRESS: <EMAIL_ADDRESS>  
DEVELOPER COUNTRY: <DEVELOPER_COUNTRY>  
CLIENT INSTANCE NAMES: <NAME_1>, <NAME_2>, <NAME_N>

APP DISPLAY NAME: <DISPLAY_NAME>

APP DESCRIPTION:  
<DESCRIPTION>

REDIRECT URIS:(Mandatory for 3-legged OAuth only)  
<URI_1>  
<URI_2>  
<URN_N>

Thanks,

<SIGNATURE>

Refer the table below for information about each value. All values are required.

Required valuesDescription
Bazaarvoice API nameName of the API product. Example: Privacy API
Bazaarvoice Portal user email addressThe email address linked to your Bazaarvoice Portal account. You must have an account before registering an application. This email will receive all API-related communications.
Developer countryThe country where the developer is located.
Client instance namesThe name of the client instance the keys should access. You can find client instance names in the Portal or Workbench client picker. Example: acme-en_us, acme-fr_fr
App Display NameA user-friendly name shown to users when they are asked to grant access to your application.Example: Acme Privacy App
App DescriptionA short description of your application's purpose or how it will be used. Example: App for custom privacy regulations compliance dashboard.
Redirect URIsEnter one or more full URLs used by your application. After users sign in, they will be redirected to one of these URLs. List one URL per line. Ignore this field blank if you are building a 2-legged OAuth2 privacy application.

MANDATORY for 3-legged OAuth2

https://dev.example.com/privacy/app
https://stg.example.com/privacy/app
https://www.example.com/privacy/app

Receive OAuth2 credentials

After you submit the request, the Bazaarvoice Support team will send the OAuth2 credentials through a secure channel within 7 days.

The secure link containing your client_id and client_secret can only be accessed by signing in to the Bazaarvoice Portal using the email address provided during application registration.

Resources

Refer to the following resources for more information on OAuth2:

  1. OAuth2 2-legged specification
  2. OAuth.net
  3. OAuth Bible on GitHub