The Bazaarvoice Privacy API provides a secure HTTP interface for integrating Bazaarvoice into your privacy regulations compliance workflow. To learn more, go to the Privacy API home page.

Contents

(+ show- hide)

This page describes the fundamental knowledge that you will need to use the Privacy API.

Privacy API & end-user data files

To process end-user requests you will interact with the following service components:

Privacy API

The Privacy API presents a “REST” style HTTP interface that exposes two resources: accessRequests and forgetRequests. When an API request is made to one of these resources, the API will create the appropriate resource in our system, respond with meta-data about the resource, including the status of previous requests and, in the case of an accessRequests, the location where the end-user data files can be retrieved.

End-user data files

The end-user data files contain the end-user’s personal data in JSON format. Unlike a traditional "REST" style API, these data files are not returned directly as a result of a request to the Privacy API. Instead, they are compressed using the ZIP format, and made accessible via a secure download URL.

Usage

Right of access

The Privacy API can be used to submit right of access requests on behalf of your end-users and to retrieve status information about previously submitted right of access requests.

In the Privacy API, right of access takes the form of an accessRequests resource.

There are three right of access related operations available:

  1. Create an accessRequests resource
  2. Query an accessRequests' status and related information
  3. Download end-user data

The chart to the right depicts these actions.

Learn more about the accessRequests resource at the Right of Access reference.

Right to be forgotten

The Privacy API can be used to submit right to be forgotten requests on behalf of your end-users and to retrieve status information about previously submitted right to be forgotten requests.

In the Privacy API, right to be forgotten takes the form of a forgetRequests resource.

There are two right to be forgotten related operations available:

  1. Create a forgetRequests resource
  2. Query forgetRequests' status and related information

The chart to the right depicts these actions.

Once a forgetRequests resource is created, it cannot be cancelled. In the event an end-user requests right of access and right to be forgotten at the same time, you must process the right of access request first.

Learn more about the forgetRequests resource at the Right to be Forgotten reference.

Required credentials

To use the Privacy API, you will need the credentials described below. Refer to the Requesting API keys topic to learn how acquire these credentials from Bazaarvoice.

Credential Description
Privacy API passkeys

These values, one for staging and one for production, will be used in every request to the Privacy API.

OAuth2 API passkeys

These values, one for staging and one for production, will be used in every request to the OAuth2 API. They will be identical to the Privacy API passkeys. Refer to OAuth2 Integration for more information.

Client ID This value will be used in every request to the OAuth2 API. Refer to OAuth2 Integration for more information.
Client secret This value will be used in every request to the OAuth2 API. Refer to OAuth2 Integration for more information.
Privacy Manager role in Bazaarvoice Portal

(3-legged workflows only)
The Bazaarvoice Portal user that grants access to your application must have the Privacy Manager role. This role is assigned when you register your application.
Staging and production access to Bazaarvoice client instances

(3-legged workflows only)
The Bazaarvoice Portal user that grants access to your application must have access to the staging and production environments for the client instances that you want the application to process privacy requests for. This access is granted when you register your application, or your account administrator can assign it.

Next

Complete the steps in the Requesting API keys topic to obtain API keys.

Continue to OAuth2 Integration to learn how to use 3-legged OAuth with the Privacy API.

Go to the Reference section to learn more about using the Privacy API.

Go to the Tools section to access interactive tools and applications that help you work with the Privacy API.