Authentication confirms a user’s identity, and provides a way to ensure that legitimate contributors create content on your site.

Note: Authenticity is about how fraud is detected.

Hosted vs Site authentication workflow

The following authentication methods are supported by PRR:

  • Site authentication—Before users can submit product reviews, questions, or answers, they must log in to your site’s authentication system with the same credentials they use to access your site. Site authentication is also known as client-mastered authentication.
  • Hosted authentication—Users simply authenticate by entering their email addresses after clicking “Write a review” links on product pages. Hosted authentication is also known as BV-mastered authentication.
Note: Hosted authentication is the best way to authenticate your UGC contributors. The hosted authentication method removes complex site-authentication integration with your site, so it's less work for your IT resources.

Here is the workflow of hosted authentication and site authentication:

Hosted Authentication Site Authentication

Bazaarvoice recommendation

Authentication for content submission should be as lightweight as possible.

Hosted authentication (BV-mastered authentication) is the best way to authenticate your UGC contributors. It removes complex site-authentication integration with your site and results in less work for your IT resources.

Note: Research indicates that site authentication (where the user has to log in), significantly decreases the volume of user submissions. Use site authentication only if you have a legal or business requirement that necessitates your customers must log in to submit a review.

Site authentication

If you use site authentication, contributors need to log in to your site’s authentication system before they can submit content.

The ssURL can pre-authenticate users by including a special parameter and a user token. Refer to Site authentication process.

The workflow depends on how the user begins their interaction. A contributor can enter the submission workflow two different ways:

  • By clicking a “Write a review” button on your website (organic traffic).
  • By clicking a “Write a review” link embedded within an email message (non-organic traffic).

Site authentication process

If you need to enable site authentication, this process relies on the following parameters:

  • bvuserToken— A URL encoded user authentication string (UAS) is used when the user is known but not necessarily logged in to the site. The user’s ID (userid) is included in the token.
  • bveventid—An ID used to ensure that login pages redirect users to your hosted container page. The bveventid parameter signals that the user was trying to write a review before he was redirected to log in.

Hosted authentication

If hosted authentication is used on your site, contributors are routed directly to your submission container page or product page where they can access the submission form. The workflow depends on how the user begins their interaction.

A contributor can enter the submission workflow in two different ways:

  • By clicking a “Write a review” button on your website (organic traffic).
  • By clicking a “Write a review” link embedded within an email message (non-organic traffic).

Hosted authentication process

If you choose to enable hosted authentication, the following is a general overview of the authentication process:

  1. A contributor provides a valid email address when submitting a review, question, answer, or comment. The contributor can select the Remember me on this computer check box to skip the authentication step the next time they submit content from the same computer and browser.
  2. The contributor submits content.
  3. Bazaarvoice sends the contributor an email asking them to confirm their content submission by clicking a verification link.
  4. The submitted content is sent to the Bazaarvoice Moderation team.
  5. The review is moderated and published on the site. Depending on your publishing options and the contributor’s action in step 3, approved content may or may not be published.
Note: Once a contributor clicks the verification link in their email, published content is linked to the contributor's profile. If a contributor does not have an existing profile, a profile is created and confirmed. User profiles are also moderated. If a review is approved but the profile is rejected, the review is displayed on the website as anonymous.

A user’s profile comprises a user’s email address, nickname, location, and submitted content.

Note: Reviews on your site display the user's most recently chosen nickname.

Migrating from site authentication to hosted authentication

If you’re currently using site authentication but want to migrate to hosted authentication, Bazaarvoice offers a tool to map existing site authentication user information to hosted authentication users. Contact Bazaarvoice Support to request information about this migration tool.

The ExternalID parameter is the primary identifier for site authentication users, while a hosted authentication user is identified by their email address.

The migration challenge is to map these ExternalIDs to an email address.

Your existing customer segmentation data—whether from site authentication, an enterprise marketing database, or CRM system—can be imported by using a structured XML file or a CSV file.

The People Feed Importer tool takes the XML or tab-delimited CSV file that maps the ExternalID to an email address. Bazaarvoice stores these mappings in our profile database so that future submissions are properly attributed to the appropriate existing users.

Note: Profile merging only works if the contributor has provided the site with the same email address that they choose to submit reviews. For example, if a contributor provides `contributor@email.com` to the site and `contributor@aol.com` when submitting reviews using the email authorization, there will be two different profiles for the same user.

XML or text file with customer IDs and email addresses

If you’re switching to hosted authentication, you must give us a list of your contributor/customer IDs and email addresses. Bazaarvoice needs both sets of information to seamlessly merge contributions made before implementing the hosted authentication process with the customer’s current profile.

We prefer to receive this information via an XML file in the following format:

<?xml version="1.0" encoding="utf-8"?>
<Feed xmlns = "http://www.bazaarvoice.com/xs/PRR/PeopleFeed/5.0">
<ExternalID>x12345</ExternalID>
<EmailAddress>xjohndoe@gmail.com</EmailAddress>
</Feed>
Note: If a contributor uses an email address different than the one in your XML or text file you send us, Bazaarvoice cannot link the two accounts.