Authentication is the process of confirming a user’s identity, and it provides a way to ensure that legitimate users create content on your site. Through authentication, Bazaarvoice can confirm a user’s email address and link the email address to a profile in the Bazaarvoice network. (Authentication is not how fraud is detected; that’s authenticity.)

The following authentication methods are supported by Conversations:

  • Hosted authentication—This is the default method of authentication and recommended by Bazaarvoice. With hosted authentication, users authenticate using their email addresses when they click the “Write a review” link on a product page or click a submission link in a post-interaction email (PIE) message. No additional configuration is required.
  • Site authentication—This method requires users to log in to your site’s authentication system. Before users can submit product reviews, questions, or answers, they must log in with the same credentials they used to access your site.

    Site authentication significantly decreases—by about 30%—the volume of user submissions. Furthermore, it requires that your technical team perform additional integration work to tie Conversations to your site’s login process. Use this method only if you have a legal or business requirement that necessitates that your customers log in to Conversations.

    To implement site authentication, refer to Site authentication.

Hosted authentication workflow

If hosted authentication is used on your site, users are routed directly to the Bazaarvoice container page or product page where they can access the submission form. Here is the workflow for hosted authentication, depending on how the user begins interaction.

"Write a review" button on your siteLink in a PIE message

After a user clicks the verification link:

  • The user’s profile is merged with all other profiles that have the same email address. A profile comprises a user’s email address, nickname, location, and content (review, question, answer, and so on). If the user does not have an existing profile, a profile is created and confirmed.

    Note: Reviews on your site display the user's most recently chosen nickname.
  • The review is moderated and published on the site. If Conversations was holding a review until user verification, the review is published on the site after a user clicks the verification link.

Bazaarvoice moderates user profiles and reviews in two steps during the moderation process. Reviews are moderated first and then profiles are moderated. Both can be rejected if they do not conform with your moderation guidelines. If a review is approved but the profile is rejected, the review is displayed on the website as anonymous.

Site authentication workflow

If you choose to enable site authentication, the following is a general overview of the authentication process:

This process relies on the following parameters:

  • bvuserToken— A URL encoded user authentication string (UAS) used when the user is known but not necessarily logged in to the site. The user’s ID (userid) is included in the token.
  • bveventid—An ID used to ensure that login pages redirect users to your hosted Conversations container page. The bveventid parameter signals that the user was trying to write a review before he was redirected to log in.

Bazaarvoice moderates user profiles and reviews in two steps during the moderation process. Reviews are moderated first and then profiles are moderated. Both profiles and reviews can be rejected if they do not conform with your moderation guidelines. If a review is approved but the profile is rejected, the review is displayed on the website as anonymous.

Determine your authentication configuration

To determine your authentication configuration, complete these steps:

  1. Log in to the Workbench and then click Settings » Manage Applications. The Site Manager page of the configuration hub is displayed.
  2. Edit the implementation for which you want to determine the method of authentication.
  3. Click User Authentication on the left side of the page under Settings.
  4. If the page has a Site Authentication Integration tab at the top, click the tab.

If Require site authentication is enabled, your implementation uses site authentication. If the page has no tabs or Require site authentication is disabled, your implementation uses hosted authentication.

You may also be able to determine your authentication configuration from a product display page (PDP). View a PDP on your site and try to write a review. If you are asked to log in, your site probably uses site authentication. If the submission form loads without prompting you to log in, your site likely uses hosted authentication.