PowerReviews
Authentication & Authorization
Credentials
- PowerReviews uses API-keys authentication (combination of the Client ID and Client Secret) to get the Access Token.
- Client ID and Client Key can be obtained via PowerReviews account (see PowerReviews Connection Instructions).
- PowerReviews uses token-based authentication via Access Token to access REST API .
- Publicly exposing your API credentials can allow unauthorized access to the PowerReviews API endpoints, and your PowerReviews data by a third party. DataGrail stores your API credentials encrypted and protected.
Permissions
API credentials should be configured with Read and Write access Level (see PowerReviews Connection Instructions).
Endpoints Utilized
DataGrail uses the following endpoints to validate that credentials are good based on a successful response:
- Get and refresh access token:
- POST https://enterprise-api.powerreviews.com/oauth2/token
- Verify connection:
- GET https://enterprise-api.powerreviews.com/v1/reviews
Version
DataGrail PowerReviews integration currently supports PowerReviews REST API version v1.
Limits
- PowerReviews imposes limits on API requests. Users who send many requests in quick succession may see error responses that show up as status code 429.
- DataGrail processes API responses with HTTP 429 status to interrupt requests, waiting and retrying (using an exponential backoff strategy).
Access
For an access request, DataGrail will take the following actions:
- Get list of questions and included answers.
- Filter list of questions and answers by the Data Subject email.
- Get list of reviews.
- Filter list of reviews by the Data Subject email.
- Get a list of products and fetch all merchants IDs.
- Search orders by the Data Subject email and merchant ID.
- For all objects found, DataGrail will return all available fields. You can edit which objects and fields you want to provide to the Data Subject via our Portal Requests.
Endpoints Utilized
- GET https://enterprise-api.powerreviews.com/v1/questions
- GET https://enterprise-api.powerreviews.com/v1/reviews
- GET https://enterprise-api.powerreviews.com/v1/products
- GET https://enterprise-api.powerreviews.com/v1/orders
DataGrail also supports the Direct Contact Access workflow for PowerReviews.
Deletion
For a deletion request, DataGrail will take the following actions:
- Submit a request to delete or anonymize the personal data associated with the Data Subject email. Deletion behavior (Delete or Anonymize) depends on the connection configuration.
- Create a scheduling task for regular checking of customer status in PowerReviews using the get request status update call.
Deletion request will be in the processing status on DataGrail side until PowerReviews deletes the requested personal data.
Endpoints Utilized
- POST https://privacy-api.powerreviews.com/v1/privacy/right-to-be-forgotten
- GET https://privacy-api.powerreviews.com/v1/privacy/request-status
DataGrail supports only the Direct Contact Deletion workflow for PowerReviews.
Disclaimer: The information contained in this message does not constitute as legal advice. We would advise seeking professional counsel before acting on or interpreting any material.