About Moderation Rules

With the Moderation Rules API you can maintain a safe and compliant online environment by automating content moderation through customizable rules. Also, you can integrate this API to moderate content within your own products, such as a comments app or review collection system.

The Moderation Rules API allows you to:

  • Create and manage custom moderation rules to control the content that appears on your site.
  • Automatically check and filter user-generated content to ensure it meets your site's standards.
  • Retrieve, update, and delete existing moderation rules to keep your content policies up-to-date and relevant.

Moderation rule flow

The following example describes the Moderation Rules API flow for a comment submitted in the Wix Blog app:

  1. A site visitor submits a new comment on a blog post.
  2. The comment is reviewed to determine if it violates any moderation rules. For example, the comment can't contain any links.
    • On a Wix site, a modal informs the user that the comment is undergoing moderation. In the UI, the comment is marked with the "Pending" status.
    • On the backend, the comment has the PENDING status.
  3. If a violation is detected (the comment contains links), the rule is triggered and appropriate action is taken. The comment is either sent for manual approval or rejected.

Before you begin

It’s important to note the following points before starting to code:

  • You don't need to install any additional apps. Moderation service is already integrated in Comments and Reviews.
  • You can create up to 20 rules per namespace.
  • For every trigger there must be a separate rule.
  • The content is checked only for newly submitted reviews and comments. Any comments or reviews made before the integration of this API aren't checked.

Use cases

Terminology

  • Audience: The group of users to whom a rule applies.
  • Trigger: The condition or event that activates a rule.
  • Exemptions: Specific users or groups that are excluded from a rule.
  • Action: The response or measure taken when a rule is triggered.
  • Content: The material or information that is subject to moderation.
  • Violations: Instances where content breaches the established rules.
  • Rule: A predefined set of conditions that manages user-created content on a website. It consists of three key components:
    • Audience
    • Triggers
    • Actions
  • Namespace: A namespace is a way to organize and separate different entities within a website, allowing each entity to have its own distinct set of rules or behaviors. This structure helps manage different features, like comments or reviews, by assigning specific rules to each, even when they coexist on the same site. For example, your site can have comments for both Wix Blog and Wix Forum. These comments may require different moderation rules, so namespaces like comments/{BLOG_APP_ID} or comments/{FORUM_APP_ID} can be defined to separate the rules.
Did this help?

Moderation Rules: Sample Use Cases & Flows

This article presents possible use cases and corresponding sample flows that your app can support. It provides a useful starting point as you plan your app's implementation.

Check Wix Blog comments for rule violations

To prevent the publication of spam content on your blog, which often includes links to advertised products or services, phishing sites, or fraudulent schemes, you can implement a moderation rule that applies only to site visitors, excluding members. Once this rule is defined, any comment containing links will be rejected.

To check comments for rule violations:

  1. Create a rule to define conditions on which the content will be rejected. For example:

    Copy
    { "rule": { "namespace": "comments/14bcded7-0066-7c35-14d7-466cb3f09103", "name": "Restrict links in comments", "audience": { "type": "VISITORS" }, "trigger": { "contentFeatures": { "videos": false, "images": false, "links": true } }, "action": { "type": "REJECT" } } }
  2. After a site visitor submits the comment, call Check Content to verify that the comment does not break any rules.

Sync moderation rules across all sites

If you have several eComm sites that use your app, you might need to sync moderation rules for product reviews across those sites. For example, you have a new rule, that from now on, all 1-star ratings must go through a manual review. This change also needs to be reflected on other sites.

To sync the rule across all sites:

  1. Call Get Rule on the site where you created a new rule.

  2. Extract the whole rule object. Remove unnecessary fields, like createdDate.

  3. Call Create Rule for your other sites and pass the new rule to each.

Did this help?

Moderation Rules: Supported Filters and Sorting

The following table shows field support for filters and sorting for the rule object:

FieldSupported FiltersSortable
id$eq, $ne, $in
createdDate$eq, $ne, $gt, $lt, $gte, $lteSortable
updatedDate$eq, $ne, $gt, $lt, $gte, $lteSortable
namespace$eq, $ne, $in
enabled$eq, $ne
Did this help?

Rule Object


Properties
idstringRead-onlyformat GUID

Rule ID.


revisionintegerRead-onlyformat int64

Revision number, which increments by 1 each time the rule is updated. To prevent conflicting changes, the existing revision must be used when updating a rule.


createdDatestringRead-onlyformat date-time

Date and time when the rule was created.


updatedDatestringRead-onlyformat date-time

Date and time when the rule was updated.


namespacestringminLength 1maxLength 120

The app and entity which the rule belongs to. For example, comments/{BLOG_APP_ID}.


namestringmaxLength 120

Rule name.


audienceAudience

Audience to which the rule applies.


triggerTrigger

A condition that triggers the rule.

Note: If you need to have several triggers for the same namespace, create separate rules.


exemptionsExemptions

List of site members or groups to whom the rule doesn't apply.


actionAction

What action should be taken after the rule is triggered.


enabledboolean

Whether the rule is enabled.


extendedFieldsExtendedFields

Custom field data for the rule object.

Note: You must configure extended fields using schema plugin extensions in your app's dashboard before you can access the extended fields with API calls.

Rule
JSON
{ "rule": { "id": "e3acb53a-cfed-41bc-9de5-e4060426c13a", "revision": "1", "createdDate": "2023-10-06T13:57:20.564Z", "updatedDate": "2023-10-06T13:57:20.564Z", "namespace": "comments/14bcded7-0066-7c35-14d7-466cb3f09103", "name": "Forbid to comment with link", "audience": { "type": "MEMBERS" }, "trigger": { "contentFeatures": { "videos": false, "images": false, "links": true } }, "exemptions": { "memberGroups": ["1149dbee-acc1-49ac-bedf-43176155e84a"], "memberIds": ["05565bc9-3d16-4fc8-ab8e-20b13a0730d8"] }, "action": { "type": "REJECT" }, "enabled": true } }
Did this help?

POST

Create Rule


Developer Preview

This API is subject to change. Bug fixes and new features will be released based on developer feedback throughout the preview period.

Creates a rule. You can create up to 20 rules per namespace.

Authentication

You can only call this method when authenticated as a Wix app or Wix user identity.

Permissions
Manage Moderation Rules
Learn more about app permissions.
Endpoint
POST
https://www.wixapis.com/moderation/v1/rules

Body Params
ruleRuleRequired

Rule info.

Response Object
ruleRule

Created rule.

Request
cURL
curl -X POST https://www.wixapis.com/moderation/v1/rules \ -H 'Content-Type: application/json;charset=UTF-8' \ -H 'Authorization: <AUTH>' \ -d '{ "rule": { "namespace": "reviews/f0f2e34e-a407-41bd-b8b0-d11a90b226de", "name": "Check for Store Review Rating", "audience": { "type": "MEMBERS_AND_VISITORS" }, "trigger": { "attribute": { "values": ["1", "2"], "name": "rating" } }, "action": { "type": "NEEDS_MANUAL_APPROVAL" }, "enabled": true } }'
Response
JSON
{ "rule": { "id": "500ea62c-5f4c-4a51-b813-0bd7f239c6dd", "revision": "1", "createdDate": "2023-10-10T06:52:04.718Z", "updatedDate": "2023-10-10T06:52:04.718Z", "namespace": "reviews/f0f2e34e-a407-41bd-b8b0-d11a90b226de", "name": "Check for Rating", "audience": { "type": "MEMBERS_AND_VISITORS" }, "trigger": { "attribute": { "name": "rating", "values": ["1", "2"] } }, "exemptions": { "memberGroups": [], "memberIds": [] }, "action": { "type": "NEEDS_MANUAL_APPROVAL" }, "enabled": true } }
Errors
428Failed Precondition

There is 1 error with this status code:

See the entire list and learn more about Wix errors.

Event TriggersThis method triggers the following events:
Did this help?

GET

Get Rule


Developer Preview

This API is subject to change. Bug fixes and new features will be released based on developer feedback throughout the preview period.

Retrieves a rule by ID.

Authentication

You can only call this method when authenticated as a Wix app or Wix user identity.

Permissions
Manage Moderation Rules
Learn more about app permissions.
Endpoint
GET
https://www.wixapis.com/moderation/v1/rules/{ruleId}

Path Params
ruleIdstringRequired

Rule ID.

Response Object
ruleRule

Requested rule.

Get a rule
Request
cURL
curl -X GET https://www.wixapis.com/moderation/v1/rules/500ea62c-5f4c-4a51-b813-0bd7f239c6dd \ -H 'Content-Type: application/json;charset=UTF-8' \ -H 'Authorization: <AUTH>'
Response
JSON
{ "rule": { "id": "500ea62c-5f4c-4a51-b813-0bd7f239c6dd", "revision": "1", "createdDate": "2023-10-10T06:52:04.718Z", "updatedDate": "2023-10-10T06:52:04.718Z", "namespace": "reviews/f0f2e34e-a407-41bd-b8b0-d11a90b226de", "name": "Check for Rating", "audience": { "type": "MEMBERS_AND_VISITORS" }, "trigger": { "attribute": { "name": "rating", "values": ["1", "2"] } }, "exemptions": { "memberGroups": [], "memberIds": [] }, "action": { "type": "NEEDS_MANUAL_APPROVAL" }, "enabled": true } }
Did this help?

DELETE

Delete Rule


Developer Preview

This API is subject to change. Bug fixes and new features will be released based on developer feedback throughout the preview period.

Permanently deletes a rule.

Authentication

You can only call this method when authenticated as a Wix app or Wix user identity.

Permissions
Manage Moderation Rules
Learn more about app permissions.
Endpoint
DELETE
https://www.wixapis.com/moderation/v1/rules/{ruleId}

Path Params
ruleIdstringRequired

ID of the rule to delete.

Response Object
Returns an empty object.
Delete a rule
Request
cURL
curl -X DELETE https://www.wixapis.com/moderation/v1/rules/500ea62c-5f4c-4a51-b813-0bd7f239c6dd \ -H 'Content-Type: application/json;charset=UTF-8' \ -H 'Authorization: <AUTH>'
Response
JSON
{}
Event TriggersThis method triggers the following events:
Did this help?

PATCH

Update Rule


Developer Preview

This API is subject to change. Bug fixes and new features will be released based on developer feedback throughout the preview period.

Updates a rule.

Each time the rule is updated, revision increments by 1. The existing revision must be included when updating the rule. This ensures you're working with the latest rule and prevents unintended overwrites.

Authentication

You can only call this method when authenticated as a Wix app or Wix user identity.

Permissions
Manage Moderation Rules
Learn more about app permissions.
Endpoint
PATCH
https://www.wixapis.com/moderation/v1/rules/{rule.id}

Path Params
rule.idstringRequired

Rule ID.

Body Params
ruleRuleRequired

Rule to update.

Response Object
ruleRule

Updated rule.

Update a rule's audience type
Request
cURL
curl -X POST https://www.wixapis.com/moderation/v1/rules \ -H 'Content-Type: application/json;charset=UTF-8' \ -H 'Authorization: <AUTH>' \ -d '{ "rule": { "id": "500ea62c-5f4c-4a51-b813-0bd7f239c6dd", "revision": "1" "namespace": "reviews/stores", "audience": { "type": "VISITORS" } }, "fieldMask": { "paths": ["audience.type"] } }'
Response
JSON
{ "rule": { "id": "500ea62c-5f4c-4a51-b813-0bd7f239c6dd", "revision": "2", "created_date": "2023-10-10T06:52:04.718Z", "updated_date": "2023-10-10T06:58:01.595Z", "namespace": "reviews/stores", "name": "Check for Rating", "audience": { "type": "VISITOR" }, "trigger": { "attribute": { "name": "rating", "values": ["1", "2"] } }, "exemptions": { "member_groups": [], "member_ids": [] }, "action": { "type": "NEEDS_MANUAL_APPROVAL" }, "enabled": true } }
Event TriggersThis method triggers the following events:
Did this help?

POST

Query Rules


Developer Preview

This API is subject to change. Bug fixes and new features will be released based on developer feedback throughout the preview period.

Retrieves a list of rules, given the provided paging, filtering, and sorting.

  • createdDate is sorted in ASC order
  • paging.limit is 100
  • paging.offset is 0

Up to 1,000 rules can be returned per request.

For field support for filters and sorting, see Rules: Supported Filters and Sorting. To learn about working with Query endpoints, see API Query Language.

Authentication

You can only call this method when authenticated as a Wix app or Wix user identity.

Permissions
Manage Moderation Rules
Learn more about app permissions.
Endpoint
POST
https://www.wixapis.com/moderation/v1/rules/query

Body Params
queryQuery

Query options. See API Query Language for more details.

Response Object
rulesArray <Rule>maxItems 100

List of rules.


pagingMetadataPagingMetadata

Paging metadata.

Request
cURL
curl -X POST https://www.wixapis.com/moderation/v1/rules/query \ -H 'Content-Type: application/json;charset=UTF-8' \ -H 'Authorization: <AUTH>' \ -d '{ "query": { "sort": [], "filter": { "namespace": "reviews/f0f2e34e-a407-41bd-b8b0-d11a90b226de" }, "cursorPaging": { "limit": 1 } } }'
Response
JSON
{ "rules": [ { "id": "500ea62c-5f4c-4a51-b813-0bd7f239c6dd", "revision": "1", "createdDate": "2023-10-10T06:52:04.718Z", "updatedDate": "2023-10-10T06:52:04.718Z", "namespace": "reviews/f0f2e34e-a407-41bd-b8b0-d11a90b226de", "name": "Check for Rating", "audience": { "type": "MEMBERS_AND_VISITORS" }, "trigger": { "attribute": { "name": "rating", "values": ["1", "2"] } }, "exemptions": { "memberGroups": [], "memberIds": [] }, "action": { "type": "NEEDS_MANUAL_APPROVAL" }, "enabled": true } ], "pagingMetadata": { "count": 1, "cursors": { "next": "79902130cbb60b4db8ae6b7f0020c04e411ee19b.IiQ1MDBlYTYyYy01ZjRjLTRhNTEtYjgxMy0wYmQ3ZjIzOWM2ZGQ", "prev": null }, "hasNext": true } }
Did this help?

POST

Check Content


Developer Preview

This API is subject to change. Bug fixes and new features will be released based on developer feedback throughout the preview period.

Checks the submitted content for any conditions that might trigger a rule, and then returns actions to take if the rule is triggered.

Authentication

You can only call this method when authenticated as a Wix app or Wix user identity.

Permissions
Manage Moderation Rules
Learn more about app permissions.
Endpoint
POST
https://www.wixapis.com/moderation/v1/rules/check

Body Params
namespacestringmaxLength 120

Namespace value.


contentContent

Content to check.

Response Object
violationsArray <Violation>

Rule violation details.

Request
cURL
curl -X POST https://www.wixapis.com/moderation/v1/rules/check \ -H 'Content-Type: application/json;charset=UTF-8' \ -H 'Authorization: <AUTH>' \ -d ''{ "namespace": "reviews/f0f2e34e-a407-41bd-b8b0-d11a90b226de", "content": { "plainText": "Great product!", "attributes": [ { "name": "rating", "value": "2" } ] } }'
Response
JSON
{ "violations": [ { "ruleId": "5aad8c1c-916a-44d7-b655-0c3328dfb9b3", "action": "NEEDS_MANUAL_APPROVAL" } ] }
Did this help?

Rule Created


Developer Preview

This API is subject to change. Bug fixes and new features will be released based on developer feedback throughout the preview period.

Triggered when a rule is created.

Permissions
Manage Moderation Rules
Learn more about app permissions.
Event BodyEvent Body Event data is received as a JSON Web Token (JWT). It may be delayed. Be sure to verify the data was sent by Wix.
Event Data
idstring

Unique event ID. Allows clients to ignore duplicate webhooks.


entityFqdnstring

Fully qualified domain name of the entity associated with the event. Expected wix.moderation.v1.rule.


slugstring

Event name. Expected created.


entityIdstring

ID of the entity associated with the event.


eventTimestringformat date-time

Event timestamp.


triggeredByAnonymizeRequestboolean

Whether the event was triggered as a result of a privacy regulation application (for example, GDPR).


originatedFromstring

If present, indicates the action that triggered the event.


createdEventCreatedEvent

Event information.

Event Body

The data payload will include the following as an encoded JWT:

JSON
{ "data": { "eventType": "wix.moderation.v1.rule_created", "instanceId": "<app-instance-id>", "data": "<stringified-JSON>", // The identity field is sent as a stringified JSON "identity": { "identityType": "<identityType>", // ANONYMOUS_VISITOR, MEMBER, WIX_USER, APP "anonymousVisitorId": "<anonymousVisitorId>", // in case of ANONYMOUS_VISITOR "memberId": "<memberId>", // in case of MEMBER "wixUserId": "<wixUserId>", // in case of WIX_USER "appId": "<appId>" // in case of APP } } }

RuleCreated
JSON
{ "id": "c5f445cd-59c8-41d5-9c0c-f7b1a804b2c5", "entityFqdn": "wix.moderation.v1.rule", "slug": "created", "entityId": "e3acb53a-cfed-41bc-9de5-e4060426c13a", "createdEvent": { "entity": { "id": "e3acb53a-cfed-41bc-9de5-e4060426c13a", "revision": "1", "createdDate": "2023-10-06T13:57:20.674Z", "updatedDate": "2023-10-06T13:57:20.674Z", "namespace": "comments/14bcded7-0066-7c35-14d7-466cb3f09103", "name": "Forbid to comment with link", "audience": { "type": "MEMBERS" }, "trigger": { "contentFeatures": { "videos": false, "images": false, "links": true } }, "exemptions": { "memberGroups": ["1149dbee-acc1-49ac-bedf-43176155e84a"], "memberIds": ["05565bc9-3d16-4fc8-ab8e-20b13a0730d8"] }, "action": { "type": "REJECT" }, "enabled": true } }, "eventTime": "2023-10-06T13:57:20.674553Z", "triggeredByAnonymizeRequest": false, "entityEventSequence": "1" }
Did this help?

Rule Updated


Developer Preview

This API is subject to change. Bug fixes and new features will be released based on developer feedback throughout the preview period.

Triggered when a rule is updated.

Permissions
Manage Moderation Rules
Learn more about app permissions.
Event BodyEvent Body Event data is received as a JSON Web Token (JWT). It may be delayed. Be sure to verify the data was sent by Wix.
Event Data
idstring

Unique event ID. Allows clients to ignore duplicate webhooks.


entityFqdnstring

Fully qualified domain name of the entity associated with the event. Expected wix.moderation.v1.rule.


slugstring

Event name. Expected updated.


entityIdstring

ID of the entity associated with the event.


eventTimestringformat date-time

Event timestamp.


triggeredByAnonymizeRequestboolean

Whether the event was triggered as a result of a privacy regulation application (for example, GDPR).


originatedFromstring

If present, indicates the action that triggered the event.


updatedEventUpdatedEvent

Event information.

Event Body

The data payload will include the following as an encoded JWT:

JSON
{ "data": { "eventType": "wix.moderation.v1.rule_updated", "instanceId": "<app-instance-id>", "data": "<stringified-JSON>", // The identity field is sent as a stringified JSON "identity": { "identityType": "<identityType>", // ANONYMOUS_VISITOR, MEMBER, WIX_USER, APP "anonymousVisitorId": "<anonymousVisitorId>", // in case of ANONYMOUS_VISITOR "memberId": "<memberId>", // in case of MEMBER "wixUserId": "<wixUserId>", // in case of WIX_USER "appId": "<appId>" // in case of APP } } }

RuleUpdated
JSON
{ "id": "8aa23cf1-92e1-4d0a-a34c-96bc013d229f", "entityFqdn": "wix.moderation.v1.rule", "slug": "updated", "entityId": "e3acb53a-cfed-41bc-9de5-e4060426c13a", "updatedEvent": { "currentEntity": { "id": "e3acb53a-cfed-41bc-9de5-e4060426c13a", "revision": "3", "createdDate": "2023-10-06T13:57:20.564Z", "updatedDate": "2023-10-06T13:59:36.455Z", "namespace": "comments/14bcded7-0066-7c35-14d7-466cb3f09103", "name": "Forbid to comment with link and images", "audience": { "type": "MEMBERS" }, "trigger": { "contentFeatures": { "videos": true, "images": false, "links": true } }, "exemptions": { "memberGroups": ["1149dbee-acc1-49ac-bedf-43176155e84a"], "memberIds": ["05565bc9-3d16-4fc8-ab8e-20b13a0730d8"] }, "action": { "type": "REJECT" }, "enabled": true } }, "eventTime": "2023-10-06T13:59:36.455060Z", "triggeredByAnonymizeRequest": false, "entityEventSequence": "2" }
Did this help?

Rule Deleted


Developer Preview

This API is subject to change. Bug fixes and new features will be released based on developer feedback throughout the preview period.

Triggered when a rule is deleted.

Permissions
Manage Moderation Rules
Learn more about app permissions.
Event BodyEvent Body Event data is received as a JSON Web Token (JWT). It may be delayed. Be sure to verify the data was sent by Wix.
Event Data
idstring

Unique event ID. Allows clients to ignore duplicate webhooks.


entityFqdnstring

Fully qualified domain name of the entity associated with the event. Expected wix.moderation.v1.rule.


slugstring

Event name. Expected deleted.


entityIdstring

ID of the entity associated with the event.


eventTimestringformat date-time

Event timestamp.


triggeredByAnonymizeRequestboolean

Whether the event was triggered as a result of a privacy regulation application (for example, GDPR).


originatedFromstring

If present, indicates the action that triggered the event.


deletedEventstruct

Event information.

Event Body

The data payload will include the following as an encoded JWT:

JSON
{ "data": { "eventType": "wix.moderation.v1.rule_deleted", "instanceId": "<app-instance-id>", "data": "<stringified-JSON>", // The identity field is sent as a stringified JSON "identity": { "identityType": "<identityType>", // ANONYMOUS_VISITOR, MEMBER, WIX_USER, APP "anonymousVisitorId": "<anonymousVisitorId>", // in case of ANONYMOUS_VISITOR "memberId": "<memberId>", // in case of MEMBER "wixUserId": "<wixUserId>", // in case of WIX_USER "appId": "<appId>" // in case of APP } } }

RuleDeleted
JSON
{ "id": "84311148-97ce-489f-b568-84432fa8d156", "entityFqdn": "wix.moderation.v1.rule", "slug": "deleted", "entityId": "e3acb53a-cfed-41bc-9de5-e4060426c13a", "deletedEvent": { "movedToTrash": true }, "eventTime": "2023-10-06T14:00:13.693401Z", "triggeredByAnonymizeRequest": false, "entityEventSequence": "3" }
Did this help?