Three lines

Uber

Developers
Docs
Search

Authentication

The Uber Ads API uses OAuth 2.0 authorization code flow to securely authenticate your application and authorize access to advertising data.

How OAuth 2.0 works

OAuth 2.0 lets users grant your application access to their Uber Ads data without sharing their login credentials. The process involves:

  1. Authorization: Users authorize your app through Uber’s login system
  2. Token exchange: Your app exchanges the authorization code for access tokens
  3. API access: Use access tokens to make authenticated API requests

Required scopes

When requesting authorization, specify the scopes your application needs:

Scope Access
ads.campaigns.read Read access to campaign data
ads.ad-accounts.read Read access to user’s ad accounts
ads.products.read Read access to product endpoints
ads.reporting Access to reporting endpoints

Important: Adding more scopes to your application will require users to go through a reauthorization process. Ensure your integration can handle cases where reauthorization is needed, as users will need to approve the new scope permissions.

Authorization flow

Step 1: Direct users to authorize your app

Send users to Uber’s authorization URL:

https://auth.uber.com/oauth/v2/authorize?client_id=YOUR_CLIENT_ID&redirect_uri=YOUR_REDIRECT_URI&scope=ads.campaigns.read ads.ad-accounts.read ads.products.read ads.reporting&response_type=code

Parameters:

  • client_id - Your application’s client ID from the Developer Dashboard
  • scope - Space-separated list of requested scopes
  • redirect_uri - Where users are redirected after authorization

Step 2: Handle the authorization response

Once the Uber user authenticates and authorizes your app, Uber will issue an HTTP 302 redirect to the redirect_uri. On that redirect, you will have a single-use authorization code which will expire in 10 minutes. The code query parameter is the authorization code needed for the next step.

Step 3: Exchange code for tokens

Make a POST request to exchange the authorization code for access tokens:

curl -X POST https://login.uber.com/oauth/v2/token \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "grant_type=authorization_code" \
  -d "code=AUTHORIZATION_CODE" \
  -d "client_id=YOUR_CLIENT_ID" \
  -d "client_secret=YOUR_CLIENT_SECRET" \
  -d "redirect_uri=YOUR_REDIRECT_URI"

Response:

{
  "access_token": "ACCESS_TOKEN",
  "token_type": "Bearer",
  "expires_in": 3600,
  "refresh_token": "REFRESH_TOKEN",
  "scope": "ads.campaigns.read ads.ad-accounts.read ads.products.read ads.reporting"
}

Using access tokens

Include the access token in the Authorization header of all API requests:

curl -X GET "https://api.uber.com/v1/ads/account/{account_id}/campaigns" \
  -H "Authorization: Bearer {ACCESS_TOKEN}" \
  -H "Content-Type: application/json"
How OAuth 2.0 works
Required scopes
Authorization flow
Using access tokens

Uber

Developers
Docs
© 2025 Uber Technologies Inc.
Privacy
Accessibility
Terms