Three lines

Uber

Developers

3rd Party Authentication

The Uber for Business API supports OAuth 2.0. We support both the client_credentials grant type and authorization_code type.

Overview

Third party authentication is designed to establish a reliable mechanism to authorize U4B business organizations to authorize a third party (3P) business. Once the U4B organization authorizes the 3P application, the 3P will have the ability to access the U4B APIs.

Scope

business.receipts

Authorizing 3P

The U4B organization can authorize the 3P application via the authorization endpoint.

Host https://business.uber.com
Authorization Endpoint https://business.uber.com/authorize
Query Parameters
Parameter Description
client_id Client ID of the 3P application
scope business.receipts
redirect_uri The URI we will redirect back to after an authorization by the resource owner.
app_name The name of the 3P application
Example

https://business.uber.com/authorize?client_id=<CLIENT_ID>&scope=<SCOPE>&redirect_uri=<REDIRECT_URI>&app_name=<APPLICATION_NAME>

Note: Replace the all the with respective values. All the parameters mentioned in the above endpoint are mandatory. Accessing the authorization endpoint takes the user to a secure login page where the U4B organization can login and authorize the third party application. Upon successful authorization, Uber for Business will issue an HTTP 302 redirect to the redirect_uri. On the redirect URL, there will be an Organization UUID(org_uuid) appended. (as shown below)

GET https://your-redirect-uri/?org_uuid=<ORGANIZATION_UUID>

Revoking 3P authorization

The U4B organization can revoke the 3P authorization via the revoke endpoint.

Host https://business.uber.com
Authorization Endpoint https://business.uber.com/revoke
Query Parameters
Parameter Description
client_id Client ID of the 3P application
org_uuid The organization UUID received in the redirect URI.
app_name The name of the 3P application
redirect_uri The URI we will redirect back to after the authorization is revoked by the resource owner.
Example

https://business.uber.com/revoke?org_uuid=<ORGANIZATION_UUID>&client_id=< CLIENT_ID>&app_name=<APPLICATION_NAME>

Note: Replace the all the with respective values. All the parameters mentioned in the above endpoint are mandatory.

Errors
Error Description
invalid_request The authorization request is invalid. Required parameters were not provided or in the wrong format.
revoke_canceled The organization admin has denied revoke authorization request
invalid_client The client ID is invalid.
invalid_scope The scope parameter provided is not a valid subset of scopes.
access_denied The organization has denied your authorization request.

Uber

Developers
© 2023 Uber Technologies Inc.