Three lines

Uber

Developers

3rd Party Authentication

Privileged and Confidential This endpoint design has been confidentially shared with you. It is still under development and is subject to change without notice. Please do not share this document or API endpoint details with anyone who is not authorized to have access. For more information read about scopes.

Overview

Third party authentication is designed to establish a reliable mechanism to authorize U4B business organizations to authorize a third party (3P) business. Once the U4B organization authorizes the 3P application, the 3P will have the ability to access the U4B APIs.

Scope

guests.trips

Authorizing 3P

The U4B organization can authorize the 3P application via authorization endpoint.

Host https://business.uber.com
Authorization Endpoint https://business.uber.com/authorize
Query Parameters
Parameter Description
client_id Client ID of the 3P application
scope guests.trips
redirect_uri Once the authorization is successful, it will be redirected to the URL provided here.
app_name The name of the 3P application
Example

https://business.uber.com/authorize?client_id=<CLIENT_ID>&scope=<SCOPE>&redirect_uri=<REDIRECT_URI>&app_name=<APPLICATION_NAME>

Note: Replace the all the with respective values. All the parameters mentioned in the above endpoint are mandatory. Accessing the authorization endpoint takes the user to a secure login page where the U4B organization can login and authorize the third party application. Upon successful authorization, Uber for Business will issue an HTTP 302 redirect to the redirect_uri. On the redirect URL, there will be an Organization UUID(org_uuid) appended. (as shown below)

GET https://your-redirect-uri/?org_uuid=<ORGANIZATION_UUID>

The value of query parameter org_uuid should be used in all the API calls as header x-uber-organizationuuid:<org_UUID> while creating ride requests by third party apps. Please note that the rides will be billed to the respective Organization based on the org_uuid used at the time of ride creation.

Revoking 3P

The U4B organization can revoke the 3P application via revoke endpoint.

Host https://business.uber.com
Authorization Endpoint https://business.uber.com/revoke
Query Parameters
Parameter Description
client_id Client ID of the 3P application
org_uuid The organization UUID received in the redirect URI.
app_name The name of the 3P application
redirect_uri Once the access is revoked, it will be redirected to the URL provided here.
Example

https://business.uber.com/revoke?org_uuid=<ORGANIZATION_UUID>&client_id=< CLIENT_ID>&app_name=<APPLICATION_NAME>&redirect_uri=<REDIRECT_URI>

Note: Replace the all the with respective values. All the parameters mentioned in the above endpoint are mandatory.

Errors
Error Description
Invalid Request The authorization request is invalid. Required parameters were not provided or in the wrong format.

Uber

Developers
© 2023 Uber Technologies Inc.