Organization Authorization Update Notification
WEBHOOK: POSThttps://<YOUR_WEBHOOK_URI> event_type: organization_management.authorization_updated
Event indicating that an organization’s authorization is updated.
¶ Retry Attempts
If for some reason the Uber API cannot reach the webhook URL you specified either due to networking issues or application issues on your end, the webhooks service will retry to make a request.
We have implemented an exponential back-off algorithm with a back-off multiplier of 30 seconds which will make up to 7 attempts. This means we will attempt to request your webhook URL up to 7 times across roughly 1 hour.
¶ Webhook Headers
The Uber API will insert specialized headers for all requests made to your webhook URL to help your application utilize them appropriately.
Header | Description |
---|---|
X-Environment |
Indicates if this request is coming from the production or sandbox API. |
X-Uber-Signature |
SHA256 hash of the request body, computed using the app’s signing key as the key. |
¶ Webhook Security
Webhook messages are signed so that your app can verify that the sender is Uber. Webhooks requests contain an X-Uber-Signature
header. The value of this field is a hexadecimal HMAC signature of the webhook HTTP request body, using signing key of primary webhook url as a key and SHA256 as the hash function.
Python Example
digester = hmac.new(signing_key, webhook_body, hashlib.sha256)
return digester.hexdigest()
¶ Polling
For critical applications, we recommend complementing your webhook’s implementation with regular polling in case webhook notifications are lost.
¶ Webhook Event Structure
Name | Type | Description |
---|---|---|
event_type |
string |
The type of event that occurred. |
organization_id |
string |
Organization ID for which authorization was updated |
partner_data |
object |
Partner specific payload. (Can have custom key value pairs) [Available for specific partners] |
scopes |
[]string |
List of Scopes for which authorization was updated |
status |
string |
Authorization Status of Organization (GRANTED/REVOKED) |
event_type |
string |
Event Type |
webhook_meta |
object |
The object containing additional information that is specific to the webhook . |
webhook_meta.client_id |
string |
Client ID for the developer |
webhook_meta.webhook_config_id |
string |
Unique identifier of the webhook type. |
webhook_meta.webhook_msg_timestamp |
integer |
Unix timestamp of the time when the webhook event was pushed. |
webhook_meta.webhook_msg_uuid |
string |
Unique identifier, which can be used to ensure that the webhooks are digested only once. |
¶ Example Webhook
{
"event_type": "organization_management.authorization_updated",
"organization_id" :"00000-9435-4883-a320-dfb09dabcefg",
"scopes":["business.receipts", "business.employees"],
"status":"GRANTED",
"partner_data": {
"partner_identifier": "000000-1e41-4a79-b786-c60fa164335a"
},
"webhook_meta": {
"client_id": "uDfYYQXG8GKuc47JVIwxyzspOB_AbcDe",
"webhook_config_id": "u4b-business.organization-authorization-updated",
"webhook_msg_timestamp": 1676458033,
"webhook_msg_uuid": "f543d5e2-ea44-41e5-a395-e7fc9344a0e7"
}
}