Three lines

Uber

Developers
Docs
Search

Getting Started

Privileged and Confidential This endpoint design has been confidentially shared with you. It is still under development and is subject to change without notice. Please do not share this document or API endpoint details with anyone who is not authorized to have access. For more information read about scopes.

Integrate APIs

Begin seamlessly integrating Uber APIs into your application with this comprehensive guide, which covers everything from creating your developer account to finalizing setup and receiving ongoing support. Harness the full potential of Uber’s platform functionalities to meet your business requirements.

  1. Sign into Developer Portal: Visit https://developer.uber.com/dashboard and log in to your account.
  2. Creating Developer Application: In the Developer dashboard, create a new developer application. Access this option from the top-right corner of the home page.
  3. Explore Developer Dashboard: Familiarize yourself with the developer dashboard, which contains essential information about your application.
  4. Configure Authentication: Navigate to the Setup tab in your app settings to access your app’s clientID and client secret.
  5. Register Redirect URI and Privacy Policy: If your app requires access to API’s using OAuth authorization code mechanism, register the redirect URI and Privacy Policy URL in the of your Setup tab within the Authentication section.
  6. Register Webhook URL: If one desires to receive webhooks from Uber, they can register their webhook URL using this link and should also specify the webhook callback URL in the Setup tab within the Authentication section.
  7. Finalize Setup: Once all necessary configurations and requests have been completed, finalize the setup for your application and APIs or webhooks.
Integrate Webhooks

  1. Enabling a new webhook To integrate webhooks effectively, supplier companies must configure a robust HTTP POST endpoint that adheres to Uber’s specified API schema. This endpoint should be securely accessible, supporting HTTPS and authentication measures for data protection. It’s crucial to ensure compatibility with Uber’s callback mechanism and thoroughly test the endpoint’s functionality to handle incoming requests seamlessly.

    Request Header Parameters

    Name Type Value Description
    Content-Type String application/json The content type is JSON.
    X-Uber-Signature String A hexadecimal HMAC signature of the webhook HTTP request body, using the client’s secret as a key and SHA256 as the hash function. This signature should be verified to make sure the events are really from Uber.
    X-Environment String Production or sandbox Indicates if this request is coming from the production or sandbox environment.

    Request Query/Body Parameters

    Name Type Description
    event_id String Unique event identifier, which can be used to ensure that events are only digested once. This is an Uber-generated UUID.
    event_time Integer Unix timestamp of the time the event occurred.
    event_type String The type of event that occurred.
    meta Object The object contains additional information that is specific to the event_type. To check the meta for a particular webhook, refer to the corresponding webhook’s API reference example section in documentation.

  2. Register to the webhook Register the URL of the HTTP POST endpoint in the developer dashboard application under the Settings/RIDE REQUESTS/Webhook URL section. Here, you will input the endpoint URL to establish the connection for webhook notifications.

  3. Enabling webhook notification The process of subscribing to a webhook involves manual steps. Coordinate with your designated Uber POC to initiate the webhook subscription process, providing a detailed list of the specific webhooks required for integration.

  4. Webhook Security Guidelines Uber’s webhook framework doesn’t support OAuth access mechanism while calling partner’s endpoints. Here is how you can check for the authenticity of the API call (if Uber is calling the webhook endpoint):

    • Uber will generate a hexadecimal HMAC signature for the webhook HTTP request body using the client secret (for the application registered on the developer dashboard) as the key and SHA256 as the hash function.
    • This HMAC signature will be sent with the webhook as the X-Uber-Signature header field.

    Python Example:

    import hmac
digester = hmac.new(client_secret, webhook_body, hashlib.sha256)
return digester.hexdigest()

    Supplier organizations can similarly generate this value on their side and compare both signatures. If the signatures don’t match, the API call can be discarded.

Integrate APIs
Integrate Webhooks

Uber

Developers
Docs
© 2023 Uber Technologies Inc.
Privacy
Accessibility
Terms