Three lines

Uber

Developers

Authentication

Privileged and Confidential This endpoint design has been confidentially shared with you. It is still under development and is subject to change without notice. Please do not share this document or API endpoint details with anyone who is not authorized to have access. For more information read about scopes.

The Uber for Business API supports OAuth 2.0. We support both the client_credentials grant type and authorization_code type.

Token - Client credentials

To generate a client credentials token, retrieve your client_id and client_secret for your app from the developer dashboard and see the example below. Note this endpoint expects requests to be encoded as application/x-www-form-urlencoded or multipart/form-data.

Note: Client credentials grant type requests will be rate limited to 100 requests per hour. After generating 100 tokens with the client credentials grant type, creating a new token will invalidate the oldest token.

Example Request
curl
  -X POST
  -F "client_id=<CLIENT_ID>" \
  -F "client_secret=<CLIENT_SECRET>" \
  -F "grant_type=client_credentials" \
  -F "scope=SPACE_DELIMITED_LIST_OF_SCOPES" \
  "https://auth.uber.com/oauth/v2/token"
Example Response
{
    "access_token": "xxx",
    "token_type": "Bearer",
    "expires_in": 2592000,
    "refresh_token": "xxx",
    "scope": "profile history"
}

Token - Authentication Code

To generate a client credentials token, retrieve your client_id, client_secret, redirect_uri and authorization_code for your app from the developer dashboard and see the example below. Note this endpoint expects requests to be encoded as application/x-www-form-urlencoded or multipart/form-data.

Example Request
curl -F 'client_secret=<CLIENT_SECRET>' \
    -F 'client_id=<CLIENT_ID>' \
    -F 'grant_type=authorization_code' \
    -F 'redirect_uri=<REDIRECT_URI>' \
    -F 'scope=profile' \
    -F 'code=<AUTHORIZATION_CODE>' \
    https://auth.uber.com/oauth/v2/token

Example Response
{
	"access_token":"JA.VUNmGAAAAA...NGNmOGUxOTZlZQ",
	"token_type":"Bearer",
	"expires_in":2592000,
	"scope":"organizations.voucher_programs"
}
Usage

The access_token field will contain the token used to authenticate against the Vouchers APIs.

curl -H 'Authorization: Bearer <TOKEN>' \
     -H 'Accept-Language: en_US' \
     -H 'Content-Type: application/json' \
     -X GET
     'https://api.uber.com/v1.2/me'
Reference
Key Value
url https://auth.uber.com/oauth/v2/token
grant_type client_credentials or authorization_code
Scopes

The following scopes are available for use with the Vouchers APIs.

Scope Description
organizations.voucher_programs Indicates a token has permission to create/update/cancel/get voucher programs and generate codes in client_credentials grant type.
organizations.voucher_programs.delegated Indicates a token has permission to create/update/cancel/get voucher programs and generate codes in authorization_code grant type.
vouchers.redeem Indicates a token that has permission to redeem code on behalf of rider side.
organizations.voucher_programs.aggregator 3rd Party application can be given access to create voucher programs (in client_credentials grant type) on behalf of an organization

Uber

Developers
© 2023 Uber Technologies Inc.