Getting started overview

Integrating with the Uber Developer Platform enables third-party applications to interact with Uber's services, such as requesting rides, managing deliveries, or accessing business travel features. The process for getting started involves several key steps, beginning with setting up a developer account and registering an application. Developers typically need to define their specific use case to ensure they request the correct API access and permissions.

Uber's API operates primarily on an OAuth 2.0 authorization framework, which means applications must obtain user consent to access certain data or perform actions on their behalf. For server-to-server interactions that do not involve specific user data, a Client Credentials Grant flow may be applicable. The platform offers SDKs for mobile development (iOS, Android) and supports various programming languages for server-side integrations.

Before making your first API call, it is essential to understand the authentication requirements and the scope of data your application will need access to. Uber emphasizes secure handling of user data and requires adherence to its developer terms, including privacy and data security guidelines. The platform's documentation provides detailed guides for different integration scenarios, from basic ride requests to more complex logistics solutions.

Create an account and get keys

To begin integrating with the Uber API, you first need to establish a developer account and register your application. This process grants you the necessary credentials (client ID and client secret) to authenticate your API requests.

Step 1: Sign up for an Uber Developer Account

  1. Navigate to the Uber Developer Platform homepage.
  2. Click on the "Sign Up" or "Get Started" option. You may be prompted to use an existing Uber user account or create a new one.
  3. Complete the registration form, providing required information such as your name, email, and agreeing to the developer terms and conditions.
  4. Verify your email address if prompted.

Step 2: Register Your Application

  1. Once logged into your developer dashboard, locate the option to "Create App" or "New Application".
  2. Provide a descriptive name for your application. This name will be visible to users when they grant permissions.
  3. Specify the application's redirect URI(s). These are the URLs to which Uber will redirect users after they authorize your application. For development, a common practice is to use http://localhost:port or a similar development URL. Ensure these URIs are correctly configured in your application settings on the developer dashboard and match those used in your OAuth flow.
  4. Select the necessary "Scopes" for your application. Scopes define the specific permissions your application requests from users (e.g., request for requesting rides, profile for user profile information). Choose only the scopes essential for your application's functionality to minimize permission requests to users. Consult the Uber API Scopes documentation for a complete list.
  5. Submit your application registration. Upon successful registration, you will be provided with your application's Client ID and Client Secret. These credentials are vital for authenticating your API calls and should be stored securely and never exposed in client-side code.

Quick Reference: Account and Key Setup

Step What to Do Where
1. Create Account Register on the developer platform Uber Developer Platform
2. Register App Provide app name, redirect URIs, select scopes Developer Dashboard (after login)
3. Retrieve Keys Note Client ID and Client Secret Application Settings on Developer Dashboard
4. Configure Redirect URI Add valid URIs for OAuth callback Application Settings
5. Select Scopes Choose necessary permissions for your app API Scopes documentation and Application Settings

Your first request

Making your first authenticated request to the Uber API typically involves the OAuth 2.0 Authorization Code Grant flow. This flow is used when your application needs to access user-specific data or perform actions on a user's behalf (e.g., requesting a ride). For server-to-server requests without user context, the Client Credentials Grant may be used, though many core Uber API features require user authorization.

OAuth 2.0 Authorization Code Grant Flow (Example)

This example outlines the steps for obtaining an access token and then using it to make a simple request, such as fetching a user's profile.

Step 1: Redirect User for Authorization

Your application initiates the OAuth flow by redirecting the user's browser to Uber's authorization endpoint. This URL will include your client_id, redirect_uri, and the scope of permissions you are requesting.

GET https://login.uber.com/oauth/v2/authorize
  ?client_id=YOUR_CLIENT_ID
  &response_type=code
  &redirect_uri=YOUR_REDIRECT_URI
  &scope=profile%20request
  &state=OPTIONAL_STATE_PARAMETER

The user will be prompted to log in to their Uber account (if not already) and grant your application the requested permissions. After authorization, Uber redirects the user back to your redirect_uri with an authorization code and the optional state parameter.

Step 2: Exchange Authorization Code for Access Token

Upon receiving the authorization code, your application (from your server-side backend) makes a POST request to Uber's token endpoint to exchange this code for an access_token and a refresh_token.

POST https://login.uber.com/oauth/v2/token
Content-Type: application/x-www-form-urlencoded

client_id=YOUR_CLIENT_ID
&client_secret=YOUR_CLIENT_SECRET
&grant_type=authorization_code
&redirect_uri=YOUR_REDIRECT_URI
&code=AUTHORIZATION_CODE_FROM_STEP_1

A successful response will return a JSON object containing the access_token, refresh_token, token_type (usually "Bearer"), and expires_in (token lifetime in seconds).

{
  "access_token": "YOUR_ACCESS_TOKEN",
  "refresh_token": "YOUR_REFRESH_TOKEN",
  "token_type": "Bearer",
  "expires_in": 2592000,
  "scope": "profile request"
}

Step 3: Make an Authenticated API Request

With the access_token, you can now make authenticated calls to the Uber API. Include the access token in the Authorization header of your requests as a Bearer token.

Example: Fetching the user's profile:

GET https://api.uber.com/v1.2/me
Authorization: Bearer YOUR_ACCESS_TOKEN
Accept-Language: en_US
Content-Type: application/json

A successful response will return the user's profile information:

{
  "first_name": "John",
  "last_name": "Doe",
  "email": "[email protected]",
  "uuid": "a1b2c3d4-e5f6-7890-1234-567890abcdef",
  "picture": "https://d1w2wslz0g0v1.cloudfront.net/images/users/a1b2c3d4-e5f6-7890-1234-567890abcdef.jpg"
}

For more details on the OAuth flow and specific endpoints, refer to the Uber API Reference.

Common next steps

After successfully making your first API call, consider these next steps to further develop your Uber integration:

  • Explore Additional Endpoints: Review the Uber API Reference to discover endpoints relevant to your application's functionality. This might include endpoints for ride requests, product availability, price estimates, or Uber Eats functionalities.
  • Implement Refresh Token Logic: Access tokens have a limited lifespan. Implement logic to use the refresh_token to obtain new access tokens without requiring the user to re-authorize your application. This is crucial for maintaining continuous access. The OAuth 2.0 Refresh Token grant type provides details on this process.
  • Handle Webhooks: For real-time updates on ride status, delivery progress, or other events, implement and configure webhooks. Uber can send POST requests to your specified endpoint when certain events occur, reducing the need for constant polling. Consult the Uber Webhooks documentation for setup instructions.
  • Error Handling: Implement robust error handling for API responses. Understand common error codes and structures to provide meaningful feedback to your users and debug issues effectively.
  • Secure Your Credentials: Ensure your client_secret and refresh_tokens are stored securely on your server and not exposed client-side. Follow best practices for API key management and secret rotation.
  • Review Rate Limits: Understand the rate limits imposed on Uber API calls to prevent your application from being throttled. Design your application to respect these limits, potentially by implementing retry mechanisms with exponential backoff.
  • Consider SDKs: If developing for iOS or Android, explore the official Uber iOS SDK or Uber Android SDK, which can simplify authentication and interaction with the API.
  • Go Live: Once your application is developed and tested, follow Uber's guidelines for publishing and launching your integration. This may involve additional review processes depending on your application's scope and functionality.

Troubleshooting the first call

Encountering issues during your first API call is common. Here are some troubleshooting tips:

  • "Invalid Scope" Error: Double-check that the scope parameter in your authorization request exactly matches the scopes configured for your application in the Uber Developer Dashboard. Also, ensure the user has granted consent for all requested scopes. Refer to the Uber API Scopes documentation for valid options.
  • "Invalid Redirect URI" Error: The redirect_uri in your authorization request and token exchange request must precisely match one of the redirect URIs configured in your application settings on the Uber Developer Dashboard, including port numbers and trailing slashes.
  • "Invalid Client ID/Secret" Error: Verify that your client_id and client_secret are correct and have not been mistyped. These are case-sensitive.
  • "Invalid Grant" or "Unauthorized Client" During Token Exchange: This often indicates an issue with the authorization code (e.g., it's expired, already used, or incorrect) or a mismatch in client_secret. Ensure you are exchanging the code promptly after receiving it, as codes have a short lifespan.
  • "Missing Authorization Header" or "Invalid Access Token" on API Calls: Ensure your access_token is correctly included in the Authorization: Bearer YOUR_ACCESS_TOKEN header. Verify the token hasn't expired. If it has, use your refresh_token to obtain a new one.
  • Network Issues: Check your internet connection and ensure your application can reach login.uber.com and api.uber.com. Proxy settings or firewalls can sometimes interfere.
  • Review Uber Developer Dashboard: Log in to your Uber Developer Dashboard to check for any application status warnings, review configured settings, and inspect logs if available.
  • Consult Documentation: The Uber Developer Documentation provides detailed error code explanations and troubleshooting guides for specific API endpoints.