9

I am making a request to https://sandbox-api.uber.com/v1/requests using the Bearer token for my account (which is the admin of the Uber app).

When I make the request I get a 401:

{
    "message": "Missing scope: request",
    "code": "unauthorized"
}

As I've said, the access_token I have is for the email address that is registered as the app admin so this request should work right?

George Harnwell
  • 784
  • 2
  • 9
  • 19
  • when authorize, you should pass in a param called `scope`, with value `request` – wong2 Apr 14 '15 at 16:45
  • 1
    I'm also getting the same problem. My url string is: "https://login.uber.com/oauth/authorize?response_type=code&client_id=MY_CLIENT_ID&scope=profile%20history_lite%20history%20request" In response I'm getting "invalid scope requested" Can anyone help? – Kaushick Gope Jul 02 '15 at 13:01
  • 1
    @KaushickGope this error might be due to you are signing in to Uber, using different account than the one you have used for registering your app. Say, you have 2 accounts at Uber: 1. foo@mail.com 2. bar@mail.com Your Uber app is registered under foo@mail.com, and when you test uber oauth, you decide to sign in to Uber under bar@mail.com. In this way Uber will return `error=invalid_scope`. To bypass this, you must add "bar@mail.com" to the "Users with access" section in your Uber App Dashboard (it's under Developers tab). – chaimann Nov 24 '15 at 14:43
  • @KaushickGope Or you forgot to URL encode the parameters you put in the query string https://en.wikipedia.org/wiki/Percent-encoding – Alex Bitek Jan 25 '16 at 19:36
  • I am facing the same issue, @George Harnwell, did you find any solution? – Onkar Janwa May 11 '16 at 09:05

3 Answers3

4

Yes when you call https://login.uber.com/oauth/authorize

you should request "&scope=profile%20history_lite%20history%20request"

sim_on
  • 101
  • 3
  • 5
  • With this value I'm getting an error: "INVALID SCOPE REQUESTED". Did you get a success result with this call? Can you please say what configuration is needed for request scope? – Kaushick Gope Jul 02 '15 at 14:45
  • I have recently tried using the APIs and also get the "Invalid scope" error, if I try to use my personal account. On the other hand, if I try to use the dev account created for testing, it works fine. Any form of help would be great! – alt-ctrl-dev Feb 28 '16 at 12:19
1

If you try this repo on Github which is a thin wrapper for Uber APIs, you can make requests easily.

Or you can do the scope thing yourself if you have the OAuth2 framework, what you can do is pass in the necessary scope strings into below API:

[[NXOAuth2AccountStore sharedStore] setClientID:_clientID
                                         secret:_clientSecret
                                          scope:[NSSet setWithObjects:@"request", @"history_lite", @"profile", @"request_receipt", nil]
                               authorizationURL:[NSURL URLWithString:@"https://login.uber.com/oauth/authorize"]
                                       tokenURL:[NSURL URLWithString:@"https://login.uber.com/oauth/token"]
                                    redirectURL:[NSURL URLWithString:_redirectURL]
                                  keyChainGroup:nil
                                 forAccountType:_applicationName];
bolizhou
  • 1,208
  • 1
  • 13
  • 31
0

The Uber OAuth contains 2 steps:

  1. Authorisation endpoint: https://login.uber.com/oauth/v2/authorize
  2. Token exchange endpoint: https://login.uber.com/oauth/v2/token

In order to gain the proper scopes you need to pass the query string to the first step api call, something like:

https://login.uber.com/oauth/v2/authorize?client_id={cliend_id}&response_type=code&response_type=code&scope=profile%20history%20request%20places

Then you should be able to use the Step 1 https://your-redirect-uri/?code=AUTHORIZATION_CODE to make further exchange access_token.

The access_token itself should telling you if gained the correct scopes or not, you can check it by https://jwt.io/ just paste your access_token.

Peter.Wang
  • 2,051
  • 1
  • 19
  • 13