DEV Community

Shan Khan
Shan Khan

Posted on • Originally published at shanalikhan.github.io on

LinkedIn Rest API with OAuth 2.0

#oauth #api #linkedin #rest

Connecting with LinkedIn Rest API is easy once you know how to authorize the user. Following are the steps that can be performed in .NET / Java using HttpClients or simply from JQuery / Javascript.

  • Register Your Application You need to set the scope of your application after registering, by scope means to define which LinkedIn feature your application is going to use. For advance API levels you might need to contact with Linked In order to get permission.Once you save your configuration, your application will be assigned a unique "Client ID" (otherwise known as Consumer Key or API key) and "Client Secret" value. linkedin
  • Get An Authorization Code

https://www.linkedin.com/uas/oauth2/authorization?response\_type=code&client\_id=YOUR\_APP\_CODE&redirect\_uri=YOUR\_WEBSITE\_ENCODED\_URL&state=987654321

| Parameter | Description | Required |
| response_type | The value of this field should alwaysbe: code | Yes |
| client_id | The "API Key" value generated whenyou registered your application. | Yes |
| redirect_uri |

The URI your users will be sent backto after authorization.

e.g. https://www.example.com/auth/linkedin

| Yes |
| state |

A unique string value of your choice that ishard to guess. Used to prevent CSRF.

e.g. state=DCEeFWf45A53sdfKef424

| Yes |
| scope |

A URL-encoded, space delimited list of memberpermissions your application is requesting on behalf of theuser. If you do not specify a scope in your call, we willfall back to using the default member permissions you definedin your application configuration.

e.g. scope=r_fullprofile%20r_emailaddress%20w_share

| Optional |

  • When Application Is Approved When the application is approved LinkedIN will redirect to your URL with some information with 2 query string parameters.
    • Code - OAuth 2 authorization code
    • state — A value used to test for possible CSRF attacks.
    • error_description - If error is found ( if user pass authorization successfully it doesnt appear in URL )
  • Exchange Authorization Code for a Request Token Now in this final step you have to send POST request in order to get the request token of that user. Default life of that token is 60 days.

https://www.linkedin.com/uas/oauth2/accessToken

Result will be in JSON providing both the access_token and exprire_in for that user. That token can be saved in your database and can be easily used to view data for that user for the next 60 days if your application have still access to access that user information.

  • Getting the user information You can visit this link in order to get the user information.

Post any question in the comment if you find any problem.

Top comments (0)

Read next

darkmavis1980 profile image

Some practical examples on why I prefer Axios over Fetch

Alessio Michelini -

roeland profile image

Google authentication with Symfony 7

Roeland -

bekahhw profile image

Development Tools and Platforms: Open Source, SaaS, and BoxyHQ

BekahHW -

lokendrakushwah profile image

Tailcall API Gateway: A Beginner’s Guide

Lokendra Kushwah -