CODEWITHSUNDEEP
oauth
André Fratelli
André Fratelli

Reputation: 6068

OAuth with LinkedIn

I'm currently implementing OAuth with LinkedIn, and running into some issues. Most of them I think I have already overcome, but there are two last issues left unresolved.

When I make the OAuth request I get redirected to LinkedIn's authentication page. Here, LinkedIn asks me if I autorize the app to have access to some info and it lets me know which info it is. If I change the scope parameter the list present there does change, so I guess LinkedIn is receiving that OK. That is, scope = 'r_fullprofile' asks me for my full profile, and scope = 'r_fullprofile,r_emailaddress' asks me for both the profile and email address. So far so good. Here's (part of) the code:

    if provider.name == 'linkedin':
        scope = 'r_fullprofile,r_emailaddress,w_messages'

    return { 'scope': scope } if scope is not None else {}

Then I authorise the app, I do get a response, but I only get some basic info. Always. This info includes the following, which I assume is the basic profile:

  1. headline
  2. lastName
  3. siteStandardProfileRequest
  4. siteStandardProfileRequest[url]
  5. firstName

And that's it, even though I'm asking and authorising the info for the email address, for instance.

Then there's another issue, which is the user ID. Shouldn't I be getting it with the basic profile? I noticed I can parse an ID from the siteStandardProfileRequest[url], because there's a parameter for that URL which is the user ID, but is there a better way? If not, is it safe to parse from the URL?

Best.

Edit:

This is the URL I'm requesting the profile from https://api.linkedin.com/v1/people/~. Should it be something different? I've seen something like https://api.linkedin.com/v1/people/~:(id,first-name,email), but I can't find it in the docs, and honestly doesn't make much sense...

Edit: I'm now using the app settings in LinkedIn to set the default permissions, instead of passing them in the URL query parameters. The result is the same, I only get basic info.

Upvotes: 1

Views: 512

Answers (1)

André Fratelli
André Fratelli

Reputation: 6068

It turns out that it really was the link. LinkedIn does need the :(parameter_1,parameter_2,...) part after the profile URL. This solved the problem.

Setting the permissions, like r_basicprofile, or r_fullprofile as seen here, is not enough. Also, here is a list of profile fields that can be requested.

As such, a profile request URL would look something like this:

https://api.linkedin.com/v1/people/~:(id,formatted-name,industry)

Hope it helps someone else.

Upvotes: 1

Related Questions