CODEWITHSUNDEEP
oauth-2.0linkedin-api
Markos Fragkakis
Markos Fragkakis

Reputation: 7771

unauthorized_scope_error in LinkedIn oAuth2 authentication

I am following the official Microsoft instructions in Sign in with Linkedin (there are also the Linkedin instructions here), which also link here for the authorization code flow. As instructed, I have set up a linkedin application and used the client id and secret to initiate an oAuth 2 flow, requesting the r_liteprofile and r_emailaddress scopes.

Instead of getting the login form, I am redirected to my callback url with the following params:

error: unauthorized_scope_error error_description: Scope "r_liteprofile" is not authorized for your application state: cfa970987c9a3c2178dddeda0d81dab3e00dce4c683098d6

This is the list of default scopes (which, as per the documentation, are the ones granted if you don't specify a list of scopes yourself), and the r_liteprofile is not in there.

enter image description here

Is the documentation out of date, or am I overlooking something?

Upvotes: 31

Views: 32763

Answers (10)

Bhaskara Arani
Bhaskara Arani

Reputation: 1657

Try adding

openid
Use your name and photo
profile
Use your name and photo
w_member_social
Create, modify, and delete posts, comments, and reactions on your behalf
email
Use the primary email address associated with your LinkedIn account

enter image description here

Upvotes: 0

Anoop Kumar
Anoop Kumar

Reputation: 912

If you're encountering an "invalid_scope_error" while working with LinkedIn API in Python, it typically means that the requested scope in your authentication request is not valid or not allowed for your application.

For 2023 and further the scope has been changed from r_liteprofile, r_emailaddress and w_member_social to profile, email and w_member_social

you can try with below code

import requests

client_id = 'your_client_id'
redirect_uri = 'your_redirect_uri'
scope = 'profile email w_member_social'  # Modify this based on your required scopes

authorization_url = f'https://www.linkedin.com/oauth/v2/authorization?response_type=code&client_id={client_id}&redirect_uri={redirect_uri}&scope={scope}'

print(f'Please go to the following URL to reauthorized your application: {authorization_url}')

:)

Upvotes: 2

Rahman Idrees
Rahman Idrees

Reputation: 11

the solution is to include the following scope in your OAuth2 authentication request: scope: 'openid email profile'

Upvotes: 1

Benjamin Piette
Benjamin Piette

Reputation: 3783

Post August 2023:

For those wondering, LinkedIn changed their oauth scopes again, see https://learn.microsoft.com/en-us/linkedin/consumer/integrations/self-serve/sign-in-with-linkedin-v2

Scope names are now "email"/etc, not "r_emailaddress" any more.

Upvotes: 7

Herilala Michel
Herilala Michel

Reputation: 1

We must add a product with Sign In with LinkedIn (click on select): Product menu with "Sign in with linkedin" selected.png. Then, in the auth menu: OAuth 2.0 scopes, we get this : Auth menu scope.png

Upvotes: 0

Eaweb
Eaweb

Reputation: 988

My little contribution in 2021.

It seems like Linkedin keeps changing the value for scopes.

On the Linkedin developer portal looking under OAuth 2.0 scopes section in the Auth tab, I found the values that finally worked for me.

PS: Make sure to enable Sign-in from the product Tab. Linkedin API scope

Upvotes: 5

Er Sahaj Arora
Er Sahaj Arora

Reputation: 862

Navigate to Products in the LinkedIn Developer Console and select Sign in with LinkedIn.

The verification process takes a few moments and then r_emailaddress and r_liteprofile should appear under your permissions.

Upvotes: 1

Bala.Raj
Bala.Raj

Reputation: 1051

We have to enable "Sign In with LinkedIn" under the products tab, only then you can avail that scope (r_liteprofile and/or r_emailaddress) and services.

enter image description here

This goes for the review process(System takes max 60 mins to approve) and If your request has been approved, the relevant product will be moved to the "Added products" section.

enter image description here

Upvotes: 45

CragMonkey
CragMonkey

Reputation: 848

Solution for me was to click "select" next to "Sign In with LinkedIn" on the LinkedIn developers console for my app.

Upvotes: 0

albogdano
albogdano

Reputation: 2840

This happened to me the other day but somehow I was able to get around the issue. The new Microsoft API docs for LinkedIn are up to date. The docs on LinkedIn Developers portal will soon be outdated:

Important update: All developers need to migrate to Version 2.0 of our APIs and OAuth 2.0 by March 1, 2019.

A few things to try:

  • Register a new LinkedIn OAuth 2.0 developer application - newly registered applications have access to the new V2 API
  • Try removing the r_liteprofile scope or revert back to r_basicprofile

Upvotes: 10

Related Questions