"Not enough permissions to access Native PKCE protocol"

Question

I am developing a web application using Spring framework and Java.

I have added a login with linkedin feature to my webapp(domain:localhost); however, i am getting a 403 Forbidden error "Not enough permissions to access Native PKCE protocol" (i am able to redirect to linkedin + allow a consent screen). i get the error when redirecting to my webapp login page.

application.properties
  spring.security.oauth2.client.registration.linkedin.clientId=
  spring.security.oauth2.client.registration.linkedin.secret=
  spring.security.oauth2.client.registration.linkedin.client-authentication-method=post
  spring.security.oauth2.client.registration.linkedin.authorization-grant-type=authorization_code
  spring.security.oauth2.client.registration.linkedin.scope=r_liteprofile
  spring.security.oauth2.client.registration.linkedin.redirect-uri=http://localhost:8080/login/oauth2/code/linkedin
  spring.security.oauth2.client.registration.linkedin.client-name=Linkedin
  spring.security.oauth2.client.registration.linkedin.provider=linkedin
  spring.security.oauth2.client.provider.linkedin.authorization-uri=https://www.linkedin.com/oauth/v2/authorization
  spring.security.oauth2.client.provider.linkedin.token-uri=https://www.linkedin.com/oauth/v2/accessToken
  spring.security.oauth2.client.provider.linkedin.user-info-uri=https://api.linkedin.com/v2/me
  spring.security.oauth2.client.provider.linkedin.user-name-attribute=id

The error was caused by the code

webSecurityConfig
http.oauth2login()

Answer 1

As per the Microsoft doc https://learn.microsoft.com/en-us/linkedin/shared/authentication/authorization-code-flow-native you need to contact the LinkedIn team to enable the PKCE workflow. If you have already done that then Authorization API you need to call is https://www.linkedin.com/oauth/native-pkce/authorization. And if you have stumbled upon PKCE and not intended to use it then just disable the same in Spring configuration.