Getting Started with Organization Authorizations
Warning
Deprecation Notice
The Marketing version 202209 (Marketing September 2022) and below has been sunset and the unversioned APIs are going to be sunset soon. We recommend that you migrate to the versioned APIs as well as migrate to the new Content and Community Management APIs to avoid disruptions. See the Migration page for more details.
If you haven’t yet migrated and have questions, submit a request on the LinkedIn Developer Support Portal.
Members require more granular permissions to assign administrator roles to an employee's job function. In the past, this may have required assigning everyone as an administrator. As new roles are introduced, the task of discovering, mapping, and assigning roles to permissions can be time-consuming.
Current role-based permissions using /organizationAcls are either too powerful or too restrictive.
LinkedIn recommends that partners call the permission-based endpoint /organizationAuthorizations, to check a user's permission level, e.g., authorize user to post as an organization (company.)
host: api.linkedin.com
basePath: /v2
scheme: https
endpoint: /organizationAuthorizations
methods: GET, BATCH_GET, BATCH_FIND
Caution
All request headers should have X-Restli-Protocol-Version: 2.0.0
Role Checking Types
| Endpoint | Authorization type | Access Control | Code changes |
|---|---|---|---|
/organizationAcls |
role-based | Organization Access Controls | For every new role |
/organizationAuthorizations |
permission-based | Organization Authorizations | None |
Note
Using /organizationAuthorizations is optional but recommended.
Why Use Organization Authorizations?
The /organizationAuthorizations endpoint provides a way to determine if a user has access to a particular feature without needing know which roles the user has.
When using /organizationAcls, every new Role introduced by Linkedin will require additional checks for each of your user's permissions. For example, if you are checking /organizationAcls "isAdmin" to determine whether or not they can post as the company, you will need to also check is admin || content admin || each time a new role is released.
Role to Permission Mapping
Each Role is authorized to perform a certain behavior which is mapped a list of permissions with same OrganizationAuthorizationAction, or permission type.
ADMINISTRATOR ROLE
| Behavior | Authorization Actions (permissions) |
|---|---|
| Retrieve and Update Access Control Assignments | OrganizationRoleAuthorizationActionType ADMINISTRATOR_READ ADMINISTRATOR_WRITE DIRECT_SPONSORED_CONTENT_POSTER_READ DIRECT_SPONSORED_CONTENT_POSTER_WRITE PIPELINE_BUILDER_READ PIPELINE_BUILDER_WRITE PENDING_ADMIN_READ PENDING_ADMIN_WRITE PENDING_DIRECT_SPONSORED_CONTENT_POSTER_READ PENDING_DIRECT_SPONSORED_CONTENT_POSTER_WRITE |
| Create, Edit, and Read Posts | OrganizationContentAuthorizationActionType ORGANIC_SHARE_VIEW_AS_AUTHOR ORGANIC_SHARE_CREATE ORGANIC_SHARE_EDIT ORGANIC_SHARE_DELETE DARK_SHARE_CREATE DARK_SHARE_EDIT DARK_SHARE_DELETE DARK_SHARE_VIEW_AS_AUTHOR |
| Read Company Information | OrganizationProfileAuthorizationActionType ADMINISTRATION_PAGE_VIEW |
| View Notifications | OrganizationActivityAuthorizationActionType ORGANIZATION_ACTIVITY_READ |
| View Analytics | OrganizationAnalyticsAuthorizationActionType VISITOR_ANALYTICS_READ FOLLOWER_ANALYTICS_READ UPDATE_ANALYTICS_READ |
| Associate Developer Application | OrganizationApplicationAuthorizationActionType APPLICATION_ASSOCIATE |
CONTENT ADMIN ROLE
| Behavior | Authorization Actions (permissions) |
|---|---|
| Retrieve Access Control Assignments | OrganizationRoleAuthorizationActionType ADMINISTRATOR_READ DIRECT_SPONSORED_CONTENT_POSTER_READ PIPELINE_BUILDER_READ PIPELINE_BUILDER_WRITE PENDING_ADMIN_READ PENDING_DIRECT_SPONSORED_CONTENT_POSTER_READ |
| Create, Edit, and Read Posts | OrganizationContentAuthorizationActionType ORGANIC_SHARE_VIEW_AS_AUTHOR ORGANIC_SHARE_CREATE ORGANIC_SHARE_EDIT ORGANIC_SHARE_DELETE DARK_SHARE_CREATE DARK_SHARE_EDIT DARK_SHARE_DELETE DARK_SHARE_VIEW_AS_AUTHOR |
| Read Company Information | OrganizationProfileAuthorizationActionType ADMINISTRATION_PAGE_VIEW |
| View Notifications | OrganizationActivityAuthorizationActionType ORGANIZATION_ACTIVITY_READ |
| View Analytics | OrganizationAnalyticsAuthorizationActionType VISITOR_ANALYTICS_READ FOLLOWER_ANALYTICS_READ UPDATE_ANALYTICS_READ |
ANALYST ROLE
| Behavior | Authorization Actions (permissions) |
|---|---|
| Retrieve Access Control Assignments | OrganizationRoleAuthorizationActionType ADMINISTRATOR_READ DIRECT_SPONSORED_CONTENT_POSTER_READ PIPELINE_BUILDER_READ PIPELINE_BUILDER_WRITE PENDING_ADMIN_READ PENDING_DIRECT_SPONSORED_CONTENT_POSTER_READ |
| Read Posts | OrganizationContentAuthorizationActionType ORGANIC_SHARE_VIEW_AS_AUTHOR DARK_SHARE_VIEW_AS_AUTHOR |
| Read Company Information | OrganizationProfileAuthorizationActionType ADMINISTRATION_PAGE_VIEW |
| View Notifications | OrganizationActivityAuthorizationActionType ORGANIZATION_ACTIVITY_READ |
| View Analytics | OrganizationAnalyticsAuthorizationActionType VISITOR_ANALYTICS_READ FOLLOWER_ANALYTICS_READ UPDATE_ANALYTICS_READ |
CURATOR ROLE
| Behavior | Authorization Actions (permissions) |
|---|---|
| View Notifications | OrganizationActivityAuthorizationActionType ORGANIZATION_ACTIVITY_READ |
| View Analytics | OrganizationAnalyticsAuthorizationActionType VISITOR_ANALYTICS_READ FOLLOWER_ANALYTICS_READ UPDATE_ANALYTICS_READ |
Next steps: Organization Authorizations
Feedback
Submit and view feedback for