Authenticating with OAuth 2.0 Overview

The LinkedIn API uses OAuth 2.0 for member(user) authorization and API authentication. Applications must be authorized and authenticated before they can fetch data from LinkedIn or get access to LinkedIn member data.

Depending on the type of permissions your integration will require, follow one of the two authorization flows below in Permission Types to get started.

There are several third-party libraries in the open source community which abstract the OAuth 2.0 authentication process in every major programming language.

Note

LinkedIn does not support TLS 1.0.

Permission Types

Permissions are authorization consents to access LinkedIn resources. The LinkedIn platform uses permissions to protect and prevent abuse of member data. Your application must have the appropriate permissions before it can access data.

Permissions are classified into two types.

Member Authorization

Using 3LA, a LinkedIn member grants permissions to your application to access the member’s resources on LinkedIn. Your application has no access to these resources without member approval. Use this flow if you are requesting access to a member's account to use their data and make requests on their behalf. This is the most commonly used permission type across LinkedIn APIs. Open permissions available to all applications are of this type. These include r_liteprofile, r_emailaddress, and w_member_social.

Application Authorization

Using 2LA, LinkedIn grants permissions to your application to access protected LinkedIn resources. If you are accessing APIs that are not member specific, use this flow. Not all APIs support Application Authorization. For example, Marketing APIs must use Member Authorization.

Note

Always request the minimal permission scopes necessary for your use case.

Sample Application

You can explore the OAuth Sample Applications that enables you to try out RESTful OAuth calls to the LinkedIn Authentication server. Additionally, you can also explore the Marketing Sample Application.