Marketing Permissions Migration Guide

  • Article
  • 4 minutes to read

Important

This migration is complete. This page is left for reference purposes only.

Introduction

LinkedIn is making changes to a selection of our permissions to better serve our members and partners. This document serves as a migration checklist for developers migrating their applications to use LinkedIn’s new permissions. The guide was created for LinkedIn’s Marketing Solutions' partners. It may not apply to all the partners, depending on the program they belong to.

Who is affected?

Check whether you need to migrate permissions or re-authorize with new permission(s) by verifying if your app is asking for any of the following old permissions rw_ad_campaigns, r_ad_campaigns, rw_organization, r_organization, rw_dmp_segments, r_ads_leadgen_automation, rw_company_admin, w_share) when requesting access to LinkedIn resources during OAuth 2.0 authorization process and/or during the Linkedin application configuration, you'll have to prompt your users to reauthorize and get tokens for the associated mapped new permissions. Please refer to our Authorizing with OAuth 2.0 guide for a detailed walk-through of how to get your application authorized and successfully interacting with LinkedIn's v2 REST APIs.

Migration Checklist for developers

  1. Figure out which permissions are used by your app and look up the equivalent ones using our old to new permissions mapping. Permissions not part of this list remain unchanged as part of this migration.
  2. Update your app code, replacing old permission with the associated new permission for scope argument during the authorization step of the OAuth 2.0 process.
  3. Note that if you change the scope permissions that your application requires, your users will have to re-authorize to ensure that they have explicitly granted your application all permissions that it requests on their behalf. Hence, it is important you replace all the old permissions to new permissions as one single change to avoid re-authorizing users multiple times. Tip: When messaging to your users the need to re-authorize access to their Linkedin capabilities, we suggest the following language: " LinkedIn permissions have changed. Please re-authorize your account to continue."
  4. Please verify that no old permissions are referenced in:
    • Your application’s source code, when requesting for access tokens
    • Your application’s configuration files
    • The default permissions in your [application configurations](https://www.linkedin.com/developer/apps
  5. To avoid interruptions in service, ensure the scope argument changes are in production prior to the deadline date shared via email.
  6. In addition, please review your permissions to check your current use case and usage of resources and then request the minimum set of permissions needed from the member. Please refer to this comprehensive list of resources that belong to each of the new permissions.
  7. You can test the OAuth flow with the ‘test-member’ to see if the user’s access token is updated after the scope argument code changes as follows-
    • Test member grants application access to the new permissions after the scope argument changes
    • Confirm access token can make calls to all the endpoints your app needs
  8. Verify the completion of migration by checking the timestamp of the access tokens in your data storage. All access tokens must have a timestamp greater than the timestamp of when you deployed the scope argument change in production.
  9. If you believe a needed resource is missing in the new permissions, please contact us with questions requesting support for permission migration.

Old to New Permissions Mapping

Old Permissions *to be deprecated Associated New Permissions
rw_ad_campaigns
  • rw_ads - Manage member’s advertising accounts
  • r_ads_reporting - Retrieve reporting for member’s advertising accounts
  • r_targeting - Discover targeting facets and targeting entities. This scope is provided to all Marketing Developer Platform partners, please do not request this scope in your OAuth flow.
r_ad_campaigns
  • r_ads - Retrieve member’s advertising accounts
  • r_ads_reporting - Retrieve reporting for member’s advertising accounts
  • r_targeting - Discover targeting facets and targeting entities. This scope is provided to all Marketing Developer Platform partners, please do not request this scope in your OAuth flow.
rw_organization
  • r_member_social - Retrieve member’s posts, comments, likes, and other engagement data.
  • w_member_social - Post, comment and like posts on member’s behalf
  • rw_organization_admin - Manage member’s organizations' pages and retrieve reporting data
  • w_organization_social - Post, comment and like posts on behalf of member’s organizations
  • r_organization_social - Retrieve member’s organizations' posts, including any comments, likes and other engagement data
  • r_organization_lookup - Read organizations by ids. This scope is provided to all Marketing Developer Platform partners, please do not request this scope in your OAuth flow.
r_organization
  • r_member_social - Retrieve member’s posts, comments, likes, and other engagement data.
  • rw_organization_admin - Manage member’s organizations' pages and retrieve reporting data
  • r_organization_social - Retrieve member’s organizations' posts, including any comments, likes and other engagement data
  • r_organization_lookup - Read organizations by ids
rw_dmp_segments
  • r_ads - Retrieve member’s advertising accounts
  • rw_dmp_segments - Create and manage member’s matched audiences
  • Note: Some endpoints that were earlier available under the ‘rw_dmp_segments’ permission are being moved into ‘r_ads’ permissions. You must request both these permissions to ensure continued access to these endpoints.
r_ads_leadgen_automation
  • r_ads - Retrieve member’s advertising accounts
  • r_organization_social - Retrieve member’s organizations' posts, including any comments, likes and other engagement data.
  • r_ads_leadgen_automation - Access member’s Lead Gen Forms and retrieve leads
  • Note: Some endpoints that were earlier available under the ‘r_ads_leadgen_automation’ permission are being moved into ‘r_ads’ and ‘r_organization_social’ permissions. You must request all three permissions to ensure continued access to these endpoints.
rw_company_admin
  • rw_organization_admin - Manage member’s organizations' pages and retrieve reporting data
  • r_organization_social - Retrieve member’s organizations' posts, including any comments, likes and other engagement data
  • w_organization_social - Post, comment and like posts on behalf of member’s organization's
w_share
  • w_organization_social - Post, comment and like posts on your organization's behalf
  • w_member_social - Post, comment and like posts on member’s behalf

Contact Us

  • Please submit permissions-related support requests via Zendesk at https://linkedin.zendesk.com/hc/en-us.
  • When selecting a reason for your submission, choose "Permissions Migration".
  • In the "Subject" of your submission, please include the name of your organization, the name of the permission in question, and your specific issue summary- like "My company name | rw_organization_admin | new permission fails authorization"