Linkedin API access token generation error

Question

i am trying to generate access token to collect linkedin data. I followed the instructions provided in the linkedin API documentaion. I created an app in developers page and got

Answer 1

This error may be scopes related.

On the details of your application when selecting scopes there is this message:

Selecting both r_basicprofile and r_fullprofile is redundant. r_basicprofile will be selected if neither r_basicprofile nor r_fullprofile is checked.

If you are selecting both r_basicprofile and r_fullprofile just uncheck r_basicprofile or remove it from your Authorization Code Request.

Answer 2

finally, i got the access token. The authorization code expires in 20 seconds, so the access token URL must be called immediately after generating the authorization code.

Answer 3

My problem was in redirect_uri which contained url with query parameters (like redirect_uri=encodeURIComponent(http://example.com/callback?query=string)).

If redirect url is completely different linkedin will show you an error before showing you login form, but if redirect_url matches what you specified in linkedin app and contains extra query parameters, you'll not get an error, so once login form is submitted you'll get an invalid code and as a result error as above.

Answer 4

Well, I went through the same problem and here is the process which i went through to fix it.

STEP#1: Authentication:

1. Firstly, the authentication API is to be hit to fetch the authentication token.
2. For this, a URL with Encoded parameters is to be hit as a GET request.
3. Example: https://www.linkedin.com/oauth/v2/authorization?response_type=code&client_id=[your_client_id]&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Flinkedin%2Fcallback&scope=r_emailaddress
4. Please note that here, the parameters are to be encoded programatically.
5. My non-encoded callback URL is: http://localhost:8080/linkedin/callback
6. Therefore, my encoded URL is: http%3A%2F%2Flocalhost%3A8080%2Flinkedin%2Fcallback

Once you hit this as a GET request, you will receive a callback with a code and an optional state parameter.

STEP#2: Getting Access Token:

There are three pre-requisites to this call:

1. The call must be POST
2. It must have a header Content-Type with value application/x-www-form-urlencoded
3. The data must be sent in request body.
4. The value of redirect_url MUST BE SAME as in the previous call.
5. In my case, it was: http://localhost:8080/linkedin/callback

Now the trick here is, that the call in (STEP#1 Authentication) was a GET request. Therefore, the redirect_url had to be programatically encoded.

Since the second call for is POST and is also application/x-www-form-urlencoded encoded, therefore the request body parameters do not have to be explicitly encoded. So, in this case, the redirect_uri would be sent as-is (http://localhost:8080/linkedin/callback)

Here is a snapshot of my Access Token API via postman:

Answer 5

I had the same problem, in my case I was using different redirect_uri for authorization and for access token. I had "proxy": "localhost:3001" in my package.json, and it overriden my request_uri.

So my suggestion: make sure the hosts and redirect_uri are all the same for two requests (both backend and server side).