bannerColor WARNING_YELLOW templateName stackForums


Migrating all applications to Member Permissions

To ensure that our members have a consistent authentication experience across our platform, we are requiring all applications to use Member Permissions by August 5th.

In August 2012, we introduced Member Permissions. This feature allows you to specify exactly which information the member shares with your application and actions you can take on their behalf. In November 2012, we introduced a migration path to this new flow for applications created before that change. We have been thrilled to see the excitement in adopting Member Permissions and many of you are already using it to streamline your site registration.

Key benefits of this feature are as follows:

  • Members have more visibility: LinkedIn members have clearer visibility into the data and actions your application requests access to.
  • Standardized lifespan of access tokens: Previously members could choose to grant tokens ranging from one day to forever. Now all tokens are 60-days in length. Developers can proactively renew tokens in 60-day increments when members come back to their app.
  • Ability to fetch additional profile data: You can fetch email address of the authenticated user, which wasn't previously available.
  • Standardized profile data: You can continue to access the Full Profile of logged in member, however you can only retrieve the Basic Profile for users other than the authenticating member.

LinkedIn Authentication screen before migration

LinkedIn authentication dialog before migration
LinkedIn Authentication screen after migration

LinkedIn authentication dialog after migration

What does that mean for your current application?
If you are already using Member Permissions, you will not be impacted by this. Otherwise, once you migrate your application, your current access tokens will continue to be valid but will have a 60-day lifespan. When you renew these tokens or for first time users, the user will see our authorization dialog which details the member permissions that your application requests. Any subsequent renewals of the token will be seamless to the user as long as the permission scopes of your application haven't changed and the user is still logged into LinkedIn.

What if your application is not migrated by August 5th?
Starting July 16th, we will automatically migrate applications that are not already on the new flow. All your existing access tokens will be enabled for all scopes, except for email address. This mimics the behavior prior to the migration, with the exception that new data accessibility rules for connection profiles will be in effect and the expiration of access tokens will be set to 60-days.

We understand this migration requires some changes on your part, and our goal is to provide you with the lead time and support you need to be successful. We're excited to help enhance your application's user experience and help you make the most of what the LinkedIn Platform has to offer.

If your application was created before August 7th 2012, learn how to migrate your application.

-- Shikha Sehgal