Authentication

Wed, 01/12/2011 - 12:12 — LIDeveloperAdmin


LinkedIn Authorization

When your application acts on behalf of our members, it's important that:

  • The application be able to identify the member
  • The member's privacy is protected
  • LinkedIn can tell which application and member are making the request

To accomplish this, the LinkedIn API uses OAuth as its authentication method. OAuth is a standard for negotiating developer authorization and granting access on behalf of specific members to perform API requests. One of OAuth's benefits is the availability of many third party and open source libraries, allowing developers to authenticate with LinkedIn quickly and in a similar manner to how they authenticate with services such as Twitter, Google, Yahoo, and Netflix.

We strongly suggest that you use an existing OAuth Library for your language instead of implementing the protocol yourself. We have found OAuth to be the largest stumbling block to making your first LinkedIn API call. There are many subtle areas in the protocol around string construction, encoding, and encryption. If you get even one aspect wrong, your code will not authenticate properly and you won't get any useful data back from our servers.

It is still useful to read the following details on OAuth so you understand the flow of data. However, you can take the information in the LinkedIn OAuth details section and plug it directly into your extension without building the strings programatically.

OAuth Documentation


Handy OAuth Tools

One good way to troubleshoot issues with your OAuth implementation is to use another client with the same OAuth parameters and see if the signatures and responses match.  Here are a couple of tools we provide:

  • OAuth Test Page - input your keys and tokens and generate valid signed URLs.  Useful for exploring the API and verifying the signatures your library is generating.
  • Rest Console - from Apigee (video)