Changes to OAuth 2.0 URLs

July 23, 2018

Starting July 23, 2018, we will begin performing automatic redirects for developer applications currently using our legacy OAuth 2.0 UI in favor of our new OAuth 2.0 UI. This change will take effect gradually for select members only, with all members fully upgraded by August 6, 2018.

 

Is my application affected?

Any applications using the legacy OAuth 2.0 UI to acquire an OAuth 2.0 3-legged member token will be impacted by this redirect. If your application currently uses https://www.linkedin.com/uas/oauth2/ within the OAuth 2.0 token retrieval process, these changes include you!

Applications already using the new OAuth 2.0 UI are not impacted by these changes. If your application has implemented LinkedIn's OAuth 2.0 UI within the past year, it is likely you are already using the new OAuth 2.0 UI and no further action is required. 

 

What's new?

As we continue to place members first at LinkedIn, members will experience a newly improved interface to authenticate their LinkedIn credentials and provide consent to third party applications. For any application currently using the legacy OAuth 2.0 UI, the redirect may cause a slight delay during the member authorization process. If you haven't done so already, ensure your application is using the new OAuth 2.0 UI for the optimal member experience. 

 

How will these changes impact users?

Both legacy and new OAuth 2.0 services will continue to behave as expected throughout this transition period. There is no change to the OAuth workflow, or the functionality of existing user tokens. Existing users are not required to re-consent using the new UI. All existing and new user tokens will continue to behave as expected. 

To avoid the 301 redirect, the URL paths for the requests for OAuth auth codes and access codes will need to be changed:

 

From: 

https://www.linkedin.com/uas/oauth2/authorization?response_type=code&client_id=*&scope=*&state=*&redirect_uri=*

https://www.linkedin.com/uas/oauth2/accessToken?grant_type=authorization_code&redirect_uri=*&client_id=*&client_secret=*&code=*

 

To: 

https://www.linkedin.com/oauth/v2/authorization?response_type=code&client_id=*&scope=*&state=*&redirect_uri=*

https://www.linkedin.com/oauth/v2/accessToken?grant_type=authorization_code&redirect_uri=*&client_id=*&client_secret=*&code=*

 

As always, look to the LinkedIn Developer Portal for the latest information about authenticating with the LinkedIn API.