Permission scope in request token query not working

104 posts / 0 new
Last post
Quentin Auvray's picture
Joined: 2012-04-26
Aug 10, 2012
Permission scope in request token query not working

Hi,

I've tried to use the API to get user data using the following request token URL (the exact same as the documentation):
https://api.linkedin.com/uas/oauth/requestToken?scope=r_basicprofile+r_emailaddress

However, the login dialog only shows the user that the application is asking for basic profile access. I tried changing the scope to "r_network" only (or pretty much any other permission type), but nothing will change. Adding the scope in the URL does not change anything at all, in fact.

I've seen that having an old API key might be the problem on other threads, so I generated a new one; but still nothing will change.

Because of this, I can only get access to basic data, while I would wish to have access to more (providing the user allows it).

Any hints?

Trung Vu's picture
Joined: 2011-10-18
Aug 12, 2012

I'm using ruby oauth client and had the same problem. But when i stepped into the code and manually change the path to https://api.linkedin.com/uas/oauth/requestToken?scope=r_basicprofile+r_emailaddress, it works for me. If you're using a library, I would suggest stepping into the code to make sure the path is correct

Jens Uffhaus's picture
Joined: 2012-08-08
Aug 13, 2012

I am using plain C# and when requesting a token using https://api.linkedin.com/uas/oauth/requestToken?scope=r_emailaddress, it also only shows the basic profile. When requesting the email address for the profile I then get an "unauthorized" error, confirming that permission for the email address was not granted.

Peiqiang Hao's picture
Joined: 2012-04-25
Aug 13, 2012

I am using Objective-C, have same problem.

Jack Newcombe's picture
Joined: 2012-02-25
Aug 13, 2012

I've just had exactly the same problem and this is how I fixed it:

1. Make sure your permissions are url encoded, i.e. "r_fullprofile%2Brw_nus%2Br_network"
2. Add the params to your OAuth signature data, but DO NOT add the scope query param to the end of the request URL that you pass to the signature creation method.
3. When making the request, DO add the scope query param to the URL that you make the request to.

So for example, the url following the method in your base string will be: https://api.linkedin.com/uas/oauth/requestToken (this should be encoded in the actual base string).

The url that you actually request will be: https://api.linkedin.com/uas/oauth/requestToken?scope=r_fullprofile%2Brw_nus%2Br_network

Hope this helps someone. I spent a long time trying to use the url WITH query string in my signature base string, and it kept saying INVALID_SCOPE or a generic invalid signature error.

EDIT: incredibly I can only get this working for ONE additional permission. I can have any one of them with basic profile, and that's it. I'll post back if I work out how to get multiple ...

Jack Newcombe's picture
Joined: 2012-02-25
Aug 13, 2012

OK, so I figured it out finally. When you're passing the permissions to your signing method, they should be SPACE-SEPARATED i.e. "r_fullprofile r_network", and url encode, i.e. url_encode("r_fullprofile r_network");

When you put them in your query string to make the request they should NOT be encoded, and separated by + (which is presumably used a url shorthand for space..?) i.e. https://api.linkedin.com/uas/oauth/requestToken?scope=r_fullprofile+r_network

I can provide more information as necessary. I'm working with PHP and Javascript at the moment, but I've implemented OAuth clients for various platforms (and LinkedIn's is by equally the strictest and most well designed API I've come across).

Kamyar Mohager's picture
LinkedIn Employee
Joined: 2012-04-04
Aug 13, 2012

Jack,

Thanks for the solid input! You're right in that the POST made to request a token needs to be properly URL encoded. I'll make that more clear in our documentation

Also, for those using libraries, please make sure you're updating your request token endpoint to not only use the new scope parameters, but also make sure everything is properly URL encoded.

Kamyar

Peiqiang Hao's picture
Joined: 2012-04-25
Aug 13, 2012

"passing the permissions to your signing method" and "put them in your query string" must do same time?

Kamyar Mohager's picture
LinkedIn Employee
Joined: 2012-04-04
Aug 13, 2012

Hi Peiqiang,

Which library are you using? The last test I did was with the Ruby OAuth gem. When setting my :request_token_path as 'https://api.linkedin.com/uas/oauth/requestToken?scope=r_fullprofile+r_emailaddress+r_network', the library handles the encoding for me. However, not all library will do that. Are you still dealing with issues?

Thanks,
Kamyar

Peiqiang Hao's picture
Joined: 2012-04-25
Aug 13, 2012

I am using this demo https://github.com/synedra/LinkedIn-OAuth-Sample-Client

Kamyar Mohager's picture
LinkedIn Employee
Joined: 2012-04-04
Aug 13, 2012

Peiqiang, if you're still seeing issues, can you post the code snippet where you're setting the request token path?

Peiqiang Hao's picture
Joined: 2012-04-25
Aug 13, 2012

use requestTokenURLString = @"https://api.linkedin.com/uas/oauth/requestToken"; then every thing ok.

use requestTokenURLString = @"https://api.linkedin.com/uas/oauth/requestToken?scope=r_fullprofile+rw_nus+r_network";
then request response is :

oauth_problem=signature_invalid&oauth_problem_advice=com.linkedin.security.auth.pub.LoginDeniedInvalidAuthTokenException2hile 635134067btaining2equest 1741405000ken 0.000000or23APOST 0x34e50s 0X1.A20000000451DP-783 0.000000 0.000000api.linkedin.com 0.000000uas 0.000000oauth 0.000000requestToken 1auth_callback 0hdlinked linkedin oauth auth_consumer_key 170224n624ezfdmo5w auth_nonce 26044262438629400-18E2-429D-9E2A-D5DA2D003479 auth_signature_method 174336HMAC-SHA1 auth_timestamp 1702241344878376 auth_version 1094762721.0 8‚ˇøY∫§cope 61164r_fullprofile2w_nus2_network0X1.6D314068679BP-1007OAU0X1.62620000298FP-795n624ezfdmo5w਀0X1P-104001਀0X1.DB9CP-102701☠0X1.6262000034EC8P-795010X1.679B00E4626EP-91913448783760X1.61C9P-775Azgg4d3HKk13Em7iAqV2pvqRzaA11535918

use requestTokenURLString = @"https://api.linkedin.com/uas/oauth/requestToken?scope=r_fullprofile%2Brw_nus%2Br_network";

then request response is :
oauth_problem=SCOPE_INVALID23A2_fullprofile2rw_nus2r_network

use requestTokenURLString = @"https://api.linkedin.com/uas/oauth/requestToken?scope=r_fullprofile%20rw_nus%20r_network";

then request response is :

oauth_problem=signature_invalid&oauth_problem_advice=com.linkedin.security.auth.pub.LoginDeniedInvalidAuthTokenException2hile 635134067btaining2equest 1370316220ken 0.000000or23APOST 0x34e50s 0X1.976000000451DP-910 0.000000 0.000000api.linkedin.com 0.000000uas 0.000000oauth 0.000000requestToken 1auth_callback 0hdlinked linkedin oauth auth_consumer_key 170228n624ezfdmo5w auth_nonce 199335056DA5DCDA7-38DA-4FAF-9CD2-B672308D16AA auth_signature_method 174340HMAC-SHA1 auth_timestamp 1702281344878548 auth_version 1143901601.0 8‚ˇøY∫§cope 61164r_fullprofile2w_nus2_network0X1.6D31406D1749P-1007OAU0X1.2A980000298F4P-919n624ezfdmo5w鲐0X1P-104001鲐0X1.DB9CP-102701ꦀ0X1.2A98000034EC8P-919010X1.174900681FE1P-91413448785480X1.1CC5P-833iBUFZ58Hh39V7BSDwl2crcgYfuI11535918

Jens Uffhaus's picture
Joined: 2012-08-08
Aug 13, 2012

Hi there

There are three places the scope part is present in the requestToken request.

1. The actual URL of the request. The endpoint. I have this as "?scope=r_fullprofile+r_emailaddress"
2. The url in the signature base string. Here I use it as "scope=r_fullprofile r_emailaddress". Using SPACE.
3. the parameters sestion of the signature base string. I again use "scope=r_fullprofile r_emailaddress", with SPACES.

Can anyone confirm or correct these three part of the signature generation process for the scope parameters.

Thanks a mil.
Jens

Jens Uffhaus's picture
Joined: 2012-08-08
Aug 13, 2012

This is my signature base string I pass to the hash algo. Where is my mistake?

POST&https%3A%2F%2Fapi.linkedin.com%2Fuas%2Foauth%2FrequestToken&oauth_callback%3Dhttp%253A%252F%252Flocalhost%253A55555%252Fcandidateapp%252Fhandlers%252Flinkedin.ashx%26oauth_consumer_key%3D2xxqk0q8mvny%26oauth_nonce%3D634804859484732209%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1344881948%26oauth_version%3D1.0%26scope%3Dr_fullprofile%252Br_emailaddress

This is posted to

https://api.linkedin.com/uas/oauth/requestToken?scope=r_fullprofile+r_emailaddress

Quentin Auvray's picture
Joined: 2012-04-26
Aug 13, 2012

I've looked into Jack's solution (thanks for the input), but unfortunately it doesn't work for me.

I'm using Zend Framework's Zend_Oauth_Consumer and am setting it up this way:
$this->linkedin_options = array(
'localUrl' => 'http://' . $this->site_config->baseUrl . '/',
'callbackUrl' => 'http://' . $this->site_config->baseUrl . $this->view->url(array(), 'grant_linkedin'),
'requestTokenUrl' => 'https://api.linkedin.com/uas/oauth/requestToken?scope=' . urlencode('r_contactinfo'),
'userAuthorizationUrl' => 'https://api.linkedin.com/uas/oauth/authorize',
'accessTokenUrl' => 'https://api.linkedin.com/uas/oauth/accessToken',
'consumerKey' => $this->linkedin_config->key,
'consumerSecret' => $this->linkedin_config->secret,
);
$this->consumer = new Zend_Oauth_Consumer($this->linkedin_options);
$token = $this->consumer->getRequestToken();

I tried using any kind of permissions, only one or multiple, but I always get to the LinkedIn authorization page than only shows "YOUR PROFILE OVERVIEW" permission (r_basicprofile). Even if I only requested a single permission other than that one.

Now I also get that there seems to be multiple URLs to enter (request/endpoint, signature, etc.) but I can't find a way to set these separately, and this seems like it could be a problem for multiple-access requests.

I desperately tried:
$this->consumer->getRequestToken(array('requestTokenUrl' => 'https://api.linkedin.com/uas/oauth/requestToken?scope=' . urlencode('r_contactinfo')));
... but that didn't change anything either.

But then again, how come that the single permission URL (as seen in code example) is also ignored, encoding shouldn't be an issue for that case anyway?

Also, everything works fine when I authorize the application to get access (for basic profile), so it's really just a problem of getting the scope through.

Jens Uffhaus's picture
Joined: 2012-08-08
Aug 14, 2012

Can someone from LinkedIn please post a signature base string that correctly uses the scope option.

Alternatively it would be useful to have a debug area where I am given the signature base string that LinkedIn used to compare our signatures, at least this way I could find my error.

I tried the OAuth Test Tool and my code was generating the identical base string and signature, yet the LinkedIn API still responded with "Invalid signature".

Trial and error is not bearing any fruit at this point.

Any help is appreciated.

Kamyar Mohager's picture
LinkedIn Employee
Joined: 2012-04-04
Aug 14, 2012

Hey everyone, I'm in the process of trying to replicate this. Looks like it's only affecting those using the PHP OAuth library. FYI, by default, if you don't provide any scope parameters in your request token call, we only grant basic profile permissions.

Will get back to everyone shortly with guidance.

Cheers,
Kamyar

Kamyar Mohager's picture
LinkedIn Employee
Joined: 2012-04-04
Aug 14, 2012

For those not using an OAuth library and are building out their signatures manually, what are you encoding the space between scope parameters with? The error that some of the folks are receiving is probably due to the fact that the encoding isn't properly done.

Peiqiang Hao's picture
Joined: 2012-04-25
Aug 14, 2012

hi, Kamyar , how to solve my problem?

Jens Uffhaus's picture
Joined: 2012-08-08
Aug 15, 2012

Hi Kamyar

I am using plain C# to build my own integration for our ATS.

I have tried the scope option with ONLY r_fullprofile OR r_emailaddress, both work perfectly on their own, the problem comes in when using two options concatinated by "+".

It really does look like an encoding issue, but I have tried every combination possible (I think) and none worked.
Below is all the data I use to generate a request for a token with the scope options.
Please have a look and let me know where I am going wrong.

Thanks So much
Jens

Request Endpoint:
https://api.linkedin.com/uas/oauth/requestToken?scope=r_fullprofile+r_emailaddress

Parameters (for signature generation):
oauth_callback=http://localhost:55555/candidateapp/handlers/linkedin.ashx
oauth_consumer_key=9wi8l3mu71wz
oauth_nonce=634806256508346716
oauth_signature_method=HMAC-SHA1
oauth_timestamp=1345021650
oauth_version=1.0
scope=r_fullprofile r_emailaddress

Parameters (encoded as one string):
oauth_callback=http%3A%2F%2Flocalhost%3A55555%2Fcandidateapp%2Fhandlers%2Flinkedin.ashx&oauth_consumer_key=9wi8l3mu71wz&oauth_nonce=634806256508346716&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1345021650&oauth_version=1.0&scope=r_fullprofile+r_emailaddress

Signature Base String:
POST&https%3A%2F%2Fapi.linkedin.com%2Fuas%2Foauth%2FrequestToken&oauth_callback%3Dhttp%253A%252F%252Flocalhost%253A55555%252Fcandidateapp%252Fhandlers%252Flinkedin.ashx%26oauth_consumer_key%3D9wi8l3mu71wz%26oauth_nonce%3D634806256508346716%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1345021650%26oauth_version%3D1.0%26scope%3Dr_fullprofile%2Br_emailaddress

Final Post Payload to Endpoint:
oauth_callback=http%3A%2F%2Flocalhost%3A55555%2Fcandidateapp%2Fhandlers%2Flinkedin.ashx&oauth_consumer_key=9wi8l3mu71wz&oauth_nonce=634806256508346716&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1345021650&oauth_version=1.0&oauth_signature=??????????????????

Arnaud van Zandwijk's picture
Joined: 2012-08-14
Aug 15, 2012

Hi Quentin,
I've experienced the same problem using Zend_Oauth_consumer, but i fixed it by putting the scope in the getRequestToken function.

$this->linkedin_options = array(
'localUrl' => 'http://' . $this->site_config->baseUrl . '/',
'callbackUrl' => 'http://' . $this->site_config->baseUrl . $this->view->url(array(), 'grant_linkedin'),
'requestTokenUrl' => 'https://api.linkedin.com/uas/oauth/requestToken,
'userAuthorizationUrl' => 'https://api.linkedin.com/uas/oauth/authorize',
'accessTokenUrl' => 'https://api.linkedin.com/uas/oauth/accessToken',
'consumerKey' => $this->linkedin_config->key,
'consumerSecret' => $this->linkedin_config->secret,
);
$this->consumer = new Zend_Oauth_Consumer($this->linkedin_options);
$token = $this->consumer->getRequestToken(array('scope' => 'r_contactinfo'));

I hope that this will solve your problem.

Peiqiang, I really think your problem is caused by an incorrect urlencoding.

Stas Altsev's picture
Joined: 2011-07-25
Aug 15, 2012

Hi Quentin,
i was also having this problem, and i had to use solution from Arnaud van Zandwijk
and also had to create new Application and use new Api keys so new oauth window with permissions appear

Quentin Auvray's picture
Joined: 2012-04-26
Aug 15, 2012

Ah, thanks a bunch Arnaud, I guess I owe you a beer!

Eugene Abovsky's picture
Joined: 2011-07-09
Aug 15, 2012

Anyone here using PHP get this to work?

I am attempting to hack the "simple-linkedin" PHP library... no luck so far.

Here is what I attempted to do:

1. Changed the reuqest URL to https://api.linkedin.com/uas/oauth/requestToken?scope=r_basicprofile+r_emailaddress
2. Added a 'scope' parameter to the sig base string as 'r_basicprofile r_emailaddress' in the retrieveTokenReqeust() method as follows:

$parameters = array(
'oauth_callback' => $this->getCallbackUrl(),
'scope' => 'r_basicprofile r_emailaddress'
);

The result was:

I still get the same o-auth dialogue as before - it doesn't show any additional data about requesting an e-mail permission. When I request the e-mail from the API nothing is returned... so it's like LinkedIn didn't acknowledge the fact that I am asking for additional permissions :(

Kamyar Mohager's picture
LinkedIn Employee
Joined: 2012-04-04
Aug 15, 2012

Glad to see most of you are overcoming this. I think it was a combination of improper URL encoding as well as some of the libraries not properly handling the scope parameters.

Eugene, were you able to get this to work?

Eugene Abovsky's picture
Joined: 2011-07-09
Aug 15, 2012

I was not... :(

Kamyar Mohager's picture
LinkedIn Employee
Joined: 2012-04-04
Aug 15, 2012

I would recommend using a generic PHP OAuth library. This library you're using is more of a "wrapper", so you're taking a risk using it and it's not an official LinkedIn library.

I'm somewhat familiar with that wrapper though and you technically should just be able to modify the _URL_REQUEST constant's value to the request token endpoint including your scope parameters. Again, this is not the ideal solution since if you wanted to later add a new scope parameter you'd have to modify your library's source.

Heba Zaidan's picture
Joined: 2012-06-12
Aug 16, 2012

for objective-c developers , Use this code:
***************************************************************************************************************************************************************
self.consumer = [[OAConsumer alloc] initWithKey:apikey
secret:secretkey
realm:@"http://api.linkedin.com/"];

NSString * linkedInCallbackURL = @"hdlinked://linkedin/oauth";

NSString * requestTokenURLString = @"https://api.linkedin.com/uas/oauth/requestToken";

OAMutableURLRequest *request =
[[[OAMutableURLRequest alloc] initWithURL:requestTokenURL
consumer:self.consumer
token:nil
callback:linkedInCallbackURL
signatureProvider:nil] autorelease];

[request setHTTPMethod:@"POST"];

OARequestParameter * scopeParameter=[OARequestParameter requestParameter:@"scope" value:@"r_fullprofile r_contactinfo r_emailaddress"];

[request setParameters:[NSArray arrayWithObject:scopeParameter]];

***************************************************************************************************************************************************************
Note that you need to renew your API_Key & SECRET_Key

Joined: 2012-07-11
Aug 16, 2012

what should we do for android any help? i am facing the same problem.

Eugene Abovsky's picture
Joined: 2011-07-09
Aug 16, 2012

I got it.. I missed the part about "creating new application keys" and was attempting to use the new features with an already existing app. Woops.

Kamyar Mohager's picture
LinkedIn Employee
Joined: 2012-04-04
Aug 16, 2012

Great Eugene, I'm glad you were able to get that resolved!

For those just visiting this thread, please ensure the following:

1) New member permissions are only valid for new API keys
2) Make sure your request token path is properly URL encoded when adding your scope parameters

Peiqiang Hao's picture
Joined: 2012-04-25
Aug 16, 2012

My Objective-C code work, by change aouth lib to gtm-oauth.

http://code.google.com/p/gtm-oauth/

Jens Uffhaus's picture
Joined: 2012-08-08
Aug 16, 2012

Hi All

I am unfortunately not in the position to use any third party frameworks.

Can someone please look at my earlier post (#20) and tell me where my encoding for the scope parameter has gone wrong.

I have looked at all documentation I can find and none of it goes into sufficient detail for me to figure this one out.

Maybe I'm just missing something obvious.

Kamyar Mohager's picture
LinkedIn Employee
Joined: 2012-04-04
Aug 16, 2012

Jens, I noticed that your parameters aren't URL encoded. At the end where you specify your scope params, you're still leaving "+" between both params

Adam Trachtenberg's picture
LinkedIn Employee
Joined: 2011-06-30
Aug 16, 2012

Jens --

For your parameters, try doing: ...&scope=r_basicprofile%20r_emailaddress
Then for your SBS, you have: ...%26scope%3Dr_basicprofile%2520r_emailaddress

Does this work?

-adam

Macy Mind's picture
Joined: 2012-08-06
Aug 18, 2012

Hi Heba,

It is not worked for me. I am adding OARequestParameter for get email address as you suggesr. I am used http://api.linkedin.com/v1/people/~:(id,email-address) but i am not get email address. Also can you please tell how to renew API_Key & SECRET_Key ?

Alex Andreae's picture
Joined: 2011-07-23
Aug 18, 2012

Will the new scope parameters ever be rolled out to existing apps? Since you generate a different LinkedID member ID for the same user on different apps, it's not as simple as just swapping Apps for everyone.

What is the rollout period for the new scope permissions to older apps?

Joined: 2012-08-19
Aug 20, 2012

I am using social auth library for fetching user profile and connections from linkedin, I can able to fetch user profile, but i am getting error 403

<error>
<status>403</status>
<timestamp>1345447844270</timestamp>
<request-id>ND7GFB0XI9</request-id>
<error-code>0</error-code>
<message>Access to connections denied</message>
</error>

I am not able to set scope in request token url as suggested by kamayar Mohager, I have manually set the request token url as

https://api.linkedin.com/uas/oauth/requestToken?oauth_callback=http%3A%2F%2Flocalhost%3A9002%2FLinkedIn%2FLinkedInRedirect&oauth_consumer_key=3jb70kenc8vu&oauth_nonce=1345446399049&oauth_signature=V%2FjYtU5iD9K6CjzveCS3HU2UJ%2Fg%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1345446399&oauth_version=1.0&scope=r_network

Its not working...

kshitij godara's picture
Joined: 2012-07-01
Aug 20, 2012

Thanx a lot Heba....it really helped me lot today ...again thanx a lot ...i really want to be in touch with ur shear knowledge .

- -
Joined: 2012-08-15
Aug 20, 2012

hi kshitij, Heba's code din work for .. i'm getting error : Error Domain=NSURLErrorDomain Code=-1000 "bad URL" UserInfo=0x6abc4d0 {NSUnderlyingError=0x6abc3f0 "bad URL", NSLocalizedDescription=bad URL} .. can u plz help me

- -
Joined: 2012-08-15
Aug 20, 2012

Hi, can u plz post ur function where u have used Heba's code.. cuz its not working for.. also not able to get y has she skipped accesstoken request

Ben Catherall's picture
Joined: 2012-08-08
Aug 21, 2012

Thanks Jack (#5 + #6), that's spot on.

- -
Joined: 2012-08-15
Aug 21, 2012

but which is the right place to put the permissions..

Kamyar Mohager's picture
LinkedIn Employee
Joined: 2012-04-04
Aug 21, 2012

Harshal, as mentioned in the Authentication document, you will need to pass the permissions as query parameters to this call:

POST https://api.linkedin.com/uas/oauth/requestToken

Joined: 2012-08-21
Aug 21, 2012

Quoting Alex:
"Will the new scope parameters ever be rolled out to existing apps? Since you generate a different LinkedID member ID for the same user on different apps, it's not as simple as just swapping Apps for everyone.

What is the rollout period for the new scope permissions to older apps?"

This is a very important question. I have code that runs fine with a new app, but my existing app will not prompt the user for permissions and subsequently it does not pull the email-address field.

Can a LinkedIn employee respond?

Heba Zaidan's picture
Joined: 2012-06-12
Aug 21, 2012

To renew API_Key & SECRET_Key create new application and delete the old one. That what i did . And the code i sent is just the part or requesting a token and how to add the scope parameter to it. The operation should be completed by sending the access token and finally getting the profile info

Jens Uffhaus's picture
Joined: 2012-08-08
Aug 22, 2012

@Adam Trachtenberg

Thanks for the info.

I was using the scope options as "r_fullprofile r_emailaddress" (using a space).

Unfortunately the .Net HttpUtility.UrlEncode method encodes spaces as "+" instead of "%20", I had to manually correct this.

I also found out that the .Net encoding method does not encode "(" or ")" which will cause signature errors when using field selectors.

My permission scope is now working and I am asked to confirm the relevant permissions.

I now have a new error to deal with regarding field selectors to return the email address. See https://developer.linkedin.com/forum/oauth-parameters-should-not-contain-spaces

Thanks for the help on this one.
Jens

kshitij godara's picture
Joined: 2012-07-01
Aug 22, 2012

i used oauth library for integrating linkedin in my app, and for scope parameters i just added

" OARequestParameter * scopeParameter=[OARequestParameter requestParameter:@"scope" value:@"r_fullprofile r_contactinfo r_emailaddress r_basicprofile"];

[request setParameters:[NSArray arrayWithObject:scopeParameter]];
"

following code in oauthloginview.m file method -(void)requestTokenFromProvider .

and afterwards i got all these permission .

and if still u got problems tell me wat u really want to do?

Joined: 2012-08-21
Aug 22, 2012

Quoting Heba:
"To renew API_Key & SECRET_Key create new application and delete the old one."

The problem with that is each user's id is based on your app key and secret. Changing those will change the user id as well and can create some issues along the way.

Alex Andreae's picture
Joined: 2011-07-23
Aug 22, 2012

John Smith, and anyone else that needs information about old app migration:
I've created a new post asking about this question. Hopefully a LinkedIn dev can respond soon to let us know what the plan is:
https://developer.linkedin.com/forum/when-will-old-apps-have-scope-parameter-enabled

Please post there if you are interested as well.

Thanks,
Alex

Joined: 2011-07-20
Aug 22, 2012

Based on the above observations I stumbled onto a fix for the OAuth.php that I'm using.

In method urlencode_rfc3986 correct the order of replacement processing from this:
return str_replace('+', ' ', str_replace('%7E', '~', rawurlencode($input)));
to this:
return str_replace('%7E', '~', rawurlencode(str_replace('+',' ',$input)));

The other part of "fix" was in linkedinoauth.php method getRequestToken; added line:
$parameters['scope'] = 'r_basicprofile+r_network+rw_nus+rw_groups';

HOWEVER - this (last) bit is NOT BACKWARD COMPATIBLE with old app requestToken, and encounters precisely the same error. It seems like the migration path would be for LinkedIn to allow (and ignore) the scope parameter, when it comes with an old app key.

Pages