LinkedIn has two API versions, v1 and v2. Recently, I was told that LinkedIn does not guarantee their v1-API will work and that we should have migrated to v2 years ago, this information was shared with us by a LinkedIn support employee. As a result of this info, I'm trying to migrate an application to v2.
Our customers can provide us with an OAuth2-token which has administrative rights for a company page. With that token, we will retrieve posts and comments from that company page. If I use the v1-API, it works without any issues, but I can't make a successful request with the v2-API. I've tried to use the following endpoint: https://api.linkedin.com/v2/shares?q=owners&owners={URN}&sharesPerOwner=100. There are several things I've tried.
- Putting the token in an Authorization header, which works for v1 (Authorization: Bearer ).
- Putting the token in the query params (https://api.linkedin.com/v2/...?oauth2_access_token=&...).
- Using the numeric id of a company page, rather than the full urn:li:organization:.
- Putting the id in parentheses.
- Using the newest version of the protocol by setting the following header: "X-Restli-Protocol-Version: 2.0.0".
If I use the newest version of the protocol, I always get Bad Request Errors (code 400), otherwise I get a Forbidden Error (code 403). I've also tried to retrieve the Organization Access Control Information using the following endpoint, https://api.linkedin.com/v2/organizationalEntityAcls?q=roleAssignee, but the same issue persists. This is strange to me, because as far as I know I do have sufficient rights to retrieve that data.
I've checked LinkedIn's developer documentation multiple times by myself and with colleagues, unfortunately the quality is rather abysmal. Is this API even supposed to work? Am I missing some undocumented permissions? Have I made a mistake in one of my parameters? Do we need to use OAuth in a different way?