Linkedin API access token generation error

Asked 8/9, 2014 at 11:28 Answered 23/7, 2020 at 14:3

i am trying to generate access token to collect linkedin data. I followed the instructions provided in the linkedin API documentaion. I created an app in developers page and got the following:

Application Details
•   Company:
Fresher
•   Application Name:
xxxxxxxxxx
•   API Key:
75pcum6zb2cael
•   Secret Key:
xxxxxxxxxxxxxxxx
•   OAuth User Token:
xxxx-xxxx-xxxx-xxxx-xxxxxxxxxx
•   OAuth User Secret:
xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxx

Using the API Key i generated the authorization_code with the URL:

https://www.linkedin.com/uas/oauth2/authorization?response_type=code&client_id=75pcum6zb2cael&state=DCEEFWF45453sdffef424&redirect_uri=https://www.google.com

but when i finally tried to generate the access token using the below URL, i got an error response :

https://www.linkedin.com/uas/oauth2/accessToken?grant_type=authorization_code&code=AUTHORIZATION_CODE&redirect_uri=https://www.google.com&client_id=75pcum6zb2cael&client_secret=xxxxxxxxxxxxxxxx

{"error_description":"missing required parameters, includes an invalid parameter value, parameter more than once. : Unable to retrieve access token : appId or redirect uri does not match authorization code or authorization code expired","error":"invalid_request"}

Even after multilple validations, the same error messages appears.

please help. thanks.

Unmixed answered 8/9, 2014 at 11:28 Comment(2)

Not a programming question, but an issue with a vendor's API. – Stavros 14/2, 2015 at 17:46

Can explain in detail, what was the bug? could you please post your answer, so that would be helpful – Howell 25/9, 2018 at 5:4

finally, i got the access token. The authorization code expires in 20 seconds, so the access token URL must be called immediately after generating the authorization code.

Unmixed answered 9/9, 2014 at 7:53 Comment(8)

I am getting accessToken but not getting secretToken value!! Any idea. – Pennyweight 21/8, 2015 at 10:12

I'm getting the same error. Unable to get the access token. Even before I can get 'code' from params it throws an exception. – Stob 13/1, 2017 at 22:37

In my case, code is generating at front-end side (angular), and I've set redirect_uri=192.168.1.133:9004/v1.0/jobSeeker/getSocialMediaUser AS a redirect url; But I'm getting Below error..When trying to generate access_token Unable to retrieve access token: appid/redirect uri/code verifier does not match authorization code. Or authorization code expired. Or external member binding exists – Tissue 9/5, 2018 at 14:7

Can anyone tell me What is going wrong with my code? – Tissue 9/5, 2018 at 14:9

@KetavChotaliya , how did you resolved your error? can you post your answer here please – Howell 25/9, 2018 at 5:2

@PrasannaSasne As mention in answer, a token will expire in 20 sec. We have to use LinkedIn's OAuth 2.0 for the authentication > Create an app in LinkedIn and generate secret keys > Do authenticate the user via LinkedIn (Generally in the frontend). It will return security token. that is valid till next 20 sec. > Generate AccessToken from security token (Generally from Backend), Here u've to mention security token, hostname, secret token and other stuff A hostname is must equal to frontend hostname (from where security token generate) > Now u've an access_token, Get the details from token – Tissue 26/9, 2018 at 5:19

@KetavChotaliya i'm following linkedin Doc only, i'm able to retrieve Auth token, but when i pass my authtoken code, client_secret, client_id etc params, like @Rick has made the call for access Token, still i'm unable to get that token, i've posted my question newly, can you try answering that please? ,` #52501644` – Howell 26/9, 2018 at 5:39

But LinkedIn says "... the authorization code has a 30-minute lifespan ..." ??? learn.microsoft.com/en-us/linkedin/shared/authentication/… – Monocular 14/10, 2019 at 5:29

Well, I went through the same problem and here is the process which i went through to fix it.

STEP#1: Authentication:

Firstly, the authentication API is to be hit to fetch the authentication token.
For this, a URL with Encoded parameters is to be hit as a GET request.
Example: https://www.linkedin.com/oauth/v2/authorization?response_type=code&client_id=[your_client_id]&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Flinkedin%2Fcallback&scope=r_emailaddress
Please note that here, the parameters are to be encoded programatically.
My non-encoded callback URL is: http://localhost:8080/linkedin/callback
Therefore, my encoded URL is: http%3A%2F%2Flocalhost%3A8080%2Flinkedin%2Fcallback

Once you hit this as a GET request, you will receive a callback with a code and an optional state parameter.

STEP#2: Getting Access Token:

There are three pre-requisites to this call:

The call must be POST
It must have a header Content-Type with value application/x-www-form-urlencoded
The data must be sent in request body.
The value of redirect_url MUST BE SAME as in the previous call.
In my case, it was: http://localhost:8080/linkedin/callback

Now the trick here is, that the call in (STEP#1 Authentication) was a GET request. Therefore, the redirect_url had to be programatically encoded.

Since the second call for is POST and is also application/x-www-form-urlencoded encoded, therefore the request body parameters do not have to be explicitly encoded. So, in this case, the redirect_uri would be sent as-is (http://localhost:8080/linkedin/callback)

Here is a snapshot of my Access Token API via postman:

Feint answered 5/5, 2019 at 13:22 Comment(1)

The snapshot and the details about "encoded" or "non-encoded" URL solved my problems – Ami 24/11, 2019 at 23:24

My problem was in redirect_uri which contained url with query parameters (like redirect_uri=encodeURIComponent(http://example.com/callback?query=string)).

If redirect url is completely different linkedin will show you an error before showing you login form, but if redirect_url matches what you specified in linkedin app and contains extra query parameters, you'll not get an error, so once login form is submitted you'll get an invalid code and as a result error as above.

Prothalamion answered 9/7, 2018 at 1:20 Comment(0)

This error may be scopes related.

On the details of your application when selecting scopes there is this message:

enter image description here

Selecting both r_basicprofile and r_fullprofile is redundant. r_basicprofile will be selected if neither r_basicprofile nor r_fullprofile is checked.

If you are selecting both r_basicprofile and r_fullprofile just uncheck r_basicprofile or remove it from your Authorization Code Request.

Decorticate answered 17/2, 2015 at 12:50 Comment(2)

can you please help me, as i'm facing same problem. I tried many ways. sharing my question link https://stackoverflow.com/questions/52501144/unable-to-get-access-token-linkedin-oauth – Howell 26/9, 2018 at 10:35

Are these permissions still valid? I only see r_emailaddress` and r_liteprofile and everything else seems to have been removed by linkedin. – Overdo 29/7, 2020 at 6:37

I had the same problem, in my case I was using different redirect_uri for authorization and for access token. I had "proxy": "localhost:3001" in my package.json, and it overriden my request_uri.

So my suggestion: make sure the hosts and redirect_uri are all the same for two requests (both backend and server side).

Basutoland answered 23/7, 2020 at 14:3 Comment(0)

Recommended topics

Hot tags