LinkedIn Social Login

This section describes how to configure LinkedIn application to login in OpenIAM.

1 Create and configure a LinkedIn project

This section describes how to add LinkedIn Oauth2 login in a web app for OAuth 2.0.

1 Creating a LinkedIn project

First go to LinkedIn My apps page Sign in using your LinkedIn credentials if you haven’t already. There will be a list of applications (if you have previously created any). Click on Create App to create a new application. Provide a application name in the dialog box and press enter. Our project name is LinkedInSocial. New linkedIn app You will be asked to fill info on create, do it based on your purposes. Now click on Products tab and select "Sign in with LinkedIn". linkedin-products linkedin-signIn Then fill Authorized redirect URLs for your app It should be:

  • {appUrl}/idp/social/linkedin/callback
  • {appUrl}/idp/social/linkedin/selfRegistration linkedin-credentials Save the provided client ID and secret

2 Configure OpenIAM

2.1 Create Authentication Provider

In Webconsole use Access Control menu->Authentication Provider->Create new provider. Select LinkedIn type of provider. Then copy and paste Client Id and Client Secret from LinkedIn console, fill required fields and save it. Then make sure an appropriate content provider has following URL patterns

  • /idp/social/linkedin/callback (authorization is disabled, Authentication Rule - None)
  • /idp/social/linked/login (authorization is disabled, Authentication Rule - None, Supported HTTP Methods - POST)

2.2 Prepare users

Each user who might want to login via LinkedIn should have an identity of managed system that is selected on Auth provider page. In our example it is OpenIAM Managed system

3 Self registration feature

3.1 Configure OpenIAM

Enable check box "Use linkedIn for self registration" in LinkedIn Auth provider. Add 'r_emailaddress' and 'r_liteprofile' to Scope, it will look now: linkedin-scopes Save auth provider. Make sure an appropriate content provider has following URL pattern

  • /idp/linkedIn/google/selfRegistration (authorization is disabled, Authentication Rule - None, Supported HTTP Methods - GET)

    4 Test feature

    Now on login page you can see red button Sign with LinkedIn, if you click on it LinkedIn will ask you to share your info with the app and if google credentials are valid and your email matches the iam identity and it is not locked or disabled you will be logged in. If self registration via LinkedIn is enabled you will see another button 'Create Account By LinkedIn', and again if your linkedIn credentials are valid then self registration form will be pre-populated by information from LinkedIn account.