LinkedIn Social Login

This section describes how to configure LinkedIn application to login in OpenIAM.

1 Creating and configuring a LinkedIn project

This section describes how to add LinkedIn OAuth2 login in a web app for OAuth 2.0.

1 Creating a LinkedIn project

First go to LinkedIn -> My apps page Sign in using your LinkedIn credentials if you haven’t already. There will be a list of applications (if you have previously created any). Click on Create App to create a new application. Type an application name in the dialog box and press enter. Our project name is LinkedInSocial. New linkedIn app You will be asked to fill info, do it as needed. Now click Products tab and select "Sign in with LinkedIn". linkedin-products linkedin-signIn

Then fill Authorized redirect URLs for your app It should be:

  • {appUrl}/idp/social/linkedin/callback
  • {appUrl}/idp/social/linkedin/selfRegistration linkedin-credentials

Save the provided client ID and secret

2 Configuring OpenIAM

2.1 Create Authentication Provider

In Webconsole go to Access Control menu -> Authentication Provider -> Create new provider. Select LinkedIn provider type. Then copy and paste Client Id and Client Secret from LinkedIn console, fill required fields and save it. Make sure an appropriate content provider has following URL patterns

  • /idp/social/linkedin/callback (authorization is disabled, Authentication Rule - None)
  • /idp/social/linked/login (authorization is disabled, Authentication Rule - None, Supported HTTP Methods - POST)

2.2 Prepare users

Each user who might want to login via LinkedIn should have an identity of managed system that is selected on Auth provider page. In our example it is OpenIAM Managed system.

3 Self registration feature

3.1 Configuring OpenIAM

Enable check box "Use linkedIn for self registration" in LinkedIn Auth provider. Add 'r_emailaddress' and 'r_liteprofile' to Scope, it will look now: linkedin-scopes Save auth provider. Make sure an appropriate content provider has the following URL pattern

  • /idp/linkedIn/google/selfRegistration (authorization is disabled, Authentication Rule - None, Supported HTTP Methods - GET)

    4 Test feature

    Now on login page you can see red button Sign with LinkedIn, if you click it LinkedIn will ask you to share your info with the app and if google credentials are valid and your email matches the IAM identity and it is not locked or disabled you will be logged in. If self registration via LinkedIn is enabled, you will see another button - 'Create Account By LinkedIn', and again if your linkedIn credentials are valid then self registration form will be pre-populated by information from LinkedIn account.