Abdullah Sheikh

Posted on May 24

How to Connect Your App to the LinkedIn API in 7 Simple Steps

#linkedin #api #oauth2 #developerguide

Learn to register, authenticate, and make API calls so your app can read and post LinkedIn data instantly

Before We Start: What You'll Walk Away With

By the end of this guide you’ll have a fully‑functional LinkedIn app that talks to the API just like a smartphone talks to a weather service.

First you’ll create a LinkedIn Developer App and walk away with a client ID and client secret. Think of it as ordering a meal: the app is the menu, the ID and secret are the order ticket that tells the kitchen (LinkedIn) who’s eating.

Next you’ll generate an OAuth 2.0 access token and set it to refresh itself automatically. It works like a GPS that updates its route when traffic changes—your token stays fresh without you lifting a finger.

Finally you’ll fire a real request: pull a profile’s basic info and post a status update. It’s the same as packing a suitcase, slipping the items (API call) into the bag (your code), and zipping it closed (sending it to LinkedIn).

Register the app → get client_id & client_secret.
Exchange the code for an access_token and set up auto‑refresh.
Call GET /v2/me and POST /v2/ugcPosts to read a profile and publish.
Tools: LinkedIn Developer Portal, any HTTP client (curl, Postman, fetch).
Tip: Keep the redirect URI identical everywhere; mismatches are the most common roadblock.
Cheat sheet: client_id, client_secret, access_token, refresh_token.

Ready to start building? Let’s move on to the first concrete step.

What the LinkedIn API Actually Is (No Jargon)

The LinkedIn API is simply a collection of HTTPS URLs you can call to read or write LinkedIn data as if you were using the website yourself.

Each URL is a specific function – like pulling a user’s profile, posting a share, or getting company analytics. You send a request, LinkedIn sends back JSON, and your app can do whatever you need with that data.

Think of it like a restaurant menu. The menu lists dishes (profile, share, analytics). When you pick a dish, you place an order with the kitchen. OAuth is the reservation system that checks you’re actually allowed to sit at that table before the kitchen starts cooking.

Read endpoints let you fetch data – e.g., /v2/me returns the authenticated user’s profile.
Write endpoints let you create or modify data – e.g., /v2/ugcPosts publishes a post on behalf of the user.
Organization endpoints let you act for a company page – e.g., /v2/organizations fetches page details.

All you need is a valid access token, which OAuth hands to you after the user grants permission. With that token, each call works just like ordering a dish you’ve already reserved.

That’s the whole LinkedIn API in plain English – a menu of web calls, and a reservation system that proves you belong at the table.

The 3 Mistakes Everyone Makes With LinkedIn API Integration

Most developers hit a wall fast because they skip the little details that actually make a LinkedIn API integration work.

Using the wrong redirect URI. Think of it like ordering food and giving the delivery driver the wrong apartment number—LinkedIn never finds the right door, and the error message is cryptic. Double‑check the URI in your app settings matches exactly what you send in the OAuth request.
Forgetting to request the exact permission scopes. It’s similar to asking Google Maps for driving directions when you only need walking routes; you’ll end up without the data you expected. If you need a full profile, ask for r_fullprofile, not just r_liteprofile.
Treating the access token as permanent. Imagine packing a suitcase for a month‑long trip and assuming the luggage will never need to be repacked—after 60 days LinkedIn forces a refresh. Implement the refresh flow before the token expires.
Check URI: copy it straight from the LinkedIn dashboard into your code.
Scope audit: list the fields you really need; request only those.
Refresh timer: set a cron job to call POST https://www.linkedin.com/oauth/v2/accessToken with grant_type=refresh_token before day 60.

Fix these three and the rest of the integration becomes a lot less painful.

How to Connect Your App to the LinkedIn API: Step-by-Step

Grab a coffee and let’s wire your app straight into the LinkedIn API.

Sign in to LinkedIn Developers and create a new app. Think of it like opening a new bank account—you need a profile before you can move money.
Add OAuth 2.0 redirect URLs and note the Client ID and Client Secret. These two strings are your app’s passport; store them safely, just like you’d keep a passport in a lockbox.
Build the authorization URL with required scopes and send the user to it. It’s similar to ordering a meal: you list the dishes (scopes) you want, then hand the menu (URL) to the user.
Capture the authorization code from the redirect and exchange it for an access token. The code is a temporary ticket; swapping it for a token is like exchanging a concert ticket for entry.
Store the access token securely and set up a refresh‑token workflow. Treat the token like cash in a safe—use a secret manager or environment variable. When it expires, use the refresh token to get a new one without bothering the user.

Make a test API call. For example:

curl -H "Authorization: Bearer YOUR_ACCESS_TOKEN" https://api.linkedin.com/v2/me

If you get your profile JSON back, you’re good to go.

Handle errors and rate‑limit responses gracefully. Imagine a busy restaurant: if the kitchen says “no more orders,” back off and retry later. Check for 401 (invalid token) and 429 (rate limit) and implement exponential back‑off.
Tip: Keep a .env file for CLIENT_ID, CLIENT_SECRET, and ACCESS_TOKEN.
Cheat sheet: GET https://api.linkedin.com/v2/me = profile, POST https://api.linkedin.com/v2/ugcPosts = share content.

Now you have a live LinkedIn API integration—next we’ll pull real data.

A Real Example: Posting a Company Update for a Marketing Manager

Maya, the Marketing Manager at Acme Co., wants her weekly product highlight to appear on the company’s LinkedIn page without her lifting a finger each Friday.

She logs into the LinkedIn Developer Portal, selects the app she created earlier, and adds the w_organization_social scope. This is like giving a friend a key to your house so they can drop off a package.
She runs the OAuth flow from step 3 and copies the resulting access token. Think of the token as the receipt that proves she’s allowed to post on the organization’s behalf.
She writes a tiny Python script that builds the payload and sends a POST to https://api.linkedin.com/v2/ugcPosts. The payload includes the company URN (urn:li:organization:123456) and a URL to the product image.
She executes the script and watches the console print the new post’s ID, confirming the update landed on Acme’s LinkedIn page.
Tools: Python 3, requests library, your app’s client_id and client_secret.
Tip: Store the access token in an environment variable (LINKEDIN_TOKEN) so you don’t hard‑code it.

Cheat Sheet:

POST https://api.linkedin.com/v2/ugcPosts
Header Authorization: Bearer $LINKEDIN_TOKEN
Header Content-Type: application/json
Body includes author, lifecycleState, specificContent, and visibility.

import os, json, requests

TOKEN = os.getenv('LINKEDIN_TOKEN')
URN = 'urn:li:organization:123456'
IMAGE_URL = 'https://example.com/product.jpg'

payload = {
    "author": URN,
    "lifecycleState": "PUBLISHED",
    "specificContent": {
        "com.linkedin.ugc.ShareContent": {
            "shareCommentary": {"text": "Check out this week’s product highlight!"},
            "shareMediaCategory": "IMAGE",
            "media": [{"status": "READY", "originalUrl": IMAGE_URL}]
        }
    },
    "visibility": {"com.linkedin.ugc.MemberNetworkVisibility": "PUBLIC"}
}

headers = {
    "Authorization": f"Bearer {TOKEN}",
    "Content-Type": "application/json"
}

resp = requests.post(
    "https://api.linkedin.com/v2/ugcPosts",
    headers=headers,
    data=json.dumps(payload)
)

print("Post ID:", resp.json().get("id"))

Run this script each Friday and Maya’s LinkedIn feed stays fresh without a single manual click.

The Tools That Make This Easier

Grab the right helpers and the whole LinkedIn API integration feels like ordering a meal with a clear menu.

Postman – Think of it as a kitchen where you prep, taste, and perfect each API call. Its built‑in OAuth flow lets you fetch a token, hit /v2/me, and see the raw JSON without writing a single line of code.
ngrok – Like a temporary phone line that connects your home kitchen to a delivery driver, ngrok gives your localhost a public URL so LinkedIn can drop the auth code right back to you.
dotenv (npm) – Imagine packing a suitcase and labeling each compartment; .env keeps CLIENT_ID, CLIENT_SECRET, and tokens separate from your source. Example:

# .env
CLIENT_ID=your_client_id
CLIENT_SECRET=your_client_secret
ACCESS_TOKEN=eyJhbGci...

Load it in your app with require('dotenv').config() and reference process.env.ACCESS_TOKEN whenever you call the API.
GitHub Actions – Treat it like an automatic coffee machine that brews fresh tokens every night. A simple workflow can run curl to refresh the token and even push the new value back to your repo’s secrets.
RapidAPI Marketplace – When you want to test without hitting LinkedIn’s live servers, RapidAPI offers a sandbox that mimics endpoint responses, so you can debug your logic before the real deal.

With these tools in place, you’ll spend less time hunting for settings and more time building the feature that matters.

Quick Reference: LinkedIn API Cheat Sheet

Grab this cheat sheet and run through it like you’d check off items on a grocery list.

🛠️ Create app → get Client ID/Secret – Think of registering a new kitchen appliance; you need the model number (Client ID) and the warranty code (Secret) before you can start cooking.
🔗 Authorization URL: https://www.linkedin.com/oauth/v2/authorization – Like opening the restaurant’s front door; you’ll be handed a temporary QR code (auth code) after the guest signs in.
🔑 Exchange code → POST https://www.linkedin.com/oauth/v2/accessToken – Swap that QR code for a kitchen key (access token) at the back desk.
⏰ Token lives 60 days → set up refresh flow – Similar to a food delivery ticket that expires after two months; schedule a reminder to renew before it goes stale.
📍 Core scopes: r_liteprofile, r_emailaddress, w_organization_social – Imagine you’re giving Alex (our fictional growth hacker) a VIP pass: he can read a profile, grab an email, and post on behalf of a company.
✅ Test call: GET https://api.linkedin.com/v2/me with Authorization: Bearer – Like checking the GPS after you’ve entered a destination; you should see Alex’s basic profile data.
🚀 Post update: POST https://api.linkedin.com/v2/ugcPosts with JSON payload – Think of sending a status update as ordering a custom pizza; you specify crust, sauce, and toppings in the JSON.

Keep this list handy; it’s the fastest route from zero to a working LinkedIn API integration.

What to Do Next

Kick the tires of what you just built and watch the data roll in.

Easy: Toss the access_token into a Postman collection and fire a GET /me request. Think of it like ordering a coffee—you already have the menu (endpoint) and the payment method (token), just click “Buy.”
Medium: Spin up a tiny webhook that refreshes the token every week and logs the JSON response. It’s the same as setting a weekly grocery delivery; you schedule the order once and the pantry stays stocked.
Hard: Wire the whole token workflow into your production backend—Node, Django, or Spring—then schedule automated company updates. This is like installing a smart thermostat: you connect the hardware, write the rules, and let it run without you lifting a finger.
Keep client_id and client_secret out of source control; use environment variables.
Log token expiry timestamps so your refresher knows when to act.
Test each step locally before deploying to avoid “works on my machine” surprises.

Got stuck at any step? Drop a comment below and I’ll help you troubleshoot.

About the Author

Abdullah Sheikh is the Founder & CEO at Exteed, where he leads a team of skilled developers specializing in Web2 and Web3 applications, Custom Smart Contracts, and Blockchain solutions.

With 6+ years of experience, Abdullah has built CRMs, Crypto Wallets, DeFi Exchanges, E-Commerce Stores, HIPAA Compliant EMR Systems, and AI-powered systems that drive business efficiency and innovation.

His expertise spans Blockchain, Crypto & Tokenomics, Artificial Intelligence, and Web Applications; building reliable and smooth web apps that fit the client’s goals and requirements.

📧 info@abdullah-sheikh.com · 🔗 LinkedIn · 🌐 abdullah-sheikh.com