0

So I have an application that currently logs the user using linkedin. We are using several oauth services to register and login the user into our application, however we do need to validate the authentication in our own server to make sure any requests to our API are valid.

Currently the linkedIn SDK is not functional in our application due to minimum API level restrictions, so we are using a different library (LinkedIn-J), I am able to retrieve the user access token and secret, I cannot find any reference as to validate them in the server.

How can we go around to making this work? Is it even possible to achieve such a thing?

Thank you very much.

1 Answers1

0

LinkedIn does not have a token validation endpoint. Your best bet is to make a simple non-destructive call like https://api.linkedin.com/v1/people/~ and watch the response to determine whether the token is still valid.

Justin Kominar
  • 3,346
  • 1
  • 14
  • 14
  • that does not guarantee that the token is still valid on a subsequent call; validation/introspection is usually applied when additional info about the token can be resolved; LinkedIn simply does not offer that – Hans Z. Apr 21 '15 at 19:05
  • I understand that there's no clean formal solution for this, which is why I suggested it was a "best bet". The functionality is in the roadmap, but until it's built, there are no more reliable alternatives. – Justin Kominar Apr 21 '15 at 22:43
  • It's really frustrating to see that such a simple feature is still not available. – Pedro Góes Aug 19 '15 at 19:25