1

I have a mobile application talking to a backend. I am providing login to the app through LinkedIn. I checked the linkedIn api for oauth authentication and have followed the steps as given in this link Oauth LinkedIn.

I am able to obtain the request token as per step 3. Now i am sending this request to my backend. In the backend i want to make sure that this request token is valid and has not expired.

How do i achieve this ? In FB authentication, they have provided an end point to which i post the access token (https://graph.facebook.com/app?access_token=)and it gives the expiry time, validity of token etc.

How do we do this with LinkedIn api, i searched their documentation, but no luck. Any help will be appreciated.

Thanks

yash
  • 87
  • 10

2 Answers2

1

There's no separate API that LinkedIn provides to inspect the token. However you do get a hint about the token expiry back in the response from the token endpoint when exchanging the code for an access_token in the expires_in parameter, e.g.:

   {"access_token":"<>","expires_in":5183999}

which tells you that it is valid for 60 days. You could store that information together with the access token.

Hans Z.
  • 50,496
  • 12
  • 102
  • 115
  • Thanks. I did see these paramters being returned along with access token. I thought similar to G+ and FB API even linkedin might have some separate REST end point to validate. Looks like it does not. Cool i will use the response and store the same. Thanks again. – yash Sep 08 '15 at 09:46
  • I believe they answered this here. http://stackoverflow.com/questions/37115035/how-can-i-verify-a-linkedin-access-token – Dave Friedel Jan 01 '17 at 16:44
0

You can use "Token Introspection" endpoint to check the validity of your access token at any time. https://learn.microsoft.com/en-us/linkedin/shared/authentication/token-introspection. Use Refresh token to refresh it before it expires.

Rachana Chauhan
  • 1
  • 1