unauthorized_scope_error in LinkedIn oAuth2 authentication

Question

I am following the official Microsoft instructions in Sign in with Linkedin (there are also the Linkedin instructions here), which also link here for the authorization code flow. As instructed, I have set up a linkedin application and used the client id and secret to initiate an oAuth 2 flow, requesting the r_liteprofile and r_emailaddress scopes.

Instead of getting the login form, I am redirected to my callback url with the following params:

error: unauthorized_scope_error error_description: Scope "r_liteprofile" is not authorized for your application state: cfa970987c9a3c2178dddeda0d81dab3e00dce4c683098d6

This is the list of default scopes (which, as per the documentation, are the ones granted if you don't specify a list of scopes yourself), and the r_liteprofile is not in there.

Is the documentation out of date, or am I overlooking something?

Bala.Raj · Answer 1 · 2020-10-29T08:05:51.390

44

We have to enable "Sign In with LinkedIn" under the products tab, only then you can avail that scope (r_liteprofile and/or r_emailaddress) and services.

This goes for the review process(System takes max 60 mins to approve) and If your request has been approved, the relevant product will be moved to the "Added products" section.

edited Oct 29 '20 at 08:05

answered Sep 27 '20 at 12:35

Bala.Raj

1,011
9
18

2

omg thank you so much. They like never mentioned this in their docs. – Sharpey Oct 01 '20 at 01:18
1

Yeah, I too wasted my time lot, glad this helped you. – Bala.Raj Oct 01 '20 at 13:31

score 8 · Answer 2 · answered Dec 18 '18 at 12:26

This happened to me the other day but somehow I was able to get around the issue. The new Microsoft API docs for LinkedIn are up to date. The docs on LinkedIn Developers portal will soon be outdated:

Important update: All developers need to migrate to Version 2.0 of our APIs and OAuth 2.0 by March 1, 2019.

A few things to try:

Register a new LinkedIn OAuth 2.0 developer application - newly registered applications have access to the new V2 API
Try removing the r_liteprofile scope or revert back to r_basicprofile

Yeah, I changed the scopes to `["r_basicprofile"]` and it bypassed the error. — s2t2, Jun 27 '19 at 06:02

score 3 · Answer 3 · answered Feb 01 '21 at 08:38

My little contribution in 2021.

It seems like Linkedin keeps changing the value for scopes.

On the Linkedin developer portal looking under OAuth 2.0 scopes section in the Auth tab, I found the values that finally worked for me.

PS: Make sure to enable Sign-in from the product Tab.

score 1 · Answer 4 · answered Dec 05 '20 at 14:27

1

Navigate to Products in the LinkedIn Developer Console and select Sign in with LinkedIn.

The verification process takes a few moments and then r_emailaddress and r_liteprofile should appear under your permissions.

answered Dec 05 '20 at 14:27

Er Sahaj Arora

852
8
13

score 0 · Answer 5 · answered Sep 05 '20 at 23:04

0

Solution for me was to click "select" next to "Sign In with LinkedIn" on the LinkedIn developers console for my app.

answered Sep 05 '20 at 23:04

CragMonkey

808
1
11
22

Herilala Michel · Answer 6 · 2021-04-20T08:47:53.637

0

We must add a product with Sign In with LinkedIn (click on select): Product menu with "Sign in with linkedin" selected.png. Then, in the auth menu: OAuth 2.0 scopes, we get this : Auth menu scope.png

edited Apr 20 '21 at 08:47

answered Apr 20 '21 at 08:33

Herilala Michel

1
1

unauthorized_scope_error in LinkedIn oAuth2 authentication

6 Answers6