1

I'm using an external Node.js module, everyauth, to handle my LinkedIn API authentication. I'm not yet positive if this is a problem with the way my module handles their API, or some other API issue itself.

Basically, after a user has already granted access, LinkedIn nevertheless continues to ask whether to continue to grant access. I know this is not standard because I've seen a different user flow in other applications.

Here's an example of what happens:

enter image description here

You can see I granted access on Jan 11th, but this was taken on Jan 13th. Why must I re-auth!?

Do you have any idea what is causing this? I dove into the relevant LinkedIn module code for everyauth but nothing in that application flow caught my eye as the problem.

Josh Smith
  • 14,674
  • 18
  • 72
  • 118

2 Answers2

4

Modify the script to send them to https://www.linkedin.com/uas/oauth/authenticate instead of https://www.linkedin.com/uas/oauth/authorize.

That will cause LinkedIn to automatically redirect them back to your site.

See more at https://developer.linkedin.com/documents/linkedins-oauth-details

Adam Trachtenberg
  • 2,231
  • 1
  • 14
  • 18
0

If you are using the JavaScript API (which it looks like everyauth uses), then it is likely that the OAuth tokens that LinkedIn stores in the browser have become 'stale'. To ensure that the user is the correct user, the browser tokens expire after ~30 minutes.

That being said, if the session is still fresh and the authorize value is set to true, you should be able to bypass the screen you are seeing.

https://developer.linkedin.com/documents/overview

Unpossible
  • 10,607
  • 22
  • 75
  • 113
  • I'm wondering if there's any way, after storing the user's access token, if I can bypass that screen. Does that seem to be the case? – Josh Smith Jan 13 '12 at 22:57