This source code consist of all basic functionalities that one can do with LinkedIn Api for Android...Happy coding....:)
Refer the below link for complete sample code:-
Download Sample Code
Download Apk File
We expect most new developers will prefer using OAuth 2.0 to implement authorization with LinkedIn APIs. Compared to its predecessor, OAuth 1.0a, the protocol is simpler and much easier to implement. However, for those applications that still need to support it, we do continue to provide legacy support for OAuth 1.0a.
Register your application with LinkedIn. Specify a list of OAuth 2 redirect URLs by submitting a comma separated list of absolute URLs for your redirections else your requests to generate OAuth 2 tokens (Step 3 below) will fail. We strongly encourage using HTTPS. For more details please see our FAQs.
Step 2. Save your API Key and Secret Key
After registration, you will receive a unique API Key and a Secret Key. API Key helps us identify your application and lets you make API calls. For the safety of your application please do not share your Secret Key.
Step 3. Get an access token
Access token is unique to a user and an API Key. You need access tokens in order to make API calls to LinkedIn on behalf of the user who authorized your application. Follow the two steps below to get one:
a. Generate Authorization Code by redirecting user to LinkedIn's authorization dialog
Make sure that you are using https for the request or you will get an error.
If you see error "Invalid redirect_uri. This value must match a URL registered with the API Key.", then register your OAuth 2 redirect URLs as explained in Step 1.
If the user authorizes your application they will be redirected to the redirect_uri that you specified in your request above along with a temporary authorization_code and the same state that you passed in the request above.
Upon successful authorization, the redirected URL should look like:
If the user does not allow authorization to your application, redirection to the redirect_uri still occurs, with query parameters indicating the user canceled authorization and a short description of the error:
Make sure that you are using https for the request or you will get an error.
The response will be a JSON object:
Step 4. Make the API calls
You can now use this access_token to make API calls on behalf of this user by appending "oauth2_access_token=access_token" at the end of the API call that you wish to make.
Access tokens have a life span of 60 days. You should have a
mechanism in your code to refresh the tokens before they expire in order
to continue using the same access tokens. Otherwise you'll need to go
through the authorization steps again. More details on how to handle
expired tokens are explained on the next page.
Member permissions provide the following:
Requesting permissions from the user is straight forward. Pass the scopes you need granted as query parameters when redirecting the user to the /authorization endpoint. The following example asks for basic profile and email address permissions:
Alternatively, you may choose to specify which member permissions your application requests from the user without passing query parameters during authorization. You can easily configure this for your API key by visiting your application settings page and specify which scopes will be defaulted to the user in the Default scope section:
When the user is presented with the login dialog, LinkedIn shows the user the specific permissions you're asking for:
Below is a list of all member permissions
Refer the below link for complete sample code:-
Download Sample Code
Download Apk File
Authentication
Overview
Follow the few easy steps below to make your first LinkedIn API call using OAuth 2.0.We expect most new developers will prefer using OAuth 2.0 to implement authorization with LinkedIn APIs. Compared to its predecessor, OAuth 1.0a, the protocol is simpler and much easier to implement. However, for those applications that still need to support it, we do continue to provide legacy support for OAuth 1.0a.
Steps to Authenticate User
Step 1. Register your applicationRegister your application with LinkedIn. Specify a list of OAuth 2 redirect URLs by submitting a comma separated list of absolute URLs for your redirections else your requests to generate OAuth 2 tokens (Step 3 below) will fail. We strongly encourage using HTTPS. For more details please see our FAQs.
Step 2. Save your API Key and Secret Key
After registration, you will receive a unique API Key and a Secret Key. API Key helps us identify your application and lets you make API calls. For the safety of your application please do not share your Secret Key.
Step 3. Get an access token
Access token is unique to a user and an API Key. You need access tokens in order to make API calls to LinkedIn on behalf of the user who authorized your application. Follow the two steps below to get one:
a. Generate Authorization Code by redirecting user to LinkedIn's authorization dialog
| Redirect | https://www.linkedin.com/uas/oauth2/authorization?response_type=code &client_id=YOUR_API_KEY &scope=SCOPE &state=STATE &redirect_uri=YOUR_REDIRECT_URI |
| Parameter | Description | Possible Errors |
|---|---|---|
| response_type | Required. Value is always code | Passed a value other than code; Passed an empty value; Missing the parameter. |
| client_id | Required. Value of your API Key given when you registered your application with LinkedIn | Invalid client id; Passed multiple client ids; Passed an empty value; Missing the parameter |
| scope | Optional. Use it to specify a list of member permissions that you need and these will be shown to the user on LinkedIn's authorization form. If not passed, defaults to r_ basicprofile. Specify multiple scopes by adding a space between different parameters. Remember to URL encode your spaces! Example: scope=r_fullprofile%20r_emailaddress%20r_network. | Not spelled correctly or Invalid Value; Repeated scope values. |
| state | Required. A unique string value of your choice that is difficult to guess. It should not contain any private information. This parameter will be returned to the specified redirect_url to validate the response and prevent CSRF. Example: state=DCEEFWF45453sdffef424 | Passed an empty value; Missing the parameter |
| redirect_uri | Required. URI in your app where users will be sent after authorization. URI can use http or https. Example: http://www.mycoolsite.com | Passed an invalid value; Passed an empty or blank value; Missing the parameter |
If the user authorizes your application they will be redirected to the redirect_uri that you specified in your request above along with a temporary authorization_code and the same state that you passed in the request above.
Upon successful authorization, the redirected URL should look like:
YOUR_REDIRECT_URI/?code=AUTHORIZATION_CODE&state=STATEEnsure that the state parameter in this response matches the one you passed in the authorization request above. If the state does not match, that means the request may be a result of CSRF and must be rejected.
If the user does not allow authorization to your application, redirection to the redirect_uri still occurs, with query parameters indicating the user canceled authorization and a short description of the error:
YOUR_REDIRECT_URI/?error=access_denied&error_description=the+user+denied+your+
request&state=STATEb. Request Access Token by exchanging the authorization_code for it
| POST | https://www.linkedin.com/uas/oauth2/accessToken?grant_type=authorization_code &code=AUTHORIZATION_CODE &redirect_uri=YOUR_REDIRECT_URI &client_id=YOUR_API_KEY &client_secret=YOUR_SECRET_KEY |
| Parameter | Description | Possible Errors |
|---|---|---|
| grant_type | Required. Value is always authorization_code | Passed a value other than authorization_code; Passed an empty or blank value; Missing the parameter |
| code | Required. Value of authorization_code that you got in the previous step. | Passed invalid value; Authorization code expired; Passed an empty value; Missing the parameter |
| redirect_uri | Required. Same redirect_uri that you passed in the previous step. | Different redirect_uri than used during authorization code generation; Passed an invalid value; Passed an empty or blank value; Missing the parameter |
| client_id | Required. Value of your API Key given when you registered your application with LinkedIn | Different client-id than used during authorization code generation; Invalid client id; Passed multiple client ids; Passed an empty or blank value; Missing the parameter |
| client_secret | Required. Value of your secret key given when you registered your application with LinkedIn | Passed invalid value; Passed an empty value; Missing the parameter |
{"expires_in":5184000,
"access_token":"AQXdSP_W41_UPs5ioT_t8HESyODB4FqbkJ8LrV_5mff4gPODzOYR"}The value of parameter expires_in is the number of seconds from now that this access_token will expire in (5184000 seconds is 60 days). Please ensure to keep the user access tokens secure, as agreed upon in our APIs Terms of Use.
Step 4. Make the API calls
You can now use this access_token to make API calls on behalf of this user by appending "oauth2_access_token=access_token" at the end of the API call that you wish to make.
| GET | https://api.linkedin.com/v1/people/~?oauth2_access_token=AQXdSP_W41_UPs5ioT_t8HESyODB4FqbkJ8LrV_5mff4gPODzOYR |
Granting Member Permissions to Your Application
With the LinkedIn API, you have the ability to specify which permissions you want users to grant your application.Member permissions provide the following:
- Basic Profile default: When no permissions are specified, the basic profile permission will be used by default. Consider this to represent the current user’s ‘digital business card’.
- All or None Grant: Members will need to accept all permissions requested by the application. Selection of individual permissions by the user is not supported.
- Optimized for 3 Permissions: The user experience has been optimized for applications requesting 3 permissions. Requesting additional permissions are allowed, but not encouraged.
- Re-Auth on Permission changes:A new login dialog will be presented to the user if different permissions are requested than what they initially granted.
Requesting permissions from the user is straight forward. Pass the scopes you need granted as query parameters when redirecting the user to the /authorization endpoint. The following example asks for basic profile and email address permissions:
Alternatively, you may choose to specify which member permissions your application requests from the user without passing query parameters during authorization. You can easily configure this for your API key by visiting your application settings page and specify which scopes will be defaulted to the user in the Default scope section:
When the user is presented with the login dialog, LinkedIn shows the user the specific permissions you're asking for:
Below is a list of all member permissions
| Permission | Description | Scope | Primary Endpoints |
|---|---|---|---|
| Your Profile Overview | Name, photo, headline, and current positions | r_basicprofile | GET /people/~ *see person field list |
| Your Full Profile | Full profile including experience, education, skills, and recommendations | r_fullprofile | GET /people/~ *see person field list |
| Your Email Address | The primary email address you use for your LinkedIn account | r_emailaddress | GET /people/~/email-address |
| Your Connections | Your 1st and 2nd degree connections | r_network | GET /people/~/connections GET /people/~/people-search |
| Your Contact Info | Address, phone number, and bound accounts | r_contactinfo | GET /people/~ *see person field list |
| Network Updates | Retrieve and post updates to LinkedIn as you | rw_nus | GET /people/~/network/updates POST /people/~/shares |
| Company Page & Analytics | Edit company pages for which I am an Admin and post status updates on behalf of those companies | rw_company_admin | POST /companies/{id}/shares GETcompanies/{id}/company-statistics |
| Group Discussions | Retrieve and post group discussions as you | rw_groups | GET & POST /groups GET & POST /posts GET & POST /people/~/group-memberships |
| Invitations and Messages | Send messages and invitations to connect as you | w_messages | POST /people/~/mailbox |
Migrating from OAuth 1.0a to OAuth 2.0
If you're already happy with your current OAuth 1.0a solution, a migration to OAuth 2.0 isn't necessary. However, if you do decide to make the change, your current users who have already authorized your application won't need to be authorized again. As long as these users are already logged into LinkedIn:- Your previously authorized user goes through the OAuth 2.0 flow as described above
- LinkedIn determines that this user has previously authorized your application and returns an auth code
- Since user has already authorized, a redirect isn't required. Instead, simply upgrade the auth code for an access token
- Your application now has a valid OAuth 2.0 access token
No comments:
Post a Comment