Closed ericleib closed 2 months ago
Hi @ericleib , the client will send the client_secret
to the token endpoint if you supplied it when creating the client.
There are however 2 ways to pass both the client_id and client_secret. The client defaults to the recommended way, but from the looks of their documentation it looks like linkedin wants them supplied in the body.
You can try setting the authenticationMethod
to client_secret_post
.
Thank you for your fast answer, that did the trick !
I misunderstood the purpose of this parameter, but now it's clear. Closing the issue.
I wonder if there's something I can change to the docs to make it a bit more clear. What did you think it was for?
I think I just didn't realize that there were multiple possible authentication methods when calling the token endpoint, and I dismissed the parameter as something required for a different flow.
I was also a bit confused by this comment above clientSecret
:
This is required when using the 'client_secret_basic' authenticationMethod for the client_credentials and password flows, but not authorization_code or implicit.
In my case I am using the authorization_code flow, and so initially I thought I didn't not need the clientSecret at all, even though it is needed for the last leg of the flow.
Ah makes sense! Thanks for the background
I am having trouble using the library to connect to the Linkedin API. I am using the authorization_code flow, and it fails upon handling the redirection.
I am calling
client.authorizationCode.getToken({code, redirectUri, state})
and getting the error from the server:The Linkedin documentation does mention that the client_secret (and client_id) are required: https://learn.microsoft.com/en-us/linkedin/shared/authentication/authorization-code-flow?context=linkedin%2Fconsumer%2Fcontext&tabs=HTTPS1#step-2-request-an-authorization-code
I just want to know whether the issue is with Linkedin not following the standard, or if this could be an extra option to add to the library (eg. add options like
includeClientSecret
toGetTokenParams
?), in which case I would do a PR.