Add LINKEDIN_TOKEN_GENERATION.md

2026-03-31 15:33:23 -04:00 · 2026-03-31 15:33:23 -04:00 · 5600401f33
commit 5600401f33
parent ff70ecab64
1 changed files with 234 additions and 0 deletions
--- a/LINKEDIN_TOKEN_GENERATION.md
+++ b/LINKEDIN_TOKEN_GENERATION.md
@ -0,0 +1,234 @@
 # LinkedIn Access Token Generation Guide
 ## Current Status
 Your LinkedIn app credentials are ready:
 - ✅ **Client ID**: `782ff5x832tfn4`
 - ✅ **Client Secret**: `WPL_AP1.Mwyqzyoyi6LguP4J.nP49EQ==`
 However, LinkedIn requires specific API access permissions before you can generate tokens. Here's how to set that up:
 ---
 ## Step 1: Request API Access
 LinkedIn requires you to request access to specific APIs for your app.
 ### Go to Your App Settings
 1. Visit: https://www.linkedin.com/developers/apps
 2. Click on your app
 3. Go to the **Settings** tab
 ### Request Product Access
 In the Settings page, find the **Products** section and request access to:
 - **Sign In with LinkedIn** (for authentication)
 - **Marketing Developer Platform** (if sharing content)
 - **LinkedIn Jobs Search API** (optional, for job search features)
 **Important:** For MCP usage, you primarily need one of these. Start with "Sign In with LinkedIn" which is the most commonly approved.
 ---
 ## Step 2: Once Access is Approved
 LinkedIn will review your request (usually 5-10 minutes to 24 hours). Once approved:
 ### Option A: Generate Personal Access Token (Recommended for MCP)
 If you're using this for personal/development purposes:
 1. Go to your app → **Settings** tab
 2. Scroll down to **Personal access tokens** section
 3. Click **Generate token**
 4. Choose scopes (at minimum: `r_liteprofile` and `r_emailaddress`)
 5. Copy the token immediately (it won't be shown again)
 This token is what goes in your `.env` file:
 ```env
 LINKEDIN_ACCESS_TOKEN=your_personal_token_here
 ```
 ### Option B: OAuth2 Authorization Code Flow (For user login)
 If you want to authenticate via LinkedIn login:
 1. Direct user to:
 ```
 https://www.linkedin.com/oauth/v2/authorization?
  response_type=code
  &client_id=782ff5x832tfn4
  &redirect_uri=http://10.0.0.25:4444/callback
  &scope=r_liteprofile%20r_emailaddress
  &state=random_string_here
 ```
 2. User approves access
 3. LinkedIn redirects to your callback URL with an authorization code
 4. Exchange the code for an access token:
 ```bash
 curl -X POST https://www.linkedin.com/oauth/v2/accessToken \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "grant_type=authorization_code" \
  -d "code=AUTHORIZATION_CODE_FROM_REDIRECT" \
  -d "redirect_uri=http://10.0.0.25:4444/callback" \
  -d "client_id=782ff5x832tfn4" \
  -d "client_secret=WPL_AP1.Mwyqzyoyi6LguP4J.nP49EQ=="
 ```
 Response will contain:
 ```json
 {
  "access_token": "your_access_token_here",
  "expires_in": 5184000,
  "token_type": "Bearer"
 }
 ```
 ---
 ## Step 3: Add to .env File
 Once you have your access token (either from personal token generation or OAuth flow):
 ```bash
 nano /sessions/vigilant-elegant-ramanujan/mnt/MCP\ Servers/mcp-gateway/.env
 ```
 Add or update:
 ```env
 # LinkedIn MCP Server
 LINKEDIN_ACCESS_TOKEN=your_access_token_here
 LINKEDIN_API_KEY=optional_if_enterprise_access
 ```
 ---
 ## Understanding Token Types
 ### Personal Access Token
 - **Use case**: Development, testing, personal use
 - **Scope**: Limited to your account
 - **Duration**: Varies (usually 1-12 months)
 - **Approval**: Often faster
 - **Best for**: MCP gateway running on personal machine
 ### OAuth2 Bearer Token
 - **Use case**: User delegation, multi-user scenarios
 - **Scope**: Limited to approved scopes
 - **Duration**: Shorter (usually 60 days)
 - **Approval**: Required for each user
 - **Best for**: Customer-facing applications
 ---
 ## Troubleshooting
 ### "Access Denied" or "Product Access Not Granted"
 **Solution**: Your app needs to request API access in the Products section.
 1. Go to https://www.linkedin.com/developers/apps
 2. Select your app
 3. Go to **Products** or **Authorized products**
 4. Click **Request access** for desired APIs
 5. Fill in the form about your use case
 6. Submit and wait for approval
 ### "Invalid Scope"
 **Solution**: You're requesting scopes your app doesn't have access to.
 Start with basic scopes:
 - `r_liteprofile` - Basic profile data
 - `r_emailaddress` - Email address
 - `r_basicprofile` - Basic profile (some APIs)
 Don't request enterprise scopes until your app is approved for them.
 ### Token Expired
 **Solution**: Generate a new token.
 LinkedIn tokens expire periodically. Before expiration:
 1. Generate a new personal token, or
 2. Refresh the OAuth token using refresh_token (if available)
 3. Update .env with new token
 4. Restart gateway container
 ### "Unauthorized" When Using Token
 **Solution**: Verify the token is correct.
 ```bash
 # Test your token
 curl -X GET https://api.linkedin.com/v2/me \
  -H "Authorization: Bearer YOUR_TOKEN_HERE"
 # Should return your LinkedIn profile, not an error
 ```
 ---
 ## Estimated Timeline
 | Step | Duration | Notes |
 |------|----------|-------|
 | Request API Access | 5 min | Immediate submission |
 | LinkedIn Review | 5 min - 24 hours | Usually fast for personal tokens |
 | Generate Token | 1 min | Immediate once approved |
 | Update .env | 1 min | Simple edit |
 | Test Token | 1 min | Curl request to verify |
 | Deploy Changes | 5 min | Docker rebuild |
 **Total**: Usually 10-30 minutes
 ---
 ## Next Steps
 1. ✅ Go to your LinkedIn app settings
 2. ✅ Request access to required APIs
 3. ✅ Wait for approval (typically 5-60 minutes)
 4. ✅ Generate personal access token
 5. ✅ Add token to .env file
 6. ✅ Rebuild and restart gateway:
   ```bash
   cd /path/to/mcp-gateway
   docker-compose down
   docker-compose build
   docker-compose up -d
   ```
 7. ✅ Verify LinkedIn service is healthy:
   ```bash
   curl http://10.0.0.25:4444/dashboard/status | jq '.services[] | select(.name=="LinkedIn")'
   ```
 ---
 ## Quick Reference
 **Your LinkedIn App:**
 - App ID: `782ff5x832tfn4`
 - Settings: https://www.linkedin.com/developers/apps
 - Test endpoint: `https://api.linkedin.com/v2/me`
 - MCP Gateway callback: `http://10.0.0.25:4444/callback`
 **Environment Variable:**
 ```env
 LINKEDIN_ACCESS_TOKEN=<paste_your_token_here>
 ```
 ---
 ## LinkedIn API Documentation
 - **Official Docs**: https://docs.microsoft.com/en-us/linkedin/
 - **OAuth2 Guide**: https://docs.microsoft.com/en-us/linkedin/shared/authentication/authentication
 - **Jobs API**: https://docs.microsoft.com/en-us/linkedin/jobs/jobs-api/
 - **Marketing API**: https://docs.microsoft.com/en-us/linkedin/marketing/marketing-api/
 Get your token and we'll complete the setup! 🚀