6.2 KiB
LinkedIn Access Token Generation Guide
Current Status
Your LinkedIn app credentials are ready:
- ✅ Client ID:
782ff5x832tfn4 - ✅ Client Secret:
WPL_AP1.Mwyqzyoyi6LguP4J.nP49EQ==
However, LinkedIn requires specific API access permissions before you can generate tokens. Here's how to set that up:
Step 1: Request API Access
LinkedIn requires you to request access to specific APIs for your app.
Go to Your App Settings
- Visit: https://www.linkedin.com/developers/apps
- Click on your app
- Go to the Settings tab
Request Product Access
In the Settings page, find the Products section and request access to:
- Sign In with LinkedIn (for authentication)
- Marketing Developer Platform (if sharing content)
- LinkedIn Jobs Search API (optional, for job search features)
Important: For MCP usage, you primarily need one of these. Start with "Sign In with LinkedIn" which is the most commonly approved.
Step 2: Once Access is Approved
LinkedIn will review your request (usually 5-10 minutes to 24 hours). Once approved:
Option A: Generate Personal Access Token (Recommended for MCP)
If you're using this for personal/development purposes:
- Go to your app → Settings tab
- Scroll down to Personal access tokens section
- Click Generate token
- Choose scopes (at minimum:
r_liteprofileandr_emailaddress) - Copy the token immediately (it won't be shown again)
This token is what goes in your .env file:
LINKEDIN_ACCESS_TOKEN=your_personal_token_here
Option B: OAuth2 Authorization Code Flow (For user login)
If you want to authenticate via LinkedIn login:
- Direct user to:
https://www.linkedin.com/oauth/v2/authorization?
response_type=code
&client_id=782ff5x832tfn4
&redirect_uri=http://10.0.0.25:4444/callback
&scope=r_liteprofile%20r_emailaddress
&state=random_string_here
- User approves access
- LinkedIn redirects to your callback URL with an authorization code
- Exchange the code for an access token:
curl -X POST https://www.linkedin.com/oauth/v2/accessToken \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "grant_type=authorization_code" \
-d "code=AUTHORIZATION_CODE_FROM_REDIRECT" \
-d "redirect_uri=http://10.0.0.25:4444/callback" \
-d "client_id=782ff5x832tfn4" \
-d "client_secret=WPL_AP1.Mwyqzyoyi6LguP4J.nP49EQ=="
Response will contain:
{
"access_token": "your_access_token_here",
"expires_in": 5184000,
"token_type": "Bearer"
}
Step 3: Add to .env File
Once you have your access token (either from personal token generation or OAuth flow):
nano /sessions/vigilant-elegant-ramanujan/mnt/MCP\ Servers/mcp-gateway/.env
Add or update:
# LinkedIn MCP Server
LINKEDIN_ACCESS_TOKEN=your_access_token_here
LINKEDIN_API_KEY=optional_if_enterprise_access
Understanding Token Types
Personal Access Token
- Use case: Development, testing, personal use
- Scope: Limited to your account
- Duration: Varies (usually 1-12 months)
- Approval: Often faster
- Best for: MCP gateway running on personal machine
OAuth2 Bearer Token
- Use case: User delegation, multi-user scenarios
- Scope: Limited to approved scopes
- Duration: Shorter (usually 60 days)
- Approval: Required for each user
- Best for: Customer-facing applications
Troubleshooting
"Access Denied" or "Product Access Not Granted"
Solution: Your app needs to request API access in the Products section.
- Go to https://www.linkedin.com/developers/apps
- Select your app
- Go to Products or Authorized products
- Click Request access for desired APIs
- Fill in the form about your use case
- Submit and wait for approval
"Invalid Scope"
Solution: You're requesting scopes your app doesn't have access to.
Start with basic scopes:
r_liteprofile- Basic profile datar_emailaddress- Email addressr_basicprofile- Basic profile (some APIs)
Don't request enterprise scopes until your app is approved for them.
Token Expired
Solution: Generate a new token.
LinkedIn tokens expire periodically. Before expiration:
- Generate a new personal token, or
- Refresh the OAuth token using refresh_token (if available)
- Update .env with new token
- Restart gateway container
"Unauthorized" When Using Token
Solution: Verify the token is correct.
# Test your token
curl -X GET https://api.linkedin.com/v2/me \
-H "Authorization: Bearer YOUR_TOKEN_HERE"
# Should return your LinkedIn profile, not an error
Estimated Timeline
| Step | Duration | Notes |
|---|---|---|
| Request API Access | 5 min | Immediate submission |
| LinkedIn Review | 5 min - 24 hours | Usually fast for personal tokens |
| Generate Token | 1 min | Immediate once approved |
| Update .env | 1 min | Simple edit |
| Test Token | 1 min | Curl request to verify |
| Deploy Changes | 5 min | Docker rebuild |
Total: Usually 10-30 minutes
Next Steps
- ✅ Go to your LinkedIn app settings
- ✅ Request access to required APIs
- ✅ Wait for approval (typically 5-60 minutes)
- ✅ Generate personal access token
- ✅ Add token to .env file
- ✅ Rebuild and restart gateway:
cd /path/to/mcp-gateway docker-compose down docker-compose build docker-compose up -d - ✅ Verify LinkedIn service is healthy:
curl http://10.0.0.25:4444/dashboard/status | jq '.services[] | select(.name=="LinkedIn")'
Quick Reference
Your LinkedIn App:
- App ID:
782ff5x832tfn4 - Settings: https://www.linkedin.com/developers/apps
- Test endpoint:
https://api.linkedin.com/v2/me - MCP Gateway callback:
http://10.0.0.25:4444/callback
Environment Variable:
LINKEDIN_ACCESS_TOKEN=<paste_your_token_here>
LinkedIn API Documentation
- Official Docs: https://docs.microsoft.com/en-us/linkedin/
- OAuth2 Guide: https://docs.microsoft.com/en-us/linkedin/shared/authentication/authentication
- Jobs API: https://docs.microsoft.com/en-us/linkedin/jobs/jobs-api/
- Marketing API: https://docs.microsoft.com/en-us/linkedin/marketing/marketing-api/
Get your token and we'll complete the setup! 🚀