Retrieving data from social networks is increasingly becoming popular for various purposes. Some applications may be doing it for authenticating and authorising users to their own web based applications. Some others may be looking for validating/verifying people related data.

Whatever may be the purpose, connecting to social media requires your application to adhere to certain authentication and authorisation mechanisms. Your application can be a web based one or a script written in any scripting language. Here, I am using python.

Without much ado, let’s have a look at how you can run a python script to connect to Linkedin and pull your profile data.

Configure Linkedin Application

LinkedIn uses OAuth 2.0 for authenticationFollow below listed high level steps to configure your application

  1. Configure your Linkedin Application (must be logged in already). Create a new application by specifying all required details and submit.
  2. Once you submit, you will be directed to a page where you can configure your app. You will see a Client ID (a.k.a API Key) and Client Secret (a.k.a API Secret) values in the page. Note them down.
  3. Under default application permissions, you must select at least “r_basicprofile”.
  4. Next, under OAuth 2.0, you must specify a URL (redirect url), that Linkedin can callback. For this, you must be able to host a web page somewhere in the internet, that is accessible to LinkedIn. I did mine here “http://cloudsparrow.com/linkedinredirect.php. I own http://cloudsparrow.com and hence it was easy to place the php file linkedinredirect.php in the root directory of the website. Add your own url in the input box, click add, and then press the Update button at the bottom of the page.

The linkedinredirect.php contains a small php script to print all url parameters (GET request) with which it will be accessed. Below is the code. We will see how it works

<?php
 foreach($_GET as $key => $value)
     {
     echo $key . " : " . $value . "<br />\r\n";
     }
 ?>

The authentication mechanism works as listed below:

  1. Use ClientID and ClientSecret values, to obtain an authorization code.
  2. Exchange the authorization code to obtain an access token.
  3. Use the access token to retrieve data from your Linkedin profile

Python Script to authenticate with LinkedIn and pull profile data

from linkedin import linkedin

API_KEY = '<client-id>' 
API_SECRET = '<client-secret'> 
RETURN_URL = 'http://cloudsparrow.com/linkedinredirect.php'
#
#If you do not have a token yet, keep the below variable blank. If you already have a token, assign the token string to this variable
#
accesstoken_str  = ""
#accesstoken_str = "<paste token here, if you have already obtained the token"

if(not accesstoken_str):

    authentication = linkedin.LinkedInAuthentication(API_KEY, API_SECRET, RETURN_URL, permissions=["r_basicprofile"])
    # Optionally one can send custom "state" value that will be returned from OAuth server
    # It can be used to track your user state or something else (it's up to you)
    # Be aware that this value is sent to OAuth server AS IS - make sure to encode or hash it
    #authorization.state = 'your_encoded_message'

    print authentication.authorization_url  # open this url on your browser to login and obtain access code
    print("")
    print("Copy the URL to a browser and click go. Copy code value back from the redirect page")
    print("")
    auth_code = raw_input("Authorization Code from RedirectURL:")
    print ("Using Auth Code: " + auth_code)

    authentication.authorization_code = auth_code
    accesstoken = authentication.get_access_token()

    if(not accesstoken):
        print("Access Token COuld not be Obtained: ")
        quit()

    print("Access Token:" + accesstoken["access_token"])
    print("Expires in:" + str(accesstoken["expires_in"]))
    #
    # Create the application instance using the fetched token
    #
    application = linkedin.LinkedInApplication(authentication)
else:
    #
    # Create the application instance using the available token
    #
    application = linkedin.LinkedInApplication(token=accesstoken_str)    

#Get own Profile 

my_profile = application.get_profile(selectors=['id', 'first-name', 'last-name', 'location', 'distance', 'num-connections', 'skills', 'educations'])
print(my_profile)

Steps in Detail

You will need to have the “python-linkedin” module to run this script. Install it if you don’t have it already.

pip install python-linkedin 

If you already have an access token, then you do not need to request for authorization code and then exchange for an access token. You can use the token directly to invoke the APIs. If you are yet to procure the token, leave the below variable with a blank string, so that the script goes through the authentication steps to procure a token.

accesstoken_str = “”

Now, open a terminal and run the script.

First, it frames the authorization URL and prints it out to the console. It will have the below format:

https://www.linkedin.com/uas/oauth2/authorization?scope=r_basicprofile&state=<uniquetext>&redirect_uri=<your-redirect-url>&response_type=code&client_id=<your-client-id>

Copy this URL and fire it into your browser. You will be prompted to login to Linkedin. It will also tell you that the application you created in Linkedin (step 1) is trying to access your basic profile. (screenshot below):

Linkedin Authroization request page

Enter your LinkedIn credentials and click “Allow Access”.

Linkedin will now call your redirect url that you configured while creating the application. The url will have two parameters :- code and state.

Example below:

http://cloudsparrow.com/linkedinredirect.php?code=AQQy98WLXQYlwfbnywULDxnDkc0Wgxxut8jQmc3y5-FK-lTkJ6z4bkEbV4H3Cx9tCJ_7eAPiK_gH58zamlpS8ptPIYXuhh6bVZ3y-s2ooMuQ0nIv6OiQLlR5X2FnlS8hTkmpEZ5ik1aE4amTLpc&state=64b1ccaed2347218833a5b736e5f83e2#!

Code value is the authorization code that you will use to get an access token. State value is a unique string that you send to Linkedin inorder to prevent CSRF attacks.

The php script inside the redirect url prints the two parameters on to the screen – as shown below:

Linkedin Authorization code from redirect url

Copy the code value from the web page. Your script will be waiting in the terminal for authorization code:

[email protected]:~/cbsocial$ python linkedinauth.py 
https://www.linkedin.com/uas/oauth2/authorization?scope=r_basicprofile&state=64b1ccaed2347218833a5b736e5f83e2&redirect_uri=http%3A//cloudsparrow.com/linkedinredirect.php&response_type=code&client_id=815578oltv7816

Copy the URL to a browser and click go. Copy code value back from the redirect page

Authorization Code from RedirectURL: 

Paste the copied authorization code into the console and press ENTER.

Script will now request for an access token using the authorization code.

    authentication.authorization_code = auth_code
    accesstoken = authentication.get_access_token()

Once you obtain the access token, you can access your profile using :

application = linkedin.LinkedInApplication(authentication)
my_profile = application.get_profile(selectors=['id', 'first-name', 'last-name', 'location', 'distance', 'num-connections', 'skills', 'educations'])

Once you obtain an accesstoken, it can be re-used for multiple requests. If you assign the “accesstoken_str” variable with the new token, script will no longer go through the authorization mechanism.

Permissions Required for API Usage

Significant changes happened to Developer program API usage in 2015. As on Jan 2018, the time of writing this article, I found the following restrictions:

(1)

You will be able to access your profile information, but you will not be able to query or search for other people’s profile info (people search). You will be receiving a 403 error message.

linkedin.exceptions.LinkedInError: 403 Client Error: Forbidden for url: https://api.linkedin.com/v1/people-search:(people:(id,first-name,last-name))?

Linked clearly says that this API endpoint is forbidden, unless you get approved as a Linkedin partner. Read more: https://developer.linkedin.com/support/developer-program-transition

(2)

Linkedin says, following API end points are still available as part of the developer program:

  • Profile API — /v1/people/~
  • Share API — /v1/people/~/shares
  • Companies API — /v1/companies/{id}

However, please note that, accessing another person’s profile requires the person being accessed to authorize your application (the authorization-redirect url flow). May be, if you are running a website and implement a “Login using Linkedin” feature, you will be able to get access into the user’s profile.

(3)

You might think that accessing Linkedin company pages must be public. But, to access a company profile, your script must connect using the company page’s admin user.

Reference: https://github.com/ozgur/python-linkedin/blob/master/README.md

Written by Justin Jose

He is a post graduate in computers and has more than 14 years of industry experience with some of the leading Information Technology companies in India. Data-centric computing, ranging from data architecture to analytics is his area of interest.