Social Sign on With Linked In

Article Id: 131803
Status: Published
Updated On: 07-05-2019 03:16
Products:
CA Single Sign On Secure Proxy Server (SiteMinder) , AXIOMATICS POLICY SERVER , CA Single Sign On SOA Security Manager (SiteMinder) , CA Single Sign-On , CA Single Sign-On
Issue/Introduction:



We're integrating LinkedIn to CA Single Sign-On and we've seen that
the permissions has changed when configuring the LinkedIn :

Before 1st March 2019, permission were as per document, p.13 :

CA SiteMinder Social Sign-On Runbook for LinkedIn IDP 

r_basicprofile
r_emailaccount

https://support.ca.com/phpdocs/1/8231/runbooks/CASM-LinkedInIDPFederationRunbook-ver1.pdf 

but after 1st March 2019, the naming has changed and we'd like to know
which permissions should be set (Default Scope).

Environment:

Release: MSPSSO99000-12.8-Single Sign-On-for Business Users-MSP
Component:

Resolution:

From our documentation you showed us, it needs 

Default Scope – r_basicprofile, r_emailaddress 

It looks like that in v2 version of LinkedIn API, you need to use 
"r_liteprofile (replaces r_basicprofile)" and r_emailaddress. 

ref.: 

Self-Serve v1 to v2 API Migration Frequently Asked Questions 

Does my developer application have access to the LinkedIn v2 API? 
All developer applications created on the LinkedIn Developer Portal after January 14, 2019 have access to the LinkedIn v2 API by default. Alternatively, if your developer application has made a successful LinkedIn v1 API request from September 1, 2018 to December 17, 2018, your developer application has immediate access to the v2 API. 

What permissions do I have access to? 
LinkedIn v1 APIs provided the following set of permissions: 

r_basicprofile 
r_emailaddress 
w_share 
rw_company_admin 
Moving forward, the available v2 APIs include: 

r_liteprofile (replaces r_basicprofile) 
r_emailaddress 
w_member_social (replaces w_share) 
Looking to maintain access to rw_company_admin? Apply to the LinkedIn Marketing Developer Program to continue managing your Company Pages. 

https://docs.microsoft.com/en-us/linkedin/consumer/integrations/self-serve/migration-faq 

About the r_fullprofile, note this : 

How to get LinkedIn r_fullprofile access? 

For getting permission to access r_fullprofile, you will have to apply 
to become a member of a relevant Partner Program. 

Apply for partner status with LinkedIn, explaining what your
integration is and how it works. If it meets the criteria of "we feel
that they’re providing value to members, developers and LinkedIn,"
then r_fullprofile endpoint will remain open for that app, and ONLY
that app

https://stackoverflow.com/questions/31508923/how-to-get-linkedin-r-fullprofile-access