Permissions

Permissions are authorization consents to access LinkedIn resources. The LinkedIn platform uses permissions to protect and prevent abuse of member information. Your application must have the appropriate permissions before it can access data.

Your application can be authorized by LinkedIn in two ways:

  • Member Authorization or Authorization Code Flow (3-legged authorization): A LinkedIn member grants permissions to your application to access the member’s resources on LinkedIn. Use this flow if you are requesting access to a member's account to use their data and make requests on their behalf.

  • Application Authorization or Client Credential Flow (2-legged authorization): LinkedIn grants permissions to your application to access protected LinkedIn resources. If you are accessing APIs that are not member specific, use this flow.

Permission Types

Permissions are classified into two types. Each permission type grants a unique subset of APIs, so make sure you request the appropriate permissions for your application. The following table highlights the available permission types:

Type Definition Shown on My Apps Access Token
Member Permission Requires member’s approval during the authorization flow. The application has no access to these resources without member approval. Yes 3-legged
Application Permission Granted to the application directly. It is used to return LinkedIn resources that are not specific to members. No 2-legged

Note

Always request the minimal permission scopes necessary for your use case.