Permissions are authorization consents to access LinkedIn resources. The LinkedIn platform uses permissions to protect and prevent abuse of member information. Your application must have the appropriate permissions before it can access data.
Your application can be authorized by LinkedIn in two ways:
Member Authorization or
Authorization Code Flow (3-legged authorization): A LinkedIn member grants permissions to your application to access the member’s resources on LinkedIn. Use this flow if you are requesting access to a member's account to use their data and make requests on their behalf.
Application Authorization or
Client Credential Flow (2-legged authorization): LinkedIn grants permissions to your application to access protected LinkedIn resources. If you are accessing APIs that are not member specific, use this flow.
Permissions are classified into two types. Each permission type grants a unique subset of APIs, so make sure you request the appropriate permissions for your application. The following table highlights the available permission types:
|Type||Definition||Shown on My Apps||Access Token|
|Member Permission||Requires member’s approval during the authorization flow. The application has no access to these resources without member approval.||Yes||3-legged|
|Application Permission||Granted to the application directly. It is used to return LinkedIn resources that are not specific to members.||No||2-legged|
Always request the minimal permission scopes necessary for your use case.