stackoom
  简体   繁体   中英

How to call the LinkedIn API using Python?

 原文  2020-10-31 07:21:35       python/ api/ authorization/ linkedin/ linkedin-api

Question

I tried so many methods, but none seem to work. Help me make a connection with LinkedIn using python. Issue in generating Access Token I received CODE but it doesn't work. I have python 3.9 Please post a sample of basic code that establishes a connection and gets a access Token. And which redirectUri I have to use. Can i use any website link for rediectUri.

I tried to check API through curl and Postman but didn't get solution its say Unauthorized Accesss. https://github.com/ozgur/python-linkedin <---This is where I got some idea how to use API .To recievd Access token .

1 answers

solution1
 4 ACCPTED  2020-10-31 10:39:14

First solution valid for any (including free) applications, it useses so-called 3-Legged OAuth 2.0 Authentication :

  1. Login to your account in the browser.
  2. Create new application by this link .
  3. If you already have application you may use it by selecting it here and changing its options if needed.
  4. In application credentials copy Client ID and Client Secret, you'll need them later.
  5. On your application's server side create Authorization request URL by next code and send/redirect it to client. If your Python code runs locally you may just open this URL in your browser with import webbrowser; webbrowser.open(url) import webbrowser; webbrowser.open(url) code. Fill in all fields with your values too. There is redirect_uri in the code, this is URL where authorization response is sent back, for locally running script you have to run Python HTTP web server to retrieve result.
# Needs: python -m pip install requests
import requests, secrets

url = requests.Request(
    'GET',
    'https://www.linkedin.com/oauth/v2/authorization',
    params = {
        'response_type': 'code', # Always should equal to fixed string "code"
        
        # ClientID of your created application
        'client_id': 'REPLACE_WITH_YOUR_CLIENT_ID',
        
        # The URI your users are sent back to after authorization.
        # This value must match one of the OAuth 2.0 Authorized Redirect
        # URLs defined in your application configuration.
        # This is basically URL of your server that processes authorized requests like:
        #     https://your.server.com/linkedin_authorized_callback
        'redirect_uri': 'REPLACE_WITH_REDIRECT_URL', # Replace this with your value
        
        # state, any unique non-secret randomly generated string like DCEeFWf45A53sdfKef424
        # that identifies current authorization request on server side.
        # One way of generating such state is by using standard "secrets" module like below.
        # Store generated state string on your server for further identifying this authorization session.
        'state': secrets.token_hex(8).upper(),
        
        # Requested permissions, below is just example, change them to what you need.
        # List of possible permissions is here:
        #     https://docs.microsoft.com/en-us/linkedin/shared/references/migrations/default-scopes-migration#scope-to-consent-message-mapping
        'scope': '%20'.join(['r_liteprofile', 'r_emailaddress', 'w_member_social']),
    },
).prepare().url

# You may now send this url from server to user
# Or if code runs locally just open browser like below

import webbrowser
webbrowser.open(url)

  1. After user authorized your app by previous URL his browser will be redirected to redirect_uri and two fields code and state will be attached to this URL, code is unique authorization code that you should store on server, code expires after 30 minutes if not used, state is a copy of state from previous code above, this state is like unique id of your current authorization session, use same state string only once and generate it randomly each time, also state is not a secret thing because you send it to user inside authorization URL, but should be unique and quite long. Example of full redirected URL is https://your.server.com/linkedin_authorized_callback?code=987ab12uiu98onvokm56&state=D5B1C1348F110D7C .

  2. Next you have to exchange code obtained previously to access_token by next code, next code should be run on your server or where your application is running, because it uses client_secret of your application and this is a secret value, you shouldn't show it to public, never share ClientSecret with anyone except maybe some trusted people, because such people will have ability to pretend (fake) to be your application while they are not.

# Needs: python -m pip install requests
import requests
access_token = requests.post(
    'https://www.linkedin.com/oauth/v2/accessToken',
    params = {
        'grant_type': 'authorization_code',
        # This is code obtained on previous step by Python script.
        'code': 'REPLACE_WITH_CODE',
        # This should be same as 'redirect_uri' field value of previous Python script.
        'redirect_uri': 'REPLACE_WITH_REDIRECT_URL',
        # Client ID of your created application
        'client_id': 'REPLACE_WITH_YOUR_CLIENT_ID',
        # Client Secret of your created application
        'client_secret': 'REPLACE_WITH_YOUR_CLIENT_SECRET',
    },
).json()['access_token']
print(access_token)

  1. access_token obtained by previous script is valid for 60 days ! So quite long period. If you're planning to use your application for yourself only or your friends then you can just pre-generate manually once in two months by hands several tokens for several people without need for servers.

  2. Next use access_token for any API calls on behalf of just authorized above user of LinkedIn. Include Authorization: Bearer ACCESS_TOKEN HTTP header in all calls. Example of one such API code below:

import requests
print(requests.get(
    'https://api.linkedin.com/v2/jobs',
    params = {
        # Any API params go here
    },
    headers = {
        'Authorization': 'Bearer ' + access_token,
        # Any other needed HTTP headers go here
    },
).json())
  1. More details can be read here . Regarding how your application is organized, there are 3 options:
    • Your application is running fully on remote server, meaning both authentication and running application (API calls) are done on some dedicated remote server. Then there is no problem with security, server doesn't share any secrets like client_secret , code , access_token .
    • Your application is running locally on user's machine while authentication is runned once in a while by your server, also some other things like storing necessary data in DataBase can be done by server. Then your server doesn't need to share client_secret , code , but shares access_token which is sent back to application to user's machine. It is also OK, then your server can keep track of what users are using your application, also will be able to revoke some or all of access_token s if needed to block user.
    • Your application is fully run on local user's machine, no dedicated server is used at all. In this case all of client_secret , code , access_token are stored on user's machine. In this case you can't revoke access to your application of some specific users, you can only revoke all of them by regenerating client_secret in your app settings. Also you can't track any work of your app users (although maybe there is some usage statistics in your app settings/info pages). In this case any user can look into your app code and copy client_secret , unless you compile Python to some .exe / .dll / .so and encrypt you client secret there. If anyone got client_secret he can pretend (fake) to be your application meaning that if you app contacts other users somehow then he can try to authorize other people by showing your app interface while having some other fraudulent code underneath, basically your app is not that secure or trusted anymore. Also local code can be easily modified so you shouldn't trust your application to do exactly your code. Also in order to authorize users like was done in previous steps 5)-7) in case of local app you have to start Python HTTP Server to be able to retrieve redirected results of step 5) .

Below is a second solution valid only if your application is a part of LinkedIn Developer Enterprise Products paid subscription, also then you need to Enable Client Credentials Flow in your application settings, next steps uses so-called 2-Legged OAuth 2.0 Authentication :

  1. Login to your account in the browser.
  2. Create new application by this link .
  3. If you already have application you may use it by selecting it here and changing its options if needed.
  4. In application credentials copy ClientID and ClientSecret, you'll need them later.
  5. Create AccessToken by next Python code (put correct client id and client secret), you should run next code only on your server side or on computers of only trusted people, because code uses ClientSecret of your application which is a secret thing and shouldn't be showed to public:
# Needs: python -m pip install requests
import requests
access_token = requests.post(
    'https://www.linkedin.com/oauth/v2/accessToken',
    params = {
        'grant_type': 'client_credentials',
        'client_id': 'REPLACE_WITH_YOUR_CLIENT_ID',
        'client_secret': 'REPLACE_WITH_YOUR_CLIENT_SECRET',
    },
).json()['access_token']
print(access_token)
  1. Copy access_token from previous response, it expires after 30 minutes after issue so you need to use previous script often to gain new access token.
  2. Now you can do any API requests that you need using this token, like in code below ( access_token is taken from previous steps):
import requests
print(requests.get(
    'https://api.linkedin.com/v2/jobs',
    params = {
        # Any API params go here
    },
    headers = {
        'Authorization': 'Bearer ' + access_token,
        # Any other needed HTTP headers go here
    },
).json())
  1. More details can be read here or here .

solution2
 0  2020-11-02 06:14:49

I tried so many methods, but none seem to work. Help me make a connection with LinkedIn using python. Issue in generating Access Token I received CODE but it doesn't work. I have python 3.9 Please post a sample of basic code that establishes a connection and gets a access Token. And which redirectUri I have to use. Can i use any website link for rediectUri.

I tried to check API through curl and Postman but didn't get solution its say Unauthorized Accesss. https://github.com/ozgur/python-linkedin <---This is where I got some idea how to use API .To recievd Access token .

solution3
 0  2020-11-04 04:45:05

I tried so many methods, but none seem to work. Help me make a connection with LinkedIn using python. Issue in generating Access Token I received CODE but it doesn't work. I have python 3.9 Please post a sample of basic code that establishes a connection and gets a access Token. And which redirectUri I have to use. Can i use any website link for rediectUri.

I tried to check API through curl and Postman but didn't get solution its say Unauthorized Accesss. https://github.com/ozgur/python-linkedin <---This is where I got some idea how to use API .To recievd Access token .

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to use linkedin API with python How to access linkedin API in python Python Key Error Missing Dict in LinkedIn API call - how to call default value instead? How do I get a user's email address using LinkedIn's new api call? python LinkedIn api connection Linkedin API for python Linkedin API Python How do i make a post request to linkedin api and share content using python How to logout of linkedin using selenium python How to download image from linkedin by using python?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM