Permission Issue Implementing LinkedIn Oauth Using Passport.js (Node JS)

Question

We working on LinkedIn OAuth for user authentication and we have registered the app on LinkedIn Developer Console with 'Sign In with LinkedIn' product added to the application to get the required Oauth scopes. This image shows the list of scopes available for my App https://imgur.com/a/7QRmRXN.

& below is the current implementation that i have

...
   private setStrategy() {
      return this.use(
         this.strategy === 'google' ? this.googleStrategyOption() : this.linkedInStrategyOption()
      );
   }

   private verifyToken = async (
      authToken: string,
      refreshToken: string,
      profile: Profile,
      done: (error: unknown, user: unknown) => void
   ) => {
      try {
         const { user } = await this.authenticationService.createNewUser({
            firstName: profile.name?.givenName,
            lastName: profile.name?.familyName,
            email: profile.emails?.[0].value,
            avatarUrl: profile.photos?.[0]?.value,
            provider: {
               type: profile.provider,
               id: profile.id,
               email: profile.emails?.[0].value,
            },
         });

         ...
      } catch (err) {
         done(err, null);
      }
   };

   ...

   private linkedInStrategyOption() {
      const { LINKEDIN_CLIENT_ID: clientID, LINKEDIN_CLIENT_SECRET: clientSecret, baseURL } = ENV;

      return new LinkedInStrategy(
         {
            clientID,
            clientSecret,
            callbackURL: `${baseURL}/api/auth/linkedin/callback`,
            scope: ['openid', 'profile', 'email'],
         },
         this.verifyToken
      );
   }

Which shows that the scope available for my app on the developer console has been included in the LinkedInStrategy scope property. But when the request is been made, i end up getting the below error

"serviceErrorCode":100,"message":"Not enough permissions to access: GET /me","status":403

I have looked at other similar stackoverflow post and follow sugesstions, none seems to work for me...

i have update the scope array to include basicprofile as suggested here but then i got that the scope is unavailable....

and i have taking my time to go through linkedin API documentation & even fork their Postman api collection, but still have similar issue, using my app SECRET & ID

I would need help, on getting past this isssue.

#linkedin

Answer 1

You need to use the latest version of 'passport-linkedin'. It is not available on the npm repository, but you can download it from https://github.com/auth0/passport-linkedin-oauth2/releases/tag/v3.0.0.