I've been struggling with the LinkedIn OAuth implementation on my site. Users can log in using LinkedIn, and I'm utilizing the access token to retrieve data. The access token is valid for two months, and I found out it's supposed to be possible to refresh it. However, I can't find any solid info on how to actually perform the refresh. The standard OAuth flow includes a refresh token, which LinkedIn seems to lack. Has anyone dealt with this before and can guide me on how to manage token refresh for LinkedIn?
2 Answers
From what I've gathered, it looks like LinkedIn doesn't allow token refreshes for regular users. The refresh token feature is only available for certain partnerships. So, unfortunately, you'll need to redirect users to log in again before the token expires. It can be frustrating since their documentation is pretty misleading about this.
I was checking out Google's OAuth documents, and they do offer refresh tokens. But sadly, LinkedIn requires a specific partnership to use refresh tokens. Most other OAuth providers make it easier, so LinkedIn is a bit of an outlier here.
Right! It's a bummer because the standard is so different across platforms.
Yeah, it's quite annoying that they make it seem possible but then you end up having to get users to reconnect every couple of months.