LinkedIn Login Fails With Error: "Scope "r_emailaddress" is not Authorized for Your Application"

Knowledge Solutions
, , , ,
1

Problem statement

A LinkedIn connection is configured in a tenant. Attempting a login via this connection results in the following error being displayed:

“Scope "r_emailaddress" is not authorized for your application”

Why does this error occur when attempting to log in via a LinkedIn social connection?


![22.jpeg|690x480](upload://osj9B2q99rScqHOME3QZGg0jVuq.png)

## Cause

This error can occur when using "Sign In with LinkedIn using OpenID Connect" in the LinkedIn developer portal.

![33.jpeg|690x141](upload://ewbYKYunhysKqUH4ElMjObJVb2o.png)

The LinkedIn product has recently changed - "[Sign In with LinkedIn](https://learn.microsoft.com/en-us/linkedin/consumer/integrations/self-serve/sign-in-with-linkedin) " was deprecated and replaced with "Sign In with LinkedIn using OpenID Connect".

"Sign In with LinkedIn using OpenID Connect." does not add ***r_liteprofile*** and ***r_emailaddress*** listed under "OAuth 2.0 scopes" for the application. Instead, it adds ***openid, profile, email.***

Auth0's LinkedIn Social Connection requests ***r_liteprofile*** no matter how to configure the connection. (r_emailaddress is additionally requested if the "Email address" box is checked.)

Result: It seems that you can only get a LinkedIn Social Connection to work if you set up the LinkedIn application (or perhaps your LinkedIn developer account) before "Sign In with LinkedIn" was deprecated.

Our Engineering team has a backlog item to update our LinkedIn connection to accommodate the new "Sign In with LinkedIn using OpenID Connect" product.

## Solution
Our Engineering team has a backlog item to update our LinkedIn connection to accommodate the new "Sign In with LinkedIn using OpenID Connect" product.

In the meantime, it is possible to configure a Custom Social Connection to work with the LinkedIn app.
1. Login to the Auth0 dashboard as a tenant member ( Administrator )
2. Navigate to Authentication > Social 
3. Click Create Connection button
4. Scroll to the bottom of the page
5. Click Create Custom
![image|690x353](upload://vGdUSuFLFXyEcpRfmTZ0ytmPa0.png)
6. Configure the application and include the following script to fetch the user profile:

function(accessToken, ctx, cb) {

request.get(‘https://api.linkedin.com/v2/userinfo’;, {
headers: {
‘Authorization’: 'Bearer ’ + accessToken,
},
json: true
}, function(e, r, profile) {
if (e) return cb(e);
if (r.statusCode !== 200) return cb(new Error('StatusCode: ’ + r.statusCode));
profile.user_id = profile.sub;
cb(null, profile);
});
}