LinkedIn API Essential Guide

What type of API does LinkedIn provide?

LinkedIn uses a RESTful API for its developer platform.

Type of API

LinkedIn uses a RESTful API.

Key Features

• RESTful architecture: The API follows REST principles, using standard HTTP methods and URIs to interact with resources.
• OAuth 2.0 authentication: LinkedIn's API uses OAuth 2.0 for secure authentication and authorization.
• JSON responses: The API returns data in JSON format.
• Rate limiting: LinkedIn implements rate limits to control API usage.

Summary

LinkedIn provides a RESTful API for developers to integrate LinkedIn functionality into their applications.

Does the LinkedIn API have webhooks?

Yes, the official LinkedIn API does have webhooks. Here are the key points about LinkedIn's webhook functionality:

Webhook Availability

LinkedIn offers webhooks for real-time HTTP notifications for subscribed events. However, this functionality is only available for applications with an approved use case for webhooks.

Event Types

While not exhaustive, some example event types include:

1. ORGANIZATION_SOCIAL_ACTION_NOTIFICATIONS: Related to social actions on an organization's page.

2. Lead Syncing: For Lead Syncing use cases, webhook subscriptions must be created via the Lead Notification Subscriptions API.

Key Considerations

1. Approval Required: Webhooks are only enabled for applications with an approved use case.

2. Webhook Registration: Notifications are only sent to registered and validated webhooks. You can register your webhook in the "Webhooks" tab of your application in the developer portal.

3. Validation Process: LinkedIn validates the ownership of a webhook URL before it can be registered. This involves a challenge-response mechanism using HMACSHA256 hashing.

4. Re-validation: Webhook endpoints are periodically re-validated every 2 hours. If re-validation fails 3 times in a row, the endpoint will be blocked.

5. Notification Deduplication: Your webhook must be able to deduplicate notifications using the Notification ID included in the payload.

Best Practices

1. Use lambda/serverless functions on a cloud provider for testing webhook processing.

2. Implement proper security measures, including verifying the integrity of push events using the X-LI-Signature header.

3. Respond with a 2xx HTTP status code to indicate successful delivery of notifications.

4. Be prepared to handle and deduplicate occasional multiple deliveries of the same notification.

5. For partners provisioning applications on behalf of customers, use the DeveloperWebhooks API to manage and revalidate blocked webhooks.

In summary, while LinkedIn does offer webhook functionality, it's important to note that it's not universally available and requires approval. The specific event types you can subscribe to may depend on your use case and application approval.

Rate Limits and other limitations

Based on the search results provided, here are the key points about LinkedIn API rate limits:

General Rate Limiting Approach

LinkedIn implements rate limits on API requests to prevent abuse and ensure service stability. The rate limits specify the maximum number of API calls that can be made in a 24-hour period, resetting at midnight UTC each day.

Types of Rate Limits

LinkedIn applies three types of rate limits:

1. Application limits: The total number of calls an application can make in a day.
2. Member limits: The total number of calls a single member per application can make in a day.
3. Developer limits: For people listed as developers on their API keys, these limits are approximately four times higher than regular user limits for most calls.

Specific Limits

While standard rate limits are not publicly published, here are some key points:

• Rate limits vary based on which API endpoint you are using.
• Developers can look up the rate limit of any endpoint their app has access to through the Developer Portal.
• For the People Search API, the throttle limit for individual users is 100, while for the person associated with the Application as the developer, it's 400.

High Usage APIs

For APIs with overlapping usage, such as UGC Post and Social Actions, there are additive throttle limits. The formulas to calculate these limits are based on the maximum requests per four hours, multiplied by factors related to organizations, groups, and average entity usage.

Compliance API Limits

For compliance partners, LinkedIn recommends spacing out archiving API requests evenly throughout each hour. The Compliance Events API should be queried once per hour per member, with estimated QPS (Queries Per Second) and request intervals provided based on the number of unique members.

Best Practices

1. Space out API requests evenly to avoid rate limiting.
2. Avoid high QPS burst patterns in API calls.
3. For compliance partners, follow the recommended request patterns based on the number of unique members.
4. Use the Compliance Events API as the primary method, with exceptions for onboarding new members and retrieving content not available through this API.

Monitoring and Handling Rate Limits

• Rate limited requests will receive a 429 response.
• Developers can view current API usage and ensure they haven't hit any throttle limits by visiting the LinkedIn Developer Portal and checking the "Usage & Limits" section.

It's important to note that these limits may change over time, and developers should always refer to the most up-to-date documentation and their specific application settings in the LinkedIn Developer Portal for the most accurate information.

Latest API Version

Based on the search results provided, here is the most up-to-date information about the LinkedIn API versioning:

The most recent version of the LinkedIn API uses a versioning system introduced in June 2022. LinkedIn now supports API versioning for all LinkedIn Marketing APIs, with new versions released monthly.

Key points to consider:

1. The current versioning format uses a YYYYMM structure (e.g., 202304 for April 2023).

2. Each API version is supported for a full year with its own set of documentation covering all Marketing APIs.

3. To call a specific API version, include the request header with key "LinkedIn-Version" and set the value to the desired version (e.g., "LinkedIn-Version: 202304").

4. LinkedIn expects every versioned API call to specify a version; they will not default to the latest version.

5. The unversioned, legacy APIs using the base path https://api.linkedin.com/v2/ were available until June 30, 2023, when they were sunset.

Code example for making a versioned API call:

curl -X POST 'https://api.linkedin.com/rest/adCampaigns' \
-H 'Authorization: Bearer {INSERT_TOKEN}' \
-H 'Content-Type: application/json' \
-H 'Linkedin-Version: 202304' \
--data '{
    "account": "urn:li:sponsoredAccount:123212321",
    "audienceExpansionEnabled": false,
    ...
}'

Best practices:

1. Regularly check the Recent Changes page to stay up to date on the latest releases.

2. Plan to update your integrations at least once per year to ensure compatibility with the latest supported version.

3. Use the comprehensive documentation provided for each version, which includes changelogs indicating updates from previous versions.

4. Be aware that individual API resources may evolve at different times, and each will have its own migration guide for major updates.

5. Consider migrating to the new Content and Community Management APIs to avoid disruptions, as older versions are being sunset.

In summary, the most recent version of the LinkedIn API follows a monthly versioning system, with the latest version corresponding to the current month and year in the format YYYYMM. To use the most recent version, you should include the appropriate "LinkedIn-Version" header in your API requests.

How to get a LinkedIn developer account and API Keys?

Steps to get a LinkedIn developer account and API access:

1. Create a LinkedIn Developer Account:

   • Visit the LinkedIn Developer Portal https://developer.linkedin.com
   • Sign in with your LinkedIn account or create one if you don't have it

2. Create an Application:

   • Once logged in, click on "My Apps" and select "Create App"
   • Provide information about your business and the permissions your application needs
   • Associate your app with a LinkedIn company page (create one if needed)

3. Get API Key and Secret Key:

   • After creating the application, LinkedIn will provide you with an API Key and Secret Key
   • These are unique identifiers used to authenticate your API requests

4. Review Application Authorization:

   • On the Auth tab, register the OAuth redirect URL for your app
   • Ensure your app has the necessary scopes (e.g., w_member_social, r_liteprofile)
   • Safely store the client ID and client secret

5. Apply for API Access:

   • For basic access, you can use the self-service options in the Developer Portal
   • For more advanced features (like Marketing Developer Platform), you may need to apply for additional access
   • Check the "Products" tab in your application settings to see available options

What can you do with the LinkedIn API?

Here is a list of data models you can interact with using the LinkedIn API, along with what is possible for each:

Profile Data

• Access basic profile information like name, headline, location, industry
• Retrieve work experience, education history, skills
• Get profile photo URL
• View groups the user has joined
• Access full profile data (with proper permissions)

Company Data

• Retrieve company name, size, industry
• Get company description, specialties, website URL
• Access number of followers, company updates
• View products and services offered

Job Data

• Search for job postings
• Access job title, description, location, company
• Get application details and requirements

Group Data

• Retrieve group name and description
• Access group discussions, posts, and comments
• View group members and statistics

Post/Update Data

• Retrieve status updates and posts
• Access likes, comments, and shares on posts
• View author information for posts

Connection Data

• Access user's 1st degree connections (with proper permissions)
• View how users are connected to others

Search Functionality

• Perform people searches
• Search for companies
• Search for jobs
• Search for content/posts

Other Capabilities

• Share content on behalf of users
• Send messages/InMails (with proper permissions)
• Retrieve analytics on content performance
• Access advertising-related data (for marketing partners)

It's important to note that access to many of these data models and capabilities requires proper API permissions and often commercial agreements with LinkedIn for business use cases. The exact data available may also vary based on user privacy settings and LinkedIn's policies.