PingOne

Adding an identity provider - LinkedIn (legacy)

Adding LinkedIn as an external identity provider (IdP) allows your users to sign on with LinkedIn when accessing your application.

The legacy LinkedIn IdP has been deprecated, so you might be unable to connect with LinkedIn using a legacy connection. Consider using the OpenID Connect (OIDC)-based LinkedIn IdP connection. Learn more in Adding an identity provider - LinkedIn.

Before you begin

Ensure that you have:

Registering the application with LinkedIn

LinkedIn generates a client ID and client secret for your application. You’ll need these values to connect the application to PingOne.

Steps

  1. Go to the LinkedIn Developers page.

  2. Click Create app.

    You’ll be prompted to sign on to your LinkedIn account.

  3. Enter the following information:

    • App name: A unique name for the application. It must be fewer than 50 characters.

    • LinkedIn Page: The LinkedIn company page to be associated with your application.

    • App logo: The logo users see when they authenticate to your application.

  4. Click Create app.

  5. On the Auth tab, copy the Client ID and Primary Client Secret to a secure location.

  6. In the OAuth 2.0 Settings section, you’ll see an empty field for Redirect URLs, which is the path in your application that users are redirected to after they have authenticated with LinkedIn. Leave this value blank for now.

Learn more

Learn more in Sign in with LinkedIn in the Microsoft LinkedIn documentation.

Adding LinkedIn as an identity provider in PingOne

Configure the IdP connection in PingOne.

Before you begin

Ensure that registration is enabled in the authentication policy. Learn more in Editing an authentication policy.

You should have the following information ready:

  • Client ID

  • Client secret

Steps

  1. In the PingOne admin console, go to Integrations > External IdPs and click .

  2. Click LinkedIn (Legacy).

  3. Click Next.

  4. On the Add External Identity Provider page, enter the following information:

    • Name: A unique identifier for the IdP.

    • Description (optional): A brief description of the IdP.

    • Population: A population that overrides the authentication policy’s registration population and enables just-in-time registration from the identity provider.

      You can’t change the Icon and Sign-on button in accordance with the provider’s brand standards.

  5. Click Next.

  6. Configure the connection and enter the following information:

    • Client ID: The client ID that you copied earlier from the IdP. You can find this information on the Auth page on the LinkedIn Developers page.

    • Client secret: The application secret that you copied earlier from the IdP. You can find this information on the Auth tab on the LinkedIn Developers page.

    • Callback URL: Copy the Callback URL to a secure location. You’ll provide this value to the IdP later.

  7. Click Next.

  8. Define how the PingOne user attributes are mapped to identity provider attributes. Learn more in Mapping attributes.

    • Enter the PingOne user profile attribute and the external IdP attribute. Learn more about attribute syntax in Identity provider attributes.

    • To add an attribute, click .

    • To use the advanced expression builder, click the Gear icon. Learn more in Using the expression builder.

    • Select the update condition, which determines how PingOne updates its user directory with the values from the IdP. The options are:

      • Empty only: Update the PingOne attribute only if the existing attribute is empty.

      • Always: Always update the PingOne directory attribute.

  9. Click Save.

Adding the callback URL to the LinkedIn Developer page

Copy the callback URL from the PingOne admin console and paste it into the LinkedIn Developers page.

Steps

  1. In the PingOne admin console, go to Integrations > External IdPs and browse or search for the appropriate IdP.

  2. Click the IdP to open the details panel.

  3. Click the Connection tab.

  4. Copy the Callback URL to a secure location.

  5. Go to the LinkedIn Developers page.

  6. In the My Apps list, select the appropriate application.

  7. On the Auth tab, click the Pencil icon in the OAuth 2.0 settings section.

  8. Click Add redirect URL.

  9. Paste the callback URL that you copied from the PingOne admin console.

  10. Click Update.

Next steps