Skip to content
Sample application to exchange a 2.0 token for a 1.0a one
Find file
Latest commit e31da08 @fernandezpablo85 Improved Readme
Failed to load latest commit information.
src/main Added signature check
.gitignore Added eclipse settings to .gitignore Improved Readme
pom.xml Cleaned up pom

LinkedIn OAuth exchange sample code (Java)


This is a fully working sample to show you how to exchange an OAuth 2.0 token (the ones that the javascript API uses) for a common OAuth 1.0a token


The whole application runs over SSL, this is because the cookie that LinkedIn's API sends is a secure one (read more about seucre cookies).

For this we first need to create a self-signed ssl certificate, with keytool:

$ keytool -genkey -alias jetty6 -keyalg RSA -keystore target/jetty-ssl.keystore -storepass jetty6 -keypass jetty6 -dname "CN=your name or domain"

once this is done just head to the root of the project and run

mvn jetty:run

you'll find the sample application on localhost

Workflow explained

The app is a landing JSP that makes an XHR request to another (secured) endpoint in the same domain.

This request carries the cookie with all the necessary data to make the exchange, this cookie is named 'linkedin_oauth_APIKEY' where "APIKEY" is your actual Api key (obtained from

The application then verifies that the cookie is valid, making a simple signature check (see this method) This step is really important and we encourage you to do the same, besides it's really easy :)

Then if everything looks good, we perform the exchange step and retrieve the OAuth1.0a token

Something went wrong with that request. Please try again.