I have tried to access #linkedIn's users profile using the links-https://api.linkedin.com/v2/me?projection=(id,firstName,lastName) and https://api.linkedin.com/v2/me both but got the error-
{
"serviceErrorCode": 100,
"message": "Not enough permissions to access: GET /me",
"status": 403
}
I have client id, secret id and able to generate authorization code and access token using the Apis for that I am following this doc- https://learn.microsoft.com/en-us/linkedin/shared/authentication/authorization-code-flow?view=li-lms-2022-08&tabs=HTTPS for step4, I am unable to access #linkedIn's users profile.
If need permissions, please #linkedIn community give me the same and for further contact, DM me on this email-id - vkg6614#gmail.com . I want to access the users profile for https://upskilltalent.com/ this company
for better understanding please go through this doc--
https://learn.microsoft.com/en-us/linkedin/shared/authentication/authorization-code-flow?view=li-lms-2022-08&tabs=HTTPS
Thanks in advance
You probably need to look at https://learn.microsoft.com/en-us/linkedin/shared/integrations/people/profile-api?context=linkedin%2Fmarketing%2Fcontext&view=li-lms-2022-08
I would assume you're not requesting enough scopes when requesting the access token from LinkedIn.
You probably need r_basicprofile or r_liteprofile
Related
My App has SignIn With linkedin and Share on Linkedin both permission assigned.
While retrieving the token, I have used the scope w_member_social as well.
But as per the Linked API documentation: while, I try to use the query to search organization by keywords, I am getting error as -
"serviceErrorCode":100,"message":"Not enough permissions to access: GET-search /companySearch","status":403
Can you tell me what extra permission is needed here ?
I think you need the rw_organization_admin permission. Actually you have a write-only permission and maybe this is the problem.
Moreover the LinkedIn API states that "The Company Search endpoint is restricted. This permission is granted to selected developers only."(as reported here)
I'm trying to fetch linkedin share photo_mention details using GET /v2/ugcPosts - LinkedIn API. I'm using it for fetch single photo_mention details by Share Id. 3-legged oauth2 token im using is valid and having access to below permissions:
r_basicprofile, r_emailaddress, r_liteprofile, r_member_social, r_organization_social, rw_organization_admin, w_member_social, w_organization_social
For photo mention posts shared from organization page im able to fetch ugcpost details using above api call, but for photo mention posts shared from personal page I'm getting below error:
{
"message": "com.linkedin.content.common.ResponseException: com.linkedin.restli.server.RestLiServiceException [HTTP Status:403]: com.linkedin.content.common.ResponseException: Not enough permissions to access urn:li:share:xxxxxx",
"status": 403
}
Please guide me in this to solve this error.
Postman screenshot of failed api call
LinkedIn Developer API used
LinkedIn Support seems to be terminated - facing the same issue when trying to access the 'https://api.linkedin.com/v2/shares/' endpoint...
Update: Well, just found out that the permission 'r_member_social' in this case is RESTRICTED. So I guess you just can retrieve share infos for posts on ORGA pages, not private profiles... -> Restricted Retrieve posts, comments, and likes on behalf of an authenticated member. This is a private permission. Source: https://learn.microsoft.com/en-us/linkedin/marketing/integrations/community-management/shares/share-api?tabs=http
Hi generated secret file using OAuth 2.0 client ID. In that secret file, I do not see any google mail address to authenticate or access permissions to that mail address. Still facing below error.
Arg, there was an API error : 403 : User does not have sufficient permissions for this profile.
How come I know, to which user, we do not have sufficient previliges?
Please help me with this
You have created an Oauth2 client for use with your application. When the application runs a user will need to login using their Google account and grant the application (client) access to their data. I have an article that explains how google oauth2 works if you are interested. Oauth2 for beginners
User does not have sufficient permissions for this profile.
Means that the user you have authenticated with does not have access to the Google Analytics profile you are trying to request data form. Try doing an Accountsummires.list this will return a list of the Google Analytics accounts that the current authenticated user has access to and the ones you will be able to request data from.
Question: How come I know, to which user, we do not have sufficient privileges?
You have a profile id you are trying to access find someone who has access to that profile and have them run your application. When they have logged in and authenticated they will be able to see the data.
I am trying to create a simple node app and I using service account to automate the OAuth Flow. While am able to successfully do this, am not able to retrieve the report from Google Analytics using this service account. I get the following error message,
{
"error": {
"code": 403,
"message": "User does not have any Google Analytics account.",
"status": "PERMISSION_DENIED"
}
}
I can't add this service account to the Analytics account as my owner account (under which I created this service account) has only read-only access. So how do I proceed? How can I grant this service account the same read-only access as my owner account? When I login into Google Analytics using my owner account, I am not able to perform any User Management as it has limited access.
Please help me on how to proceed here.
Thanks
If using a service account, there is no way to proceed other than finding someone with user management permissions and have him add the account.
It is hard to see why you would expect it to be otherwise; the purpose of the permission system is to prevent unauthorized access, and it would do a pretty poor job if it suddenly allowed you to exceed your privileges by adding a user.
As per the answer from Eike, you cannot add a Service Account if you lack the permissions to do so.
There is an alternative approach which allows you to use your own account, i.e. no service accounts anywhere. This basically involves you obtaining a Refresh Token, and using that to authenticate your access. You can follow the steps at How do I authorise an app (web or installed) without user intervention? (canonical ?) to do this.
I'm trying to get a list of groups for a domain in Google Api (https://developers.google.com/admin-sdk/directory/v1/reference/groups/list).
I'm using "domain wide delegation", and have a service account from which the web app makes all its requests to Google.
The admin-sdk requires the requesting user to be an administrator, so i'm impersonating a admin user on the given domain.
This works fine with (https://developers.google.com/admin-sdk/directory/v1/reference/users/get), but when I'm trying to use the group api, it fails like this:
{
"error": {
"errors": [
{
"domain": "global",
"reason": "forbidden",
"message": "Not Authorized to access this resource/api"
}
],
"code": 403,
"message": "Not Authorized to access this resource/api"
}
}
I have checked the the permissions from the domain administrator have been delegated to the service account. And I have also checked that i can access the list of groups, while being logged in as the domain administrator.
Any help or hints is highly appreciated.
Thanks in advance
You will need to add the scope for reading groups.
First, make sure that you properly followed the steps here in this documentation including this steps on how to Instantiate an Admin SDK Directory service object.
It is important because this one shows you how to make API requests using OAuth 2.0 and your service account's credentials to perform Google Apps Domain-wide delegation.
For more information, check these related SO questions:
Google_Service_Directory - (403) Not Authorized to access this resource/api
Received error “Not Authorized to access this resource/api” when trying to use Google Directory API and Service Account Authentication