Set up LinkedIn as a social login provider in SecureAuth Connect so users can sign in with their LinkedIn account.
Register LinkedIn as a provider
-
In your workspace, go to Authentication > Providers.
-
Click Create Connection.
-
Filter by Social Providers and select LinkedIn.
-
Choose a registration mode:
Mode Description Embedded Uses a client application registered by SecureAuth. No developer portal registration required. Bring your Own Uses a client application registered by your organization. Requires registering an application in the LinkedIn Developer portal to obtain a Client ID and Client Secret. 
Configuration
| Setting | Description |
|---|---|
| Name | Display name for this provider. Default: LinkedIn. |
| Display order | Controls the position of this provider on the sign-in page. Default: 0. |
Use Try Sign-in to test the LinkedIn sign-in flow. Use Delete Identity to remove this provider.
Attributes
LinkedIn returns the following attributes after authentication:
| Connector name | Friendly name | Data type | Scope |
|---|---|---|---|
email | String | ID token | |
email_verified | Email verified | Boolean | ID token |
name | Name | String | ID token |
given_name | Given Name | String | ID token |
family_name | Family Name | String | ID token |
picture | Picture | String | ID token |
locale | Locale | String | ID token |
LinkedIn provides email_verified to confirm whether the user's email address has been verified, and picture containing the URL of the user's LinkedIn profile picture.
To add custom attributes, click + Add attribute.
Mappings
Default attribute mappings from LinkedIn to the SecureAuth authentication context:
| Source | LinkedIn source name | SecureAuth target name |
|---|---|---|
| ID token | ||
| ID token | Email verified | Email verified |
| ID token | Name | Name |
| ID token | Given Name | Given name |
| ID token | Family Name | Family name |
| ID token | Picture | URL of the profile picture |
To customize, click + Add mapping or + Add static mapping.
Provisioning
Provisioning controls what happens when a user authenticates through LinkedIn.
Disabled
Users are not persisted in the user store. Authentication succeeds but no user record is created.
Just-in-Time Provisioning
Users are persisted in the user store on first login.
Identifier Correlation
Maps the incoming LinkedIn identity to an existing user. Default: LinkedIn Email ↔ Users Email.
Attribute Provisioning
Maps LinkedIn attributes to user profile fields. Defaults:
Email→EmailGiven name→First nameFamily name→Last name
Pre provisioning mode
Users must already exist in the user store before they can authenticate. New users are not auto-created at login; they must be added via an offline process.
Authentication flow control
Select what happens when no matching user is found:
- Deny – Terminate the authentication flow.
- Allow – Proceed with the authentication flow.
Identifier Correlation
Maps the incoming LinkedIn identity to an existing user. Default: LinkedIn Email ↔ Users Email.
Attribute Provisioning
Maps LinkedIn attributes to user profile fields. Defaults:
Email→EmailGiven name→First nameFamily name→Last name
Extensions
| Extension | Description |
|---|---|
| Post Authentication script | A server-side script that runs after LinkedIn authentication completes. Click Manage Script to configure. |
| Post Authentication application | A custom application that receives a callback after LinkedIn authentication completes. Click Manage Custom App to configure. |