Configure LinkedIn login using OpenID Connect

:bookmark: This guide explains how to set up LinkedIn OpenID Connect authentication on your Discourse site, allowing users to log in using their LinkedIn accounts.

:person_raising_hand: Required user level: Administrator

Summary

LinkedIn OpenID Connect authentication allows users to sign in to your Discourse site using their LinkedIn accounts. This guide walks you through the process of configuring LinkedIn authentication, from creating a LinkedIn developer application to enabling the feature on your Discourse site.

Creating a LinkedIn application

  1. Go to LinkedIn Developers
  2. Click the “Create app” button
  3. Follow the provided setup process

:information_source: You’ll need a LinkedIn Page associated with your application. This association cannot be changed later, so ensure you select the correct page during setup.

Enabling OpenID Connect

  1. Navigate to the “Products” tab in your LinkedIn application
  2. Request access to “Sign In with LinkedIn using OpenID Connect”

Getting your credentials

Once Sign In with LinkedIn is enabled:

  1. Click the “View endpoints” button
  2. Select the “Auth” tab to access your credentials

Configuring Discourse settings

  1. In your Discourse admin settings, configure these fields with the credentials from LinkedIn:

    • linkedin_oidc_client_id
    • linkedin_oidc_client_secret
  2. Return to the LinkedIn developer portal and add an authorized redirect URL under the “Auth” tab:

    • Format: https://discourse.example.com/auth/linkedin_oidc/callback
    • Replace discourse.example.com with your site’s domain name
    • Use https:// for secure sites (recommended) or http:// for non-secure sites

  1. Enable LinkedIn authentication on your Discourse site:
    • Set enable_linkedin_oidc_logins to true in your site settings

Troubleshooting

If you encounter issues with the client secret validation, ensure you’re running the latest version of Discourse, as recent updates have been made to accommodate LinkedIn’s new secret format.

FAQ

Does LinkedIn sign-in require users to enter their LinkedIn credentials in Discourse?

No, users will be redirected to LinkedIn’s secure login page to authenticate, and then returned to your Discourse site once authorized.

What should I use for the redirect URL protocol (http vs https)?

Always use the same protocol (http or https) that your Discourse site uses. If your site runs on https, use https in the redirect URL.

Additional resources

Last edited by @jessii 2024-11-21T18:43:51Z

Check documentPerform check on document:
4 Likes

4 posts were split to a new topic: LinkedIn OIDC client secret not correctly validating nee format

The key format does not match

image

The discourse team has made updates consistent with linkedin’s update in the source code, please update your discourse page.
Read it LinkedIn OIDC client secret not correctly validating new format - #4 by ted

1 Like

Fun, this feature is not enabled on this Discourse :wink:

1 Like

Hi, how LinkedIn sign-in works? Does this means LinkedIn email and password will be used without need to enter them in Discourse? Thanks.

I wanted to try LinkedIn signin on my site (from a private Firefox window) and I got this error message: The redirect_uri does not match the registered value

Hi, is “replacing the https with http” right? My site is in https so http would’nt work is it? Thanks.