I am attempting to develop a Sign with LinkedIN functionality for my VBulletin powered Oracle forums. VBulletin by default ships with Facebook integration which allows for Single Click Login for Facebook authenticated users. Since majority of users on Club-Oracle are business users accessing the site from their offices, LinkedIN was the obvious choice for integration.
However attempting to develop a Sign In with LinkedIN proved difficult than I thought. For starters, LinkedIN API developers community seems to be smaller than Facebook or even Twitter. Facebook’s SDK is extremely well documented and has gone through several revisions where as LinkedIN’s REST and Javascript APIs are relatively newer.
Researching further into the LinkedIN API integration, I discovered one key element which is extremely important for any external application performing registration based on 3rd party authentication missing from LinkedIN API. That is fetching a user’s email. If you are attempting to register a user in your application by fetching his basic information from LinkedIN (after he has given you authorization), LinkedIN still does not expose the user’s email address through it’s API. The reasoning given by LinkedIN developers were privacy concerns and preventing email farming. However I do not want the email addresses of a user’s connections. I only want the authenticated user’s own email. However LinkedIN does not provide that. (Facebook does!). This was an interesting point in the design. Without the user’s email, should I still register the user to my application? or should I merely use LinkedIN API as a means of authenticating the user and logging him into my application?
Both choices have their merits and demerits. Clearly LinkedIN API designers want you to use their application for authentication but not Registration. However I decided to still register the user, as I do not want to heavily depend on a third party API. Having the user registered on your own app gives you a degree of independence from the third party API where if the API was to go away in the future (an unlikely scenario), you would still retain the user. So I chose the most simplest workaround to get a LinkedIN Authenticated user’s email. I decided to Ask him!
Yes, that’s funny and does bring in an extra step to the user who is connecting with LinkedIN expecting speedier member access, but it is unavoidable if you want the user’s email. That may result in some lost connections but overall I feel it is a better design choice.
Once that was out of the way, I ran into another situation. So once the user has authorized us to connect their LinkedIN account with our application, and if they are already logged inside LinkedIN, how do we auto-login them upon subsequent visits?
Apparently, that can’t be done without resorting to some dirty hacks, which I did not wish to get into. The reason: There is no equivalent to facebook’s FB.getLoginStatus in LinkedIN’s Javascript API. So when a user first lands on your site, there is no way of knowing whether or not he’s already logged inside LinkedIN or not. So Auto-Login into your application based on LinkedIN Login Status also goes out of the window. I could have used some browser http response code trickery to determine a user’s LinkedIN login status, however for my initial design I preferred not to deviate from LinkedIN’s available methods. So a user, even if previously authorized my application to use LinkedIN and is logged inside LinkedIN, still has to perform a single click to login into my app.
In spite of these bumps, I have succesfully developed an integration with my test vbulletin forums, where users are able to register and link their vbulletin forum accounts on my site with their LinkedIN account. And previously authorized users can login with a single click on “Connect with LinkedIN”. However as of now the integration is doing nothing except fetching the user’s details from LinkedIN and I now intend to research on ways to let the user update their statuses and share resources from my site with their linkedIN network. Hence a fair amount of development challenge still lies ahead!
Oh and by the way, I intend to post a Visio made flow diagram of my LinkedIN Authentication / Registration and login process here on my blog in coming weeks.
