問題描述
我可以在沒有明確用戶批准的情況下獲得 Linkedin oauth 訪問令牌嗎? (Could I get Linkedin oauth access token without explicitly user approve?)
I'm working on a web app in Java that wants to read the app's user's Linkedin profile. Linkedin API uses oAuth and requires a process of getting the verification code via a request URL, also with a pop window to confirm user's approve.
However, my webapp is to be browsed in a restricted environment (ARM cpu + Linux), thus I want to do these verified stuff in the background, that is, stores the user's Linkedin account and passwd ahead, and get the access token by program, not done manually by user. Does oauth support such feature?
Thanks!
參考解法
方法 1:
The LinkedIn API Terms of Service strictly prohibit using the APIs in this manner, specifically 1.5(i) & 1.5(f).
In short, the user must be shown the API login screen, which as you mention is hosted on LinkedIn.com, and allows them to specify the lifespan of the approval.
(by churiver、Unpossible)