Matt RaibleMatt Raible is a Web Developer and Java Champion. Connect with him on LinkedIn.

The Angular Mini-Book The Angular Mini-Book is a guide to getting started with Angular. You'll learn how to develop a bare-bones application, test it, and deploy it. Then you'll move on to adding Bootstrap, Angular Material, continuous integration, and authentication.

Spring Boot is a popular framework for building REST APIs. You'll learn how to integrate Angular with Spring Boot and use security best practices like HTTPS and a content security policy.

For book updates, follow @angular_book on Twitter.

The JHipster Mini-Book The JHipster Mini-Book is a guide to getting started with hip technologies today: Angular, Bootstrap, and Spring Boot. All of these frameworks are wrapped up in an easy-to-use project called JHipster.

This book shows you how to build an app with JHipster, and guides you through the plethora of tools, techniques and options you can use. Furthermore, it explains the UI and API building blocks so you understand the underpinnings of your great application.

For book updates, follow @jhipster-book on Twitter.


Over 10 years ago, I wrote my first blog post. Since then, I've authored books, had kids, traveled the world, found Trish and blogged about it all.

GWT OAuth and LinkedIn APIs

LinkedIn Logo When I worked at LinkedIn last year, I received a lot of inquiries from friends and developers about LinkedIn's APIs. After a while, I started sending the following canned response:

For API access to build LinkedIn features into your application, fill out the following form:

For requests to build an application, go to:

I talked with the API team and they did say they look at every request that's sent via these forms. They don't respond to all of them b/c they know that many people would be angry if they told them "no", so they'd rather not have that headache.

Yesterday, I was pumped to see that they've finally decided to open up their API to Developers.

Starting today, developers worldwide can integrate LinkedIn into their business applications and Web sites. is now live and open for business.

First of all, congratulations to the API team on finally making this happen! I know it's no small feat. Secondly, it's great to see them using Jive SBS for their API documentation and developer community. My current client uses this to facilitate development and I love how it integrates a wiki, JIRA, FishEye, Crucible and Bamboo into one central jumping off point.

I've always been a fan of LinkedIn, ever since I joined way back in May 2003. However, I've longed for a way to access my data. LinkedIn Widgets are nice, but there's something to be said for the full power of an API. Last night, I sat down for a couple hours and enhanced my Implementing OAuth with GWT example to support LinkedIn's API.

I'm happy to report my experiment was a success and you can download GWT OAuth 1.2 or view it online. For now, I'm simply authenticating with OAuth and accessing the Profile API.

OAuth with GWT

In the process, I learned a couple things:

// For LinkedIn's OAuth API, convert request parameters to an AuthorizationHeader
if (httpServletRequest.getRequestURL().toString().contains("linkedin-api")) {
    String[] parameters = httpServletRequest.getQueryString().split("&");
    StringBuilder sb = new StringBuilder("OAuth realm=\"\",");
    for (int i = 0; i < parameters.length; i++) {
        if (i < parameters.length - 1) {

    Header authorization = new Header("Authorization", sb.toString());

You might recall that my previous example had issues authenticating with Google, but worked well with Twitter. LinkedIn's authentication seems to work flawlessly. This leads me to believe that Twitter and LinkedIn have a much more mature OAuth implementation than Google.

Related OAuth News: Apache Roller 5 will be shipping with OAuth support. See Dave Johnson's What's New in Roller 5 presentation for more information.

Update December 6, 2009: I modified the gwt-oauth project to use GWT 1.7.1 and changed to the Maven GWT Plugin from Codehaus. Download GWT OAuth 1.3 or view it online.

Posted in The Web at Nov 24 2009, 03:46:05 PM MST 7 Comments

[Trackback] This post was mentioned on Twitter by planetapache: Matt Raible: GWT OAuth and LinkedIn APIs

Posted by uberVU - social comments on November 25, 2009 at 12:48 AM MST #

Hi Matt,

This is great stuff.

Our OAuth implementation is OAuth 1.0a, which is why you need the oauth_verifier code. You also need to put your callback on the requestToken. I'll write up more on our OAuth implementation soon.

Posted by Paul Lindner on November 25, 2009 at 01:18 AM MST #

A true master piece. Thank you very much.

Posted by Mahesh on January 19, 2010 at 11:40 AM MST #

Really helpful, thanks man, I owe you more than one

Posted by Jose Javier on February 21, 2010 at 07:59 PM MST #

Hi Matt,

Glad to read this article, but still need your guidance for i am not very sure about linkedin api, now, i think i can get a person's profile thru url like: url = "", but get nothing from "", so any suggestion? also, you see, the response is the total html page, my god :(.....

by the way, i am using flex and as3 calling linkedin api, thanks a lot for your help , also , i am really in a hurry, so ,please help. you can add me googletalk, [email protected]

have a nice day.

Posted by Michael on November 19, 2010 at 12:05 PM MST #

@Michael - I haven't worked with the LinkedIn API since I wrote this post last year. I'd suggest posting this question to the LinkedIn Developer Forums or downloading my example (where works) and attempting to modify it.

Posted by Matt Raible on November 23, 2010 at 05:31 PM MST #

great post - great help. I managed to make it work in no time!

I am left with a question: this is a great example to work trough a user interface; Normal as the user has to authorise your application access to his linkedin information.

In my application, I want a service to go and check (eg daily) if there are any updates. This service has to do that check for several users (=each user is a linkedin account). However, when the next day the service wants to connect to linkedin to check for updates, I understand that the user should grant access again. Is that correct?

What my service should doe: If there are updates, it should retrieve the new people information from the updated connection in Linkedin for that account, and the service will then process it into my application.

Is that possible?


Posted by Peter on January 16, 2011 at 11:53 PM MST #

Post a Comment:
  • HTML Syntax: Allowed