Skip to content
This repository has been archived by the owner on Sep 29, 2023. It is now read-only.

added LinkedIn OAuth provider guide #406

Open
wants to merge 2 commits into
base: oauth-providers
Choose a base branch
from
Open

added LinkedIn OAuth provider guide #406

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
5eeada2
added LinkedIn OAuth provider guide
Dksie09 Aug 8, 2023
df2e2aa
break down long sentences and aligned comments
Dksie09 Aug 10, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
358 changes: 358 additions & 0 deletions app/views/docs/oauth-providers/linkedin.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,358 @@
# LinkedIn provider

Appwrite allows you to authenticate users using their LinkedIn account through the LinkedIn OAuth2 provider. OAuth authentication is a great way to reduce friction for your users and increase user conversion by simplifying the signup process. You can learn more about Appwrite's other OAuth2 providers [here](placeholder link).

## Enabling the LinkedIn provider

Before you can use LinkedIn to authenticate users, you need to enable the provider in your Appwrite console.

1. Navigate to your Appwrite project
2. Navigate to **Auth** > **Settings**
3. Find and open the OAuth provider
4. In the **Linkedin OAuth2 Settings** modal, use the toggle to enable the provider

Don't close this modal, we'll need to create a LinkedIn OAuth app to complete this form.

## Creating a LinkedIn Developer app

To use LinkedIn OAuth with Appwrite, you need to create a LinkedIn Developer app. You can do this by following the [How to Implement OAuth](https://learn.microsoft.com/en-us/linkedin/shared/authentication/authorization-code-flow?tabs=HTTPS1#how-to-implement-3-legged-oauth) guide from LinkedIn.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Dksie09 As per DM, find a better post?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Steven confirmed it's 3 legged, so should we just keep it this way?


After you've created your LinkedIn OAuth app, you can head back to your Appwrite console. There, complete the form in the **Linkedin OAuth2 Settings** modal.

- Find the **Client ID** in the Auth tab of your LinkedIn developer app. Provide this in the Appwrite console's **Linkedin OAuth2 Settings** modal, in the **App ID** field.
- Similarly, find the **Client secret** in the Auth tab of your LinkedIn developer app. Provide this in the Appwrite console's **Linkedin OAuth2 Settings** modal, in the **App Secret** field.

In the OAuth 2.0 settings of your LinkedIn developer app, you'll need to provide a **Redirect URL**. This URL can be found in the Appwrite console's **Linkedin OAuth2 Settings** modal, in the **URI** field. After adding the URL, click on **Update**.

## Authenticating

You can use any of the Appwrite Client SDKs to authenticate users with their LinkedIn account.

### Web

When a user calls the [Create OAuth2 Session](https://appwrite.io/docs/client/account#accountCreateOAuth2Session) endpoint in your web app, they will be taken to LinkedIn's OAuth page to complete their login.

After authenticating, they'll be redirected back to your app using either the `success` or `failure` URLs provided. To provide the best experience to your users, make sure to **implement and provide both routes** to prompt the user about successful and failed authentication attempts.

```js
import { Client, Account } from "appwrite";

const client = new Client();

const account = new Account(client);

client
.setEndpoint("https://cloud.appwrite.io/v1") // Your API Endpoint
.setProject("[PROJECT_ID]"); // Your project ID

// Go to OAuth provider login page
account.createOAuth2Session(
"linkedin",
"[LINK_ON_SUCCESS]",
"[LINK_ON_FAILURE]"
);
```

### Flutter

You can use OAuth in your Flutter application, but some platforms like Android and Apple requires additional configuration to enable the OAuth callback, so the your users can be redirected back to your app.

#### Android OAuth callback

In order to capture the Appwrite OAuth callback url, the following activity needs to be added inside the `<application>` tag, along side the existing `<activity>` tags in your `AndroidManifest.xml`. Be sure to replace the `[PROJECT_ID]` string with your actual Appwrite project ID. You can find your Appwrite project ID in the project settings screen in your Appwrite console.

```xml
<manifest ...>
...
<application ...>
...
<!-- Add this inside the `<application>` tag, along side the existing `<activity>` tags -->
<activity android:name="io.appwrite.views.CallbackActivity" android:exported="true">
<intent-filter android:label="android_web_auth">
<action android:name="android.intent.action.VIEW" />
<category android:name="android.intent.category.DEFAULT" />
<category android:name="android.intent.category.BROWSABLE" />
<data android:scheme="appwrite-callback-[PROJECT_ID]" />
</intent-filter>
</activity>
</application>
</manifest>
```

#### Apple

In order to capture the Appwrite OAuth callback url, the following URL scheme needs to added to your `Info.plist` .Be sure to replace the `[PROJECT_ID]` string with your actual Appwrite project ID. You can find your Appwrite project ID in your project settings screen in your Appwrite console.

```xml
<key>CFBundleURLTypes</key>
<array>
<dict>
<key>CFBundleTypeRole</key>
<string>Editor</string>
<key>CFBundleURLName</key>
<string>io.appwrite</string>
<key>CFBundleURLSchemes</key>
<array>
<string>appwrite-callback-[PROJECT_ID]</string>
</array>
</dict>
</array>
```

To authenticate a user in your Flutter application, use the [Create OAuth2 Session](https://appwrite.io/docs/client/account?sdk=flutter-default#accountCreateOAuth2Session) endpoint.

```dart
import 'package:appwrite/appwrite.dart';
void main() async {
final client = new Client();
final account = new Account(client);
client
.setEndpoint('https://cloud.appwrite.io/v1') // YOUR API Endpoint
.setProject('[PROJECT_ID]') // YOUR PROJECT ID
;
// OAuth Login, for simplest implementation you can leave both success and
// failure link empty so that Appwrite handles everything.
await account.createOAuth2Session(provider: 'linkedin');
}
```

### Android (Kotlin)

Before you can add OAuth to your Android app, you need to setup a callback for your OAuth flow.

In order to capture the Appwrite OAuth callback url, the following activity needs to be added inside the `<application>` tag, along side the existing `<activity>` tags in your `AndroidManifest.xml`. Be sure to replace the `[PROJECT_ID]` string with your actual Appwrite project ID. You can find your Appwrite project ID in your project settings screen in your Appwrite console.

```xml
<manifest ...>
...
<application ...>
...
<!-- Add this inside the `<application>` tag, along side the existing `<activity>` tags -->
<activity android:name="io.appwrite.views.CallbackActivity" android:exported="true">
<intent-filter android:label="android_web_auth">
<action android:name="android.intent.action.VIEW" />
<category android:name="android.intent.category.DEFAULT" />
<category android:name="android.intent.category.BROWSABLE" />
<data android:scheme="appwrite-callback-[PROJECT_ID]" />
</intent-filter>
</activity>
</application>
</manifest>
```

To authenticate a user in your Android application, use the [Create OAuth2 Session](https://appwrite.io/docs/client/account?sdk=android-kotlin#accountCreateOAuth2Session) endpoint.

```kotlin
import io.appwrite.Client
import io.appwrite.services.Account

val client = Client(context)
.setEndpoint("https://cloud.appwrite.io/v1") // Your API Endpoint
.setProject("[PROJECT_ID]") // Your project ID

val account = Account(client)

account.createOAuth2Session(provider = "linkedin")
```

### Android (Java)

Before you can add OAuth to your Android app, you need to setup a callback for your OAuth flow.

In order to capture the Appwrite OAuth callback url, the following activity needs to be added inside the `<application>` tag, along side the existing `<activity>` tags in your `AndroidManifest.xml`. Be sure to replace the `[PROJECT_ID]` string with your actual Appwrite project ID. You can find your Appwrite project ID in your project settings screen in your Appwrite console.

```xml
<manifest ...>
...
<application ...>
...
<!-- Add this inside the `<application>` tag, along side the existing `<activity>` tags -->
<activity android:name="io.appwrite.views.CallbackActivity" android:exported="true">
<intent-filter android:label="android_web_auth">
<action android:name="android.intent.action.VIEW" />
<category android:name="android.intent.category.DEFAULT" />
<category android:name="android.intent.category.BROWSABLE" />
<data android:scheme="appwrite-callback-[PROJECT_ID]" />
</intent-filter>
</activity>
</application>
</manifest>
```

To authenticate a user in your Android application, use the [Create OAuth2 Session](https://appwrite.io/docs/client/account?sdk=android-java#accountCreateOAuth2Session) endpoint.

```java
import io.appwrite.Client;
import io.appwrite.coroutines.CoroutineCallback;
import io.appwrite.services.Account;

Client client = new Client(context)
.setEndpoint("https://cloud.appwrite.io/v1") // Your API Endpoint
.setProject("[PROJECT_ID]"); // Your project ID

Account account = new Account(client);

account.createOAuth2Session(
"linkedin",
new CoroutineCallback<>((result, error) -> {
if (error != null) {
error.printStackTrace();
return;
}

Log.d("Appwrite", result.toString());
})
);
```

### iOS (Swift)

In order to capture the Appwrite OAuth callback url, the following URL scheme needs to added to your `Info.plist`. Be sure to replace the [PROJECT_ID] string with your actual Appwrite project ID. You can find your Appwrite project ID in your project settings screen in your Appwrite console.

```xml
<key>CFBundleURLTypes</key>
<array>
<dict>
<key>CFBundleTypeRole</key>
<string>Editor</string>
<key>CFBundleURLName</key>
<string>io.appwrite</string>
<key>CFBundleURLSchemes</key>
<array>
<string>appwrite-callback-[PROJECT_ID]</string>
</array>
</dict>
</array>
```

If you're using UIKit, you'll also need to add a hook to your `SceneDelegate.swift` file to ensure cookies work correctly.

```swift
func scene(_ scene: UIScene, openURLContexts URLContexts: Set<UIOpenURLContext>) {
guard let url = URLContexts.first?.url,
url.absoluteString.contains("appwrite-callback") else {
return
}
WebAuthComponent.handleIncomingCookie(from: url)
}
```

To authenticate a user in your Android application, use the [Create OAuth2 Session](https://appwrite.io/docs/client/account?sdk=apple-default#accountCreateOAuth2Session) endpoint.

```swift
import Appwrite

let client = Client()
.setEndpoint("https://cloud.appwrite.io/v1") // Your API Endpoint
.setProject("[PROJECT_ID]") // Your project ID
let account = Account(client)

let success = try await account.createOAuth2Session(provider: "linkedin")

```

## Refreshing the OAuth2 session

OAuth2 sessions expire to protect from security risks. This means, OAuth2 sessions should be refreshed to keep the user authenticated. You can do this by calling the [Update OAuth Session](https://appwrite.io/docs/client/account#accountUpdateSession) endpoint when ever your user visits your app.

### Web

```js
import { Client, Account } from "appwrite";

const client = new Client();

const account = new Account(client);

client
.setEndpoint("https://cloud.appwrite.io/v1") // Your API Endpoint
.setProject("[PROJECT_ID]"); // Your project ID

// Updates current session
const promise = account.updateSession("current");

promise.then(
function (response) {
console.log(response); // Success
},
function (error) {
console.log(error); // Failure
}
);
```

### Flutter

```dart
import 'package:appwrite/appwrite.dart';
void main() async {
final client = new Client();
final account = new Account(client);
client
.setEndpoint('https://cloud.appwrite.io/v1') // YOUR API Endpoint
.setProject('[PROJECT_ID]') // YOUR PROJECT ID
;
// OAuth Login, for simplest implementation you can leave both success and
// failure link empty so that Appwrite handles everything.
try {
final future = await account.updateSession(sessionId: 'current');
print(future.toMap()); // Success
} on AppwriteException catch(e){
print(e.message); // Failure
}
}
```

### Android (Kotlin)

```kotlin
import io.appwrite.Client
import io.appwrite.services.Account

val client = Client(context)
.setEndpoint("https://cloud.appwrite.io/v1") // Your API Endpoint
.setProject("[PROJECT_ID]") // Your project ID

val account = Account(client)

val response = account.updateSession(sessionId = "current")
```

### Android (Java)

```java
import io.appwrite.Client;
import io.appwrite.coroutines.CoroutineCallback;
import io.appwrite.services.Account;

Client client = new Client(context)
.setEndpoint("https://cloud.appwrite.io/v1") // Your API Endpoint
.setProject("[PROJECT_ID]"); // Your project ID

Account account = new Account(client);

account.updateSession(
"current"
new CoroutineCallback<>((result, error) -> {
if (error != null) {
error.printStackTrace();
return;
}

Log.d("Appwrite", result.toString());
})
);
```

### iOS (Swift)

```swift
import Appwrite

let client = Client()
.setEndpoint("https://cloud.appwrite.io/v1") // Your API Endpoint
.setProject("[PROJECT_ID]") // Your project ID
let account = Account(client)

let session = try await account.updateSession(sessionId: "current")
```