next-auth: LinkedIn Provider throwing error

Provider type

Environment

System: OS: macOS 12.5 CPU: (8) arm64 Apple M1 Pro Memory: 339.61 MB / 16.00 GB Shell: 5.8.1 - /bin/zsh Binaries: Node: 16.14.0 - /usr/local/bin/node Yarn: 1.22.18 - /usr/local/bin/yarn npm: 8.3.1 - /usr/local/bin/npm Browsers: Chrome: 104.0.5112.101 Safari: 15.6 npmPackages: next: 12.0.7 => 12.0.7 react: 17.0.2 => 17.0.2

Reproduction URL

https://github.com/sfonua10/linkedin-provider-issue/blob/main/.env.local.example

Describe the issue

After following configuration steps (https://next-auth.js.org/providers/linkedin), setting client id and client secret in .env file, and adding the LinkedInProvider in [...nextauth].ts file, I receive the following error after trying to log in with linkedin in the browser:

[next-auth][error][SIGNIN_OAUTH_ERROR] https://next-auth.js.org/errors#signin_oauth_error client_id is required { error: { message: ‘client_id is required’, stack: ‘TypeError: client_id is required\n’ + ’ at new BaseClient (/Users/saiafonua/workspace/linkedin-provider-issue/node_modules/openid-client/lib/client.js:178:13)\n’ + ’ at new Client (/Users/saiafonua/workspace/linkedin-provider-issue/node_modules/openid-client/lib/client.js:1808:7)\n’ + ’ at openidClient (/Users/saiafonua/workspace/linkedin-provider-issue/node_modules/next-auth/core/lib/oauth/client.js:28:18)\n’ + ’ at getAuthorizationUrl (/Users/saiafonua/workspace/linkedin-provider-issue/node_modules/next-auth/core/lib/oauth/authorization-url.js:65:49)\n’ + ’ at Object.signin (/Users/saiafonua/workspace/linkedin-provider-issue/node_modules/next-auth/core/routes/signin.js:37:60)\n’ + ’ at NextAuthHandler (/Users/saiafonua/workspace/linkedin-provider-issue/node_modules/next-auth/core/index.js:238:39)\n’ + ’ at runMicrotasks (<anonymous>)\n’ + ’ at processTicksAndRejections (node:internal/process/task_queues:96:5)\n’ + ’ at async NextAuthNextHandler (/Users/saiafonua/workspace/linkedin-provider-issue/node_modules/next-auth/next/index.js:23:19)\n’ + ’ at async /Users/saiafonua/workspace/linkedin-provider-issue/node_modules/next-auth/next/index.js:59:32’, name: ‘TypeError’ }, providerId: ‘linkedin’, message: ‘client_id is required’ }

I get this error too on another branch which is similar:

[next-auth][error][OAUTH_CALLBACK_ERROR] https://next-auth.js.org/errors#oauth_callback_error invalid_request (A required parameter “client_secret” is missing) { error: { message: ‘invalid_request (A required parameter “client_secret” is missing)’, stack: ‘OPError: invalid_request (A required parameter “client_secret” is missing)\n’ + ’ at processResponse (/Users/saiafonua/workspace/alma-business/node_modules/openid-client/lib/helpers/process_response.js:38:13)\n’ + ’ at Client.grant (/Users/saiafonua/workspace/alma-business/node_modules/openid-client/lib/client.js:1325:22)\n’ + ’ at runMicrotasks (<anonymous>)\n’ + ’ at processTicksAndRejections (node:internal/process/task_queues:96:5)\n’ + ’ at async Client.oauthCallback (/Users/saiafonua/workspace/alma-business/node_modules/openid-client/lib/client.js:601:24)\n’ + ’ at async oAuthCallback (/Users/saiafonua/workspace/alma-business/node_modules/next-auth/core/lib/oauth/callback.js:116:16)\n’ + ’ at async Object.callback (/Users/saiafonua/workspace/alma-business/node_modules/next-auth/core/routes/callback.js:50:11)\n’ + ’ at async NextAuthHandler (/Users/saiafonua/workspace/alma-business/node_modules/next-auth/core/index.js:186:28)\n’ + ’ at async NextAuthNextHandler (/Users/saiafonua/workspace/alma-business/node_modules/next-auth/next/index.js:23:19)\n’ + ’ at async /Users/saiafonua/workspace/alma-business/node_modules/next-auth/next/index.js:59:32’, name: ‘OPError’ }, providerId: ‘linkedin’, message: ‘invalid_request (A required parameter “client_secret” is missing)’ } [next-auth][error][CALLBACK_OAUTH_ERROR] https://next-auth.js.org/errors#callback_oauth_error invalid_request (A required parameter “client_secret” is missing) OPError: invalid_request (A required parameter “client_secret” is missing) at processResponse (/Users/saiafonua/workspace/alma-business/node_modules/openid-client/lib/helpers/process_response.js:38:13) at Client.grant (/Users/saiafonua/workspace/alma-business/node_modules/openid-client/lib/client.js:1325:22) at runMicrotasks (<anonymous>) at processTicksAndRejections (node:internal/process/task_queues:96:5) at async Client.oauthCallback (/Users/saiafonua/workspace/alma-business/node_modules/openid-client/lib/client.js:601:24) at async oAuthCallback (/Users/saiafonua/workspace/alma-business/node_modules/next-auth/core/lib/oauth/callback.js:116:16) at async Object.callback (/Users/saiafonua/workspace/alma-business/node_modules/next-auth/core/routes/callback.js:50:11) at async NextAuthHandler (/Users/saiafonua/workspace/alma-business/node_modules/next-auth/core/index.js:186:28) at async NextAuthNextHandler (/Users/saiafonua/workspace/alma-business/node_modules/next-auth/next/index.js:23:19) at async /Users/saiafonua/workspace/alma-business/node_modules/next-auth/next/index.js:59:32 { name: ‘OAuthCallbackError’, code: undefined }

How to reproduce

Follow configuration steps found here: https://next-auth.js.org/providers/linkedin.

Generate client ID
Generate client secret
Add http://localhost:3000/api/auth/callback/linkedin as redirect URL
In Products tab, enable the “Sign In with LinkedIn”
Also, verify company name in Settings tab (might not be required)
In your api/auth/[...nextauth].ts file, add in the following code: import LinkedInProvider from "next-auth/providers/linkedin"; ... providers: [ LinkedInProvider({ clientId: process.env.LINKEDIN_CLIENT_ID, clientSecret: process.env.LINKEDIN_CLIENT_SECRET }) ] ...
Set your client id and client secret in your .env file appropriately: LINKEDIN_CLIENT_ID=[INSERT ID HERE] LINKEDIN_CLIENT_SECRET=[INSERT SECRET HERE]

Expected behavior

It should log me in with that provider like it does with google and github.

About this issue

Original URL
State: closed
Created 2 years ago
Reactions: 4
Comments: 21 (4 by maintainers)

Commits related to this issue

Send client_id and client_secret to linkedin Linkedin now requires client_id and client_secret to be sent in the oauth callback. Fixes #5220 — committed to sildur/next-auth by sildur 2 years ago
fix(providers): use `client_secret_post` token auth for LinkedIn (#5236) * Send client_id and client_secret to linkedin Linkedin now requires client_id and client_secret to be sent in the oauth c... — committed to nextauthjs/next-auth by sildur 2 years ago

Most upvoted comments

@pabloyorio I found a less intrusive way of fixing the issue. This does the same as my fix does:

        LinkedInProvider({
            clientId: process.env.NEXT_PUBLIC_LINKEDIN_CLIENT_ID,
            clientSecret: process.env.NEXT_PUBLIC_LINKEDIN_CLIENT_SECRET,
            token: {
                url: "https://www.linkedin.com/oauth/v2/accessToken",
                async request({
                                  client,
                                  params,
                                  checks,
                                  provider
                              }) {
                    const response = await client.oauthCallback(provider.callbackUrl, params, checks, {
                        exchangeBody: {
                            client_id: process.env.NEXT_PUBLIC_LINKEDIN_CLIENT_ID,
                            client_secret: process.env.NEXT_PUBLIC_LINKEDIN_CLIENT_SECRET,
                        }
                    });
                    return {
                        tokens: response
                    };
                }
            },
        })

+21

sildur on Aug 27, 2022

Hi everyone, I just wanted to jump in and say that I could confirm the issue, and the #5236 PR should fix this issue. In the meantime, you can add the following to the LinkedIn provider config:

client: {
      token_endpoint_auth_method: "client_secret_post",
},

I verified this will fix the issue, see: https://github.com/nextauthjs/next-auth/pull/5236/files#r958841113

balazsorban44 on Aug 30, 2022

ok, problem on the open-id client side. Basic auth with the client_id and client_secret isn’t ok for LinkedIn now.

slava-ovchinnikov on Aug 25, 2022

I’m getting the same error on my end too

kphilemon on Aug 25, 2022

Also experiencing this exact issue. Seem’s to have appeared out of nowhere 😩

Node v12.18.3 Next-auth v4.10.0

ashmore11 on Aug 25, 2022

@kphilemon I did migration on the 16.x today, yesterday has 12.x, could u check does it working with 12 for you?

I’m sorry man. My project is dependent on node v16 since I’ve been using it from the beginning. I don’t think I can downgrade it to v12.

Could you revert yours to v12 instead since you mentioned you migrated from v12? (assuming that you are using version control lol). It would be easier for you to give it a try I guess.

Yeah, will check soon. Just a little busy at the moment 😃

slava-ovchinnikov on Aug 25, 2022