Introduction

Using the LinkedIn Company Lookup API you can get information about a company registered on LinkedIn. You can search for keywords, but you can also use ID. For example, GET request

  http://api.linkedin.com/v1/companies :::(1337) 

will return information about the company LinkedIn. It is very convenient that you can specify several IDs at once through a comma, however, it should be borne in mind that too many IDs in a single request also fail due to the size limit of the request itself.

There are also restrictions on the number of requests per day, which are set for both the application and for an individual user. In particular, for obtaining information about companies, the following limits:



Thus, as seen in the figure above, LinkedIn does not allow one user to get information about more than 500 companies in one day. At the same time, it is important to note that it is the number of requested companies that is considered, and not requests (as mentioned above, information about several companies can be requested in a single request).
')

How it should work

For authorization of requests LinkedIn uses oAuth, and at the moment both versions are supported: OAuth 2.0 , as well as the older OAuth 1.0a . In the case of using version 1.0a briefly, the mechanism can be described as:

1. We make a request to the API to get a link to authorize the application, this also creates the request_token.
2. You must open the link in the browser and manually allow access for the application.
3. The previously generated request_token is used to obtain the access_token (by calling the appropriate API method).

Thus, the steps described above need only be done once, and the access_token should be kept in a safe place and used for all subsequent calls to API methods. In this case, we are faced with the fact that using one user will not be able to get more than 500 companies per day.

How it really worked

In reality, I tried not to get access_token, but to call API methods using request_token generated in step 1 (step 2 is required in any case, otherwise request_token will be unsuitable). And in the end I found that the API methods worked successfully with the request_token first 5 minutes (then its lifetime expires). In addition, with this method, the limit for the user did not work, only the limit per 100,000 companies per day for the application. However, the creation of several applications comes to the rescue. The obvious disadvantage of this approach is the need to authorize the application every 5 minutes. But with the proper level of automation and browser integration, this was not a big problem. As a result, for a couple of days of unhurried work of a simple code, a database was downloaded from about 5 million companies stored on LinkedIn.

Recommendation

You should not give the ability to call API methods (except for the access_token getting method) using the temporary request_token. This recommendation is written in section 6 OAuth 1.0a.

PS: At the moment, LinkedIn has already corrected the situation in accordance with the recommendation given.