Local MCP server for authenticated LinkedIn member post snapshots
Project description
flin-linkedin-posts-mcp
flin-linkedin-posts-mcp is a local MCP server for reading and analyzing the authenticated member's own LinkedIn post/share data.
It uses LinkedIn member OAuth login and the Member Data Portability API. Each user runs the MCP locally, signs into their own LinkedIn account in the system browser, and stores their token on their own machine.
The MCP supports two login flows:
- Regular 3-legged OAuth with a client secret. This is the recommended local setup for most LinkedIn Developer apps.
- Native OAuth PKCE. This does not require a client secret, but LinkedIn must explicitly enable the Native PKCE protocol for your app.
Important Access Requirement
This MCP does not bypass LinkedIn API approval. Each user should create their own LinkedIn Developer app with access to Member Data Portability API (Member) and the r_dma_portability_self_serve permission. Without that product/scope, LinkedIn returns 403 ACCESS_DENIED for memberSnapshotData.
Native PKCE is a separate LinkedIn app capability. If LinkedIn shows Not enough permissions to access Native PKCE protocol, use the regular 3-legged OAuth setup below or ask LinkedIn to enable Native PKCE for the app.
Relevant LinkedIn docs:
- 3-legged OAuth: https://learn.microsoft.com/en-us/linkedin/shared/authentication/authorization-code-flow
- Native OAuth PKCE: https://learn.microsoft.com/en-us/linkedin/shared/authentication/authorization-code-flow-native
- Member Snapshot API: https://learn.microsoft.com/en-us/linkedin/dma/member-data-portability/shared/member-snapshot-api
- Snapshot domains: https://learn.microsoft.com/en-us/linkedin/dma/member-data-portability/shared/snapshot-domain
- API access overview: https://learn.microsoft.com/en-us/linkedin/shared/authentication/getting-access
Features
- Browser-based LinkedIn login with regular OAuth or native PKCE
- Local token storage outside the repository
- Auth status and logout tools
- Snapshot domain count/debug tool
- Authenticated member post/share listing from
MEMBER_SHARE_INFO - Post analysis for counts, text length, hashtags, mentions, and top terms
- Best-effort extraction of engagement counters when they are present in snapshot rows
- Draft-to-published matching based on provided draft texts
MCP Tools
auth_statusloginlogoutlist_snapshot_domainslist_member_postsanalyze_member_postsmatch_drafts_to_member_posts
Configuration
Required for login:
LINKEDIN_CLIENT_ID: LinkedIn Developer app client ID
Recommended for regular 3-legged OAuth:
LINKEDIN_CLIENT_SECRET: LinkedIn Developer app client secret. If set,LINKEDIN_OAUTH_FLOWdefaults toauthorization_code.LINKEDIN_REDIRECT_URI: exact local callback URI registered in the LinkedIn app, for examplehttp://127.0.0.1:63141/callback.
Optional:
LINKEDIN_OAUTH_FLOW:authorization_codeornative_pkce. Defaults toauthorization_codewhenLINKEDIN_CLIENT_SECRETis set, otherwisenative_pkce.LINKEDIN_SCOPES: defaults tor_dma_portability_self_serveLINKEDIN_API_VERSION: defaults to202312LINKEDIN_RESTLI_PROTOCOL_VERSION: defaults to2.0.0LINKEDIN_TIMEOUT_SECONDS: defaults to30LINKEDIN_MAX_RETRIES: defaults to3LINKEDIN_OAUTH_TIMEOUT_SECONDS: defaults to300LINKEDIN_TOKEN_FILE: defaults to~/.flin-linkedin-posts-mcp/tokens.json
The MCP intentionally does not require LINKEDIN_ACCESS_TOKEN anymore. Tokens are created through the login tool.
LinkedIn Developer App Setup
- Create or open a LinkedIn Developer app.
- Add/obtain access to
Member Data Portability API (Member). - Make sure the app can request
r_dma_portability_self_serve. - For regular 3-legged OAuth, add an exact loopback redirect URL in the app's Auth tab, for example
http://127.0.0.1:63141/callback. - Set
LINKEDIN_CLIENT_ID,LINKEDIN_CLIENT_SECRET, andLINKEDIN_REDIRECT_URIto the same redirect URL. - For native PKCE only, ask LinkedIn to enable Native PKCE OAuth for the app, omit
LINKEDIN_CLIENT_SECRET, and configure loopback redirect URIs as LinkedIn requires.
Claude Desktop Configuration
For a published package:
{
"mcpServers": {
"flin-linkedin-posts-mcp": {
"command": "uvx",
"args": ["--refresh", "flin-linkedin-posts-mcp@latest"],
"env": {
"LINKEDIN_CLIENT_ID": "<YOUR_LINKEDIN_CLIENT_ID>",
"LINKEDIN_CLIENT_SECRET": "<YOUR_LINKEDIN_CLIENT_SECRET>",
"LINKEDIN_REDIRECT_URI": "http://127.0.0.1:63141/callback",
"LINKEDIN_SCOPES": "r_dma_portability_self_serve",
"LINKEDIN_API_VERSION": "202312"
}
}
}
}
For local development from this repository:
{
"mcpServers": {
"flin-linkedin-posts-mcp": {
"command": "uv",
"args": ["run", "flin-linkedin-posts-mcp"],
"cwd": "/path/to/flin-linkedin-posts-mcp",
"env": {
"LINKEDIN_CLIENT_ID": "<YOUR_LINKEDIN_CLIENT_ID>",
"LINKEDIN_CLIENT_SECRET": "<YOUR_LINKEDIN_CLIENT_SECRET>",
"LINKEDIN_REDIRECT_URI": "http://127.0.0.1:63141/callback",
"LINKEDIN_SCOPES": "r_dma_portability_self_serve",
"LINKEDIN_API_VERSION": "202312"
}
}
}
}
After adding the config, restart the MCP host and call:
auth_statusloginlist_snapshot_domainslist_member_postsoranalyze_member_postsmatch_drafts_to_member_postsif you want to compare draft text to published posts
Local Development
python3 -m pip install -e '.[dev]'
pytest -q
ruff check .
Packaging
python3 -m build
The package entry point is:
flin-linkedin-posts-mcp
Troubleshooting
LINKEDIN_CLIENT_ID is required before running login: setLINKEDIN_CLIENT_IDin the MCP config.Not enough permissions to access Native PKCE protocol: the LinkedIn app does not have Native PKCE enabled. SetLINKEDIN_CLIENT_SECRETandLINKEDIN_REDIRECT_URIto use regular 3-legged OAuth, or ask LinkedIn to enable Native PKCE for the app.LINKEDIN_REDIRECT_URI is required when LINKEDIN_OAUTH_FLOW=authorization_code: add the same exact local callback URL to the LinkedIn app's Auth tab and to the MCP config.403 ACCESS_DENIEDforpartnerApiMemberSnapshotData: the LinkedIn Developer app/token likely does not have Member Data Portability API access orr_dma_portability_self_serve.LinkedIn token has expired: runloginagain. If LinkedIn issued a refresh token, the MCP attempts a refresh automatically before requiring login.Timed out waiting for LinkedIn OAuth callback: rerunloginand complete the browser flow withinLINKEDIN_OAUTH_TIMEOUT_SECONDS.
Notes
- The MCP reads only the authenticated member's own snapshot data.
- It does not support arbitrary-author LinkedIn post lookup.
MEMBER_SHARE_INFOis snapshot/export-style data, so field names can vary. The normalizer is intentionally tolerant and keepsinclude_raw=trueavailable for debugging.- LinkedIn's portability data for
Sharesis documented around fields like date, link, commentary, media URL, and visibility. Likes, comments, and impressions are exposed only if they appear in the snapshot payload returned for that member. - Saved LinkedIn drafts are not exposed as a documented portability snapshot domain here.
match_drafts_to_member_postscompares draft texts you already have against published posts; it does not fetch drafts from LinkedIn.
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file flin_linkedin_posts_mcp-0.2.4.tar.gz.
File metadata
- Download URL: flin_linkedin_posts_mcp-0.2.4.tar.gz
- Upload date:
- Size: 25.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
aabde01b6a34af45fa697606a754dc043486f3f966b3e2a5ba8b4b3a301faf5d
|
|
| MD5 |
abd05cbdaa17d7a7b7aa6194ed841f21
|
|
| BLAKE2b-256 |
2d03a4eadb5d43d2d9092fdd11060debbf47ae0fd04d9f3394a6e5365695c8a5
|
Provenance
The following attestation bundles were made for flin_linkedin_posts_mcp-0.2.4.tar.gz:
Publisher:
release.yml on flin-agency/flin-linkedin-posts-mcp
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
flin_linkedin_posts_mcp-0.2.4.tar.gz -
Subject digest:
aabde01b6a34af45fa697606a754dc043486f3f966b3e2a5ba8b4b3a301faf5d - Sigstore transparency entry: 1430794143
- Sigstore integration time:
-
Permalink:
flin-agency/flin-linkedin-posts-mcp@bf6de2549bea98a9fdf2345dbdac241c3926ed51 -
Branch / Tag:
refs/tags/v0.2.4 - Owner: https://github.com/flin-agency
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@bf6de2549bea98a9fdf2345dbdac241c3926ed51 -
Trigger Event:
push
-
Statement type:
File details
Details for the file flin_linkedin_posts_mcp-0.2.4-py3-none-any.whl.
File metadata
- Download URL: flin_linkedin_posts_mcp-0.2.4-py3-none-any.whl
- Upload date:
- Size: 22.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
c50f8e8b0846241adab20353a8342eb46d84f85d2519d8a4bfbe82ae810d0a8f
|
|
| MD5 |
fa73ecf24ea78bf0315c6f7013f8b936
|
|
| BLAKE2b-256 |
ec61bcc651c8a29efb1455b48b5efea949109ebf4425828a58a3cb1ade1c3ed5
|
Provenance
The following attestation bundles were made for flin_linkedin_posts_mcp-0.2.4-py3-none-any.whl:
Publisher:
release.yml on flin-agency/flin-linkedin-posts-mcp
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
flin_linkedin_posts_mcp-0.2.4-py3-none-any.whl -
Subject digest:
c50f8e8b0846241adab20353a8342eb46d84f85d2519d8a4bfbe82ae810d0a8f - Sigstore transparency entry: 1430794238
- Sigstore integration time:
-
Permalink:
flin-agency/flin-linkedin-posts-mcp@bf6de2549bea98a9fdf2345dbdac241c3926ed51 -
Branch / Tag:
refs/tags/v0.2.4 - Owner: https://github.com/flin-agency
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@bf6de2549bea98a9fdf2345dbdac241c3926ed51 -
Trigger Event:
push
-
Statement type: