Forum Discussion
How did LinkedIn get the permission to access my AAD profile?
Hi All, I've just come across this thread.
We identified a bug in the profile user interface that incorrectly displayed a settings control for a feature that is not available. No permissions were granted. The option is not functional and there is no effect if you attempted to take action. We've rolled back the UI changes and removed the button.
It's probably the "LinkedIn contact sync" feature: https://support.office.com/en-gb/article/Manage-LinkedIn-contact-sync-in-your-organization-8097C125-8628-4453-8138-BAEC6438863F?ui=en-US&rs=en-GB&ad=GB
Thanks but I don’t think so. LinkedIn contact sync, as part of the organization-wide OWA mailbox policy, has always been disabled. (By the way, the article you referenced says it can be changed from the admin portal, but I couldn’t find it.)
I also checked all OAuth2 permissions that have been granted (using Get-AzureADUserOAuth2PermissionGrant) and it’s not there for any user either. The AAD profile page makes a request to https://account.activedirectory.windowsazure.com/linkedInConnectionStatus/GetAppStatus to check opt-in/opt-out status. I think Microsoft actually did something without users and admins consent.
