How WriteHero connects to LinkedIn

Last updated: May 20, 2026

Connecting any third-party tool to LinkedIn is a permission grant, and you have every right to know exactly what you're granting and where the limits are. This page walks through it concretely, without marketing claims.

What WriteHero never does

These are the four behaviors LinkedIn's Terms of Service explicitly forbid for third-party tools, and the four behaviors that get accounts restricted or banned in practice. WriteHero does none of them:

• No auto-likes, auto-comments, or auto-follows.We never simulate interactions with your network. Tools that do this (Phantombuster, Dux-Soup, and most "LinkedIn growth" bots) are what LinkedIn actually pursues. They hit the platform's servers as if you were doing it manually, breaking the part of the TOS about automated activity.
• We never publish a post without you clicking Publish or scheduling it. There is no auto-content. Drafts sit until you tell them to go out.
• We never read your messages, connections list, or any private data.The only OAuth scopes we request are the minimum to publish posts on your behalf (and read back your own posts for analytics). We have no access to who you message, who you're connected to, or what people send you.
• We never see, store, or transmit your LinkedIn password. Connection happens through LinkedIn's OAuth flow: you log in on LinkedIn's own page, they hand us a scoped token, the password never leaves their system.

How we publish: the official LinkedIn API

WriteHero publishes through LinkedIn's official scheduling API. This is the same API Buffer, Hootsuite, Sprout Social, Later, and every other legitimate LinkedIn scheduler uses. LinkedIn built it specifically for third-party tools to operate within their TOS. Accounts don't get banned for using something LinkedIn built for them to use.

Concretely: when you click "Connect LinkedIn," you're redirected to linkedin.com to authorize WriteHero with two scopes: one to read your basic profile info (so we can show your name and avatar correctly), one to publish posts. That's the entire scope. You can review and revoke this from your LinkedIn permissions page at any time.

How we read posts for voice analysis

For voice analysis, we read the public posts on the LinkedIn profile you point us at, the same way anyone scrolling that profile would see them. We never log in to anyone else's account. We never bypass authentication. No private posts are accessible to us, ever.

For ghostwriters: this is also why you don't need your client's LinkedIn password or login to use WriteHero. Public posts are enough.

Disconnecting and removing your data

You can disconnect at any moment, from the WriteHero editor, from settings, or directly from LinkedIn's permissions page. Disconnection is instant. The token is revoked on LinkedIn's side, and we lose the ability to publish.

If you cancel your WriteHero subscription, your connection is automatically severed and your scheduled posts revert to drafts. Nothing publishes from a cancelled account.

For full data deletion, email [email protected]with your account email and we'll remove your account and all associated data within 7 business days.

Questions or concerns

We'd rather you ask before connecting than worry after. Email [email protected]with anything that's unclear: security, privacy, OAuth scopes, or how publishing actually works under the hood. We'll answer concretely.