Skip to main content
  • Generate a Direct Access Token in Campaign Manager → DataSignals ManagerConversions API.
  • Give the token the Manage conversions permission and access to the correct ad account.
  • Set an expiry (we recommend 1 year), then copy the token immediately — it won’t be shown again.
  • Paste it into your Upstack LinkedIn destination’s API Access Token field.
What is a LinkedIn Direct Access Token?A Direct Access Token is a LinkedIn-issued access token you generate directly inside Campaign Manager — no LinkedIn Developer app or OAuth flow required. It authorizes Upstack to send conversion events to LinkedIn’s Conversions API on your behalf. You control which ad accounts it covers, the permission it grants (Manage conversions), and how long it lasts before expiring.

Prerequisites

Before you start, you need:

Steps to generate your LinkedIn CAPI token

1

Open Signals Manager in Campaign Manager

Sign in to LinkedIn Campaign Manager, select your ad account, then click DataSignals Manager in the top navigation.
LinkedIn Campaign Manager Signals Manager with the Conversions API tab
2

Open the Conversions API tab

In Signals Manager, click the Conversions API tab. This is where you manage Direct Access Tokens for server-side event forwarding.
3

Generate a token

Click Generate token (or Manage tokensGenerate token if you’ve created tokens before).
Generate token dialog in the LinkedIn Conversions API tab
4

Select the ad accounts

Choose the ad account(s) the token should cover. The token can only send conversions for the accounts you select here.
The token must include the ad account that owns your Conversion Rules. Otherwise the token will be valid but events will return a 403 permission error.
5

Set the permission to Manage conversions

Set the token permission to Manage conversions. This is the permission Upstack needs to write conversion events to LinkedIn.
6

Set the token expiry

Choose how long the token stays valid. We recommend setting the expiry to 1 year to minimize how often you need to rotate it.
Set a calendar reminder a week or two before the expiry date so you can generate a replacement token before conversion forwarding is interrupted.
7

Copy and save the token securely

LinkedIn displays the generated token — a long alphanumeric string. Copy it immediately and store it somewhere secure (a password manager works well).
The token is shown only once. LinkedIn will not display it again after you close the dialog. If you lose it, you’ll have to generate a new one. Treat it like a password and never expose it in client-side code.
8

Add the token to Upstack Data

Sign in to Upstack Data and open your LinkedIn destination under Event Destinations. Paste the token into the API Access Token field and save.
9

Verify the destination is healthy

In the Upstack dashboard, the LinkedIn destination card should show Healthy with a green status indicator within 5 minutes.If the status shows Unhealthy:
  • Confirm the token was pasted in full (no truncation, no whitespace).
  • Confirm the token has the Manage conversions permission.
  • Confirm the token includes the ad account that owns your Conversion Rules.

Token expiration and renewal

Direct Access Tokens expire based on the duration you set when generating them (we recommend 1 year). When a token expires:
  • The destination status changes to Unhealthy and events return a 401 error.
To renew:
  1. Go to Campaign Manager → DataSignals ManagerConversions API.
  2. Generate a new token with the same ad accounts and Manage conversions permission.
  3. Update the API Access Token field in your Upstack LinkedIn destination.