I would like to use the linkedin javascript API as a way to login to my website as it seems far more end user friendly than using OAuth (ie: nicer to use with just a small popup to log into linked in).
How can i use the information returned by linked in to securely log a user into my own website so that it can't be forged? Or do I need to provide an extra password that a user must enter?
From the horses mouth: https://developer.linkedin.com/documents/sign-linkedin A general overview: http://thinlight.org/2011/08/07/using-facebook-and-other-sites-as-user-authentication-system/
I'm not positive, but I think you're confusing what Oauth is. There's plenty of Oauth plugins for various CMS/languages that integrate seamlessly (with a little effort) - so the end user experience is that "click to login"