I hoped to get answer from Linkedin member since they stated on their site that stackoverflow is a proper place for asking such questions. But since there is no answer from them and I didn't find any relevant information regarding this question I believe that it is just the way they implemented OAuth 2.0 protocol.

I have run into the same issue. According to LinkedIn Docs:

A successful Access Token request will return a JSON object containing the following fields:

• access_token — The access token for the user. This value must be kept secure, as per your agreement to the API Terms of Use.
• expires_in — The number of seconds remaining, from the time it was requested, before the token will expire. Currently, all access tokens are issued with a 60 day lifespan.

they respond with

{"access_token":"...","expires_in":...}

which violates the standard.

Currently I am using Spring Security 5.0.3 and to fix the issue, I had to monkeypatch one class:

com.nimbusds.oauth2.sdk.token.BearerAccessToken

I will not post the whole class, only a significant part:

public static BearerAccessToken parse(final JSONObject jsonObject)
        throws ParseException {

        // Parse and verify type
        AccessTokenType tokenType;
        try {
            tokenType = new AccessTokenType(JSONObjectUtils.getString(jsonObject, "token_type"));
        } catch (ParseException ex) {
            tokenType = AccessTokenType.BEARER;
        }

        if (!tokenType.equals(AccessTokenType.BEARER))
            throw new ParseException("Token type must be \"Bearer\"");
        //...
}