My usecase is I have one organization with name firstorg having clientid, clientscret and domain url, I want another organziation with name secondorg which has itw own account, can access firstorg apis using firstorg clientid, secret and domainurl for and authenticate with their(secondorg) own username and password.
So basically can firstorg have public app which can be use by another organziation which has its own account but not clientid and secret, so without creating clientid, clientsecret can secondorg access firstorg apis with firstorg clienid and secret?