OIDC - Client ID & Secret

sharry_tech · June 7, 2022, 12:50pm

Hello,

we have a multi-tenant app and in each there can be several sub-clients. To make it more clear, we have the following scheme:

project1.domain.com where exist companies: Company A, Company B, Company C…
project2.domain.com where exist companies: CompanyX, CompanyY…

User’s email must be unique within each project (ie. can be used in another one).

Our assumption is that all Companies, no matter what project it is, would install our app in their Okta instance via the App Catalog. And all they would need to setup is the subdomain (project1, project 2…) without having to set Client ID and Client Secret. So Client ID and Client Secret would be shared for all companies in all projects. We want to keep the setup as simple as possible.

Is this an acceptable solution for Okta?

Thank you and kind regards,
Jakub from Sharry

andrea · June 7, 2022, 6:45pm

If these companies are different Okta instances, then no, this would not work. Each instance of the app in each Okta tenant would have its own Client ID and Secret and your app would need to use the correct Issuer/Okta URL and Client Creds to work. There is no way to have all these instances share the same client credentials.

system · June 8, 2022, 6:45pm

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.

Post		Replies	Views
SaaS product, Would our client create okta apps or do we? OAuth/OIDC	5	1594	July 26, 2023
Query regarding Client ID and Secret OAuth/OIDC django	3	311	August 4, 2024
MVC & Okta Integration - Setting Client Id and Secret Questions dotnet	3	4273	May 28, 2021
How to handle multiple Client_IDs for same Authorization Issuer Questions	6	5914	October 22, 2021
Is it possible to get a client id/secret for every user instead of app OAuth/OIDC	2	3091	December 11, 2022

OIDC - Client ID & Secret

Related topics