OIDC - Client ID & Secret


we have a multi-tenant app and in each there can be several sub-clients. To make it more clear, we have the following scheme:

project1.domain.com where exist companies: Company A, Company B, Company C…
project2.domain.com where exist companies: CompanyX, CompanyY…

User’s email must be unique within each project (ie. can be used in another one).

Our assumption is that all Companies, no matter what project it is, would install our app in their Okta instance via the App Catalog. And all they would need to setup is the subdomain (project1, project 2…) without having to set Client ID and Client Secret. So Client ID and Client Secret would be shared for all companies in all projects. We want to keep the setup as simple as possible.

Is this an acceptable solution for Okta?

Thank you and kind regards,
Jakub from Sharry

If these companies are different Okta instances, then no, this would not work. Each instance of the app in each Okta tenant would have its own Client ID and Secret and your app would need to use the correct Issuer/Okta URL and Client Creds to work. There is no way to have all these instances share the same client credentials.

1 Like

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.