OIN App - authorization

Hi
I would like to become ISV for okta. I want to use Okta API to fetch customers data from okta orgs (users, groups etc.). I know there is a procedure to submit OIN app which is not ideal solution for me. I would like to avoid handling client_id and secret by customer admins. The ideal solution would be to have one pair of client keys used for every customer org. Is it possible to configure app which will use same pair of client keys to produce unique access token for customer org’s by getting their consent in oAuth 2.0 flow? I really don’t like the idea of customers pasting client keys into my app. So much things can go wrong. Beside is there any centralised oAuth token url with which I could avoid using customer domain?
Maybe OIN app is not valid for me and I should use some other solution?
BR