OKTA org with multiple branding

Currently we have one SPA using OKTA. We have a branding for it with subdomain app1.okta.com
so to access the OKTA admin console you use app1-admin.okta.com
We want to integrate a new SPA with complete different users base and different logo and branding.

What are the best practices here to have one OKTA org with 2 different branding?
Is it as simple as creating a new branding with new okta subdomain so that for users using the new app they get directed to app2.okta.com?
Does that mean we will have anew admin console app2-admin.okta.com?
How about authorization server? will that create a new default authorization server for that new sub domain?

I am trying to wrap my head around the concepts of org, tenant, identify provider and authorization server for each different application that require different branding? so I am looking for best practices