I created an app integration for OIN. Currently, I was able to setup an OIDC flow for signing the user in to my application but I have a query, I need client ID and secret for completing the flow (I am using python social auth for the integration), now for my application, I can get client ID and secret from the dashboard in okta dev but if my application gets published to OIN and some other organization which uses okta tries to integrate it, how can I get the client ID and secret for them?
Will it remain same or is there any other thing to be done and I am doing something wrong.
In most of the documentation it is mentioned that I will require these data but I was unable to find how to get this data for OIN integration.
NOTE: The client ID and secret will not remain the same across different organizations. Each organization gets its own unique client ID and secret when they add your application from OIN to their Okta tenant. This is a standard security measure to ensure isolation and security across different instances of your application.
Now to answer your question:
When an organization decides to use your app, they will find it in the OIN and add it to their Okta tenant.
As part of this process, Okta generates a unique client ID and client secret for the integration specific to their tenant.
Each organization will have to configure the integration within their Okta dashboard. They will get their own client ID and client secret, which they will use to configure the OIDC flow in their instance of your application.
As @SitaRam has stated, the client credentials are going to be different for each customer that adds your app integration to their org. For more info about the multi-tenant approach we use for our OIN apps see here: Build a Single Sign-On (SSO) integration | Okta Developer
“Okta uses a multi-tenant local credential system for OIDC integrations. When your customer adds your integration in their Okta org, they obtain a unique set of OIDC credentials. Each instance of your app integration inside a customer org has a separate set of OIDC client credentials that are used to access your application.”