In OAuth 2.0
the Client_id is unique for any OAuth Client
on the same Authorization Server
OAuth 2.0 Dynamic Client Registration Protocol allows clients to dynamically register using the registration_endpoint.
Client_id is a Public identifier for the Application.
BY using Client_id / Client Secret
you can potentially control which OAuth Clients
are allowed to connect to your API
and make decisions such as rate limit them or block them. This is the way that e.g. Twitter
can ensure that no other twitter
client is allowed to have over 100,000 users.
There might be more information for this subject on one of the following: