Overview#

In OAuth 2.0 the Client_id is unique for any OAuth Client on the same Authorization Server.

OAuth 2.0 Dynamic Client Registration Protocol allows clients to dynamically register using the registration_endpoint.

Client_id is a Public identifier for the Application.

Some Uses#

BY using Client_id / Client Secret you can potentially control which OAuth Clients are allowed to connect to your API and make decisions such as rate limit them or block them. This is the way that e.g. Twitter can ensure that no other twitter client is allowed to have over 100,000 users.

More Information#

There might be more information for this subject on one of the following:

• ACDC Grant type
• API-Gateway
• Access Token Request
• Apple ID
• Authorization Code Flow
• Authorization Request
• Authorization Request Parameters
• Authorized party
• Best Practices OpenID Connect
• Client Credentials Grant
• Creating an OAuth 2.0 Client Application
• Identity Token Claims
• Identity Token Validation
• Implicit Grant
• JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants
• OAuth 2.0 Client Registration
• OAuth 2.0 Dynamic Client Registration Management Protocol
• OAuth 2.0 Dynamic Client Registration Protocol
• OAuth 2.0 JWT Secured Authorization Request
• OAuth 2.0 Mutual TLS Client Authentication and Certificate Bound Access Tokens
• OAuth 2.0 Security Best Current Practice
• OAuth 2.0 Token Exchange
• OAuth 2.0 Token Exchange Request
• OAuth 2.0 Use Cases
• OAuth Parameters Registry
• OAuth Scope Example
• OpenID Connect
• Resource Owner Password Credentials Grant
• Token_endpoint