spring-boot spring-authorization-server spring-resource-server

What value is usually provided to client_id field in RegisteredClient objects?

What value is usually provided to client_id field in RegisteredClient objects in production? The first thought that comes to my mind is to just use unique integers for each client. But is it really a legitimate approach?..

Solution

The client_id is essentially a unique and a public identifier for OAuth Apps. Even though it's a public identifier, it's best that it shouldn't be guessable by any 3rd parties. Different vendors use different conventions to generate client_ids and the most common practise is to have a 32 character alpha-numeric string. You can read about different conventions here. In most cases, a UUID would be enough for a client_id given that you do not have any special requirements.

bean of type 'org.springframework.security.crypto.password.PasswordEncoder' that could not be found
How to set SameSite and Secure attribute to JSESSIONID cookie
How to map this Json with rest template spring boot
Spring Boot - no log file written (logging.file is not respected)
JDK11 + spring boot = JAXBException: Implementation of JAXB-API has not been found on module path or classpath
Spring Boot: @TestConfiguration Not Overriding Bean During Integration Test
JWT signature verification failing
Springfox Type javax.servlet.http.HttpServletRequest not present
Consistent time zone for date comparison
Spring boot embedded tomcat application session does not invalidate
Spring Boot Fails to Start after First Boot
Null exception @Service in a spring @RestController using constructor injection
Trying to send a message to a queue on weblogic
logging.file.max-history is not working in Spring Boot
Why does @EntityGraph not load EAGER scince Spring version 2.2.5?
H2-Console is not showing in browser
How to get filtered results based on two columns from a single table using Specification and Criteria Builder in Spring Boot
Expose single classpath resource for web access in Spring Boot
Spring Webflux and @Cacheable - proper way of caching result of Mono / Flux type
Issues with Lazy Loading and Transactions in JPA
What is the spring-boot-configuration-processor ? Why do people exclude libraries from it? Why is it invisible in dependency tree?
Jakarta EE modules used in Spring
Which Spring Cloud AWS version should be used with Spring Boot 3?
Spring Boot: How to test a service in JUnit with @Validated annotation?
Virtual Threads and Spring WebFlux
spring-data-jdbc integrate with mybatis
How to use abstract classes in Spring Boot?
Spring JPA: Providing Schema Name Dynamically
Spring SecurityContext not available when using parallelStream
How to tell Spring Boot to use another DB for test?