Dev’s should use their own credentials for the app, as while you could share the Client ID as that’s public you shouldn’t ever share the Client Secret, and no other dev could change the redirect URL, meaning that no other developer can generate OAuth tokens.
1 Like