I am currently working on hosting the premium app example. The example uses an implicit grant auth and requires a client ID generated by some third party.
What I am confused about is how the process of using implicit grant auth scales when a user downloads and installs the app from appfoundry. Does the user have to manually create a client ID first and provide this to us, or, as it seems to have been implemented on the example app, would our client ID work across multiple accounts in different orgs, etc (as long as they are in the correct region)?
Implicit and Auth Code OAuth clients are valid for any org within the region they are created. You should create an OAuth client once and use the client ID for all customers using your app within that particular region. Create a separate OAuth client for each additional region you're supporting and use the correct one based on the region the user desires to log in to.
I wanted to update this forum post to make some clarifications since it was closed in 2019...
If you are a Genesys AppFoundry vendor creating a premium application for Genesys Cloud, then you only need to create and host a single Authorization Code or Implicit grant OAuth client in your development org. That OAuth client is no longer limited to regional boundaries and will be able to work globally against any customer's org, assuming the customer authorizes your application.
Also, please consider adding something like "*** DO NOT DELETE ***" to the front of your premium application OAuth client name so that someone doesn't inadvertently delete the OAuth client. If it gets deleted then your premium app will cease to operate in any org that it is installed in. It is possible to resurrect deleted OAuth clients, but it takes time and will cause outages for your app while it is being done.