how to generate OAuth client identifier and client secret?

Question

I\'m implementing an OAuth2 provider, and I would like to have an area somewhere in my web site where developers log on and register third party apps. But I\'m having doubts on

Answer 1

The client identifier can be anything you want. It can be their choice or any random string.

The client secret should be a cryptographically strong random string. Here is how you can generate one:

RandomNumberGenerator cryptoRandomDataGenerator = new RNGCryptoServiceProvider();
byte[] buffer = new byte[length];
cryptoRandomDataGenerator.GetBytes(buffer);
string uniq = Convert.ToBase64String(buffer);
return uniq;

Answer 2

The specs are not clear about how you should generate them, but they say that you they should be random strings and unique.

In the section #2.2, about the client identifier:

The authorization server issues the registered client a client identifier - a unique string representing the registration information provided by the client.