Thanks, we’ll do that.
Note that FB does something different and maybe you guys want to revisit this. They give you a single token that can be shared across applications for authentication. This means you can cut off a client without cutting off the service.
If you also think about it - a third-party may develop an application that logs into your service and they want to leverage the nice sign-in without having to use web views, would you really want them to run with the same client IDs?
