Use client_id and client_secret obtained from developer account to more than 1 website

My team and I are trying to create a wordpress plugin that could connect to Infusionsoft via API. We are using the PHP SDK and learned that we need to register a developer account on in order for the plugin and Infusionsoft to communicate.
We did that, created an Application and obtained the client_id and the secret_id for the API configuration.

But we found out that 1 application can only be used in 1 domain.

Question 1: If we are going to use our plugin on 20 different websites, we need to create 20 applications on Developers Website and obtain 20 client_id and 20 client_secrets?

Question 2: We noticed that some plugins when installed only requires the Infusionsoft account prefix and the API Encrypted Key under Admin>Settings>Application. Do you know how they can do that? Are they using a different SDK or a different way to connect to Infusionsoft API?

We’d really appreciate it if you could help us with this one. Thank you so much Infusionsoft Community!

The api account name/api key method will be dis-continued in the future. At that time, those plugins you mention will have to make the transition to oauth. Where did you read/hear that one developer app can be only used on one domain? That is not the case. Your developer id/secret is independent of a domain name. You do register a domain name that is tied to your developer account for vetting and identification purposes but has nothing to do with the operation or use of the id/secret anywhere it is required.

Hello @John_Borelli, thank you for your reply. We only followed the instruction here:

Inside the Developers Site, when I added the application there is a “Web Site” field.
The client_id and the client_secret only worked for the domain we specified on that field.
But now I realized, the field is not required to be filled. Will the client_id and the client_secret work with multiple domains if I leave that blank?
Will also test it but if you know the answer we would really appreciate if you could tell us too. Thank you so much. You’ve been a big help!


I have a single dev account set aside for testing and development. I use the same client id/secret on multiple domains for those purposes. I have my web site field filled in on the account as my dev site but I also have two testing platforms with differing domain names and the same credentials work there as well. It sounds more like your call back url for oauth is getting set to one site and you’re not setting it to the site your trying to run off of.

The domain on the application is just informative. We do not enforce any whitelisting of redirect uris.