Allow domain level connections to apply to first-party applications

Feature: Allow domain level connections to be enabled on first-party applications regardless of third-party applications and dynamic client registration.

Description: This would preferably be a toggle, like enabling dynamic client registration, in the advanced tab of tenant settings. With the feature turned on, a connection that has been (or is promoted) to domain level would retroactively enable the connection for all first-party applications in the tenant, and would be enabled automatically for all future first-party applications.

Use-case: We (Fiix) have a solution in which our system provisions our customers with independent applications, APIs, and connections to use for secure authentication within our system. We additionally have a connection for authenticating super users needed for managing and assisting customer accounts in our services, and this connection needs to be enabled for all applications. Currently we are manually making a call to add every new application to the list of enabled clients for the super user connection, but are already halfway to the API call size limit. Having this connection that we need for all applications auto-enabled would prevent us from being unable to administer new customers due to hitting the API call size limit.

Thanks for filing in this feature request. Let’s see how many people will be interested in such addition as well.