very good explaination !

Sir please help me understand-I have defined a ConnectedApp in one org (org 1) with API access enabled, and it seems that I can use the client_id and client_secret of that connected app to obtain an access token to a different organization (org 2) using an user account defined in Org 2. Org 1 and Org 2 does not share the connected app in anyway? Is this behavior correct? I was under the impression that ConnectedApp should only enable access to orgs in which the connected app is installed in. Is that understanding wrong? @salesforceCodex

awesome explanation

Thank you so much