By cloning an app key credential with the Apps API, you can share the same certificate between two or more apps:
To share a certificate among app instances:
kid) with one or more target apps.
The WWW-Authenticate header couldn't be read when the
/oauth2/v1/userinfo endpoint returned errors in a browser. (OKTA-101943)