Although the apps might have similar users, they likely have different permissions they need to enforce. Imagine a situation where only a subset of users of the first app should have access to the second (think an admin console application versus a client or user application); what would you do to implement this?
The complete code for this application is in the SingleSignOnApplication class.
Now you need to configure the two different instances of the client application in the oauth2-client project folder.
The last step is to run two instances of this client application.