Currently, nothing is preventing this when going through the JSF UI.
1. Add a JSF validation.
2. Use the clientId as a primary key in the oauth2Clients directory (currently the primary key is the autoincremented id field).
The problem with 1. is that it will only work for JSF, not for Web UI, the REST API or any other way of creating an entry in the directory.
The only good way seems to be 2. but it means breaking some existing data.