Hey @michael.solomon, thanks for posting and using Zoom!
Few options, you could use 1 OAuth app, and then redirect to the respective environment by whitelisting your environment domain names. Due note that the Redirect URL and whitelist URLs need to have the same base domain. So you could add a sub domain redirect for each environment.
Or you could create a different OAuth app for each stage, however, a Zoom OAuth app has a development and production environment with separate credentials already built into a single OAuth app, so you could use the Testing Credentials for both development and staging.
Yes it is safe, and that is the recommended / industry standard OAuth2 flow.
Let me know if that helps!