Whether manually configured, or configured through an OpenID Connect well-known configuration there are limit well defined flows.
OAuth providers, instead of assuming a specific flow should allow any defined/supported flow to be used.
NOTE: direct_grant = Resource Owner Password Credentials (however, we ignore the username/password fields as we connect with mTLS [e.g. CAC])
Whether manually configured, or configured through an OpenID Connect well-known configuration there are limit well defined flows.
OAuth providers, instead of assuming a specific flow should allow any defined/supported flow to be used.
NOTE: direct_grant = Resource Owner Password Credentials (however, we ignore the username/password fields as we connect with mTLS [e.g. CAC])