In "Chapter 8. Configuring federated authentication in RHOSO" of "Configuring security services" guide we tell that:

Your federation client must have implicit flow enabled.

and

Each federation client must have Implicit flow enabled and not Authorization code flow.

I have figured out that mentioned claims are coming from changes merged to address https://issues.redhat.com/browse/OSPRH-16467 and https://issues.redhat.com/browse/OSPRH-21129. But I was unable to find more details about the reasons we have introduced mentioned claims in RHOSO (in RHOSP 17.1 Authorization code flow was supported).

This issue may be a duplicate of https://issues.redhat.com/browse/OSPRH-19005

I want to kindly ask you to take a second look at this situation and correct it if possible.

Expected behavior
Authorization code flow is de-facto standard these days, so we need to support it if capabilities are already there. Please let me know if something is missing in product, I will create RFE to ask engineering to address it.

Bug impact
Some systems don't support implicit flow, or it may not be an option from security perspective guidelines. So customers are unable federate in a supported way.

Known workaround
Technically speaking, authorization code flow works, but doesn't seem to be supported.