Allow for wildcards in app redirect URIs

We recognize the utility of this feature, however, IETF specifically recommends against this approach

For example OAuth 2.1 (still in draft says (https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-04#section-2.3.2):

"Authorization servers MUST require clients to register their complete
redirect URI (including the path component) and reject authorization
requests that specify a redirect URI that doesn't exactly match one
that was registered; the exception is loopback redirects, where an
exact match is required except for the port URI component."

And https://datatracker.ietf.org/doc/html/draft-ietf-oauth-security-topics-18#section-2.1

"When comparing client redirect URIs against pre-registered URIs,
authorization servers MUST utilize exact string matching except for
port numbers in "localhost" redirection URIs of native apps, see
Section 4.1.3. This measure contributes to the prevention of leakage
of authorization codes and access tokens (see Section 4.1). It can
also help to detect mix-up attacks (see Section 4.4)."

I really like the idea, btw.

I'd add a branch name variable, site location/IP identifier within your code as a tag to automatically load the proper console. (If name=Houston, then load /houston-branch/*.)

Good idea. What if this change happened within your code by adding a drop down to choose between the wildcards?