400 Bad Request error that states: "Your request resulted in an error. The ‘redirect_uri’ parameter but be a Login redirect URI in the client app settings:’
Right, the absolute URI, including path, must be registered as a Login redirect URI. Wildcards can ONLY be used for subdomains, as covered here:
If wildcard_redirect Early Access is DISABLED , all redirect URIs must be absolute URIs and must not include a fragment component. If wildcard_redirect is SUBDOMAIN , then any configured redirect URIs may contain a single * character in the lowest-level domain (for example, https://redirect-*-domain.example.com/oidc/redirect ) to act as a wildcard. The wildcard subdomain must have at least one subdomain between it and the top level domain.
The wildcard can match any valid hostname characters, but can’t span more than one domain. For example, if https://redirect-*-domain.example.com/oidc/redirect is configured as a redirect URI, then https://redirect-1-domain.example.com/oidc/redirect and https://redirect-sub-domain.example.com/oidc/redirect match, but https://redirect-1.sub-domain.example.com/oidc/redirect doesn’t match.
Only the https URI scheme can use wildcard redirect URIs. Caution: The use of wildcard subdomains is discouraged as an insecure practice, since it may allow malicious actors to have tokens or authorization codes sent to unexpected or attacker-controlled pages. Exercise great caution if you decide to include a wildcard redirect URI in your configuration.
An authorization server should require all clients to register their “redirect_uri”, and the “redirect_uri” should be the full URI as defined in [RFC6749]
Certainly can be an inconvenience for development though.