Update redirect url definition for wildcard url allowed app types

[mpmadhavig]

Purpose

This PR contains the improvement for the below explanation.

The support for wild card in sub domains looks intentional to support use cases such as mobile apps requiring dynamic URL handling or tenanted URL handling.

However, its usage for general web-based redirect URIs may not align with OAuth 2.0 best practices.

When comparing client redirect URIs against pre-registered URIs, authorization servers MUST utilize exact string matching except for port numbers in localhost redirection URIs of native apps.

Regarding the customer recommendation,
AFAIK, Standard based templates used for clients (mobile or web-based) using standard protocols. But its recommended > to follow best practises,

• For web-based applications, customers should use exact URLs or implement logic to dynamically register specific redirect URIs as needed.

• For mobile apps leveraging deep links, wildcard support may be acceptable, but it must be implemented securely and limited in scope.