Tip: For implicit/hybrid responses (id_token/token) the authorization server uses URL fragment by default. This form will automatically switch the path to /oidc_callback.html when needed.

Tip: Using response_mode=form_post lets the authorization server post directly to the backend callback, so no relay page is needed. Choose fragment only if you specifically need it; it requires a minimal relay page to forward the URL fragment to the server.