Some services have historically used the alternative Implicit Flow for single-page apps, rather than the current recommendation of using the Authorization Code with PKCE.
The Implicit Flow bypasses the code exchange step, and instead the access token is returned in the query string fragment to the client immediately.
There are a number of concerns with this approach, enough that many providers have opted to avoid implementing the Implicit flow completely.
It’s worth noting that the Implicit flow has always been seen as a compromise compared to the Authorization Code flow. For example, the spec provides no mechanism to return a refresh token in the Implicit flow, as it was seen as too insecure to allow that. The spec also recommends short lifetimes and limited scope for access tokens issued via the Implicit flow.
In any case, with both the Implicit Flow as well as the Authorization Code Flow with PKCE, the server must require registration of the redirect URL in order to maintain the security of the flow.