0👍
After deep doc reading of the official article Redirect URI (reply URL) restrictions and limitations
Wildcard uri is still supported but with some limited scope:
Wildcard URIs are currently unsupported in app registrations configured to sign in personal Microsoft accounts and work or school accounts. Wildcard URIs are allowed, however, for apps that are configured to sign in only work or school accounts in an organization’s Azure AD tenant.
The key point is you can not add a wildcard uri for example https://*.domain.com in the web page directly, instead you get to go to the manifest editor and input it.
To add redirect URIs with wildcards to app registrations that sign in work or school accounts, use the application manifest editor in App registrations in the Azure portal.
As MS said:
we strongly recommend you adhere to section 3.1.2 of RFC 6749. and use only absolute URIs.
But since my case is more testing purpose, so it is acceptable. For production, better not.