why id_token is passed via url with fragment identifier instead query string?

After the openid authentication, id_token (jwt) is passed to the client is through URI fragment instead of query string which makes impossible to read by the server. Whats the real motto behind this. Whats the benefits out of this

Solution

The fragment is supposed to be stripped by the user agent (e.g. browser) before loading the URL so the fragment doesn't end up in server side logs.

One should be aware that recent changes in browser implementations make the assumption above questionable and it may be safer to rely on an Authorization Code flow.

Spring Security issue with JWT: Cannot subclass final class JwtAuthenticationProvider
How to avoid multiple token refresh requests when making simultaneous API requests with an expired token
Google Cloud: sign a JWT while impersonating a service account
How to generate a refresh token?
How to avoid multiple refresh token call, if there are multiple API calls get unauthorized because access token expired
Creating JWT in Coldfusion for google Service account
Unexpected JWT alg received, expected RS256, got: HS256
Why do I get a "io.jsonwebtoken.ExpiredJwtException"?
.NET Core 3.1 GoogleSignIn -The authentication handler registered for scheme 'Bearer' is 'JwtBearerHandler' which cannot be used for SignInAsync
JWT signature verification failing
IDX10603: The algorithm: 'HS256' requires the SecurityKey.KeySize to be greater than '128' bits. KeySize reported: '32'. Parameter name: key.KeySize
How can I securize my code-first gRPC endpoints using Azure Authentication?
AWS Lambda Custom JWT Validation
Flask JWT Extended missing csrf access token
Where should I refresh my JWT in SvelteKit
Token is generated at the endpoint but does not arrive on the page
Is it okay to encrypt a 3rd party access token and refresh token, in an encrypted JWT?
In JWT Authentication in .NET 7, how can a "validated" token be "missing"?
What to validate 'iat' and 'sub' claims of a JWT against?
How to use jti claim in a JWT
Can't import jwt-decode in JavaScript file in React project
JWT and CSRF differences
Getting 'secretOrPrivateKey must have a value' error in NestJS JWT authentication
Google Sheets, JWT client with Service Account
Angular 17 & dot net Core 8 - Jwt on refresh adding to Audience
Is "scope" a standard claim?
Error when trying to Promisify JWT in Typescript
reactjs call multiple axios posts in one async function
TS2339: Property 'scope' does not exist on type 'JwtPayload'
Generating JWT token with JwtUtil class in Spring Boot resulting in NullPointerException