The defining characteristic of the implicit grant is that tokens (ID tokens or access tokens)
are returned directly from the /authorize endpoint instead of the /token endpoint. This is
often used as part of the authorization code flow, in what is called the “hybrid flow” -
retrieving the ID token on the /authorize request along with an authorization code.
https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-implicit-grant-flow