The built-in OAuth 2.0 Authorization Server would be much easier to use if it also published RFC 8414 Authorization Server Metadata (or an OIDC Discovery Document).
This would also make it possible to make changes to the ArcGIS OAuth2 implementation (for example changing endpoint URIs or supported client authentication methods) without breaking existing clients.