You may see this message when editing a client.
The redirect URI parameter for any client using the grant type “Authorization Code” is highly recommended. By defining a redirect URI, it helps lock down what domain can use the authorization flow. Due to the nature of request not using signatures like OAuth 1.0a, it can be possible to create a vulnerability in the authorization flow.
Always use a Redirect URI for public-facing environments.