Can we have condition for grant type in client policies? This will allow to handle use-cases like:

• Reject token-exchange request if scope=foo was requested for any requester client with client-role bar (Condition for grant would be used together with conditions for scope and condition for client-role). Note that client policies are not yet available for token-exchange (Related issue is Add client-policies support to token-exchange #37122 ), so that would be another pre-requisite to handle this use-case specifically for token-exchange