Compass, mongosh and VSCode provide options to run a custom command as the browser for OIDC Database Auth with Authorization Code Flow. We may want to tweak this option:

• On the one hand, this has been raised as an (informational) point in a recent pentest of the MongoDB OIDC feature as a potential way for attackers to run custom scripts, by being able to override the configuration files used for these products. While this already requires access to the local user account and does not fundamentally grant new capabilities, it can be a way to "hide" attack scripts.
• On the other hand, TS has mentioned that users may want to manually open the link even in the Auth Code Flow case, as using a custom browser may not be sufficient to provide them with the desired behavior (e.g.: user may want to open the link in an incognito tab rather than the default browser).

We're probably not going to want to remove this option entirely, as it is almost a prerequisite for testing.

This probably needs some sort of design input.