I'm working on projects that use both .NET Framework and .NET Core using ID Server 3/4 respectfully (and of course separately) and I have become aware of the Implicit flow and how it works for Javascript clients. I do notice that it uses cookies and I think that is why a lot of redirects are happening, etc.
But in hindsight, it made me wonder if that would have a previous project better if we had known about Implicit flow then but without the use of cookies and just relying on session storage. Would that have been possible?
Using the implicit flow doesn't mean you are forced to use cookies to store user data/tokens.
Yes, for an implicit client you could store the tokens in session storage. This is the default for popular client libraries such as oidc-client.
Just be aware that with this approach user data and tokens are visible to the browser, the user, and any other JS running in your site.