Disallowed in practice for any security-bearing token. Many libraries reject it by default; clients MUST NOT accept it without explicit opt-in.

Vulnerable to Bleichenbacher-style attacks; prefer self::RSA_OAEP_256.

Provides no protection against a passive observer intercepting the authorization response. RFC 7636 requires servers to support self::S256 and only allows plain for clients that cannot perform SHA-256. Modern clients MUST use self::S256.

Disallowed by OAuth 2.1 and RFC 9700 (Security BCP). Exposes user credentials to the client and prevents multi-factor authentication. Kept for legacy interoperability only; prefer self::AUTHORIZATION_CODE with PKCE.

Removed by OAuth 2.1 and disallowed by RFC 9700 (Security BCP) because of access-token leakage via redirect URIs and browser history. Use self::AUTHORIZATION_CODE with PKCE instead.

Disallowed by OAuth 2.1 and RFC 9700 (Security BCP). Use self::CODE with PKCE instead.

Like self::TOKEN, the implicit flow is discouraged by RFC 9700.

The MAC token type IETF draft has expired and is not a published RFC. Exposed only for completeness; prefer self::DPOP for sender-constrained tokens.