OAuth Flows Allowed by Grant and Client Types

The following table shows the OAuth flows allowed by grant type and client type (including application type). The table also indicates support for refresh tokens.

Grant Type Public Application Type Confidential Application Type Refresh Token Support
Implicit Yes No No
Client Credentials No Yes No
ROPC Yes Yes Yes