The token endpoint authentication method determines how PingOne authenticates applications at various endpoints, such as the token endpoint and the pushed authorization request endpoint.
For more information about token endpoint authentication methods, see Client Authentication in the OIDC specification. PingOne supports the following token endpoint authentication methods:
- CLIENT_SECRET_POST
- Include the client credentials in the HTTP request body.
- CLIENT_SECRET_BASIC
- Include the client credentials using the HTTP Basic authentication scheme.