OAuth Specs - OAuth.CloudBook.wiki

Features	Version	Description
Standards	1.1~	RFC 6749: The OAuth 2.0 Authorization Framework RFC 6750: The OAuth 2.0 Authorization Framework: Bearer Token Usage RFC 7009: OAuth 2.0 Token Revocation RFC 7636: Proof Key for Code Exchange by OAuth Public Clients RFC 7662: OAuth 2.0 Token Introspection OAuth 2.0 Multiple Response Type Encoding Practices OAuth 2.0 Form Post Response Mode OpenID Connect Core 1.0 OpenID Connect Discovery 1.0
	2.0~	RFC 7523: JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants RFC 8705: OAuth 2.0 Mutual TLS Client Authentication and Certificate Bound Access Tokens Financial-grade API - Part 1: Read-Only API Security Profile Financial-grade API - Part 2: Read and Write API Security Profile UK Open Banking Security Profile
	2.1~	RFC 7591: OAuth 2.0 Dynamic Client Registration Protocol RFC 7592: OAuth 2.0 Dynamic Client Registration Management Protocol RFC 8628: OAuth 2.0 Device Authorization Grant OpenID Connect Dynamic Client Registration 1.0 OpenID Connect Client Initiated Backchannel Authentication Flow - Core 1.0 Financial-grade API: JWT Secured Authorization Response Mode for OAuth 2.0 (JARM) Financial-grade API: Client Initiated Backchannel Authentication Profile
	2.2~	RFC 8707: Resource Indicators for OAuth 2.0 RFC 9101: The OAuth 2.0 Authorization Framework: JWT-Secured Authorization Request (JAR) RFC 9126: OAuth 2.0 Pushed Authorization Requests RFC 9207: OAuth 2.0 Authorization Server Issuer Identification OAuth 2.0 Rich Authorization Requests OAuth 2.0 Demonstration of Proof-of-Possession at the Application Layer (DPoP) OpenID Connect for Identity Assurance 1.0 Australia Consumer Data Right Security Profile Open Banking Brasil Financial-grade API Security Profile
	2.3~	RFC 8693: OAuth 2.0 Token Exchange Grant Management for OAuth 2.0 Transformed Claims
Client Authentication Methods	1.1 ~	`none` `client_secret_basic` (RFC 6749) `client_secret_post` (RFC 6749)
Client Authentication Methods	2.0 ~	`client_secret_jwt` (RFC 7523) `private_key_jwt` (RFC 7523) `tls_client_auth` (RFC 8705) `self_signed_tls_client_auth` (RFC 8705)
Endpoints	1.1 ~	Authorization Endpoint (RFC 6749) Discovery Endpoint (OIDC Discovery 1.0) Introspection Endpoint (RFC 7662) JWK Set Endpoint (RFC 7517) Revocation Endpoint (RFC 7009) Token Endpoint (RFC 6749) UserInfo Endpoint (OIDC Core 1.0)
	2.1 ~	Backchannel Authentication Endpoint (CIBA Core 1.0) Device Authorization Endpoint (RFC 8628)
	2.2 ~	Pushed Authorization Request Endpoint (RFC 9126)
	2.3 ~	Grant Management Endpoint
Grant Types	1.1 ~	`authorization_code` (RFC 6749) `implicit` (RFC 6749) `password` (RFC 6749) `client_credentials` (RFC 6749) `refresh` (RFC 6749)
	2.1 ~	`urn:openid:params:grant-type:ciba` (CIBA Core) `urn:ietf:params:oauth:grant-type:device_code` (RFC 8628)
	2.3 ~	`urn:ietf:params:oauth:grant-type:token-exchange` (RFC 8693)
Response Types	1.1 ~	`code` (RFC 6749) `token` (RFC 6749) `id_token` (Multiple Response Type) `code token` (Multiple Response Type) `code id_token` (Multiple Response Type) `id_token token` (Multiple Response Type) `code id_token token` (Multiple Response Type) `none` (Multiple Response Type)
Response Modes	1.1 ~	`query` (Multiple Response Type) `fragment` (Multiple Response Type) `form_post` (Form Post Response Mode)
Response Modes	2.1 ~	`jwt` (JARM) `query.jwt` (JARM) `fragment.jwt` (JARM) `form_post.jwt` (JARM)
Signature Algorithms	1.1 ~	`HS256` `HS384` `HS512` `RS256` `RS384` `RS512` `ES256` `ES384` `ES512` `PS256` `PS384` `PS512` `none`
Encryption Algorithms	1.1 ~	`RSA1_5` `RSA-OAEP` `RSA-OAEP-256` `A128KW` `A192KW` `A256KW` `dir` `ECDH-ES` `ECDH-ES+A128KW` `ECDH-ES+A192KW` `ECDH-ES+A256KW` `A128GCMKW` `A192GCMKW` `A1256GCMKW` `PBES2-HS256+A128KW` `PBES2-HS384+A192KW` `PBES2-HS512+A256KW`
Encryption Methods	1.1 ~	`A128CBC-HS256` `A192CBC-HS384` `A256CBC-HS512` `A128GCM` `A192GCM` `A256GCM`

Reference:
https://oauth.net/2/ - OAuth 2.0 — OAuth
https://www.authlete.com/pt/legal/spec_sheet/ - Spec Sheet - Authlete