...
List of allowed grant types for client. It is recommended to list here the grant types the application specifically requires.
When this parameter is not defined, the default is to allow the following grant types: "authorization_code", "password", "refresh_token", and SMS-MT-OTP and SMTP-OTP grant. Exception: if "token_endpoint_auth_method" value "none" has been specified then only "authorization_code" grant type is allowed by default.
Specify empty list "[]" to disable all grant types.
...