Authentication Scheme Name,Reference,Notes
Basic,[RFC7617],
Bearer,[RFC6750],
Concealed,[RFC9729],
Digest,[RFC7616],
DPoP,"[RFC9449, Section 7.1]",
GNAP,"[RFC9635, Section 7.2]",
HOBA,"[RFC7486, Section 3]","The HOBA scheme can be used with either HTTP
   servers or proxies.  When used in response to a 407 Proxy
   Authentication Required indication, the appropriate proxy
   authentication header fields are used instead, as with any other HTTP
   authentication scheme."
Mutual,[RFC8120],
Negotiate,"[RFC4559, Section 3]",This authentication scheme violates both HTTP semantics (being connection-oriented) and syntax (use of syntax incompatible with the WWW-Authenticate and Authorization header field syntax).
OAuth,"[RFC5849, Section 3.5.1]",
PrivateToken,"[RFC9577, Section 2]",
SCRAM-SHA-1,[RFC7804],
SCRAM-SHA-256,[RFC7804],
vapid,"[RFC 8292, Section 3]",