I’ll echo the question with regards to what is your use case and what type of application (SPA, web, etc.) are you using?
The token endpoint authentication method determines how a client authenticates with the token endpoint - The ‘none’ method is essential for applications where storing credentials isn’t feasible (public clients). Other security mechanisms like PKCE and strict redirect URI validation are used to ensure the security of the OAuth flow.