That spec doesn’t indicate case sensitivity. According to that spec, “The parameters in the successful response are defined in Section 4.1.4 of OAuth 2.0 [RFC6749]”, which states:
token_type
REQUIRED. The type of the token issued as described in
Section 7.1. Value is case insensitive.
i see from the OIDC specification (as well as the examples) indicate ‘Bearer’…:
The OAuth 2.0 token_type response parameter value MUST be Bearer, as specified in OAuth 2.0 Bearer Token Usage [RFC6750], unless another Token Type has been negotiated with the Client.
Need to cross check with the OAuth 2.0 specification too…!