diff --git a/src/OpenIddict.Core/Infrastructure/OpenIddictProvider.Authentication.cs b/src/OpenIddict.Core/Infrastructure/OpenIddictProvider.Authentication.cs
index 324606d1..45f30d3e 100644
--- a/src/OpenIddict.Core/Infrastructure/OpenIddictProvider.Authentication.cs
+++ b/src/OpenIddict.Core/Infrastructure/OpenIddictProvider.Authentication.cs
@@ -243,14 +243,16 @@ namespace OpenIddict.Infrastructure {
                 return;
             }
 
-            // To prevent downgrade attacks, ensure that authorization requests using the hybrid/implicit
-            // flow are rejected if the client identifier corresponds to a confidential application.
-            // Note: when using the authorization code grant, ValidateTokenRequest is responsible of
-            // rejecting the token request if the client_id corresponds to an unauthenticated confidential client.
-            if (await services.Applications.IsPublicAsync(application) && !context.Request.IsAuthorizationCodeFlow()) {
+            // To prevent downgrade attacks, ensure that authorization requests returning an access token directly
+            // from the authorization endpoint are rejected if the client_id corresponds to a confidential application.
+            // Note: when using the authorization code grant, ValidateTokenRequest is responsible of rejecting
+            // the token request if the client_id corresponds to an unauthenticated confidential client.
+            if (await services.Applications.IsConfidentialAsync(application) &&
+                context.Request.HasResponseType(OpenIdConnectConstants.ResponseTypes.Token)) {
                 context.Reject(
                     error: OpenIdConnectConstants.Errors.InvalidRequest,
-                    description: "Confidential clients can only use response_type=code.");
+                    description: "Confidential clients are not allowed to retrieve " +
+                                 "an access token from the authorization endpoint.");
 
                 return;
             }