Pro and Cons
Implicit grants improve the responsiveness and efficiency of some clients (such as a client implemented as an in-browser application), since it reduces the number of round trips required to obtain an access token. However, this convenience should be weighed against the security implications of using implicit grants, such as those described in Sections 10.3 and 10.16, especially when the authorization code grant type is available.
Because the access token is encoded into the redirection URI, it may be exposed to the resource owner and other applications residing on the same device.
ie sending the access token in the URL can be a security vulnerability. For example the token could be leaked through web server logs and or browser history.