diff --git a/clientapi/routing/login.go b/clientapi/routing/login.go
index b440948c4..b6e984bf0 100644
--- a/clientapi/routing/login.go
+++ b/clientapi/routing/login.go
@@ -42,30 +42,21 @@ type flow struct {
 	Type string `json:"type"`
 }
 
-func passwordLogin() flows {
-	f := flows{}
-	f.Flows = append(f.Flows, flow{
-		Type: authtypes.LoginTypePassword,
-	})
-
-	// TODO: Add config option to disable
-	f.Flows = append(f.Flows, flow{
-		Type: authtypes.LoginTypeApplicationService,
-	})
-
-	return f
-}
-
 // Login implements GET and POST /login
 func Login(
 	req *http.Request, userAPI userapi.ClientUserAPI,
 	cfg *config.ClientAPI,
 ) util.JSONResponse {
 	if req.Method == http.MethodGet {
-		// TODO: support other forms of login other than password, depending on config options
+		// TODO: support other forms of login, depending on config options
 		return util.JSONResponse{
 			Code: http.StatusOK,
-			JSON: passwordLogin(),
+			JSON: flows{
+				Flows: []flow{
+					{Type: authtypes.LoginTypePassword},
+					{Type: authtypes.LoginTypeApplicationService},
+				},
+			},
 		}
 	} else if req.Method == http.MethodPost {
 		login, cleanup, authErr := auth.LoginFromJSONReader(req, userAPI, userAPI, cfg)
diff --git a/clientapi/routing/login_test.go b/clientapi/routing/login_test.go
index bff676826..bb531a1d7 100644
--- a/clientapi/routing/login_test.go
+++ b/clientapi/routing/login_test.go
@@ -113,6 +113,39 @@ func TestLogin(t *testing.T) {
 
 		ctx := context.Background()
 
+		t.Run("Supported log-in flows are returned", func(t *testing.T) {
+			req := test.NewRequest(t, http.MethodGet, "/_matrix/client/v3/login")
+			rec := httptest.NewRecorder()
+			base.PublicClientAPIMux.ServeHTTP(rec, req)
+			if rec.Code != http.StatusOK {
+				t.Fatalf("failed to get log-in flows: %s", rec.Body.String())
+			}
+
+			t.Logf("response: %s", rec.Body.String())
+			resp := flows{}
+			if err := json.Unmarshal(rec.Body.Bytes(), &resp); err != nil {
+				t.Fatal(err)
+			}
+
+			appServiceFound := false
+			passwordFound := false
+			for _, flow := range resp.Flows {
+				if flow.Type == "m.login.password" {
+					passwordFound = true
+				} else if flow.Type == "m.login.application_service" {
+					appServiceFound = true
+				} else {
+					t.Fatalf("got unknown login flow: %s", flow.Type)
+				}
+			}
+			if !appServiceFound {
+				t.Fatal("m.login.application_service missing from login flows")
+			}
+			if !passwordFound {
+				t.Fatal("m.login.password missing from login flows")
+			}
+		})
+
 		for _, tc := range testCases {
 			t.Run(tc.name, func(t *testing.T) {
 				req := test.NewRequest(t, http.MethodPost, "/_matrix/client/v3/login", test.WithJSONBody(t, map[string]interface{}{