Clarification Needed on Authorization Type in Source, Domain, and Forest Settings

I’m currently configuring a new implementation and am a bit puzzled by the “Authorization Type” option available in the Source settings, Domain settings, and Forest settings. I’ve noticed that this option is critical for ensuring the correct access control, but the documentation hasn’t been very clear on the nuances between these settings.

Could anyone provide insights or examples on how the Authorization Type affects these different settings?
When there are simple or basic options?
Any clarification on the best practices or typical configurations used would be immensely helpful.