Abstract: System comprising an authorisation server; a client device communicably coupled to the authorisation server and configured to execute an application program; and a remote server communicably coupled to the client device for providing an application feature to the application program. The application program is configured to, in response to receiving a user request to use an application feature: access a first private key; and transmit an access request signed with the first private key to the authorisation server. The authorisation server is configured to issue a signed security token signed with a second private key to the application program in response to receiving the signed access request. The signed security token has a finite lifetime within which the application program can access the requested application feature using the signed security token. The application program is configured to access the application feature from the remote server using the signed security token.

Abstract: System comprising an authorisation server; a client device communicably coupled to the authorisation server and configured to execute an application program; and a remote server communicably coupled to the client device for providing an application feature to the application program. The application program is configured to, in response to receiving a user request to use an application feature: access a first private key; and transmit an access request signed with the first private key to the authorisation server. The authorisation server is configured to issue a signed security token signed with a second private key to the application program in response to receiving the signed access request. The signed security token has a finite lifetime within which the application program can access the requested application feature using the signed security token. The application program is configured to access the application feature from the remote server using the signed security token.