Abstract: A method for authenticating a client application by an authorization server is provided. In the method, the authorization server transmits a first redirect identifier assigned to a client application to a web runtime engine, in response to receiving a registering request to register with the authorization server of the client application; receives an access request to access a protected resource stored on a resource server by the client application: and transmits the access request to the resource server through the web runtime engine using a second redirect identifier corresponding to a redirect endpoint of the client application. The second redirect identifier is intercepted by the web runtime engine, and the protected resource is accessed by the client application based on a comparing result between the first redirect identifier and the second redirect identifier in the web runtime engine.

Abstract: A method for authenticating a client application attempting to access a protected resource on a resource server includes receiving a request to access the protected resource at an authorization server. The request is received from the client application authorized by a resource owner of the protected resource. Further, the method includes redirecting the request to the resource server using a redirect identifier corresponding to a redirect endpoint of the client application. The redirect identifier is intercepted by a web run time engine prior to the redirect. Furthermore, the method includes determining a match between the intercepted redirect identifier and a pre-assigned redirect identifier with the client application stored at the web run time engine to authenticate the client application prior to providing access to the protected resource.