A METHOD AND SYSTEM TO PROVIDE SECURITY MECHANISM FOR PACKAGED WEB APPLICATIONS

摘要

Embodiments herein provide a method and system for authenticating a client application attempting to access a protected resource on a resource server. The method includes receiving a request to access the protected resource at an authorization server. The request is received from the client application authorized by a resource owner of the protected resource. Further, the method includes redirecting the request to the resource server using a redirect identifier corresponding to a redirect endpoint of the client application. The redirect identifier is intercepted by a web run time engine prior to the redirect. Furthermore, the method includes determining a match between the intercepted redirect identifier and a pre-assigned redirect identifier with the client application stored at the web run time engine to authenticate the client application prior to providing access to the protected resource. FIG. 3