A method for authenticating a client application by an authorization server is provided. In the method, the authorization server transmits a first redirect identifier assigned to a client application to a web runtime engine, in response to receiving a registering request to register with the authorization server of the client application; receives an access request to access a protected resource stored on a resource server by the client application: and transmits the access request to the resource server through the web runtime engine using a second redirect identifier corresponding to a redirect endpoint of the client application. The second redirect identifier is intercepted by the web runtime engine, and the protected resource is accessed by the client application based on a comparing result between the first redirect identifier and the second redirect identifier in the web runtime engine.