The answer to you question about my solutions of this problem will be and YES and NO. I can tell YES because My application is working for now with OAuth2 authorisation. My solution is a using URL scheme for application. This schemes are using when you need to open your application from the other application or from the email. I'm setting as a redirect url my url scheme. When my application received redirect url My application gets correct token. Also I can tell NO because the url scheme is not a best solution. I think can be done more universal solution for this.