It is presented a method for facilitating secure communication between a client device and an application server. The method comprises the steps of: receiving a client request from the client device, the client request comprising a first fully qualified domain name, FQDN, for the application server, and at least a portion being bound for the application server; forwarding the client request to the application server; receiving an application server response from the application server, the application server response indicating a need to provide authentication; obtaining an original context identifier from an authentication server; generating a modified context identifier based on the original context identifier and a client identifier, being an identifier of the client device; generating a client specific shared key based on the first FQDN, the client identifier and a shared key which is not specific to the client device; and providing the modified context identifier, the client specific shared key to the client device to use for authentication with the application server.