A server application can serve a web application to a client device as a client web application from a web application host. The server application can be a secure HTTPS website. The web application on the client device can provide a token over a local network using a HTTP request to a target device on the local network. The token is associated with a secure area of a remote repository. Having received the one or more tokens, the target device can indicate that a link has been established to the secure area by writing to or reading from the secure area as the server application informs the client web application executing in a browser at a client device of the read/write. The target device and client web application can then communicate via the secure area, for example, to store or retrieve data associated with a user.