Inter-application delegated authentication

What is claimed is: 1. A method comprising: launching a first application at a client device; transmitting, by the first application using a first instance of an authentication engine, a primary authentication request of the first application to an authentication server, the primary authentication request including an application identifier of the first application and a device identifier of the client device; receiving, from the server, an instruction to use a particular second application on the client device to continue authentication, the instruction including a first cryptographic nonce; in response to the instruction, transmitting an inter-application authentication request to the second application using the first instance of the authentication engine; transmitting, by the second application using a second instance of the authentication engine, a verification request to the authentication server; receiving, from the server, an instruction to authorize the first application, the instruction including a second cryptographic nonce; transmitting, by the first application, a secondary authentication request using the second cryptographic nonce; and receiving, from the server, an access token and keys for the first application. 2. The method of claim 1 , wherein the primary authentication request includes a hashed identifier of the first application using a last received nonce from the server as a hash key. 3. The method of claim 2 , wherein the instruction to launch the second application is received in response to authentication server validation of the primary authentication request based on the hashed identifier. 4. The method of claim 1 , wherein the inter-application authentication request includes the first cryptographic nonce received from the server. 5. The method of claim 1 , wherein the second application is a trusted application that was previously authenticated by the authentication server. 6. The method of claim 5 , wherein the identifier of the first application transmitted with the verification request is hashed using the first nonce and the verification request is signed using a private key of the second application. 7. The method of claim 1 , wherein in response to receiving the instruction to authorize the first application, the second application transmits the second nonce to the first application using an inter-application communication provided by the second instance of the authentication engine. 8. The method of claim 7 , wherein transmitting the second authentication request includes generating a hash of the application identifier of the first application using the second nonce and including the hash in the second authentication request. 9. The method of claim 1 , wherein the first application uses the authentication token and the keys for subsequent communications that require the first application to be authenticated. 10. A system comprising one or more computers having one or more processors and one or more computer readable storage media, the one or more computer readable storage media storing instructions that when executed by the one or more processors cause the one or more computers to perform operations comprising: launching a first application at a client device; transmitting, by the first application using a first instance of an authentication engine, a primary authentication request of the first application to an authentication server, the primary authentication request including an application identifier of the first application and a device identifier of the client device; receiving, from the server, an instruction to use a particular second application on the client device to continue authentication, the instruction including a first cryptographic nonce; in response to the instruction, transmitting an inter-application authentication request to the second application using the first instance of the authentication engine; transmitting, by the second application using a second instance of the authentication engine, a verification request to the authentication server; receiving, from the server, an instruction to authorize the first application, the instruction including a second cryptographic nonce; transmitting, by the first application, a secondary authentication request using the second cryptographic nonce; and receiving, from the server, an access token and keys for the first application. 11. The system of claim 10 , wherein the primary authentication request includes a hashed identifier of the first application using a last received nonce from the server as a hash key. 12. The system of claim 11 , wherein the instruction to launch the second application is received in response to authentication server validation of the primary authentication request based on the hashed identifier. 13. The system of claim 10 , wherein the inter-application authentication request includes the first cryptographic nonce received from the server. 14. The system of claim 10 , wherein the second application is a trusted application that was previously authenticated by the authentication server. 15. The system of claim 14 , wherein the identifier of the first application transmitted with the verification request is hashed using the first nonce and the verification request is signed using a private key of the second application. 16. The system of claim 10 , wherein in response to receiving the instruction to authorize the first application, the second application transmits the second nonce to the first application using an inter-application communication provided by the second instance of the authentication engine. 17. The system of claim 16 , wherein transmitting the second authentication request includes generating a hash of the application identifier of the first application using the second nonce and including the hash in the second authentication request. 18. The system of claim 10 , wherein the first application uses the authentication token and the keys for subsequent communications that require the first application to be authenticated. 19. One or more non-transitory computer readable storage media, the one or more computer readable storage media storing instructions that when executed by one or more processors cause the one or more processors to perform operations comprising: launching a first application at a client device; transmitting, by the first application using a first instance of an authentication engine, a primary authentication request of the first application to an authentication server, the primary authentication request including an application identifier of the first application and a device identifier of the client device; receiving, from the server, an instruction to use a particular second application on the client device to continue authentication, the instruction including a first cryptographic nonce; in response to the instruction, transmitting an inter-application authentication request to the second application using the first instance of the authentication engine; transmitting, by the second application using a second instance of the authentication engine, a verification request to the authentication server; receiving, from the server, an instruction to authorize the first application, the instruction including a second cryptographic nonce; transmitting, by the first application, a secondary authentication request using the second cryptographic nonce; and receiving, from the server, an access token and for the first application. 20. The one o