In contact with

Problem with authorization via VK API from the server?

I am developing a server side for a multiplayer game. There is a need to implement the entrance to the game through VK. I tried the following scheme:
1. The game client logs in and receives a token via OAuth (the question is which authorization method to choose Client authorization or Server authorization ), redirect_uri refers to the server with the game
2. The game client sends the token to the server, the server goes with the passed token to VK and trying to get information about the user.
But when I implemented such a scheme, a problem arose when a request is made from the north to the VK with a token received from the client, then the VK returns the following response

{"error":{"error_code":17,"error_msg":"Validation required: please open redirect_uri in browser 204211657","request_params":[{"key":"oauth","value":"1"},{"key":"method","value":"users.get"},{"key":"v","value":"5.44"}],"redirect_uri":"https://m.vk.com/login?act=security_check&api_hash=93...28"}},

it does not matter what method (server or client) of authorization is used to obtain a token on the client, the answer is the same. After clicking on the link specified in the response from VK and passing validation (by entering the phone number and code from SMS) on the client, the server again tries to get information about the user from VK and receives the same response with error 17.
Please tell me how, everything Still, it is correct to organize authorization through VK? What actions should be carried out on the server and what on the client?