diff --git a/google_auth_oauthlib/flow.py b/google_auth_oauthlib/flow.py
index f55a023..c5d8bce 100644
--- a/google_auth_oauthlib/flow.py
+++ b/google_auth_oauthlib/flow.py
@@ -379,6 +379,7 @@ def run_local_server(
         redirect_uri_trailing_slash=True,
         timeout_seconds=None,
         token_audience=None,
+        browser=None,
         **kwargs
     ):
         """Run the flow using the server strategy.
@@ -416,6 +417,8 @@ def run_local_server(
             token_audience (str): Passed along with the request for an access
                 token. Determines the endpoints with which the token can be
                 used. Optional.
+            browser (str): specify which browser to open for authentication. If not
+                specified this defaults to default browser.
             kwargs: Additional keyword arguments passed through to
                 :meth:`authorization_url`.
 
@@ -437,7 +440,8 @@ def run_local_server(
         auth_url, _ = self.authorization_url(**kwargs)
 
         if open_browser:
-            webbrowser.open(auth_url, new=1, autoraise=True)
+            # if browser is None it defaults to default browser
+            webbrowser.get(browser).open(auth_url, new=1, autoraise=True)
 
         if authorization_prompt_message:
             print(authorization_prompt_message.format(url=auth_url))
diff --git a/tests/unit/test_flow.py b/tests/unit/test_flow.py
index 103bffd..3e61fcd 100644
--- a/tests/unit/test_flow.py
+++ b/tests/unit/test_flow.py
@@ -304,7 +304,7 @@ def test_run_local_server(self, webbrowser_mock, instance, mock_fetch_token, por
         assert credentials.token == mock.sentinel.access_token
         assert credentials._refresh_token == mock.sentinel.refresh_token
         assert credentials.id_token == mock.sentinel.id_token
-        assert webbrowser_mock.open.called
+        assert webbrowser_mock.get().open.called
         assert instance.redirect_uri == f"http://localhost:{port}/"
 
         expected_auth_response = auth_redirect_url.replace("http", "https")
@@ -343,7 +343,7 @@ def test_run_local_server_audience(
         assert credentials.token == mock.sentinel.access_token
         assert credentials._refresh_token == mock.sentinel.refresh_token
         assert credentials.id_token == mock.sentinel.id_token
-        assert webbrowser_mock.open.called
+        assert webbrowser_mock.get().open.called
         assert instance.redirect_uri == f"http://localhost:{port}/"
 
         expected_auth_response = auth_redirect_url.replace("http", "https")
@@ -385,7 +385,7 @@ def test_run_local_server_code_verifier(
         assert credentials.token == mock.sentinel.access_token
         assert credentials._refresh_token == mock.sentinel.refresh_token
         assert credentials.id_token == mock.sentinel.id_token
-        assert webbrowser_mock.open.called
+        assert webbrowser_mock.get().open.called
         assert instance.redirect_uri == f"http://localhost:{port}"
 
         expected_auth_response = auth_redirect_url.replace("http", "https")
@@ -410,7 +410,7 @@ def assign_last_request_uri(host, port, wsgi_app, **kwargs):
 
         instance.run_local_server(open_browser=False)
 
-        assert not webbrowser_mock.open.called
+        assert not webbrowser_mock.get().open.called
 
     @mock.patch("google_auth_oauthlib.flow.webbrowser", autospec=True)
     @mock.patch("wsgiref.simple_server.make_server", autospec=True)
@@ -426,7 +426,7 @@ def assign_last_request_uri(host, port, wsgi_app, **kwargs):
         my_ip = socket.gethostbyname(socket.gethostname())
         instance.run_local_server(bind_addr=my_ip, host="localhost")
 
-        assert webbrowser_mock.open.called
+        assert webbrowser_mock.get().open.called
         name, args, kwargs = make_server_mock.mock_calls[0]
         assert args[0] == my_ip