diff --git a/src/client/AutherClient.js b/src/client/AutherClient.js
index 3e7caa1..0a666a0 100644
--- a/src/client/AutherClient.js
+++ b/src/client/AutherClient.js
@@ -10,6 +10,7 @@ export class AutherClient {
   #REVOKE_PATH = "/tokens/revoke"
   #REFRESH_PATH = "/tokens/refresh"
   #LOGIN_PATH = "/login"
+  #DISPOSABLE_TOKEN_PATH = "/tokens/disposable"
 
   constructor ({ redirectUri, autherUrl, http, appcode, logger }) {
     this.redirectUri = redirectUri
@@ -124,4 +125,16 @@ export class AutherClient {
 
     this.#scheduleTokensRefreshing({ getTokens, saveTokens })
   }
+
+  fetchDisposableTokensById = async ({ id }) => {
+    if (!id) {
+      throw new Error("invalid.auther_id")
+    }
+
+    return await this.http({
+      path: this.#DISPOSABLE_TOKEN_PATH,
+      query: { id },
+      method: "GET",
+    })
+  }
 }
diff --git a/src/lib/http.js b/src/lib/http.js
index 3206b7d..b5c27ca 100644
--- a/src/lib/http.js
+++ b/src/lib/http.js
@@ -1,5 +1,5 @@
-export const doFetch = url => params => {
-  const { path, body, method = "POST", headers = "" } = params
+export const doFetch = baseUrl => params => {
+  const { path, body, query, method = "POST", headers = "" } = params
 
   const buildHeaders = () => {
     const defaultHeaders = {
@@ -19,11 +19,18 @@ export const doFetch = url => params => {
     return JSON.stringify(body)
   }
 
-  const buildUrl = () => {
-    return new URL(path, url).toString()
+  const buildUrl = (query) => {
+    const url = new URL(path, baseUrl)
+
+    if (query) {
+      const params = new URLSearchParams(query)
+      url.search = params.toString()
+    }
+    
+    return url.toString()
   }
 
-  const requestUrl = buildUrl()
+  const requestUrl = buildUrl(query)
   const requestHeaders = buildHeaders()
   const requestBody = buildBody()