diff --git a/code/modules/mob/abstract/unauthed/login.dm b/code/modules/mob/abstract/unauthed/login.dm
index 49bf88f2312..1f1026b4ed2 100644
--- a/code/modules/mob/abstract/unauthed/login.dm
+++ b/code/modules/mob/abstract/unauthed/login.dm
@@ -3,6 +3,7 @@
 /mob/abstract/unauthed
 	authed = FALSE
 	var/token = ""
+	var/timeout_timer
 
 /mob/abstract/unauthed/New()
 	verbs -= typesof(/mob/verb)
@@ -21,10 +22,18 @@
 	if(!config.guests_allowed && config.webint_url && config.external_auth)
 		src.OpenForumAuthWindow()
 	show_browser(src, uihtml, "window=auth;size=300x300;border=0;can_close=0;can_resize=0;can_minimize=0;titlebar=1")
+	timeout_timer = addtimer(CALLBACK(src, .proc/timeout), 900, TIMER_STOPPABLE)
+
+/mob/abstract/unauthed/proc/timeout()
+	if (client)
+		to_chat(client, "Your login time has expired. Please relog and try again.")
+	qdel(client)
+	qdel(src)
 
 /mob/abstract/unauthed/proc/ClientLogin(var/newkey)
 	if(!client)
 		qdel(src)
+	deltimer(timeout_timer)
 	var/client/c = client
 	show_browser(src, null, "window=auth;")
 	client.verbs += typesof(/client/verb) // Let's return regular client verbs
diff --git a/code/modules/world_api/commands/misc.dm b/code/modules/world_api/commands/misc.dm
index 510634855b3..26688b51a9b 100644
--- a/code/modules/world_api/commands/misc.dm
+++ b/code/modules/world_api/commands/misc.dm
@@ -208,6 +208,38 @@
 	response = "Client has been authenticated sucessfully."
 	una.ClientLogin(queryparams["key"])
 
+// Authenticates client from external system
+/datum/topic_command/get_auth_client_ip
+	name = "get_auth_client_ip"
+	description = "Returns the IP of the client awaiting authentication, identified by the client token."
+	params = list(
+		"clienttoken" = list("name"="clienttoken","desc"="Token for identifying the unique client.","type"="str","req"=1),
+	)
+
+/datum/topic_command/get_auth_client_ip/run_command(queryparams)
+	if(!(queryparams["clienttoken"] in unauthed))
+		statuscode = 404
+		response = "Client with such token is not found."
+		return TRUE
+
+	var/mob/abstract/unauthed/una = unauthed[queryparams["clienttoken"]]
+
+	if(!istype(una) || !una.client)
+		statuscode = 500
+		response = "Something went horribly wrong."
+		return TRUE
+
+	if(!config.external_auth)
+		statuscode = 500
+		response = "External auth is disallowed."
+		del(una.client)
+		del(una)
+		return TRUE
+
+	statuscode = 200
+	response = "Got client IP sucessfully."
+	data = una.client.address
+
 // Updates external auth state
 /datum/topic_command/set_extenal_auth
 	name = "set_extenal_auth"
@@ -224,4 +256,4 @@
 	
 	statuscode = 200
 	response = "External authentication state has been updated sucessfully."
-	data = config.external_auth
\ No newline at end of file
+	data = config.external_auth