diff --git a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/YudaoWebSecurityConfigurerAdapter.java b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/YudaoWebSecurityConfigurerAdapter.java
index ad4d4c40..ead7aa2d 100644
--- a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/YudaoWebSecurityConfigurerAdapter.java
+++ b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/YudaoWebSecurityConfigurerAdapter.java
@@ -129,7 +129,7 @@ public class YudaoWebSecurityConfigurerAdapter {
                 .authorizeRequests()
                 // 1.1 静态资源，可匿名访问
                 .antMatchers(HttpMethod.GET, "/*.html", "/**/*.html", "/**/*.css", "/**/*.js").permitAll()
-                .antMatchers(HttpMethod.POST, "/admin-api/rescue/login", "/admin-api/rescue/loginApp", "/admin-api/rescue/driverLogin").anonymous()
+                .antMatchers(HttpMethod.POST, "/admin-api/rescue/login", "/admin-api/rescue/loginApp","/admin-api/system/auth/loginApp", "/admin-api/rescue/driverLogin").anonymous()
                 // 1.2 设置 @PermitAll 无需认证
                 .antMatchers(HttpMethod.GET, permitAllUrls.get(HttpMethod.GET).toArray(new String[0])).permitAll()
                 .antMatchers(HttpMethod.POST, permitAllUrls.get(HttpMethod.POST).toArray(new String[0])).permitAll()