diff --git a/UPDATE_LOG.md b/UPDATE_LOG.md
index 61aaea1688..dd02e0ebf5 100644
--- a/UPDATE_LOG.md
+++ b/UPDATE_LOG.md
@@ -25,6 +25,7 @@
 * 增加 solon-admin-server 对 basic auth 配置的支持
 * 增加 solon-admin-server 对 uiPath 配置的支持
 * 增加 solon-admin-client 与 server 一起使用时，自动识别 serverUrl
+* 增加 solon-admin-client 增加 token 访问控制
 * 调整 solon-admin-client ，元信息改为 solon.app 的内容；server 监视日志改为 trace 级别
 * 调整 solon.docs 的控制器启动，转到 solon-openapi2-knife4j。方便不同的框架定制自己的服务
 * 调整 "@Bean" 函数的 VarGather::requireRun 由 false 改为 true，只要过了条件检测必然运行
diff --git a/solon-projects/solon-tool/solon-admin-client/README.MD b/solon-projects/solon-tool/solon-admin-client/README.MD
index 28ebe137e6..62271f58ef 100644
--- a/solon-projects/solon-tool/solon-admin-client/README.MD
+++ b/solon-projects/solon-tool/solon-admin-client/README.MD
@@ -38,6 +38,7 @@ public class Main {
 solon.admin.client:
   enabled: true #是否启用 Solon Admin Client
   mode: "local" #模式：local 本地模式，cloud 云模式
+  token: "3C41D632-A070-060C-40D2-6D84B3C07094" #令牌：访问接口时需要
   serverUrl: "http://localhost:8080" #Solon Admin Server 实例地址
   connectTimeout: 5000 #连接超时，单位：毫秒
   readTimeout: 5000 #读取超时，单位：毫秒
diff --git a/solon-projects/solon-tool/solon-admin-client/src/main/java/org/noear/solon/admin/client/config/ClientProperties.java b/solon-projects/solon-tool/solon-admin-client/src/main/java/org/noear/solon/admin/client/config/ClientProperties.java
index 051d9f81a1..24e240ffbc 100644
--- a/solon-projects/solon-tool/solon-admin-client/src/main/java/org/noear/solon/admin/client/config/ClientProperties.java
+++ b/solon-projects/solon-tool/solon-admin-client/src/main/java/org/noear/solon/admin/client/config/ClientProperties.java
@@ -15,6 +15,8 @@ public class ClientProperties {
 
     private String mode = "local";
 
+    private String token = "3C41D632-A070-060C-40D2-6D84B3C07094";
+
     private String serverUrl = "http://localhost:8080";
 
     private long heartbeatInterval = 10 * 1000;
diff --git a/solon-projects/solon-tool/solon-admin-client/src/main/java/org/noear/solon/admin/client/controller/MonitorController.java b/solon-projects/solon-tool/solon-admin-client/src/main/java/org/noear/solon/admin/client/controller/MonitorController.java
index d9d5b97044..023c14ffe9 100644
--- a/solon-projects/solon-tool/solon-admin-client/src/main/java/org/noear/solon/admin/client/controller/MonitorController.java
+++ b/solon-projects/solon-tool/solon-admin-client/src/main/java/org/noear/solon/admin/client/controller/MonitorController.java
@@ -1,12 +1,11 @@
 package org.noear.solon.admin.client.controller;
 
+import org.noear.solon.admin.client.config.ClientProperties;
 import org.noear.solon.admin.client.data.Detector;
 import org.noear.solon.admin.client.services.ApplicationRegistrationService;
 import org.noear.solon.admin.client.services.MonitorService;
-import org.noear.solon.annotation.Controller;
-import org.noear.solon.annotation.Get;
-import org.noear.solon.annotation.Inject;
-import org.noear.solon.annotation.Mapping;
+import org.noear.solon.annotation.*;
+import org.noear.solon.core.handle.Context;
 
 import java.util.Collection;
 
@@ -17,8 +16,10 @@
  * @since 2.3
  */
 @Controller
-@Mapping("/api/monitor")
+@Mapping("/solon-admin/api/monitor")
 public class MonitorController {
+    @Inject
+    private ClientProperties properties;
 
     @Inject
     private MonitorService monitorService;
@@ -28,11 +29,17 @@ public class MonitorController {
 
     /**
      * 获取所有监视器信息
+     *
      * @return 所有监视器信息
      */
     @Get
-    @Mapping("/all")
-    public Collection<Detector> register() {
-        return monitorService.getMonitors();
+    @Mapping("/data")
+    public Collection<Detector> data(@Header("TOKEN") String token, Context ctx) {
+        if (properties.getToken().equals(token)) {
+            return monitorService.getMonitors();
+        } else {
+            ctx.status(401);
+            return null;
+        }
     }
 }
diff --git a/solon-projects/solon-tool/solon-admin-client/src/main/java/org/noear/solon/admin/client/data/Application.java b/solon-projects/solon-tool/solon-admin-client/src/main/java/org/noear/solon/admin/client/data/Application.java
index f34d636c75..2f68724af0 100644
--- a/solon-projects/solon-tool/solon-admin-client/src/main/java/org/noear/solon/admin/client/data/Application.java
+++ b/solon-projects/solon-tool/solon-admin-client/src/main/java/org/noear/solon/admin/client/data/Application.java
@@ -17,6 +17,8 @@ public class Application {
 
     private final String name;
 
+    private final String token;
+
     private String baseUrl;
 
     @ToString.Exclude
diff --git a/solon-projects/solon-tool/solon-admin-client/src/main/java/org/noear/solon/admin/client/services/ApplicationRegistrationService.java b/solon-projects/solon-tool/solon-admin-client/src/main/java/org/noear/solon/admin/client/services/ApplicationRegistrationService.java
index f1bdba723d..4f1019340e 100644
--- a/solon-projects/solon-tool/solon-admin-client/src/main/java/org/noear/solon/admin/client/services/ApplicationRegistrationService.java
+++ b/solon-projects/solon-tool/solon-admin-client/src/main/java/org/noear/solon/admin/client/services/ApplicationRegistrationService.java
@@ -35,6 +35,7 @@ public class ApplicationRegistrationService {
     private Application.ApplicationBuilder getApplicationBuilder() {
         return Application.builder()
                 .name(this.applicationName)
+                .token(properties.getToken())
                 .baseUrl(NetworkUtils.getHostAndPort());
     }
 
diff --git a/solon-projects/solon-tool/solon-admin-server/src/main/java/org/noear/solon/admin/server/data/Application.java b/solon-projects/solon-tool/solon-admin-server/src/main/java/org/noear/solon/admin/server/data/Application.java
index f5a53a0a98..c49713e96d 100644
--- a/solon-projects/solon-tool/solon-admin-server/src/main/java/org/noear/solon/admin/server/data/Application.java
+++ b/solon-projects/solon-tool/solon-admin-server/src/main/java/org/noear/solon/admin/server/data/Application.java
@@ -19,6 +19,8 @@ public class Application {
 
     private String name;
 
+    private String token;
+
     private String baseUrl;
 
     @ToString.Exclude
diff --git a/solon-projects/solon-tool/solon-admin-server/src/main/java/org/noear/solon/admin/server/services/ClientMonitorService.java b/solon-projects/solon-tool/solon-admin-server/src/main/java/org/noear/solon/admin/server/services/ClientMonitorService.java
index ddc8893ed6..934c10bf33 100644
--- a/solon-projects/solon-tool/solon-admin-server/src/main/java/org/noear/solon/admin/server/services/ClientMonitorService.java
+++ b/solon-projects/solon-tool/solon-admin-server/src/main/java/org/noear/solon/admin/server/services/ClientMonitorService.java
@@ -36,7 +36,8 @@ public class ClientMonitorService {
     public Collection<Detector> getMonitors(Application application) {
         val clientUrl = application.getBaseUrl().replaceAll("/+$", "");
         try (Response response = client.newCall(new Request.Builder()
-                .url(new URL(clientUrl + "/api/monitor/all"))
+                .url(new URL(clientUrl + "/solon-admin/api/monitor/data"))
+                .header("TOKEN", application.getToken())
                 .get()
                 .build()).execute()) {
             if (response.isSuccessful()) {