diff --git a/eladmin-system/src/main/java/cn/ysk/cashier/config/security/config/SpringSecurityConfig.java b/eladmin-system/src/main/java/cn/ysk/cashier/config/security/config/SpringSecurityConfig.java
index 513949f0..7d9da724 100644
--- a/eladmin-system/src/main/java/cn/ysk/cashier/config/security/config/SpringSecurityConfig.java
+++ b/eladmin-system/src/main/java/cn/ysk/cashier/config/security/config/SpringSecurityConfig.java
@@ -137,6 +137,7 @@ public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
                 // 所有类型的接口都放行
                 .antMatchers(anonymousUrls.get(RequestMethodEnum.ALL.getType()).toArray(new String[0])).permitAll()
                 .antMatchers("/auth/appletsLogin").permitAll()
+                .antMatchers("/api/tbHandover").permitAll()
                 // 所有请求都需要认证
                 .anyRequest().authenticated()
                 .and().apply(securityConfigurerAdapter());