diff --git a/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/auth/InlongShiroImpl.java b/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/auth/InlongShiroImpl.java
index 4753d9ee8c4..620e8a5bbf6 100644
--- a/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/auth/InlongShiroImpl.java
+++ b/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/auth/InlongShiroImpl.java
@@ -77,7 +77,7 @@ public class InlongShiroImpl implements InlongShiro {
     @Autowired
     private InlongTenantService tenantService;
 
-    @Value("${openapi.auth.enabled:false}")
+    @Value("${openapi.auth.enabled:true}")
     private Boolean openAPIAuthEnabled;
 
     @Override
diff --git a/inlong-manager/manager-web/src/main/resources/application.properties b/inlong-manager/manager-web/src/main/resources/application.properties
index 8042e37f062..2b68f7bd10d 100644
--- a/inlong-manager/manager-web/src/main/resources/application.properties
+++ b/inlong-manager/manager-web/src/main/resources/application.properties
@@ -58,7 +58,7 @@ inlong.encrypt.version=1
 inlong.encrypt.key.value1="I!N@L#O$N%G^"
 
 # Clients (e.g. agent and dataproxy) must be authenticated by secretId and secretKey if turned on
-openapi.auth.enabled=false
+openapi.auth.enabled=true
 
 # Audit view by role, see audit id definitions: https://inlong.apache.org/docs/modules/audit/overview#audit-id
 audit.admin.ids=3,4,5,6
diff --git a/inlong-manager/manager-web/src/test/resources/application.properties b/inlong-manager/manager-web/src/test/resources/application.properties
index ad0cbd182d8..8cc492af077 100644
--- a/inlong-manager/manager-web/src/test/resources/application.properties
+++ b/inlong-manager/manager-web/src/test/resources/application.properties
@@ -59,4 +59,4 @@ inlong.encrypt.version=1
 inlong.encrypt.key.value1="I!N@L#O$N%G^"
 
 # clients (e.g. agent and dataproxy) must be authenticated by secretId and secretKey if turned on
-openapi.auth.enabled=false
+openapi.auth.enabled=true