diff --git a/apps/jumpserver/api.py b/apps/jumpserver/api.py
index 6be2e4407..76192130f 100644
--- a/apps/jumpserver/api.py
+++ b/apps/jumpserver/api.py
@@ -17,9 +17,10 @@ from terminal.models import Session
 from terminal.utils import ComponentsPrometheusMetricsUtil
 from orgs.utils import current_org
 from common.permissions import IsOrgAdmin, IsOrgAuditor
-from common.utils import lazyproperty
+from common.utils import lazyproperty, get_request_ip
 from orgs.caches import OrgResourceStatisticsCache
 
+
 __all__ = ['IndexApi']
 
 
@@ -304,12 +305,21 @@ class HealthApiMixin(APIView):
             return False
         return True
 
+    def is_localhost(self):
+        ip = get_request_ip(self.request)
+        return ip in ['localhost', '127.0.0.1']
+
     def check_permissions(self, request):
-        if not self.is_token_right():
-            msg = 'Health check token error, ' \
-                  'Please set query param in url and same with setting HEALTH_CHECK_TOKEN. ' \
-                  'eg: $PATH/?token=$HEALTH_CHECK_TOKEN'
-            self.permission_denied(request, message={'error': msg}, code=403)
+        if self.is_token_right():
+            return
+        if self.is_localhost():
+            return
+        msg = ''' 
+        Health check token error, 
+        Please set query param in url and same with setting HEALTH_CHECK_TOKEN. 
+        eg: $PATH/?token=$HEALTH_CHECK_TOKEN
+        '''
+        self.permission_denied(request, message={'error': msg}, code=403)
 
 
 class HealthCheckView(HealthApiMixin):