diff --git a/order-management-consumer/src/main/java/com/dxhy/order/consumer/openapi/api/InvoiceRestSDEnregy.java b/order-management-consumer/src/main/java/com/dxhy/order/consumer/openapi/api/InvoiceRestSDEnregy.java
index 43eecfc4..9c7f0526 100644
--- a/order-management-consumer/src/main/java/com/dxhy/order/consumer/openapi/api/InvoiceRestSDEnregy.java
+++ b/order-management-consumer/src/main/java/com/dxhy/order/consumer/openapi/api/InvoiceRestSDEnregy.java
@@ -1,20 +1,14 @@
 package com.dxhy.order.consumer.openapi.api;
 
 import com.alibaba.fastjson.JSONObject;
-import com.dxhy.order.baseservice.module.buyer.protocol.BuyerResponseV4BO;
-import com.dxhy.order.baseservice.module.buyer.protocol.GmfxxtbReqBO;
-import com.dxhy.order.baseservice.module.buyer.protocol.GmfxxtbRspBO;
-import com.dxhy.order.constant.OrderInfoContentEnum;
 import com.dxhy.order.consumer.openapi.protocol.AjaxResult;
-import com.dxhy.order.consumer.openapi.protocol.v4.ResponseV4BO;
-import com.dxhy.order.consumer.openapi.protocol.v4.grouptax.GroupTaxReqBO;
-import com.dxhy.order.consumer.openapi.protocol.v4.grouptax.GroupTaxRespBO;
 import com.dxhy.order.consumer.openapi.protocol.v6.sdenergy.*;
 import com.dxhy.order.consumer.openapi.service.ISDEnregyService;
 import com.dxhy.order.consumer.openapi.service.InterfaceServiceV3;
 import com.dxhy.order.consumer.utils.OpentextUtils;
 import com.dxhy.order.exception.OrderReceiveException;
 import com.dxhy.order.model.R;
+import com.dxhy.order.utils.HttpContextUtils;
 import com.dxhy.order.utils.JsonUtils;
 import lombok.SneakyThrows;
 import lombok.extern.slf4j.Slf4j;
@@ -22,12 +16,14 @@ import org.apache.commons.lang3.StringUtils;
 import org.apache.ibatis.annotations.Param;
 import org.apache.poi.ss.formula.functions.T;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.util.CollectionUtils;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.multipart.MultipartFile;
 
 import javax.annotation.Resource;
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
 import java.util.*;
 import java.util.function.Function;
 import java.util.stream.Collectors;
@@ -50,6 +46,15 @@ public class InvoiceRestSDEnregy {
     @Autowired
     private ISDEnregyService isdEnregyService;
 
+    @Value("${mdm.groupTaxCode.appKey}")
+    private String groupTaxCodeAppKey;
+
+    @Value("${mdm.buyer.appKey}")
+    private String buyerAppkey;
+
+    @Value("${mdm.user.appKey}")
+    private String userAppkey;
+
 
     /**
      * 客商同步接口
@@ -58,7 +63,8 @@ public class InvoiceRestSDEnregy {
      * @return
      */
     @PostMapping("/sync_buyer_message")
-    public String syncBuyerMessage(@RequestBody String requestBody) {
+    public String syncBuyerMessage(@RequestBody String requestBody, HttpServletResponse response) {
+        validateAppKey(buyerAppkey, response);
         String logUUID = UUID.randomUUID().toString();
         log.info("{}[MDM客商同步接口]，uuid:{},收到请求报文:{}", LOGGER_MSG, logUUID, requestBody);
         // 接收请求报文，然后进行入库
@@ -93,7 +99,8 @@ public class InvoiceRestSDEnregy {
      * @return
      */
     @PostMapping("/sync_group_tax")
-    public String syncMdmGroupTax(@RequestBody String requestBody) {
+    public String syncMdmGroupTax(@RequestBody String requestBody, HttpServletResponse response) {
+        validateAppKey(groupTaxCodeAppKey, response);
         String logUUID = UUID.randomUUID().toString();
         log.info("{}[MDM物料同步接口]，uuid:{},收到请求报文:{}", LOGGER_MSG, logUUID, requestBody);
         // 接收请求报文，然后进行入库
@@ -127,7 +134,8 @@ public class InvoiceRestSDEnregy {
      * @return
      */
     @PostMapping("/sync_user")
-    public String syncUser(@RequestBody String requestBody) {
+    public String syncUser(@RequestBody String requestBody, HttpServletResponse response) {
+        validateAppKey(userAppkey, response);
         String logUUID = UUID.randomUUID().toString();
         log.info("{}[MDM人员同步接口]，uuid:{},收到请求报文:{}", LOGGER_MSG, logUUID, requestBody);
         // 接收请求报文，然后进行入库
@@ -189,4 +197,19 @@ public class InvoiceRestSDEnregy {
         }
     }
 
+    /**
+     * 接口鉴权
+     *
+     * @param correctKey
+     */
+    @SneakyThrows
+    public void validateAppKey(String correctKey, HttpServletResponse response) {
+        HttpServletRequest request = HttpContextUtils.getHttpServletRequest();
+        String appKey = request.getHeader("appkey");
+        if (StringUtils.isEmpty(appKey) || !StringUtils.equals(appKey, correctKey)) {
+            // 返回401
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
+        }
+    }
+
 }