diff --git a/internal/api/user.go b/internal/api/user.go
index baea8fed3..67c042ea4 100644
--- a/internal/api/user.go
+++ b/internal/api/user.go
@@ -84,7 +84,13 @@ func (u *UserApi) GetUsersOnlineStatus(c *gin.Context) {
 		reply, err := msgClient.GetUsersOnlineStatus(c, &req)
 		if err != nil {
 			log.ZWarn(c, "GetUsersOnlineStatus rpc err", err)
-			continue
+
+			parseError := apiresp.ParseError(err)
+			log.ZDebug(c, "errcode bantanger", "errcode", parseError.ErrCode)
+			if parseError.ErrCode == errs.NoPermissionError {
+				apiresp.GinError(c, err)
+				return
+			}
 		} else {
 			wsResult = append(wsResult, reply.SuccessResult...)
 		}
diff --git a/internal/msggateway/hub_server.go b/internal/msggateway/hub_server.go
index 6d852515c..deb8c3d77 100644
--- a/internal/msggateway/hub_server.go
+++ b/internal/msggateway/hub_server.go
@@ -16,8 +16,9 @@ package msggateway
 
 import (
 	"context"
-
 	"github.com/OpenIMSDK/Open-IM-Server/pkg/common/db/cache"
+	"github.com/OpenIMSDK/Open-IM-Server/pkg/common/tokenverify"
+	"github.com/OpenIMSDK/Open-IM-Server/pkg/errs"
 
 	"google.golang.org/grpc"
 
@@ -82,6 +83,9 @@ func (s *Server) GetUsersOnlineStatus(
 	ctx context.Context,
 	req *msggateway.GetUsersOnlineStatusReq,
 ) (*msggateway.GetUsersOnlineStatusResp, error) {
+	if !tokenverify.IsAppManagerUid(ctx) {
+		return nil, errs.ErrNoPermission.Wrap("only app manager")
+	}
 	var resp msggateway.GetUsersOnlineStatusResp
 	for _, userID := range req.UserIDs {
 		clients, ok := s.LongConnServer.GetUserAllCons(userID)