diff --git a/packages/service/support/user/auth/controller.ts b/packages/service/support/user/auth/controller.ts
index ec3fa12e58..0609de3d61 100644
--- a/packages/service/support/user/auth/controller.ts
+++ b/packages/service/support/user/auth/controller.ts
@@ -1,8 +1,9 @@
-import type { UserAuthTypeEnum } from '@fastgpt/global/support/user/auth/constants';
+import { UserAuthTypeEnum } from '@fastgpt/global/support/user/auth/constants';
 import { MongoUserAuth } from './schema';
 import { i18nT } from '../../../../web/i18n/utils';
 import { mongoSessionRun } from '../../../common/mongo/sessionRun';
 import { UserError } from '@fastgpt/global/common/error/utils';
+import { z } from 'zod';
 
 export const addAuthCode = async ({
   key,
@@ -33,15 +34,13 @@ export const addAuthCode = async ({
   );
 };
 
-export const authCode = async ({
-  key,
-  type,
-  code
-}: {
-  key: string;
-  type: `${UserAuthTypeEnum}`;
-  code: string;
-}) => {
+const authCodeSchema = z.object({
+  key: z.string(),
+  type: z.enum(UserAuthTypeEnum),
+  code: z.string()
+});
+export const authCode = async (props: z.infer<typeof authCodeSchema>) => {
+  const { key, type, code } = authCodeSchema.parse(props);
   return mongoSessionRun(async (session) => {
     const result = await MongoUserAuth.findOne(
       {
diff --git a/projects/app/src/pages/api/support/openapi/health.ts b/projects/app/src/pages/api/support/openapi/health.ts
index ba825477b7..9b14631d77 100644
--- a/projects/app/src/pages/api/support/openapi/health.ts
+++ b/projects/app/src/pages/api/support/openapi/health.ts
@@ -1,19 +1,19 @@
 import type { ApiRequestProps, ApiResponseType } from '@fastgpt/service/type/next';
 import { NextAPI } from '@/service/middleware/entry';
 import type {
-  ApiKeyHealthParamsType,
   ApiKeyHealthResponseType
 } from '@fastgpt/global/openapi/support/openapi/api';
+import {
+  ApiKeyHealthParamsSchema
+} from '@fastgpt/global/openapi/support/openapi/api';
 import { MongoOpenApi } from '@fastgpt/service/support/openapi/schema';
 import { useIPFrequencyLimit } from '../../../../../../../packages/service/common/middle/reqFrequencyLimit';
 
-export type invalidBody = {};
-
 async function handler(
-  req: ApiRequestProps<invalidBody, ApiKeyHealthParamsType>,
+  req: ApiRequestProps,
   res: ApiResponseType<any>
 ): Promise<ApiKeyHealthResponseType> {
-  const { apiKey } = req.query;
+  const { apiKey } = ApiKeyHealthParamsSchema.parse(req.query);
   const apiKeyDoc = await MongoOpenApi.findOne({ apiKey }).lean();
 
   if (!apiKeyDoc) {