diff --git a/epmet-module/epmet-common-service/common-service-server/src/main/java/com/epmet/service/impl/ExternalAppAuthServiceImpl.java b/epmet-module/epmet-common-service/common-service-server/src/main/java/com/epmet/service/impl/ExternalAppAuthServiceImpl.java
index 52b82011c9..283b7b41ef 100644
--- a/epmet-module/epmet-common-service/common-service-server/src/main/java/com/epmet/service/impl/ExternalAppAuthServiceImpl.java
+++ b/epmet-module/epmet-common-service/common-service-server/src/main/java/com/epmet/service/impl/ExternalAppAuthServiceImpl.java
@@ -29,6 +29,8 @@ public class ExternalAppAuthServiceImpl implements ExternalAppAuthService {
     @Autowired
     private ExternalAppSecretDao externalAppSecretDao;
 
+    private int diffMillins = 1000 * 60 * 5;
+
     @Override
     public ExternalAppAuthResultDTO auth(String appId, String token) {
         String secret;
@@ -47,6 +49,18 @@ public class ExternalAppAuthServiceImpl implements ExternalAppAuthService {
 
         String appIdIn = (String)claim.get("appId");
         String customerId = (String)claim.get("customerId");
+        Long timestamp = (Long)claim.get("ts");
+
+        //校验时间戳，允许5分钟误差
+        if (StringUtils.isAnyBlank(appIdIn, customerId) || timestamp == null) {
+            logger.error("access token不完整。{},{},{}", appIdIn, customerId, timestamp);
+            return fillAuthResult(false, "access token不完整。", null);
+        }
+
+        if (!validTimeStamp(timestamp)) {
+            logger.error("服务器存在时差过大，请求被拒绝", appId, appIdIn);
+            return fillAuthResult(false, "服务器存在时差过大，请求被拒绝", null);
+        }
 
         if (!appId.equals(appIdIn)) {
             logger.error("AppId不对应，token外部的:{}, token内部解析出来的:{}", appId, appIdIn);
@@ -55,6 +69,15 @@ public class ExternalAppAuthServiceImpl implements ExternalAppAuthService {
         return fillAuthResult(true, "解析成功", customerId);
     }
 
+    private boolean validTimeStamp(Long timestamp) {
+        long now = System.currentTimeMillis();
+//        System.out.println(new Date(timestamp));
+        if (Math.abs(now - timestamp) > diffMillins) {
+            return false;
+        }
+        return true;
+    }
+
     /**
      * 通过APP ID查询对应的秘钥
      * @param appId
diff --git a/epmet-module/epmet-common-service/common-service-server/src/main/java/com/epmet/utils/externalapp/ExtAppJwtTokenUtils.java b/epmet-module/epmet-common-service/common-service-server/src/main/java/com/epmet/utils/externalapp/ExtAppJwtTokenUtils.java
index 8ef9a4cde4..7355f867cd 100644
--- a/epmet-module/epmet-common-service/common-service-server/src/main/java/com/epmet/utils/externalapp/ExtAppJwtTokenUtils.java
+++ b/epmet-module/epmet-common-service/common-service-server/src/main/java/com/epmet/utils/externalapp/ExtAppJwtTokenUtils.java
@@ -76,7 +76,8 @@ public class ExtAppJwtTokenUtils {
     public static void genToken() {
         HashMap<String, Object> claim = new HashMap<>();
         claim.put("appId", "1");
-//        claim.put("customerId", "c1");
+        claim.put("customerId", "c1");
+        claim.put("ts", System.currentTimeMillis() - 1000 * 60 * 4);
 
         String abc = new ExtAppJwtTokenUtils().createToken(claim, "4a762660254c57996343f8ee42fbc0a6");
         System.out.println(abc);