diff --git a/api/app/controllers/service/memory_api_controller.py b/api/app/controllers/service/memory_api_controller.py
index 81aaa0c4..71b54f8c 100644
--- a/api/app/controllers/service/memory_api_controller.py
+++ b/api/app/controllers/service/memory_api_controller.py
@@ -20,11 +20,10 @@ async def get_memory_info():
     return success(data={}, msg="Memory API - Coming Soon")
 
 
-# /v1/memory/{resource_id}/chat
-@router.post("/{resource_id}/chat")
+# /v1/memory/chat
+@router.post("/chat")
 @require_api_key(scopes=["memory"])
 async def chat_with_agent_demo(
-    resource_id: uuid.UUID,
     request: Request,
     api_key_auth: ApiKeyAuth = None,
     db: Session = Depends(get_db),
@@ -36,13 +35,12 @@ async def chat_with_agent_demo(
     scopes: 所需的权限范围列表["app", "rag", "memory"]
 
     Args:
-        resource_id: 如果是应用的apikey传的是应用id; 如果是服务的apikey传的是工作空间id
         message: 请求参数
         request: 声明请求
         api_key_auth: 包含验证后的API Key 信息
         db: db_session
     """
     logger.info(f"API Key Auth: {api_key_auth}")
-    logger.info(f"Resource ID: {resource_id}")
+    logger.info(f"Resource ID: {api_key_auth.resource_id}")
     logger.info(f"Message: {message}")
     return success(data={"received": True}, msg="消息已接收")
\ No newline at end of file
diff --git a/api/app/core/api_key_auth.py b/api/app/core/api_key_auth.py
index e1021c6f..342405b8 100644
--- a/api/app/core/api_key_auth.py
+++ b/api/app/core/api_key_auth.py
@@ -33,10 +33,9 @@ def require_api_key(
         scopes: 所需的权限范围列表[“app”, "rag", "memory"]
 
     Usage:
-        @router.get("/app/{resource_id}/chat")
+        @router.get("/app/chat")
         @require_api_key(scopes=["app"])
         def chat_with_app(
-            resource_id: uuid.UUID,
             request: Request,
             api_key_auth: ApiKeyAuth = None,
             db: Session = Depends(get_db),
@@ -89,26 +88,6 @@ def require_api_key(
                         context={"required_scopes": scopes, "missing_scopes": missing_scopes}
                     )
 
-            resource_id = kwargs.get("resource_id")
-            if resource_id and not ApiKeyAuthService.check_resource(
-                    api_key_obj,
-                    resource_id
-            ):
-                logger.warning("API Key 资源访问被拒绝", extra={
-                    "api_key_id": str(api_key_obj.id),
-                    "required_resource_id": str(resource_id),
-                    "bound_resource_id": str(api_key_obj.resource_id) if api_key_obj.resource_id else None,
-                    "endpoint": str(request.url)
-                })
-                return BusinessException(
-                    "API Key 未授权访问该资源",
-                    BizCode.API_KEY_INVALID_RESOURCE,
-                    context={
-                        "required_resource_id": str(resource_id),
-                        "bound_resource_id": str(api_key_obj.resource_id)
-                    }
-                )
-
             kwargs["api_key_auth"] = ApiKeyAuth(
                 api_key_id=api_key_obj.id,
                 workspace_id=api_key_obj.workspace_id,