diff --git a/apps/terminal/migrations/0050_sessionsharing_users.py b/apps/terminal/migrations/0050_sessionsharing_users.py
new file mode 100644
index 000000000..9a014a62f
--- /dev/null
+++ b/apps/terminal/migrations/0050_sessionsharing_users.py
@@ -0,0 +1,18 @@
+# Generated by Django 3.1.14 on 2022-05-17 00:52
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('terminal', '0049_endpoint_redis_port'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='sessionsharing',
+            name='users',
+            field=models.CharField(default=list, max_length=1024, verbose_name='User'),
+        ),
+    ]
diff --git a/apps/terminal/models/sharing.py b/apps/terminal/models/sharing.py
index 45d62fb92..1968b3f08 100644
--- a/apps/terminal/models/sharing.py
+++ b/apps/terminal/models/sharing.py
@@ -28,6 +28,7 @@ class SessionSharing(CommonModelMixin, OrgModelMixin):
     expired_time = models.IntegerField(
         default=0, verbose_name=_('Expired time (min)'), db_index=True
     )
+    users = models.CharField(max_length=1024, verbose_name=_("User"), default=list)
 
     class Meta:
         ordering = ('-date_created', )
@@ -49,11 +50,13 @@ class SessionSharing(CommonModelMixin, OrgModelMixin):
             return False
         return True
 
-    def can_join(self):
+    def can_join(self, joiner):
         if not self.is_active:
             return False, _('Link not active')
         if not self.is_expired:
             return False, _('Link expired')
+        if self.users and str(joiner.id) not in self.users.split(','):
+            return False, _('User not allowed to join')
         return True, ''
 
 
@@ -110,7 +113,7 @@ class SessionJoinRecord(CommonModelMixin, OrgModelMixin):
 
     def can_join(self):
         # sharing
-        sharing_can_join, reason = self.sharing.can_join()
+        sharing_can_join, reason = self.sharing.can_join(self.joiner)
         if not sharing_can_join:
             return False, reason
         # self
diff --git a/apps/terminal/serializers/sharing.py b/apps/terminal/serializers/sharing.py
index 5e8568cf5..845c35029 100644
--- a/apps/terminal/serializers/sharing.py
+++ b/apps/terminal/serializers/sharing.py
@@ -8,17 +8,26 @@ __all__ = ['SessionSharingSerializer', 'SessionJoinRecordSerializer']
 
 
 class SessionSharingSerializer(OrgResourceModelSerializerMixin):
+    users = serializers.ListSerializer(
+        child=serializers.CharField(max_length=36), write_only=True, default=list, allow_null=True
+    )
+
     class Meta:
         model = SessionSharing
         fields_mini = ['id']
         fields_small = fields_mini + [
             'verify_code', 'is_active', 'expired_time', 'created_by',
-            'date_created', 'date_updated'
+            'date_created', 'date_updated', 'users'
         ]
         fields_fk = ['session', 'creator']
         fields = fields_small + fields_fk
         read_only_fields = ['verify_code']
 
+    def save(self, **kwargs):
+        users = self.validated_data.get('users', [])
+        self.validated_data['users'] = ','.join(users)
+        return super().save(**kwargs)
+
     def create(self, validated_data):
         validated_data['verify_code'] = random_string(4)
         session = validated_data.get('session')