diff --git a/apps/perms/api/user_remote_app_permission.py b/apps/perms/api/user_remote_app_permission.py
index 80c6edcdb..e650022f6 100644
--- a/apps/perms/api/user_remote_app_permission.py
+++ b/apps/perms/api/user_remote_app_permission.py
@@ -12,7 +12,7 @@ from ..utils import (
     RemoteAppPermissionUtil, construct_remote_apps_tree_root,
     parse_remote_app_to_tree_node,
 )
-from ..hands import User, RemoteApp, RemoteAppSerializer, UserGroup
+from ..hands import User, RemoteAppSerializer, UserGroup
 from ..mixins import RemoteAppFilterMixin
 
 
@@ -25,6 +25,7 @@ __all__ = [
 class UserGrantedRemoteAppsApi(RemoteAppFilterMixin, ListAPIView):
     permission_classes = (IsOrgAdminOrAppUser,)
     serializer_class = RemoteAppSerializer
+    filter_fields = ['id']
 
     def get_object(self):
         user_id = self.kwargs.get('pk', '')
@@ -37,7 +38,6 @@ class UserGrantedRemoteAppsApi(RemoteAppFilterMixin, ListAPIView):
     def get_queryset(self):
         util = RemoteAppPermissionUtil(self.get_object())
         queryset = util.get_remote_apps()
-        queryset = list(queryset)
         return queryset
 
     def get_permissions(self):
@@ -46,36 +46,23 @@ class UserGrantedRemoteAppsApi(RemoteAppFilterMixin, ListAPIView):
         return super().get_permissions()
 
 
-class UserGrantedRemoteAppsAsTreeApi(ListAPIView):
+class UserGrantedRemoteAppsAsTreeApi(UserGrantedRemoteAppsApi):
     serializer_class = TreeNodeSerializer
     permission_classes = (IsOrgAdminOrAppUser,)
 
-    def get_object(self):
-        user_id = self.kwargs.get('pk', '')
-        if not user_id:
-            user = self.request.user
-        else:
-            user = get_object_or_404(User, id=user_id)
-        return user
-
-    def get_queryset(self):
-        queryset = []
-        tree_root = construct_remote_apps_tree_root()
-        queryset.append(tree_root)
-
-        util = RemoteAppPermissionUtil(self.get_object())
-        remote_apps = util.get_remote_apps()
-        for remote_app in remote_apps:
+    def get_serializer(self, *args, **kwargs):
+        only_remote_app = self.request.query_params.get('only', '0') == '1'
+        tree_root = None
+        data = []
+        if not only_remote_app:
+            tree_root = construct_remote_apps_tree_root()
+            data.append(tree_root)
+        queryset = super().get_queryset()
+        for remote_app in queryset:
             node = parse_remote_app_to_tree_node(tree_root, remote_app)
-            queryset.append(node)
-
-        queryset = sorted(queryset)
-        return queryset
-
-    def get_permissions(self):
-        if self.kwargs.get('pk') is None:
-            self.permission_classes = (IsValidUser,)
-        return super().get_permissions()
+            data.append(node)
+        data.sort()
+        return super().get_serializer(data, many=True)
 
 
 class ValidateUserRemoteAppPermissionApi(APIView):
@@ -84,14 +71,13 @@ class ValidateUserRemoteAppPermissionApi(APIView):
     def get(self, request, *args, **kwargs):
         user_id = request.query_params.get('user_id', '')
         remote_app_id = request.query_params.get('remote_app_id', '')
-        user = get_object_or_404(User, id=user_id)
-        remote_app = get_object_or_404(RemoteApp, id=remote_app_id)
 
+        user = get_object_or_404(User, id=user_id)
         util = RemoteAppPermissionUtil(user)
-        remote_apps = util.get_remote_apps()
-        if remote_app not in remote_apps:
-            return Response({'msg': False}, status=403)
-        return Response({'msg': True}, status=200)
+        remote_app = util.get_remote_apps().filter(id=remote_app_id).exists()
+        if remote_app:
+            return Response({'msg': True}, status=200)
+        return Response({'msg': False}, status=403)
 
 
 # RemoteApp permission
diff --git a/apps/perms/utils/remote_app_permission.py b/apps/perms/utils/remote_app_permission.py
index ae60766ae..eb48f9b90 100644
--- a/apps/perms/utils/remote_app_permission.py
+++ b/apps/perms/utils/remote_app_permission.py
@@ -7,6 +7,7 @@ from common.tree import TreeNode
 from orgs.utils import set_to_root_org
 
 from ..models import RemoteAppPermission
+from ..hands import RemoteApp
 
 
 __all__ = [
@@ -53,9 +54,9 @@ class RemoteAppPermissionUtil:
         return _permissions
 
     def get_remote_apps(self):
-        remote_apps = set()
-        for perm in self.permissions:
-            remote_apps.update(list(perm.remote_apps.all()))
+        remote_apps = RemoteApp.objects.filter(
+            granted_by_permissions__in=self.permissions
+        )
         return remote_apps
 
 
@@ -82,11 +83,12 @@ def parse_remote_app_to_tree_node(parent, remote_app):
         'protocol': system_user.protocol,
         'login_mode': system_user.login_mode,
     }
+    pid = parent.id if parent else ''
     tree_node = {
         'id': remote_app.id,
         'name': remote_app.name,
         'title': remote_app.name,
-        'pId': parent.id,
+        'pId': pid,
         'open': False,
         'isParent': False,
         'iconSkin': 'file',