diff --git a/src/client/src/tscSystem.c b/src/client/src/tscSystem.c
index 07926306db9c3fff2851ec453108429a83eaea41..5d8652a63140aa6039008c58ac83af9f7588ca4d 100644
--- a/src/client/src/tscSystem.c
+++ b/src/client/src/tscSystem.c
@@ -63,6 +63,7 @@ int32_t tscInitRpc(const char *user, const char *secret, void** pDnodeConn) {
     rpcInit.user = (char*)user;
     rpcInit.idleTime = 2000;
     rpcInit.ckey = "key";
+    rpcInit.spi = 1;
     rpcInit.secret = secretEncrypt;
 
     *pDnodeConn = rpcOpen(&rpcInit);
diff --git a/src/dnode/src/dnodePeer.c b/src/dnode/src/dnodePeer.c
index 51913d80c4531fabb4c525098b2d53fc0176a3f2..c91da4953d2dd32aeeef480d11fc9520216f8a93 100644
--- a/src/dnode/src/dnodePeer.c
+++ b/src/dnode/src/dnodePeer.c
@@ -52,7 +52,8 @@ int32_t dnodeInitServer() {
   dnodeProcessReqMsgFp[TSDB_MSG_TYPE_DM_CONFIG_VNODE] = mgmtProcessReqMsgFromDnode;
   dnodeProcessReqMsgFp[TSDB_MSG_TYPE_DM_GRANT]        = mgmtProcessReqMsgFromDnode;
   dnodeProcessReqMsgFp[TSDB_MSG_TYPE_DM_STATUS]       = mgmtProcessReqMsgFromDnode;
-
+  dnodeProcessReqMsgFp[TSDB_MSG_TYPE_DM_AUTH]         = mgmtProcessReqMsgFromDnode;
+  
   SRpcInit rpcInit;
   memset(&rpcInit, 0, sizeof(rpcInit));
   rpcInit.localPort    = tsDnodeDnodePort;
@@ -163,3 +164,9 @@ void dnodeAddClientRspHandle(uint8_t msgType, void (*fp)(SRpcMsg *rpcMsg)) {
 void dnodeSendMsgToDnode(SRpcIpSet *ipSet, SRpcMsg *rpcMsg) {
   rpcSendRequest(tsDnodeClientRpc, ipSet, rpcMsg);
 }
+
+void dnodeSendMsgToDnodeRecv(SRpcMsg *rpcMsg, SRpcMsg *rpcRsp) {
+  SRpcIpSet ipSet = {0};
+  dnodeGetMnodeDnodeIpSet(&ipSet);
+  rpcSendRecv(tsDnodeClientRpc, &ipSet, rpcMsg, rpcRsp);
+}
diff --git a/src/dnode/src/dnodeShell.c b/src/dnode/src/dnodeShell.c
index dc0efd405f5b89056b16bec090b4fdd81c31e710..52407dc7a451f743a40bda8c48b44bac77e63eab 100644
--- a/src/dnode/src/dnodeShell.c
+++ b/src/dnode/src/dnodeShell.c
@@ -21,6 +21,7 @@
 #include "trpc.h"
 #include "tglobal.h"
 #include "http.h"
+#include "mnode.h"
 #include "dnode.h"
 #include "dnodeInt.h"
 #include "dnodeVRead.h"
@@ -138,7 +139,34 @@ void dnodeProcessMsgFromShell(SRpcMsg *pMsg, SRpcIpSet *pIpSet) {
 }
 
 static int dnodeRetrieveUserAuthInfo(char *user, char *spi, char *encrypt, char *secret, char *ckey) {
-  return TSDB_CODE_SUCCESS;
+  int code = mgmtRetriveAuth(user, spi, encrypt, secret, ckey);
+  if (code != TSDB_CODE_NOT_READY) return code;
+
+  SDMAuthMsg *pMsg = rpcMallocCont(sizeof(SDMAuthMsg));
+  strcpy(pMsg->user, user);
+
+  SRpcMsg rpcMsg = {0};
+  rpcMsg.pCont = pMsg;
+  rpcMsg.contLen = sizeof(SDMAuthMsg);
+  rpcMsg.msgType = TSDB_MSG_TYPE_DM_AUTH;
+  
+  dTrace("user:%s, send auth msg to mnode", user);
+  SRpcMsg rpcRsp = {0};
+  dnodeSendMsgToDnodeRecv(&rpcMsg, &rpcRsp);
+
+  if (rpcRsp.code != 0) {
+    dError("user:%s, auth msg received from mnode, error:%s", user, tstrerror(rpcRsp.code));
+  } else {
+    dTrace("user:%s, auth msg received from mnode", user);
+    SDMAuthRsp *pRsp = rpcRsp.pCont;
+    memcpy(secret, pRsp->secret, TSDB_KEY_LEN);
+    memcpy(ckey, pRsp->ckey, TSDB_KEY_LEN);
+    *spi = pRsp->spi;
+    *encrypt = pRsp->encrypt;
+  }
+
+  rpcFreeCont(rpcRsp.pCont);
+  return rpcRsp.code;
 }
 
 SDnodeStatisInfo dnodeGetStatisInfo() {
diff --git a/src/inc/dnode.h b/src/inc/dnode.h
index 5145a46831bbbf98d88b44c48c8696b5f006d8f6..9884cf28707109e62fd8b8057f4becceaca6cb20 100644
--- a/src/inc/dnode.h
+++ b/src/inc/dnode.h
@@ -52,6 +52,7 @@ int32_t  dnodeGetDnodeId();
 void     dnodeAddClientRspHandle(uint8_t msgType, void (*fp)(SRpcMsg *rpcMsg));
 void     dnodeAddServerMsgHandle(uint8_t msgType, void (*fp)(SRpcMsg *rpcMsg));
 void     dnodeSendMsgToDnode(SRpcIpSet *ipSet, SRpcMsg *rpcMsg);
+void     dnodeSendMsgToDnodeRecv(SRpcMsg *rpcMsg, SRpcMsg *rpcRsp);
 
 #ifdef __cplusplus
 }
diff --git a/src/inc/mnode.h b/src/inc/mnode.h
index 37fec24c2052c7f2398596c0eba6fd1313c1b15d..48b1ac97bdb146985ff87d812e8f80a603f4ace4 100644
--- a/src/inc/mnode.h
+++ b/src/inc/mnode.h
@@ -26,8 +26,10 @@ void    mgmtCleanUpSystem();
 void    mgmtStopSystem();
 void    sdbUpdateSync();
 
-void   mgmtProcessMsgFromShell(SRpcMsg *rpcMsg);
-void   mgmtProcessReqMsgFromDnode(SRpcMsg *rpcMsg);
+int32_t mgmtRetriveAuth(char *user, char *spi, char *encrypt, char *secret, char *ckey);
+void    mgmtProcessMsgFromShell(SRpcMsg *rpcMsg);
+void    mgmtProcessReqMsgFromDnode(SRpcMsg *rpcMsg);
+
 
 #ifdef __cplusplus
 }
diff --git a/src/inc/taosmsg.h b/src/inc/taosmsg.h
index 8dac73606d336ca376c0b5f70521285fb7d78344..44980b391237ca9c301508e27ad5f1e140959413 100644
--- a/src/inc/taosmsg.h
+++ b/src/inc/taosmsg.h
@@ -100,6 +100,7 @@ TAOS_DEFINE_MESSAGE_TYPE( TSDB_MSG_TYPE_DM_CONFIG_TABLE, "config-table" )
 TAOS_DEFINE_MESSAGE_TYPE( TSDB_MSG_TYPE_DM_CONFIG_VNODE, "config-vnode" )	
 TAOS_DEFINE_MESSAGE_TYPE( TSDB_MSG_TYPE_DM_STATUS, "status" )
 TAOS_DEFINE_MESSAGE_TYPE( TSDB_MSG_TYPE_DM_GRANT, "grant" )
+TAOS_DEFINE_MESSAGE_TYPE( TSDB_MSG_TYPE_DM_AUTH, "auth" )
 TAOS_DEFINE_MESSAGE_TYPE( TSDB_MSG_TYPE_DUMMY12, "dummy12" )
 TAOS_DEFINE_MESSAGE_TYPE( TSDB_MSG_TYPE_DUMMY13, "dummy13" )
 TAOS_DEFINE_MESSAGE_TYPE( TSDB_MSG_TYPE_DUMMY14, "dummy14" )
@@ -737,6 +738,14 @@ typedef struct {
   char     tableId[TSDB_TABLE_ID_LEN + 1];
 } SMDAlterStreamMsg;
 
+typedef struct {
+  char user[TSDB_USER_LEN + 1];
+  char spi;
+  char encrypt;
+  char secret[TSDB_KEY_LEN + 1];
+  char ckey[TSDB_KEY_LEN + 1];
+} SDMAuthMsg, SDMAuthRsp;
+
 #pragma pack(pop)
 
 #ifdef __cplusplus
diff --git a/src/mnode/src/mgmtShell.c b/src/mnode/src/mgmtShell.c
index cd74c166d15943c1abbee01c01926a71b69f21d9..c27dc66dd5004384be539931d67b280a651d7e86 100644
--- a/src/mnode/src/mgmtShell.c
+++ b/src/mnode/src/mgmtShell.c
@@ -41,7 +41,6 @@
 typedef int32_t (*SShowMetaFp)(STableMetaMsg *pMeta, SShowObj *pShow, void *pConn);
 typedef int32_t (*SShowRetrieveFp)(SShowObj *pShow, char *data, int32_t rows, void *pConn);
 
-//static int  mgmtShellRetriveAuth(char *user, char *spi, char *encrypt, char *secret, char *ckey);
 static bool mgmtCheckMsgReadOnly(SQueuedMsg *pMsg);
 static void mgmtProcessUnSupportMsg(SRpcMsg *rpcMsg);
 static void mgmtProcessShowMsg(SQueuedMsg *queuedMsg);
@@ -343,29 +342,6 @@ static void mgmtProcessHeartBeatMsg(SQueuedMsg *pMsg) {
   rpcSendResponse(&rpcRsp);
 }
 
-/*
-static int mgmtShellRetriveAuth(char *user, char *spi, char *encrypt, char *secret, char *ckey) {
-  *spi = 1;
-  *encrypt = 0;
-  *ckey = 0;
-
-  if (!sdbIsMaster()) {
-    *secret = 0;
-    return TSDB_CODE_NOT_READY;
-  }
-
-  SUserObj *pUser = mgmtGetUser(user);
-  if (pUser == NULL) {
-    *secret = 0;
-    return TSDB_CODE_INVALID_USER;
-  } else {
-    memcpy(secret, pUser->pass, TSDB_KEY_LEN);
-    mgmtDecUserRef(pUser);
-    return TSDB_CODE_SUCCESS;
-  }
-}
-*/
-
 static void mgmtProcessConnectMsg(SQueuedMsg *pMsg) {
   SRpcMsg rpcRsp = {.handle = pMsg->thandle, .pCont = NULL, .contLen = 0, .code = 0, .msgType = 0};
   SCMConnectMsg *pConnectMsg = pMsg->pCont;
diff --git a/src/mnode/src/mgmtUser.c b/src/mnode/src/mgmtUser.c
index 9630ab3d587842b408d5f12ba1e4ae71ececd1e6..350367e0aeefaa7b28bd1a1d19faed9119bdb63a 100644
--- a/src/mnode/src/mgmtUser.c
+++ b/src/mnode/src/mgmtUser.c
@@ -37,6 +37,7 @@ static int32_t mgmtRetrieveUsers(SShowObj *pShow, char *data, int32_t rows, void
 static void    mgmtProcessCreateUserMsg(SQueuedMsg *pMsg);
 static void    mgmtProcessAlterUserMsg(SQueuedMsg *pMsg);
 static void    mgmtProcessDropUserMsg(SQueuedMsg *pMsg);
+static void    mgmtProcessAuthMsg(SRpcMsg *rpcMsg);
 
 static int32_t mgmtUserActionDestroy(SSdbOper *pOper) {
   tfree(pOper->pObj);
@@ -140,7 +141,8 @@ int32_t mgmtInitUsers() {
   mgmtAddShellMsgHandle(TSDB_MSG_TYPE_CM_DROP_USER, mgmtProcessDropUserMsg);
   mgmtAddShellShowMetaHandle(TSDB_MGMT_TABLE_USER, mgmtGetUserMeta);
   mgmtAddShellShowRetrieveHandle(TSDB_MGMT_TABLE_USER, mgmtRetrieveUsers);
-  
+  dnodeAddServerMsgHandle(TSDB_MSG_TYPE_DM_AUTH, mgmtProcessAuthMsg);
+   
   mTrace("table:%s, hash is created", tableDesc.tableName);
   return 0;
 }
@@ -529,3 +531,40 @@ void  mgmtDropAllUsers(SAcctObj *pAcct)  {
 
   mTrace("acct:%s, all users:%d is dropped from sdb", pAcct->user, numOfUsers);
 }
+
+int32_t mgmtRetriveAuth(char *user, char *spi, char *encrypt, char *secret, char *ckey) {
+  if (!sdbIsMaster()) {
+    *secret = 0;
+    mTrace("user:%s, failed to auth user, reason:%s", user, tstrerror(TSDB_CODE_NOT_READY));
+    return TSDB_CODE_NOT_READY;
+  }
+
+  SUserObj *pUser = mgmtGetUser(user);
+  if (pUser == NULL) {
+    *secret = 0;
+    mError("user:%s, failed to auth user, reason:%s", user, tstrerror(TSDB_CODE_INVALID_USER));
+    return TSDB_CODE_INVALID_USER;
+  } else {
+    *spi = 1;
+    *encrypt = 0;
+    *ckey = 0;
+
+    memcpy(secret, pUser->pass, TSDB_KEY_LEN);
+    mgmtDecUserRef(pUser);
+    mTrace("user:%s, auth info is returned", user);
+    return TSDB_CODE_SUCCESS;
+  }
+}
+
+static void mgmtProcessAuthMsg(SRpcMsg *rpcMsg) {
+  SRpcMsg rpcRsp = {.handle = rpcMsg->handle, .pCont = NULL, .contLen = 0, .code = 0, .msgType = 0};
+  
+  SDMAuthMsg *pAuthMsg = rpcMsg->pCont;
+  SDMAuthRsp *pAuthRsp = rpcMallocCont(sizeof(SDMAuthRsp));
+  
+  rpcRsp.code = mgmtRetriveAuth(pAuthMsg->user, &pAuthRsp->spi, &pAuthRsp->encrypt, pAuthRsp->secret, pAuthRsp->ckey);
+  rpcRsp.pCont = pAuthRsp;
+  rpcRsp.contLen = sizeof(SDMAuthRsp);
+  
+  rpcSendResponse(&rpcRsp);
+}