diff --git a/src/main/java/io/company/localhost/common/security/config/SecurityConfig.java b/src/main/java/io/company/localhost/common/security/config/SecurityConfig.java
index f23a512..0bd3224 100644
--- a/src/main/java/io/company/localhost/common/security/config/SecurityConfig.java
+++ b/src/main/java/io/company/localhost/common/security/config/SecurityConfig.java
@@ -80,10 +80,7 @@ public class SecurityConfig {
 		http
 			.securityMatcher("/api/**")  // '/api/**' 경로에 대해서만 보안 적용
 			.authorizeHttpRequests(auth -> auth
-				.requestMatchers("/api/project/**").hasRole("MEMBER")
-				.requestMatchers("/api/**").permitAll() // 특정 엔드포인트 허용
-				.anyRequest().authenticated() // 나머지 요청은 인증 필요
-				//auth.anyRequest().access(authorizationManager) // 모든 요청에 대해 권한 관리
+				.anyRequest().access(authorizationManager) // 모든 요청에 대해 권한 관리
 			)
 			// 세션 관리 설정
 			.sessionManagement(session ->
diff --git a/src/main/java/io/company/localhost/common/security/mapper/MapBasedUrlRoleMapper.java b/src/main/java/io/company/localhost/common/security/mapper/MapBasedUrlRoleMapper.java
index ea8f89e..de3b375 100644
--- a/src/main/java/io/company/localhost/common/security/mapper/MapBasedUrlRoleMapper.java
+++ b/src/main/java/io/company/localhost/common/security/mapper/MapBasedUrlRoleMapper.java
@@ -28,8 +28,9 @@ public class MapBasedUrlRoleMapper implements UrlRoleMapper{
 
     @Override
     public Map<String, String> getUrlRoleMappings() {
-        urlRoleMappings.put("/api/user/**", ROLE_MEMBER);
-        urlRoleMappings.put("/api/test/**", ROLE_MEMBER);
+        urlRoleMappings.put("/api/user/**", PERMIT_ALL);
+        urlRoleMappings.put("/api/project/**", ROLE_MEMBER);
+//        urlRoleMappings.put("/api/test/**", ROLE_MEMBER);
 
 
         return new HashMap<>(urlRoleMappings);