diff --git a/api/apps/__init__.py b/api/apps/__init__.py
index e26b2c39af..6df12f47a8 100644
--- a/api/apps/__init__.py
+++ b/api/apps/__init__.py
@@ -130,6 +130,7 @@ def _load_user():
     jwt = Serializer(secret_key=settings.get_secret_key())
     authorization = request.headers.get("Authorization")
     g.user = None
+    g.auth_via_api_token = False
     if not authorization:
         return _load_user_from_session()
 
@@ -175,6 +176,7 @@ def _load_user():
                 if not user[0].access_token or not user[0].access_token.strip():
                     logging.warning(f"User {user[0].email} has empty access_token in database")
                     return _load_user_from_session()
+                g.auth_via_api_token = True
                 g.user = user[0]
                 return user[0]
             logging.warning(f"load_user: No user found for tenant_id={objs[0].tenant_id} from APIToken")
diff --git a/api/apps/restful_apis/memory_api.py b/api/apps/restful_apis/memory_api.py
index c361d816b6..1be67b8a70 100644
--- a/api/apps/restful_apis/memory_api.py
+++ b/api/apps/restful_apis/memory_api.py
@@ -17,7 +17,7 @@ import logging
 import os
 import time
 
-from quart import request
+from quart import request, g
 from common.constants import LLMType, RetCode
 from common.exceptions import ArgumentException, NotFoundException
 from api.apps import login_required, current_user
@@ -188,8 +188,18 @@ async def add_message():
     req = await get_request_json()
     memory_ids = req["memory_id"]
 
+    # JWT / session users cannot spoof attribution; API-key callers may supply an external subject id.
+    try:
+        trust_client_subject = bool(getattr(g, "auth_via_api_token", False))
+    except RuntimeError:
+        trust_client_subject = False
+    if trust_client_subject:
+        effective_user_id = req.get("user_id", "")
+    else:
+        effective_user_id = current_user.id
+
     message_dict = {
-        "user_id": req.get("user_id"),
+        "user_id": effective_user_id,
         "agent_id": req["agent_id"],
         "session_id": req["session_id"],
         "user_input": req["user_input"],
diff --git a/sdk/python/ragflow_sdk/ragflow.py b/sdk/python/ragflow_sdk/ragflow.py
index fe0a683719..679f5ba5f3 100644
--- a/sdk/python/ragflow_sdk/ragflow.py
+++ b/sdk/python/ragflow_sdk/ragflow.py
@@ -334,6 +334,7 @@ class RAGFlow:
             raise Exception(res["message"])
 
     def add_message(self, memory_id: list[str], agent_id: str, session_id: str, user_input: str, agent_response: str, user_id: str = "") -> str:
+        """Append messages to memories; ``user_id`` is forwarded only for API-key auth (external subject)."""
         payload = {
             "memory_id": memory_id,
             "agent_id": agent_id,