diff --git a/apps/emqx_management/src/emqx_mgmt_api_apps.erl b/apps/emqx_management/src/emqx_mgmt_api_apps.erl
index cca0b41f0..abcfe1961 100644
--- a/apps/emqx_management/src/emqx_mgmt_api_apps.erl
+++ b/apps/emqx_management/src/emqx_mgmt_api_apps.erl
@@ -68,7 +68,7 @@ add_app(_Bindings, Params) ->
     end.
 
 del_app(#{appid := AppId}, _Params) ->
-    case emqx_mgmt_auth:del_app(AppId) of
+    case emqx_mgmt_auth:del_app(emqx_mgmt_util:urldecode(AppId)) of
         ok -> minirest:return();
         {error, Reason} -> minirest:return({error, Reason})
     end.
@@ -77,7 +77,7 @@ list_apps(_Bindings, _Params) ->
     minirest:return({ok, [format(Apps)|| Apps <- emqx_mgmt_auth:list_apps()]}).
 
 lookup_app(#{appid := AppId}, _Params) ->
-    case emqx_mgmt_auth:lookup_app(AppId) of
+    case emqx_mgmt_auth:lookup_app(emqx_mgmt_util:urldecode(AppId)) of
         {AppId, AppSecret, Name, Desc, Status, Expired} ->
             minirest:return({ok, #{app_id => AppId,
                           secret => AppSecret,
@@ -94,7 +94,7 @@ update_app(#{appid := AppId}, Params) ->
     Desc = proplists:get_value(<<"desc">>, Params),
     Status = proplists:get_value(<<"status">>, Params),
     Expired = proplists:get_value(<<"expired">>, Params),
-    case emqx_mgmt_auth:update_app(AppId, Name, Desc, Status, Expired) of
+    case emqx_mgmt_auth:update_app(emqx_mgmt_util:urldecode(AppId), Name, Desc, Status, Expired) of
         ok -> minirest:return();
         {error, Reason} -> minirest:return({error, Reason})
     end.
diff --git a/apps/emqx_management/src/emqx_mgmt_auth.erl b/apps/emqx_management/src/emqx_mgmt_auth.erl
index e48132e71..5f2b96dff 100644
--- a/apps/emqx_management/src/emqx_mgmt_auth.erl
+++ b/apps/emqx_management/src/emqx_mgmt_auth.erl
@@ -37,8 +37,6 @@
         , list_apps/0
         ]).
 
--export([abnormal_appid_warning/0]).
-
 %% APP Auth/ACL API
 -export([is_authorized/2]).
 
@@ -220,15 +218,3 @@ is_authorized(AppId, AppSecret) ->
 
 is_expired(undefined) -> true;
 is_expired(Expired)   -> Expired >= erlang:system_time(second).
-
-abnormal_appid_warning() ->
-    lists:foreach(fun(Id) ->
-        case emqx_misc:is_sane_id(Id) of
-            ok -> ok;
-            {error, _} ->
-                ?LOG(warning,
-                    "[app] ~ts is not a sane appid(^[A-Za-z0-9]+[A-Za-z0-9-_]*$). "
-                    "Please use `emqx_ctl mgmt delete ~ts` to delete it and create a new one.",
-                    [Id, Id])
-        end
-                  end, mnesia:dirty_all_keys(mqtt_app)).
diff --git a/apps/emqx_management/src/emqx_mgmt_sup.erl b/apps/emqx_management/src/emqx_mgmt_sup.erl
index ef3856654..8ad0bc963 100644
--- a/apps/emqx_management/src/emqx_mgmt_sup.erl
+++ b/apps/emqx_management/src/emqx_mgmt_sup.erl
@@ -23,7 +23,6 @@
 -export([init/1]).
 
 start_link() ->
-    emqx_mgmt_auth:abnormal_appid_warning(),
 	supervisor:start_link({local, ?MODULE}, ?MODULE, []).
 
 init([]) ->
diff --git a/lib-ce/emqx_dashboard/src/emqx_dashboard_admin.erl b/lib-ce/emqx_dashboard/src/emqx_dashboard_admin.erl
index c9327aedf..420380f88 100644
--- a/lib-ce/emqx_dashboard/src/emqx_dashboard_admin.erl
+++ b/lib-ce/emqx_dashboard/src/emqx_dashboard_admin.erl
@@ -188,7 +188,6 @@ check(Username, Password) ->
 init([]) ->
     %% Add default admin user
     _ = add_default_user(binenv(default_user_username), binenv(default_user_passwd)),
-    abnormal_username_warning(),
     {ok, state}.
 
 handle_call(_Req, _From, State) ->
@@ -257,15 +256,3 @@ add_default_user(Username, Password) ->
             end
     end,
     ok.
-
-abnormal_username_warning() ->
-    lists:foreach(fun(Name) ->
-        case emqx_misc:is_sane_id(Name) of
-            ok -> ok;
-            {error, _} ->
-                ?LOG(warning,
-                    "[dashboard] `~ts` is not a sane username(^[A-Za-z0-9]+[A-Za-z0-9-_]*$). "
-                    "Please use `emqx_ctl admins del ~ts` to delete it and create a new one.",
-                    [Name, Name])
-        end
-                  end, mnesia:dirty_all_keys(mqtt_admin)).
diff --git a/lib-ce/emqx_dashboard/src/emqx_dashboard_api.erl b/lib-ce/emqx_dashboard/src/emqx_dashboard_api.erl
index e1c89efbb..4dbf2517f 100644
--- a/lib-ce/emqx_dashboard/src/emqx_dashboard_api.erl
+++ b/lib-ce/emqx_dashboard/src/emqx_dashboard_api.erl
@@ -77,9 +77,10 @@ auth(_Bindings, Params) ->
     Password = proplists:get_value(<<"password">>, Params),
     return(emqx_dashboard_admin:check(Username, Password)).
 
-change_pwd(#{username := Username}, Params) ->
+change_pwd(#{username := Username0}, Params) ->
     OldPwd = proplists:get_value(<<"old_pwd">>, Params),
     NewPwd = proplists:get_value(<<"new_pwd">>, Params),
+    Username = emqx_mgmt_util:urldecode(Username0),
     return(emqx_dashboard_admin:change_password(Username, OldPwd, NewPwd)).
 
 create(_Bindings, Params) ->
@@ -96,14 +97,13 @@ list(_Bindings, _Params) ->
 
 update(#{name := Username}, Params) ->
     Tags = proplists:get_value(<<"tags">>, Params),
-    return(emqx_dashboard_admin:update_user(Username, Tags)).
+    return(emqx_dashboard_admin:update_user(emqx_mgmt_util:urldecode(Username), Tags)).
 
 delete(#{name := <<"admin">>}, _Params) ->
     return({error, <<"Cannot delete admin">>});
 
 delete(#{name := Username}, _Params) ->
-    return(emqx_dashboard_admin:remove_user(Username)).
+    return(emqx_dashboard_admin:remove_user(emqx_mgmt_util:urldecode(Username))).
 
 row(#mqtt_admin{username = Username, tags = Tags}) ->
     #{username => Username, tags => Tags}.
-