Changing the sensitivity of the Actuator's endpoints
By default, many of the Actuator's endpoints are sensitive. All default endpoints in Spring Boot Actuator are automatically sensitive. Hence the endpoints can be secured by using default properties for fault security. These include username, password, and role, within the properties file of your application. But you can also mark sensitive as false if the endpoint doesn't expose sensitive information, as follows:
endpoints._endpoint-id.sensitive = false
In the application.yml file, it would look like the following:
endpoints: _endpoint-id: sensitive: false
You can also set it to true if all endpoints expose sensitive information.
For example, let's set the /health endpoint's sensitive value to false:
endpoints.health.sensitive=false
Or in application.yml file:
endpoints: health: sensitive: false
Now you can access the /health endpoint without any authentication security.
Spring Boot Actuators also allows you to create your own endpoint, with your own configurations and implementations. To do so, all you have to do is implement the endpoint interface and override its method.