By default, many of the Actuator's endpoints are sensitive. All default endpoints in Spring Boot Actuator are automatically sensitive. Hence the endpoints can be secured by using default properties for fault security. These include username, password, and role, within the properties file of your application. But you can also mark sensitive as false if the endpoint doesn't expose sensitive information, as follows:
endpoints._endpoint-id.sensitive = false
In the application.yml file, it would look like the following:
endpoints: _endpoint-id: sensitive: false
You can also set it to true if all endpoints expose sensitive information.
For example, let's set the /health endpoint's sensitive ...