Changing the sensitivity of the Actuator's endpoints

By default, many of the Actuator's endpoints are sensitive. All default endpoints in Spring Boot Actuator are automatically sensitive. Hence the endpoints can be secured by using default properties for fault security. These include username, password, and role, within the properties file of your application. But you can also mark sensitive as false if the endpoint doesn't expose sensitive information, as follows:

endpoints._endpoint-id.sensitive = false 

In the application.yml file, it would look like the following:

endpoints:
   _endpoint-id:
         sensitive: false 

You can also set it to true if all endpoints expose sensitive information.

For example, let's set the /health endpoint's sensitive value to false:

endpoints.health.sensitive=false 

Or in application.yml file:

endpoints:
   health:
         sensitive: false 

Now you can access the /health endpoint without any authentication security.

Spring Boot Actuators also allows you to create your own endpoint, with your own configurations and implementations. To do so, all you have to do is implement the endpoint interface and override its method.