or run

npx @tessl/cli init
Log in

Version

Tile

Overview

Evals

Files

docs

conditional-annotations.mdcore-infrastructure.mdendpoint-filtering.mdendpoint-properties.mdindex.mdjmx-endpoints.mdmanagement-endpoints.mdmanagement-server.mdweb-endpoints.md
tile.json

management-endpoints.mddocs/

Management Endpoints

Auto-configurations for individual management endpoints including beans, conditions, configuration properties, environment, health, info, logging, metrics, and more.

Quick Reference Table

EndpointIDHTTPDefault WebRequires BeanMutatingSecurity Risk
HealthhealthGETYes-NoLow
InfoinfoGETYes-NoLow
MetricsmetricsGETNo-NoLow
BeansbeansGETNo-NoMedium
ConditionsconditionsGETNo-NoLow
ConfigPropsconfigpropsGETNo-NoHigh
EnvenvGETNo-NoHigh
LoggersloggersGET,POSTNoLoggingSystemYesMedium
LogfilelogfileGETNoLog fileNoMedium
MappingsmappingsGETNo-NoLow
HeapdumpheapdumpGETNoHotSpot JVMNoCritical
ThreaddumpthreaddumpGETNo-NoMedium
ShutdownshutdownPOSTNo-YesCritical
ScheduledtasksscheduledtasksGETNo-NoLow
HttpexchangeshttpexchangesGETNoHttpExchangeRepositoryNoHigh
AuditeventsauditeventsGETNoAuditEventRepositoryNoMedium
SBOMsbomGETNo-NoLow
StartupstartupGETNoBufferingApplicationStartupNoLow

Endpoint Categories

Safe for Production (Low Risk)

management.endpoints.web.exposure.include=health,info,metrics,prometheus

Endpoints: health, info, metrics, conditions, mappings, scheduledtasks, sbom, startup

Requires Authorization (Medium Risk)

management.endpoints.web.exposure.include=beans,loggers,threaddump,auditevents
# Combine with Spring Security

Endpoints: beans, loggers, logfile, threaddump, auditevents

Sensitive Data (High Risk)

# Require ADMIN role
management.endpoint.env.show-values=WHEN_AUTHORIZED
management.endpoint.env.roles=ADMIN
management.endpoint.configprops.show-values=WHEN_AUTHORIZED
management.endpoint.configprops.roles=ADMIN
management.endpoint.httpexchanges.enabled=false  # Consider disabling

Endpoints: env, configprops, httpexchanges

Dangerous (Critical Risk)

# Exclude from web exposure
management.endpoints.web.exposure.exclude=shutdown,heapdump
# Or disable entirely
management.endpoint.shutdown.access=NONE
management.endpoint.heapdump.access=NONE

Endpoints: shutdown, heapdump

Endpoint Details

Health Endpoint

Note: The Health endpoint is configured in the spring-boot-health module, not in spring-boot-actuator-autoconfigure. This tile documents only the autoconfigure module.

Module: org.springframework.boot:spring-boot-health Auto-Configuration: HealthEndpointAutoConfiguration (in spring-boot-health module)

Properties:

management.endpoint.health.show-details=always|never|when-authorized
management.endpoint.health.show-components=always|never|when-authorized
management.endpoint.health.roles=ADMIN
management.endpoint.health.probes.enabled=true  # Kubernetes liveness/readiness

Use Cases: Health checks, liveness/readiness probes, monitoring

Info Endpoint

Auto-Configuration: InfoEndpointAutoConfiguration, InfoContributorAutoConfiguration

/**
 * Auto-configuration for InfoEndpoint
 * @since 2.0.0
 */
@AutoConfiguration
@ConditionalOnAvailableEndpoint(endpoint = InfoEndpoint.class)
public final class InfoEndpointAutoConfiguration {
    /**
     * Creates the info endpoint bean
     * @param infoContributors List of info contributors providing information
     * @return InfoEndpoint instance
     */
    @Bean
    @ConditionalOnMissingBean
    InfoEndpoint infoEndpoint(List<InfoContributor> infoContributors);
}

/**
 * Auto-configuration for various InfoContributor beans
 * @since 2.0.0
 */
@AutoConfiguration
public final class InfoContributorAutoConfiguration {
    /**
     * The default order for core InfoContributor beans
     * Set to HIGHEST_PRECEDENCE + 10 to run before most other contributors
     */
    public static final int DEFAULT_ORDER = Ordered.HIGHEST_PRECEDENCE + 10;

    /**
     * Creates environment info contributor
     * Contributes properties starting with "info." from the environment
     * @param environment The configurable environment
     * @return EnvironmentInfoContributor instance
     */
    @Bean
    @ConditionalOnEnabledInfoContributor(value = "env", fallback = InfoContributorFallback.DISABLE)
    @Order(DEFAULT_ORDER)
    EnvironmentInfoContributor envInfoContributor(ConfigurableEnvironment environment);

    /**
     * Creates git info contributor
     * Contributes git commit information from git.properties file
     * @param gitProperties Git properties loaded from classpath
     * @param infoContributorProperties Info contributor configuration properties
     * @return GitInfoContributor instance
     */
    @Bean
    @ConditionalOnEnabledInfoContributor("git")
    @ConditionalOnSingleCandidate(GitProperties.class)
    @ConditionalOnMissingBean
    @Order(DEFAULT_ORDER)
    GitInfoContributor gitInfoContributor(GitProperties gitProperties, InfoContributorProperties infoContributorProperties);

    /**
     * Creates build info contributor
     * Contributes build metadata from build-info.properties
     * @param buildProperties Build properties loaded from classpath
     * @return BuildInfoContributor instance
     */
    @Bean
    @ConditionalOnEnabledInfoContributor("build")
    @ConditionalOnSingleCandidate(BuildProperties.class)
    @Order(DEFAULT_ORDER)
    InfoContributor buildInfoContributor(BuildProperties buildProperties);

    /**
     * Creates Java runtime info contributor
     * Contributes JVM and Java version information
     * @return JavaInfoContributor instance
     */
    @Bean
    @ConditionalOnEnabledInfoContributor(value = "java", fallback = InfoContributorFallback.DISABLE)
    @Order(DEFAULT_ORDER)
    JavaInfoContributor javaInfoContributor();

    /**
     * Creates OS info contributor
     * Contributes operating system information
     * @return OsInfoContributor instance
     */
    @Bean
    @ConditionalOnEnabledInfoContributor(value = "os", fallback = InfoContributorFallback.DISABLE)
    @Order(DEFAULT_ORDER)
    OsInfoContributor osInfoContributor();

    /**
     * Creates process info contributor
     * Contributes process ID and related information
     * @return ProcessInfoContributor instance
     */
    @Bean
    @ConditionalOnEnabledInfoContributor(value = "process", fallback = InfoContributorFallback.DISABLE)
    @Order(DEFAULT_ORDER)
    ProcessInfoContributor processInfoContributor();

    /**
     * Creates SSL info contributor
     * Contributes SSL certificate information
     * @param sslInfo SSL information provider
     * @return SslInfoContributor instance
     */
    @Bean
    @ConditionalOnEnabledInfoContributor(value = "ssl", fallback = InfoContributorFallback.DISABLE)
    @Order(DEFAULT_ORDER)
    SslInfoContributor sslInfoContributor(SslInfo sslInfo);

    /**
     * Creates SSL info provider
     * Provides SSL certificate information from SSL bundles
     * @param sslBundles SSL bundles containing certificates
     * @return SslInfo instance
     */
    @Bean
    @ConditionalOnMissingBean
    @ConditionalOnEnabledInfoContributor(value = "ssl", fallback = InfoContributorFallback.DISABLE)
    SslInfo sslInfo(SslBundles sslBundles);
}

Built-in Contributors:

ContributorPropertyContentDefault Enabled
envmanagement.info.env.enabledinfo.* propertiesNo (explicit)
gitmanagement.info.git.enabledGit commit infoYes (if git.properties exists)
buildmanagement.info.build.enabledBuild metadataYes (if BuildProperties exists)
javamanagement.info.java.enabledJava runtimeNo (explicit)
osmanagement.info.os.enabledOS infoNo (explicit)
processmanagement.info.process.enabledProcess infoNo (explicit)
sslmanagement.info.ssl.enabledSSL certificatesNo (explicit)

Properties:

# Contributors
management.info.git.enabled=true
management.info.git.mode=SIMPLE|FULL
management.info.env.enabled=true
management.info.java.enabled=true
management.info.defaults.enabled=true

# Custom info
info.app.name=My Application
info.app.version=1.0.0

Loggers Endpoint

Auto-Configuration: LoggersEndpointAutoConfiguration

/**
 * Auto-configuration for LoggersEndpoint
 * @since 2.0.0
 */
@AutoConfiguration
@ConditionalOnAvailableEndpoint(endpoint = LoggersEndpoint.class)
public final class LoggersEndpointAutoConfiguration {
    /**
     * Creates the loggers endpoint bean
     * Requires LoggingSystem bean and enabled logging system
     * @param loggingSystem The logging system
     * @param springBootLoggerGroups Optional logger groups configuration
     * @return LoggersEndpoint instance
     */
    @Bean
    @ConditionalOnBean(LoggingSystem.class)
    @Conditional(OnEnabledLoggingSystemCondition.class)
    @ConditionalOnMissingBean
    LoggersEndpoint loggersEndpoint(LoggingSystem loggingSystem, ObjectProvider<LoggerGroups> springBootLoggerGroups);
}

Operations:

# Get all loggers
GET /actuator/loggers

# Get specific logger
GET /actuator/loggers/com.example.MyClass

# Change logger level
POST /actuator/loggers/com.example.MyClass
Content-Type: application/json
{"configuredLevel": "DEBUG"}

Supported Levels: TRACE, DEBUG, INFO, WARN, ERROR, OFF, null (inherit)

Use Cases: Runtime log level adjustment, debugging

Logfile Endpoint

Auto-Configuration: LogFileWebEndpointAutoConfiguration

/**
 * Auto-configuration for LogFileWebEndpoint
 * @since 2.0.0
 */
@AutoConfiguration
@ConditionalOnAvailableEndpoint(endpoint = LogFileWebEndpoint.class)
public final class LogFileWebEndpointAutoConfiguration {
    /**
     * Creates the log file web endpoint bean
     * Requires log file to be configured (logging.file.name or external file)
     * @param logFile Optional log file from logging.file.name property
     * @param properties Log file endpoint properties for external file configuration
     * @return LogFileWebEndpoint instance
     */
    @Bean
    @ConditionalOnMissingBean
    @Conditional(LogFileCondition.class)
    LogFileWebEndpoint logFileWebEndpoint(ObjectProvider<LogFile> logFile, LogFileWebEndpointProperties properties);
}

Properties:

# Configure log file location
logging.file.name=/var/log/myapp.log

# OR use external file
management.endpoint.logfile.external-file=/custom/path/to.log

Operations:

# Download entire log file
GET /actuator/logfile

# Download with range (last 1000 bytes)
GET /actuator/logfile
Range: bytes=-1000

Requirements: File-based logging must be configured via logging.file.name or management.endpoint.logfile.external-file

Use Cases: Log file download, remote log inspection

Environment Endpoint

Auto-Configuration: EnvironmentEndpointAutoConfiguration

/**
 * Auto-configuration for EnvironmentEndpoint
 * @since 2.0.0
 */
@AutoConfiguration
@ConditionalOnAvailableEndpoint(endpoint = EnvironmentEndpoint.class)
public final class EnvironmentEndpointAutoConfiguration {
    /**
     * Creates the environment endpoint bean
     * @param environment The Spring environment
     * @param properties Environment endpoint properties for sanitization
     * @param sanitizingFunctions Optional custom sanitizing functions
     * @return EnvironmentEndpoint instance
     */
    @Bean
    @ConditionalOnMissingBean
    EnvironmentEndpoint environmentEndpoint(Environment environment, EnvironmentEndpointProperties properties,
        ObjectProvider<SanitizingFunction> sanitizingFunctions);

    /**
     * Creates the environment endpoint web extension
     * Provides property-specific query operations for web exposure
     * @param environmentEndpoint The core environment endpoint
     * @param properties Environment endpoint properties
     * @return EnvironmentEndpointWebExtension instance
     */
    @Bean
    @ConditionalOnMissingBean
    @ConditionalOnBean(EnvironmentEndpoint.class)
    @ConditionalOnAvailableEndpoint(exposure = EndpointExposure.WEB)
    EnvironmentEndpointWebExtension environmentEndpointWebExtension(EnvironmentEndpoint environmentEndpoint,
        EnvironmentEndpointProperties properties);
}

Operations:

# All properties
GET /actuator/env

# Specific property
GET /actuator/env/server.port

Properties:

management.endpoint.env.show-values=NEVER|ALWAYS|WHEN_AUTHORIZED
management.endpoint.env.roles=ADMIN,OPERATOR

Security: Shows property sources, values sanitized by default

ConfigProps Endpoint

Auto-Configuration: ConfigurationPropertiesReportEndpointAutoConfiguration

/**
 * Auto-configuration for ConfigurationPropertiesReportEndpoint
 * @since 2.0.0
 */
@AutoConfiguration
@ConditionalOnAvailableEndpoint(endpoint = ConfigurationPropertiesReportEndpoint.class)
public final class ConfigurationPropertiesReportEndpointAutoConfiguration {
    /**
     * Creates the configuration properties endpoint bean
     * @return ConfigurationPropertiesReportEndpoint instance
     */
    @Bean
    @ConditionalOnMissingBean
    ConfigurationPropertiesReportEndpoint configurationPropertiesReportEndpoint();

    /**
     * Creates the configuration properties endpoint web extension
     * Provides sanitization for web exposure
     * @param configurationPropertiesReportEndpoint The core endpoint
     * @param properties Configuration properties endpoint properties
     * @param sanitizingFunctions Optional custom sanitizing functions
     * @return ConfigurationPropertiesReportEndpointWebExtension instance
     */
    @Bean
    @ConditionalOnMissingBean
    @ConditionalOnBean(ConfigurationPropertiesReportEndpoint.class)
    @ConditionalOnAvailableEndpoint(exposure = EndpointExposure.WEB)
    ConfigurationPropertiesReportEndpointWebExtension configurationPropertiesReportEndpointWebExtension(
        ConfigurationPropertiesReportEndpoint configurationPropertiesReportEndpoint,
        ConfigurationPropertiesReportEndpointProperties properties,
        ObjectProvider<SanitizingFunction> sanitizingFunctions);
}

Properties:

management.endpoint.configprops.show-values=NEVER|ALWAYS|WHEN_AUTHORIZED
management.endpoint.configprops.roles=ADMIN

Content: All @ConfigurationProperties beans with their values

Beans Endpoint

Auto-Configuration: BeansEndpointAutoConfiguration

/**
 * Auto-configuration for BeansEndpoint
 * @since 2.0.0
 */
@AutoConfiguration
@ConditionalOnAvailableEndpoint(endpoint = BeansEndpoint.class)
public final class BeansEndpointAutoConfiguration {
    /**
     * Creates the beans endpoint bean
     * @param applicationContext The configurable application context
     * @return BeansEndpoint instance
     */
    @Bean
    @ConditionalOnMissingBean
    BeansEndpoint beansEndpoint(ConfigurableApplicationContext applicationContext);
}

Response Structure:

{
  "contexts": {
    "application": {
      "beans": {
        "beanName": {
          "type": "com.example.MyBean",
          "scope": "singleton",
          "dependencies": ["otherBean"],
          "resource": "file [MyBean.class]"
        }
      }
    }
  }
}

Conditions Endpoint

Endpoint Class: ConditionsReportEndpoint

/**
 * Endpoint to expose the ConditionEvaluationReport
 * @since 2.0.0
 */
@Endpoint(id = "conditions")
public class ConditionsReportEndpoint {

    /**
     * Creates a conditions report endpoint
     * @param context The configurable application context
     */
    public ConditionsReportEndpoint(ConfigurableApplicationContext context);

    /**
     * Returns condition evaluation report for all contexts
     * @return ConditionsDescriptor containing all context conditions
     */
    @ReadOperation
    public ConditionsDescriptor conditions();
}

Auto-Configuration: ConditionsReportEndpointAutoConfiguration

@AutoConfiguration
@ConditionalOnAvailableEndpoint(ConditionsReportEndpoint.class)
public final class ConditionsReportEndpointAutoConfiguration {
    @Bean
    @ConditionalOnMissingBean(search = SearchStrategy.CURRENT)
    ConditionsReportEndpoint conditionsReportEndpoint(ConfigurableApplicationContext context);
}

Response Categories:

  • positiveMatches: Auto-configs that matched
  • negativeMatches: Auto-configs that didn't match
  • unconditionalClasses: Classes with no conditions
  • exclusions: Excluded auto-configs

Use Cases: Troubleshooting auto-configuration, understanding which beans were created

Mappings Endpoint

Auto-Configuration: MappingsEndpointAutoConfiguration

/**
 * Auto-configuration for MappingsEndpoint
 * @since 2.0.0
 */
@AutoConfiguration
@ConditionalOnAvailableEndpoint(endpoint = MappingsEndpoint.class)
public final class MappingsEndpointAutoConfiguration {
    /**
     * Creates the mappings endpoint bean
     * @param applicationContext The application context
     * @param descriptionProviders Optional providers for mapping descriptions
     * @return MappingsEndpoint instance
     */
    @Bean
    MappingsEndpoint mappingsEndpoint(ApplicationContext applicationContext,
        ObjectProvider<MappingDescriptionProvider> descriptionProviders);
}

Content: All @RequestMapping paths with handler methods

Includes:

  • Spring MVC mappings
  • WebFlux mappings
  • Servlet mappings

Heapdump Endpoint

Auto-Configuration: HeapDumpWebEndpointAutoConfiguration

/**
 * Auto-configuration for HeapDumpWebEndpoint
 * @since 2.0.0
 */
@AutoConfiguration
@ConditionalOnAvailableEndpoint(endpoint = HeapDumpWebEndpoint.class)
public final class HeapDumpWebEndpointAutoConfiguration {
    /**
     * Creates the heap dump web endpoint bean
     * @return HeapDumpWebEndpoint instance
     */
    @Bean
    @ConditionalOnMissingBean
    HeapDumpWebEndpoint heapDumpWebEndpoint();
}

Response: Binary .hprof file

Requirements: HotSpot JVM only

Size: Equal to current heap size

Security: Extremely sensitive, contains all memory data

Properties:

# Usually disable in production
management.endpoint.heapdump.access=NONE
management.endpoints.web.exposure.exclude=heapdump

Threaddump Endpoint

Auto-Configuration: ThreadDumpEndpointAutoConfiguration

/**
 * Auto-configuration for ThreadDumpEndpoint
 * @since 2.0.0
 */
@AutoConfiguration
@ConditionalOnAvailableEndpoint(endpoint = ThreadDumpEndpoint.class)
public final class ThreadDumpEndpointAutoConfiguration {
    /**
     * Creates the thread dump endpoint bean
     * @return ThreadDumpEndpoint instance
     */
    @Bean
    @ConditionalOnMissingBean
    ThreadDumpEndpoint dumpEndpoint();
}

Response Formats:

  • application/json: Structured thread info
  • text/plain: Traditional thread dump format

Performance: May impact application briefly

Shutdown Endpoint

Auto-Configuration: ShutdownEndpointAutoConfiguration

/**
 * Auto-configuration for ShutdownEndpoint
 * @since 2.0.0
 */
@AutoConfiguration
@ConditionalOnAvailableEndpoint(endpoint = ShutdownEndpoint.class)
public final class ShutdownEndpointAutoConfiguration {
    /**
     * Creates the shutdown endpoint bean
     * Note: destroyMethod is set to empty string to prevent automatic destroy
     * @return ShutdownEndpoint instance
     */
    @Bean(destroyMethod = "")
    @ConditionalOnMissingBean
    ShutdownEndpoint shutdownEndpoint();
}

Operation:

POST /actuator/shutdown

Response:

{"message": "Shutting down, bye..."}

Security: Irreversible, requires explicit enablement

Properties:

management.endpoint.shutdown.access=UNRESTRICTED
management.endpoints.web.exposure.include=shutdown

HTTP Exchanges Endpoint

Auto-Configuration: HttpExchangesEndpointAutoConfiguration

/**
 * Auto-configuration for HttpExchangesEndpoint
 * @since 3.0.0
 */
@AutoConfiguration
@ConditionalOnAvailableEndpoint(endpoint = HttpExchangesEndpoint.class)
public final class HttpExchangesEndpointAutoConfiguration {
    /**
     * Creates the HTTP exchanges endpoint bean
     * Requires HttpExchangeRepository bean to be present
     * @param exchangeRepository The repository storing HTTP exchange information
     * @return HttpExchangesEndpoint instance
     */
    @Bean
    @ConditionalOnBean(HttpExchangeRepository.class)
    @ConditionalOnMissingBean
    HttpExchangesEndpoint httpExchangesEndpoint(HttpExchangeRepository exchangeRepository);
}

Requirements: HttpExchangeRepository bean (usually InMemoryHttpExchangeRepository)

Configuration:

management.httpexchanges.recording.include=REQUEST_HEADERS,RESPONSE_HEADERS,TIME_TAKEN,PRINCIPAL

Recording Options:

  • REQUEST_HEADERS: Request headers (excludes Authorization, Cookie by default)
  • RESPONSE_HEADERS: Response headers
  • COOKIE_HEADERS: Cookie headers
  • AUTHORIZATION_HEADER: Authorization header
  • TIME_TAKEN: Request duration
  • PRINCIPAL: Authenticated user
  • REMOTE_ADDRESS: Client IP
  • SESSION_ID: Session identifier

Setup Example:

@Bean
public InMemoryHttpExchangeRepository httpExchangeRepository() {
    return new InMemoryHttpExchangeRepository();
}

Audit Events Endpoint

Auto-Configuration: AuditAutoConfiguration, AuditEventsEndpointAutoConfiguration

Requirements: AuditEventRepository bean

/**
 * Auto-configuration for audit event support
 * Registers listeners that publish authentication and authorization events to an AuditEventRepository
 * @since 1.0.0
 */
@AutoConfiguration
@ConditionalOnBean(AuditEventRepository.class)
@ConditionalOnBooleanProperty(name = "management.auditevents.enabled", matchIfMissing = true)
public final class AuditAutoConfiguration {
    /**
     * Creates an audit listener that stores events in the repository
     * @param auditEventRepository The repository to store audit events
     * @return AuditListener instance
     */
    @Bean
    @ConditionalOnMissingBean(AbstractAuditListener.class)
    AuditListener auditListener(AuditEventRepository auditEventRepository);

    /**
     * Creates an authentication audit listener
     * Publishes authentication success/failure events
     * @return AuthenticationAuditListener instance
     */
    @Bean
    @ConditionalOnMissingBean(AbstractAuthenticationAuditListener.class)
    AuthenticationAuditListener authenticationAuditListener();

    /**
     * Creates an authorization audit listener
     * Publishes authorization success/failure events
     * @return AuthorizationAuditListener instance
     */
    @Bean
    @ConditionalOnMissingBean(AbstractAuthorizationAuditListener.class)
    AuthorizationAuditListener authorizationAuditListener();
}

/**
 * Auto-configuration for AuditEventsEndpoint
 * @since 2.0.0
 */
@AutoConfiguration(after = AuditAutoConfiguration.class)
@ConditionalOnAvailableEndpoint(endpoint = AuditEventsEndpoint.class)
public final class AuditEventsEndpointAutoConfiguration {
    /**
     * Creates the audit events endpoint bean
     * Requires AuditEventRepository bean to be present
     * @param auditEventRepository The repository containing audit events
     * @return AuditEventsEndpoint instance
     */
    @Bean
    @ConditionalOnMissingBean
    @ConditionalOnBean(AuditEventRepository.class)
    AuditEventsEndpoint auditEventsEndpoint(AuditEventRepository auditEventRepository);
}

Properties:

management.auditevents.enabled=true  # Enable audit event auto-configuration (default: true)

Setup Example:

@Bean
public InMemoryAuditEventRepository auditEventRepository() {
    return new InMemoryAuditEventRepository();
}

Use Cases: Security event logging, compliance, authentication/authorization tracking

Scheduledtasks Endpoint

Auto-Configuration: ScheduledTasksEndpointAutoConfiguration

/**
 * Auto-configuration for ScheduledTasksEndpoint
 * @since 2.0.0
 */
@AutoConfiguration
@ConditionalOnAvailableEndpoint(endpoint = ScheduledTasksEndpoint.class)
public final class ScheduledTasksEndpointAutoConfiguration {
    /**
     * Creates the scheduled tasks endpoint bean
     * @param holders Optional scheduled task holders
     * @return ScheduledTasksEndpoint instance
     */
    @Bean
    @ConditionalOnMissingBean
    ScheduledTasksEndpoint scheduledTasksEndpoint(ObjectProvider<ScheduledTaskHolder> holders);
}

Content:

  • @Scheduled annotated methods
  • TaskScheduler scheduled tasks
  • Quartz jobs (if present)

SBOM Endpoint

Auto-Configuration: SbomEndpointAutoConfiguration

/**
 * Auto-configuration for SbomEndpoint
 * @since 3.3.0
 */
@AutoConfiguration
@ConditionalOnAvailableEndpoint(endpoint = SbomEndpoint.class)
public final class SbomEndpointAutoConfiguration {
    /**
     * Creates the SBOM endpoint bean
     * @param resourceLoader Resource loader for finding SBOM files
     * @return SbomEndpoint instance
     */
    @Bean
    @ConditionalOnMissingBean
    SbomEndpoint sbomEndpoint(ResourceLoader resourceLoader);

    /**
     * Creates the SBOM endpoint web extension
     * Provides media type specific handling for web exposure
     * @param sbomEndpoint The core SBOM endpoint
     * @return SbomEndpointWebExtension instance
     */
    @Bean
    @ConditionalOnMissingBean
    @ConditionalOnBean(SbomEndpoint.class)
    @ConditionalOnAvailableEndpoint(exposure = EndpointExposure.WEB)
    SbomEndpointWebExtension sbomEndpointWebExtension(SbomEndpoint sbomEndpoint);
}

Content: Software Bill of Materials (SBOM) documents

Location: Looks for SBOM files in META-INF/sbom/

Formats: CycloneDX, SPDX

Startup Endpoint

Auto-Configuration: StartupEndpointAutoConfiguration

/**
 * Auto-configuration for StartupEndpoint
 * @since 2.4.0
 */
@AutoConfiguration
@ConditionalOnAvailableEndpoint(endpoint = StartupEndpoint.class)
public final class StartupEndpointAutoConfiguration {
    /**
     * Creates the startup endpoint bean
     * Requires BufferingApplicationStartup to be configured
     * @param applicationStartup The buffering application startup
     * @return StartupEndpoint instance
     */
    @Bean
    @ConditionalOnMissingBean
    StartupEndpoint startupEndpoint(BufferingApplicationStartup applicationStartup);
}

Requirements:

@SpringBootApplication
public class Application {
    public static void main(String[] args) {
        SpringApplication app = new SpringApplication(Application.class);
        app.setApplicationStartup(new BufferingApplicationStartup(2048));
        app.run(args);
    }
}

Note: Drains the buffer on read (one-time operation)

Common Configuration Patterns

Development Environment

# Full visibility
management.endpoints.web.exposure.include=*
management.endpoint.env.show-values=ALWAYS
management.endpoint.configprops.show-values=ALWAYS
management.endpoint.health.show-details=always
management.httpexchanges.recording.include=REQUEST_HEADERS,RESPONSE_HEADERS,TIME_TAKEN

Production Environment

# Minimal, safe endpoints
management.endpoints.web.exposure.include=health,info,metrics,prometheus
management.endpoints.web.exposure.exclude=shutdown,heapdump,threaddump
management.endpoint.env.show-values=NEVER
management.endpoint.configprops.show-values=NEVER
management.endpoint.health.show-details=when-authorized
management.endpoint.health.roles=ACTUATOR

Staging Environment

# Moderate exposure with role-based access
management.endpoints.web.exposure.include=health,info,metrics,beans,loggers
management.endpoint.env.show-values=WHEN_AUTHORIZED
management.endpoint.env.roles=ADMIN
management.endpoint.configprops.show-values=WHEN_AUTHORIZED
management.endpoint.configprops.roles=ADMIN

Custom Endpoints

Basic Custom Endpoint

@Component
@Endpoint(id = "custom")
public class CustomEndpoint {

    @ReadOperation
    public Map<String, Object> info() {
        return Map.of("status", "ok", "timestamp", Instant.now());
    }

    @WriteOperation
    public void update(@Selector String key, String value) {
        // Update logic
    }

    @DeleteOperation
    public void delete(@Selector String key) {
        // Delete logic
    }
}

Custom Info Contributor

@Component
public class CustomInfoContributor implements InfoContributor {

    @Override
    public void contribute(Info.Builder builder) {
        builder.withDetail("custom", Map.of(
            "version", "1.0.0",
            "environment", getEnvironment()
        ));
    }

    private String getEnvironment() {
        return System.getenv("ENV") != null ? System.getenv("ENV") : "development";
    }
}

Enable: management.info.custom.enabled=true

Troubleshooting

Issue: Info Endpoint Empty

Causes:

  1. No contributors enabled
  2. No info.* properties
  3. Missing git.properties or BuildProperties

Solution:

management.info.git.enabled=true
management.info.env.enabled=true
info.app.name=My App

Issue: Loggers Endpoint Not Changing Levels

Cause: Logging system not properly initialized

Solution: Ensure using supported logging (Logback, Log4j2)

Issue: Heapdump Returns 404

Cause: Not using HotSpot JVM

Solution: Heapdump only works with HotSpot/OpenJDK

Issue: HTTP Exchanges Endpoint Not Available

Cause: Missing HttpExchangeRepository bean

Solution:

@Bean
public InMemoryHttpExchangeRepository httpExchangeRepository() {
    return new InMemoryHttpExchangeRepository();
}

Security Best Practices

  1. Never expose all endpoints in production: Use explicit include list
  2. Always use WHEN_AUTHORIZED for sensitive data: env, configprops
  3. Exclude dangerous endpoints: shutdown, heapdump
  4. Use Spring Security: Protect endpoints with authentication
  5. Separate management port: Isolate management from application
  6. Monitor access: Log actuator endpoint access

Related Documentation

Within This Tile

  • index.md - Complete overview and quick reference
    • See "Available Endpoints Quick Reference" table for all endpoints at a glance
    • See "Common Configuration Scenarios" for environment-specific setup
    • See "Architecture Integration Flow" → step 2 for how endpoints are discovered
  • core-infrastructure.md - Underlying endpoint infrastructure
    • All endpoints use ParameterValueMapper, CachingOperationInvokerAdvisor from here
    • EndpointAccessResolver controls whether endpoints are accessible
  • web-endpoints.md - HTTP/Web exposure of these endpoints
    • WebEndpointDiscoverer finds and exposes these endpoints via HTTP
    • PathMapper controls URL paths for endpoint access
  • jmx-endpoints.md - JMX MBean exposure of these endpoints
    • JmxEndpointDiscoverer exposes these same endpoints via JMX
  • endpoint-properties.md - Configuration properties for specific endpoints
    • Detailed property configuration for env, configprops, info, httpexchanges endpoints
  • endpoint-filtering.md - Controlling which endpoints are exposed
    • IncludeExcludeEndpointFilter determines which endpoints are available
    • Use for production vs development exposure strategies
  • conditional-annotations.md - Conditional endpoint registration
    • @ConditionalOnAvailableEndpoint controls when endpoint auto-configurations activate
    • Each endpoint uses this for conditional registration
  • management-server.md - Separate management port
    • When using separate port, all these endpoints move to management server

Quick Navigation

From Management Endpoints, you can:

  • Configure specific endpoint → See endpoint-properties.md for detailed properties
  • Control exposure → See endpoint-filtering.md for include/exclude patterns
  • Create custom endpoint → See index.md for pattern examples
  • Secure endpoints → See index.md for Spring Security integration
  • Troubleshoot issues → See index.md for common problems and solutions