Start with these settings: management.endpoints.web.exposure.include=* management.endpoints.access.default=UNRESTRICTED cas.monitor.endpoints.endpoint.defaults.access=PERMIT
These settings will allow you to access actuator endpoints (list below). Then verify that palantir is working as expected. Then change to cas.monitor.endpoints.endpoint.defaults.access=AUTHENTICATED I tried using a list of endpoints, but after adding in more than half, palantir still was not working; and since there was no guarantee that the list below was complete, I went with '*'. For our use case, palantir will be used for service management. We have other systems in place for monitoring performance etc. We have one server with restricted access for palantir, kept seperate from our authentication servers. On authentication servers, only health endpoint available. Ray Here is a list of endpoints I exctracted from actuator/mappings (this actuator will show all of cas enpoints based on config - I think): #attributeDefinitions #auditevents #auditLog #authenticationHandlers #authenticationPolicies #beans #caches #casConfig #casFeatures #casModules #casValidate #conditions #configprops #duoAccountStatus #duoAdmin #duoPing #env #events #features #health #heapdump #httpexchanges #info #integrationgraph #jwtTicketSigningPublicKey #loggers #loggingConfig #mappings #metrics #mfaDevices #multitenancy #oauthTokens #oidcJwks #passwordManagement #personDirectory #quartz #refresh #registeredServices #releaseAttributes #resolveAttributes #samlIdPRegisteredServiceMetadataCache #samlPostProfileResponse #samlValidate #sbom #scheduledtasks #serviceAccess #springWebflow #sso #ssoSessions #statistics #threaddump #throttles #ticketExpirationPolicies #ticketRegistry ________________________________ From: 'atilling' via CAS Community <[email protected]> Sent: August 18, 2025 09:10 To: CAS Community <[email protected]> Subject: [cas-user] Palantir is unavailable? Trying to use Palantir in CAS 7.2.5 and getting an error Palantir is unavailable! Palantir requires a number of actuator endpoints to be enabled and exposed, and your CAS deployment fails to do so. There is no indication what endpoints aren't enabled in cas.properties I have the follwoing properties and spring user settings management.endpoints.web.exposure.include=*management.endpoint.health.show-details=always cas.monitor.endpoints.endpoint.defaults.access=AUTHENTICATED cas.monitor.endpoints.endpoint.samlIdPRegisteredServiceMetadataCache.access=AUTHENTICATED -- - Website: https://apereo.github.io/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]<mailto:[email protected]>. To view this discussion visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/b6c8b17b-7dca-4ab0-9b0f-f49e2d0c51b8n%40apereo.org<https://groups.google.com/a/apereo.org/d/msgid/cas-user/b6c8b17b-7dca-4ab0-9b0f-f49e2d0c51b8n%40apereo.org?utm_medium=email&utm_source=footer>. -- - Website: https://apereo.github.io/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/YQBP288MB008188CCBD50B24DC25ED6C4CE30A%40YQBP288MB0081.CANP288.PROD.OUTLOOK.COM.
