By default, the Spring Cloud Skipper server is unsecured and runs on an unencrypted HTTP connection. You can secure your REST endpoints by enabling HTTPS and requiring clients to authenticate using OAuth 2.0
![[Note]](images/note.png) | Note |
|---|---|
By default, the REST endpoints (administration, management and health) do not require authenticated access. |