---
title: Authentication not detected on admin endpoint
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: >-
  Docs > Datadog Security > OOTB Rules > Authentication not detected on admin
  endpoint
---

# Authentication not detected on admin endpoint
 
## Description{% #description %}

No authentication was detected for an administrative endpoint, potentially allowing unauthorized users to access sensitive functionality.

## Rationale{% #rationale %}

This finding detects when an endpoint:

- Is identified as a potential administrative route
- Datadog detected no [authentication mechanism](https://docs.datadoghq.com/security/application_security/api-inventory/#endpoint-authentication).

## Remediation{% #remediation %}

- Validate that the code isn't expecting the user to be authenticated to have access to this resource (AuthN). If this API is, in fact, authenticated, ensure your code is [instrumented correctly](https://docs.datadoghq.com/security/application_security/how-it-works/add-user-info). Datadog auto-instruments many event types. [Review](https://app.datadoghq.com/security/appsec/business-logic) your instrumented business logic events.
- To improve authentication detection, you can configure custom authentication detection via the [Endpoint Tagging Rules](https://app.datadoghq.com/security/configuration/asm/trace-tagging) settings.