diff --git a/cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/ClickHouseAdminController.java b/cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/ClickHouseAdminController.java
index 53700bdb..69cbccd5 100644
--- a/cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/ClickHouseAdminController.java
+++ b/cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/ClickHouseAdminController.java
@@ -10,6 +10,7 @@ import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.jdbc.core.JdbcTemplate;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.GetMapping;
@@ -18,6 +19,11 @@ import org.springframework.web.bind.annotation.RestController;
 
 import java.util.List;
 
+@ConditionalOnProperty(
+    name = "cameleer.server.security.infrastructureendpoints",
+    havingValue = "true",
+    matchIfMissing = true
+)
 @RestController
 @RequestMapping("/api/v1/admin/clickhouse")
 @PreAuthorize("hasRole('ADMIN')")
diff --git a/cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/DatabaseAdminController.java b/cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/DatabaseAdminController.java
index fb02ddd6..c432199f 100644
--- a/cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/DatabaseAdminController.java
+++ b/cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/DatabaseAdminController.java
@@ -20,12 +20,18 @@ import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.web.bind.annotation.RestController;
 import org.springframework.web.server.ResponseStatusException;
 
 import javax.sql.DataSource;
 import java.util.List;
 
+@ConditionalOnProperty(
+    name = "cameleer.server.security.infrastructureendpoints",
+    havingValue = "true",
+    matchIfMissing = true
+)
 @RestController
 @RequestMapping("/api/v1/admin/database")
 @PreAuthorize("hasRole('ADMIN')")
diff --git a/cameleer3-server-app/src/main/resources/application.yml b/cameleer3-server-app/src/main/resources/application.yml
index e374cfe0..aa18d7ca 100644
--- a/cameleer3-server-app/src/main/resources/application.yml
+++ b/cameleer3-server-app/src/main/resources/application.yml
@@ -71,6 +71,7 @@ cameleer:
       uiorigin: ${CAMELEER_SERVER_SECURITY_UIORIGIN:http://localhost:5173}
       jwtsecret: ${CAMELEER_SERVER_SECURITY_JWTSECRET:}
       corsallowedorigins: ${CAMELEER_SERVER_SECURITY_CORSALLOWEDORIGINS:}
+      infrastructureendpoints: ${CAMELEER_SERVER_SECURITY_INFRASTRUCTUREENDPOINTS:true}
       oidc:
         issueruri: ${CAMELEER_SERVER_SECURITY_OIDC_ISSUERURI:}
         jwkseturi: ${CAMELEER_SERVER_SECURITY_OIDC_JWKSETURI:}
diff --git a/cameleer3-server-app/src/test/resources/application-test.yml b/cameleer3-server-app/src/test/resources/application-test.yml
index ad29cb9f..82d07651 100644
--- a/cameleer3-server-app/src/test/resources/application-test.yml
+++ b/cameleer3-server-app/src/test/resources/application-test.yml
@@ -15,3 +15,4 @@ cameleer:
     security:
       bootstraptoken: test-bootstrap-token
       bootstraptokenprevious: old-bootstrap-token
+      infrastructureendpoints: true