diff --git a/ch-covidcertificate-backend-verifier/ch-covidcertificate-backend-verifier-sync/src/main/java/ch/admin/bag/covidcertificate/backend/verifier/sync/config/ActuatorSecurity.java b/ch-covidcertificate-backend-verifier/ch-covidcertificate-backend-verifier-sync/src/main/java/ch/admin/bag/covidcertificate/backend/verifier/sync/config/ActuatorSecurity.java
index 7ed004c4..abcedec9 100644
--- a/ch-covidcertificate-backend-verifier/ch-covidcertificate-backend-verifier-sync/src/main/java/ch/admin/bag/covidcertificate/backend/verifier/sync/config/ActuatorSecurity.java
+++ b/ch-covidcertificate-backend-verifier/ch-covidcertificate-backend-verifier-sync/src/main/java/ch/admin/bag/covidcertificate/backend/verifier/sync/config/ActuatorSecurity.java
@@ -10,13 +10,11 @@
 
 package ch.admin.bag.covidcertificate.backend.verifier.sync.config;
 
-import ch.admin.bag.covidcertificate.backend.verifier.sync.config.configbeans.ActuatorSecurityConfig;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.actuate.health.HealthEndpoint;
 import org.springframework.boot.actuate.info.InfoEndpoint;
 import org.springframework.boot.actuate.logging.LoggersEndpoint;
 import org.springframework.boot.actuate.metrics.export.prometheus.PrometheusScrapeEndpoint;
-import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Profile;
 import org.springframework.core.Ordered;
@@ -40,11 +38,6 @@ public class ActuatorSecurity extends WebSecurityConfigurerAdapter {
     @Value("${sync.monitor.prometheus.password}")
     private String password;
 
-    @Bean
-    ActuatorSecurityConfig passwordDefault() {
-        return new ActuatorSecurityConfig(user, password);
-    }
-
     @Override
     protected void configure(HttpSecurity http) throws Exception {
         http.requestMatcher(
@@ -75,12 +68,10 @@ protected void configure(HttpSecurity http) throws Exception {
         http.csrf().ignoringAntMatchers("/actuator/loggers/**");
     }
 
-    protected void configureGlobal(
-            AuthenticationManagerBuilder auth, ActuatorSecurityConfig securityConfig)
-            throws Exception {
+    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
         auth.inMemoryAuthentication()
-                .withUser(securityConfig.getUsername())
-                .password(securityConfig.getPassword())
+                .withUser(user)
+                .password(password)
                 .roles(PROMETHEUS_ROLE);
     }
 }
diff --git a/ch-covidcertificate-backend-verifier/ch-covidcertificate-backend-verifier-sync/src/main/java/ch/admin/bag/covidcertificate/backend/verifier/sync/config/configbeans/ActuatorSecurityConfig.java b/ch-covidcertificate-backend-verifier/ch-covidcertificate-backend-verifier-sync/src/main/java/ch/admin/bag/covidcertificate/backend/verifier/sync/config/configbeans/ActuatorSecurityConfig.java
deleted file mode 100644
index 707bd874..00000000
--- a/ch-covidcertificate-backend-verifier/ch-covidcertificate-backend-verifier-sync/src/main/java/ch/admin/bag/covidcertificate/backend/verifier/sync/config/configbeans/ActuatorSecurityConfig.java
+++ /dev/null
@@ -1,29 +0,0 @@
-/*
- * Copyright (c) 2021 Ubique Innovation AG <https://www.ubique.ch>
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at https://mozilla.org/MPL/2.0/.
- *
- * SPDX-License-Identifier: MPL-2.0
- */
-
-package ch.admin.bag.covidcertificate.backend.verifier.sync.config.configbeans;
-
-public class ActuatorSecurityConfig {
-    private final String username;
-    private final String password;
-
-    public String getUsername() {
-        return username;
-    }
-
-    public String getPassword() {
-        return password;
-    }
-
-    public ActuatorSecurityConfig(String username, String password) {
-        this.username = username;
-        this.password = password;
-    }
-}
diff --git a/ch-covidcertificate-backend-verifier/ch-covidcertificate-backend-verifier-sync/src/test/java/ch/admin/bag/covidcertificate/backend/verifier/sync/syncer/DgcSyncerTest.java b/ch-covidcertificate-backend-verifier/ch-covidcertificate-backend-verifier-sync/src/test/java/ch/admin/bag/covidcertificate/backend/verifier/sync/syncer/DgcSyncerTest.java
index 97853d77..65429100 100644
--- a/ch-covidcertificate-backend-verifier/ch-covidcertificate-backend-verifier-sync/src/test/java/ch/admin/bag/covidcertificate/backend/verifier/sync/syncer/DgcSyncerTest.java
+++ b/ch-covidcertificate-backend-verifier/ch-covidcertificate-backend-verifier-sync/src/test/java/ch/admin/bag/covidcertificate/backend/verifier/sync/syncer/DgcSyncerTest.java
@@ -17,6 +17,8 @@
 import static org.springframework.test.web.client.match.MockRestRequestMatchers.method;
 import static org.springframework.test.web.client.match.MockRestRequestMatchers.requestTo;
 import static org.springframework.test.web.client.response.MockRestResponseCreators.withStatus;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 
 import ch.admin.bag.covidcertificate.backend.verifier.data.VerifierDataService;
 import ch.admin.bag.covidcertificate.backend.verifier.model.exception.DgcSyncException;
@@ -28,12 +30,23 @@
 import org.junit.jupiter.api.Test;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.http.HttpMethod;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
+import org.springframework.test.context.ActiveProfiles;
 import org.springframework.test.web.client.ExpectedCount;
 import org.springframework.test.web.client.MockRestServiceServer;
+import org.springframework.test.web.servlet.MockMvc;
 
+@SpringBootTest(
+        properties = {
+                "sync.monitor.prometheus.user=prometheus",
+                "sync.monitor.prometheus.password={bcrypt}$2y$10$umg27y0QSdCFuCBP6ibxdeR3CssS7TD5GjjikcLi5sUG1uSK9qe/.",
+                "management.endpoints.enabled-by-default=true",
+                "management.endpoints.web.exposure.include=*"
+        })
+@ActiveProfiles({"actuator-security"})
 class DgcSyncerTest extends BaseDgcTest {
 
     private final String TEST_JSON_CSCA = "src/test/resources/csca.json";
@@ -61,6 +74,31 @@ class DgcSyncerTest extends BaseDgcTest {
     @Autowired DgcCertSyncer dgcSyncer;
 
     @Autowired VerifierDataService verifierDataService;
+    @Autowired MockMvc mockMvc;
+
+    @Test
+    public void testActuatorSecurity() throws Exception {
+        var response =
+                mockMvc.perform(get("/actuator/health"))
+                        .andExpect(status().is2xxSuccessful())
+                        .andReturn()
+                        .getResponse();
+        response =
+                mockMvc.perform(get("/actuator/loggers"))
+                        .andExpect(status().is(401))
+                        .andReturn()
+                        .getResponse();
+        response =
+                mockMvc.perform(
+                                get("/actuator/loggers")
+                                        .header(
+                                                "Authorization",
+                                                "Basic cHJvbWV0aGV1czpwcm9tZXRoZXVz"))
+                        .andExpect(status().isOk())
+                        .andReturn()
+                        .getResponse();
+    }
+
 
     @Test
     void downloadTest() throws Exception {