By default the /env endpoint will hide the value of any property with a key that, ignoring case, ends with password, secret, or key. You can customize this using the endpoints.env.keys-to-sanitize property. The value of this property should be a comma-separated list of suffixes or regexes to match against property names. For example, if you don’t care about keys ending in key you could set it to:
endpoints.env.keys-to-sanitize=password,secret
This is what the documentation says:
endpoints.env.keys-to-sanitize=password,secret,key,token,.credentials.,vcap_services
Keys that should be sanitized. Keys can be simple strings that the property ends with or regex expressions.