diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/SpringSecurityConfig.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/SpringSecurityConfig.java
index 76b3299af..5b2e5a98a 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/SpringSecurityConfig.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/SpringSecurityConfig.java
@@ -110,7 +110,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
         http.csrf((csrf) -> csrf.csrfTokenRequestHandler(requestHandler));
         http
             .authorizeHttpRequests()
-            .requestMatchers("/unsecured/**/*","/entities/**/*","/actuator/**").permitAll()
+            .requestMatchers("/unsecured/**/*","/entities/**/*","/actuator/**", "/api/beacon/send").permitAll()
             .anyRequest().hasAnyRole(acceptedAuthenticationRoles)
             .and().exceptionHandling().accessDeniedHandler((request, response, accessDeniedException) -> response.sendRedirect("/unsecured/error.html"))
             .and().authenticationProvider(new SimpleAuthenticationProvider(adminUserService())).formLogin()