From 83f18b02c80ed15e181e48d326503794455690f5 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Sat, 11 Oct 2025 06:38:22 +0000
Subject: [PATCH 1/4] Initial plan


From 94fd4354e362cfea174ea91b4a6a89132300b301 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Sat, 11 Oct 2025 06:44:40 +0000
Subject: [PATCH 2/4] Document Dashboard:Otlp:SuppressUnsecuredTelemetryMessage
 configuration option

Co-authored-by: JamesNK <303201+JamesNK@users.noreply.github.com>
---
 docs/fundamentals/dashboard/configuration.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/docs/fundamentals/dashboard/configuration.md b/docs/fundamentals/dashboard/configuration.md
index 9f2235bb70..b7f463c334 100644
--- a/docs/fundamentals/dashboard/configuration.md
+++ b/docs/fundamentals/dashboard/configuration.md
@@ -112,6 +112,7 @@ API key authentication works by requiring each OTLP request to have a valid `x-o
 | `Dashboard:Otlp:AuthMode` | `Unsecured` | Can be set to `ApiKey`, `Certificate` or `Unsecured`. `Unsecured` should only be used during local development. It's not recommended when hosting the dashboard publicly or in other settings. |
 | `Dashboard:Otlp:PrimaryApiKey` | `null` | Specifies the primary API key. The API key can be any text, but a value with at least 128 bits of entropy is recommended. This value is required if auth mode is API key. |
 | `Dashboard:Otlp:SecondaryApiKey` | `null` | Specifies the secondary API key. The API key can be any text, but a value with at least 128 bits of entropy is recommended. This value is optional. If a second API key is specified, then the incoming `x-otlp-api-key` header value can match either the primary or secondary key. |
+| `Dashboard:Otlp:SuppressUnsecuredTelemetryMessage` | `false` | Suppresses the unsecured telemetry warning message displayed in the dashboard UI and console when OTLP endpoints are configured with `Unsecured` auth mode. When set to `true`, the warning about unsecured OTLP endpoints won't be displayed. This setting is optional and can be set using the `DASHBOARD__OTLP__SUPPRESSUNSECUREDTELEMETRYMESSAGE` environment variable. |
 
 ## OTLP CORS
 

From e75b1ce73700509a69e959fd9182cdbfa6000999 Mon Sep 17 00:00:00 2001
From: James Newton-King <james@newtonking.com>
Date: Sat, 11 Oct 2025 14:52:27 +0800
Subject: [PATCH 3/4] Apply suggestion from @JamesNK

---
 docs/fundamentals/dashboard/configuration.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/fundamentals/dashboard/configuration.md b/docs/fundamentals/dashboard/configuration.md
index b7f463c334..6d0f236930 100644
--- a/docs/fundamentals/dashboard/configuration.md
+++ b/docs/fundamentals/dashboard/configuration.md
@@ -112,7 +112,7 @@ API key authentication works by requiring each OTLP request to have a valid `x-o
 | `Dashboard:Otlp:AuthMode` | `Unsecured` | Can be set to `ApiKey`, `Certificate` or `Unsecured`. `Unsecured` should only be used during local development. It's not recommended when hosting the dashboard publicly or in other settings. |
 | `Dashboard:Otlp:PrimaryApiKey` | `null` | Specifies the primary API key. The API key can be any text, but a value with at least 128 bits of entropy is recommended. This value is required if auth mode is API key. |
 | `Dashboard:Otlp:SecondaryApiKey` | `null` | Specifies the secondary API key. The API key can be any text, but a value with at least 128 bits of entropy is recommended. This value is optional. If a second API key is specified, then the incoming `x-otlp-api-key` header value can match either the primary or secondary key. |
-| `Dashboard:Otlp:SuppressUnsecuredTelemetryMessage` | `false` | Suppresses the unsecured telemetry warning message displayed in the dashboard UI and console when OTLP endpoints are configured with `Unsecured` auth mode. When set to `true`, the warning about unsecured OTLP endpoints won't be displayed. This setting is optional and can be set using the `DASHBOARD__OTLP__SUPPRESSUNSECUREDTELEMETRYMESSAGE` environment variable. |
+| `Dashboard:Otlp:SuppressUnsecuredTelemetryMessage` | `false` | Suppresses the unsecured telemetry warning message displayed in the dashboard UI and console when OTLP endpoints are configured with `Unsecured` auth mode. When set to `true`, the warning about unsecured OTLP endpoints won't be displayed. The unsecured telemetry message should only be suppressed if the endpoint is secured outside of the Aspire dashboard. |
 
 ## OTLP CORS
 

From 49c0d1d574099568f0d5fab2464ccf3a98d68189 Mon Sep 17 00:00:00 2001
From: James Newton-King <james@newtonking.com>
Date: Sat, 11 Oct 2025 14:59:39 +0800
Subject: [PATCH 4/4] Update docs/fundamentals/dashboard/configuration.md

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
---
 docs/fundamentals/dashboard/configuration.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/fundamentals/dashboard/configuration.md b/docs/fundamentals/dashboard/configuration.md
index 6d0f236930..2c88dd1956 100644
--- a/docs/fundamentals/dashboard/configuration.md
+++ b/docs/fundamentals/dashboard/configuration.md
@@ -112,7 +112,7 @@ API key authentication works by requiring each OTLP request to have a valid `x-o
 | `Dashboard:Otlp:AuthMode` | `Unsecured` | Can be set to `ApiKey`, `Certificate` or `Unsecured`. `Unsecured` should only be used during local development. It's not recommended when hosting the dashboard publicly or in other settings. |
 | `Dashboard:Otlp:PrimaryApiKey` | `null` | Specifies the primary API key. The API key can be any text, but a value with at least 128 bits of entropy is recommended. This value is required if auth mode is API key. |
 | `Dashboard:Otlp:SecondaryApiKey` | `null` | Specifies the secondary API key. The API key can be any text, but a value with at least 128 bits of entropy is recommended. This value is optional. If a second API key is specified, then the incoming `x-otlp-api-key` header value can match either the primary or secondary key. |
-| `Dashboard:Otlp:SuppressUnsecuredTelemetryMessage` | `false` | Suppresses the unsecured telemetry warning message displayed in the dashboard UI and console when OTLP endpoints are configured with `Unsecured` auth mode. When set to `true`, the warning about unsecured OTLP endpoints won't be displayed. The unsecured telemetry message should only be suppressed if the endpoint is secured outside of the Aspire dashboard. |
+| `Dashboard:Otlp:SuppressUnsecuredTelemetryMessage` | `false` | Suppresses the unsecured telemetry warning message displayed in the dashboard UI and console when OTLP endpoints are configured with `Unsecured` auth mode. When set to `true`, the warning about unsecured OTLP endpoints won't be displayed. Only suppress this warning in controlled environments where security is managed externally. |
 
 ## OTLP CORS