diff --git a/openmetadata-service/src/main/java/org/openmetadata/service/resources/system/ConfigResource.java b/openmetadata-service/src/main/java/org/openmetadata/service/resources/system/ConfigResource.java
index e329087c984..0e6302fa66c 100644
--- a/openmetadata-service/src/main/java/org/openmetadata/service/resources/system/ConfigResource.java
+++ b/openmetadata-service/src/main/java/org/openmetadata/service/resources/system/ConfigResource.java
@@ -31,6 +31,7 @@ import org.openmetadata.catalog.type.IdentityProviderConfig;
 import org.openmetadata.schema.api.configuration.LoginConfiguration;
 import org.openmetadata.schema.api.security.AuthenticationConfiguration;
 import org.openmetadata.schema.api.security.AuthorizerConfiguration;
+import org.openmetadata.schema.services.connections.metadata.AuthProvider;
 import org.openmetadata.schema.settings.SettingsType;
 import org.openmetadata.service.OpenMetadataApplicationConfig;
 import org.openmetadata.service.clients.pipeline.PipelineServiceAPIClientConfig;
@@ -88,25 +89,34 @@ public class ConfigResource {
                     schema = @Schema(implementation = AuthenticationConfiguration.class)))
       })
   public AuthenticationConfiguration getAuthConfig() {
-    AuthenticationConfiguration authenticationConfiguration = new AuthenticationConfiguration();
+    AuthenticationConfiguration responseAuthConfig = new AuthenticationConfiguration();
+    AuthenticationConfiguration yamlConfig =
+        openMetadataApplicationConfig.getAuthenticationConfiguration();
     if (openMetadataApplicationConfig.getAuthenticationConfiguration() != null) {
-      authenticationConfiguration = openMetadataApplicationConfig.getAuthenticationConfiguration();
-      // Remove Ldap Configuration
-      authenticationConfiguration.setLdapConfiguration(null);
-
-      if (authenticationConfiguration.getSamlConfiguration() != null) {
+      responseAuthConfig.setProvider(yamlConfig.getProvider());
+      responseAuthConfig.setProviderName(yamlConfig.getProviderName());
+      responseAuthConfig.setClientType(yamlConfig.getClientType());
+      responseAuthConfig.setEnableSelfSignup(yamlConfig.getEnableSelfSignup());
+      responseAuthConfig.setJwtPrincipalClaims(yamlConfig.getJwtPrincipalClaims());
+      responseAuthConfig.setJwtPrincipalClaimsMapping(yamlConfig.getJwtPrincipalClaimsMapping());
+      responseAuthConfig.setClientId(yamlConfig.getClientId());
+      responseAuthConfig.setAuthority(yamlConfig.getAuthority());
+      responseAuthConfig.setCallbackUrl(yamlConfig.getCallbackUrl());
+      if (responseAuthConfig.getProvider().equals(AuthProvider.SAML)
+          && yamlConfig.getSamlConfiguration() != null) {
         // Remove Saml Fields
         SamlSSOClientConfig ssoClientConfig = new SamlSSOClientConfig();
         ssoClientConfig.setIdp(
             new IdentityProviderConfig()
-                .withAuthorityUrl(
-                    authenticationConfiguration.getSamlConfiguration().getIdp().getAuthorityUrl()));
-        authenticationConfiguration.setSamlConfiguration(ssoClientConfig);
+                .withAuthorityUrl(yamlConfig.getSamlConfiguration().getIdp().getAuthorityUrl()));
+        responseAuthConfig.setSamlConfiguration(ssoClientConfig);
+      } else {
+        responseAuthConfig.setSamlConfiguration(null);
       }
-
-      authenticationConfiguration.setOidcConfiguration(null);
+      responseAuthConfig.setLdapConfiguration(null);
+      responseAuthConfig.setOidcConfiguration(null);
     }
-    return authenticationConfiguration;
+    return responseAuthConfig;
   }
 
   @GET
@@ -143,11 +153,12 @@ public class ConfigResource {
                     schema = @Schema(implementation = AuthorizerConfiguration.class)))
       })
   public AuthorizerConfiguration getAuthorizerConfig() {
-    AuthorizerConfiguration authorizerConfiguration = new AuthorizerConfiguration();
-    if (openMetadataApplicationConfig.getAuthorizerConfiguration() != null) {
-      authorizerConfiguration = openMetadataApplicationConfig.getAuthorizerConfiguration();
+    AuthorizerConfiguration responseAuthorizerConfig = new AuthorizerConfiguration();
+    AuthorizerConfiguration yamlConfig = openMetadataApplicationConfig.getAuthorizerConfiguration();
+    if (yamlConfig != null) {
+      responseAuthorizerConfig.setPrincipalDomain(yamlConfig.getPrincipalDomain());
     }
-    return authorizerConfiguration;
+    return responseAuthorizerConfig;
   }
 
   @GET
diff --git a/openmetadata-service/src/test/java/org/openmetadata/service/resources/system/ConfigResourceTest.java b/openmetadata-service/src/test/java/org/openmetadata/service/resources/system/ConfigResourceTest.java
index 4615d0648d3..c611b278bcf 100644
--- a/openmetadata-service/src/test/java/org/openmetadata/service/resources/system/ConfigResourceTest.java
+++ b/openmetadata-service/src/test/java/org/openmetadata/service/resources/system/ConfigResourceTest.java
@@ -15,6 +15,8 @@ package org.openmetadata.service.resources.system;
 
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertNull;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 import static org.openmetadata.service.util.TestUtils.TEST_AUTH_HEADERS;
 
 import com.fasterxml.jackson.databind.ObjectMapper;
@@ -63,14 +65,41 @@ class ConfigResourceTest extends OpenMetadataApplicationTest {
     WebTarget target = getConfigResource("auth");
     AuthenticationConfiguration auth =
         TestUtils.get(target, AuthenticationConfiguration.class, TEST_AUTH_HEADERS);
+
+    // Verify required fields are present
     assertEquals(config.getAuthenticationConfiguration().getProvider(), auth.getProvider());
     assertEquals(config.getAuthenticationConfiguration().getProviderName(), auth.getProviderName());
-    assertEquals(config.getAuthenticationConfiguration().getAuthority(), auth.getAuthority());
-    assertEquals(config.getAuthenticationConfiguration().getCallbackUrl(), auth.getCallbackUrl());
+    assertEquals(config.getAuthenticationConfiguration().getClientType(), auth.getClientType());
+    assertEquals(
+        config.getAuthenticationConfiguration().getEnableSelfSignup(), auth.getEnableSelfSignup());
     assertEquals(
         config.getAuthenticationConfiguration().getJwtPrincipalClaims(),
         auth.getJwtPrincipalClaims());
+    assertEquals(
+        config.getAuthenticationConfiguration().getJwtPrincipalClaimsMapping(),
+        auth.getJwtPrincipalClaimsMapping());
     assertEquals(config.getAuthenticationConfiguration().getClientId(), auth.getClientId());
+    assertEquals(config.getAuthenticationConfiguration().getAuthority(), auth.getAuthority());
+    assertEquals(config.getAuthenticationConfiguration().getCallbackUrl(), auth.getCallbackUrl());
+
+    // For SAML, verify samlConfiguration is present but only contains authorityUrl
+    if (auth.getProvider().name().equals("SAML")
+        && config.getAuthenticationConfiguration().getSamlConfiguration() != null) {
+      assertNotNull(auth.getSamlConfiguration());
+      assertNotNull(auth.getSamlConfiguration().getIdp());
+      assertEquals(
+          config.getAuthenticationConfiguration().getSamlConfiguration().getIdp().getAuthorityUrl(),
+          auth.getSamlConfiguration().getIdp().getAuthorityUrl());
+    }
+
+    // Verify sensitive/unused fields are excluded
+    assertNull(auth.getLdapConfiguration());
+    assertNull(auth.getOidcConfiguration());
+    assertTrue(auth.getPublicKeyUrls().isEmpty());
+    assertEquals(config.getAuthenticationConfiguration().getResponseType(), auth.getResponseType());
+    assertEquals(
+        config.getAuthenticationConfiguration().getTokenValidationAlgorithm(),
+        auth.getTokenValidationAlgorithm());
   }
 
   @Test
@@ -78,20 +107,24 @@ class ConfigResourceTest extends OpenMetadataApplicationTest {
     WebTarget target = getConfigResource("authorizer");
     AuthorizerConfiguration auth =
         TestUtils.get(target, AuthorizerConfiguration.class, TEST_AUTH_HEADERS);
-    assertEquals(config.getAuthorizerConfiguration().getClassName(), auth.getClassName());
+
+    // Verify only required field is present
     assertEquals(
         config.getAuthorizerConfiguration().getPrincipalDomain(), auth.getPrincipalDomain());
+
+    // Verify sensitive/unused fields are excluded
+    assertNull(auth.getClassName());
+    assertTrue(auth.getAdminPrincipals().isEmpty());
+    assertNull(auth.getContainerRequestFilter());
+    assertNull(auth.getEnableSecureSocketConnection());
+    assertNull(auth.getEnforcePrincipalDomain());
+    assertTrue(auth.getAllowedDomains().isEmpty());
+    assertTrue(auth.getAllowedEmailRegistrationDomains().isEmpty());
+    assertNull(auth.getBotPrincipals());
+    assertTrue(auth.getTestPrincipals().isEmpty());
     assertEquals(
-        config.getAuthorizerConfiguration().getAdminPrincipals(), auth.getAdminPrincipals());
-    assertEquals(
-        config.getAuthorizerConfiguration().getContainerRequestFilter(),
-        auth.getContainerRequestFilter());
-    assertEquals(
-        config.getAuthorizerConfiguration().getEnableSecureSocketConnection(),
-        auth.getEnableSecureSocketConnection());
-    assertEquals(
-        config.getAuthorizerConfiguration().getEnforcePrincipalDomain(),
-        auth.getEnforcePrincipalDomain());
+        config.getAuthorizerConfiguration().getUseRolesFromProvider(),
+        auth.getUseRolesFromProvider());
   }
 
   @Test