diff --git a/src/main/kotlin/com/android/trisolarisserver/controller/Health.kt b/src/main/kotlin/com/android/trisolarisserver/controller/Health.kt
new file mode 100644
index 0000000..2c0cb8f
--- /dev/null
+++ b/src/main/kotlin/com/android/trisolarisserver/controller/Health.kt
@@ -0,0 +1,17 @@
+package com.android.trisolarisserver.controller
+
+import org.springframework.web.bind.annotation.GetMapping
+import org.springframework.web.bind.annotation.RestController
+
+@RestController
+class Health {
+    @GetMapping("/health")
+    fun health(): Map<String, String> {
+        return mapOf("status" to "ok")
+    }
+
+    @GetMapping("/")
+    fun root(): Map<String, String> {
+        return mapOf("status" to "ok")
+    }
+}
diff --git a/src/main/kotlin/com/android/trisolarisserver/security/SecurityConfig.kt b/src/main/kotlin/com/android/trisolarisserver/security/SecurityConfig.kt
index dba6826..9b034bd 100644
--- a/src/main/kotlin/com/android/trisolarisserver/security/SecurityConfig.kt
+++ b/src/main/kotlin/com/android/trisolarisserver/security/SecurityConfig.kt
@@ -16,7 +16,10 @@ class SecurityConfig(
         http
             .csrf { it.disable() }
             .sessionManagement { it.sessionCreationPolicy(SessionCreationPolicy.STATELESS) }
-            .authorizeHttpRequests { it.anyRequest().authenticated() }
+            .authorizeHttpRequests {
+                it.requestMatchers("/", "/health").permitAll()
+                it.anyRequest().authenticated()
+            }
             .addFilterBefore(firebaseAuthFilter, UsernamePasswordAuthenticationFilter::class.java)
         return http.build()
     }