diff --git a/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/cloudfoundry/CloudFoundrySecurityInterceptor.java b/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/cloudfoundry/CloudFoundrySecurityInterceptor.java
index cc3f0c5b3b..ab13a0e148 100644
--- a/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/cloudfoundry/CloudFoundrySecurityInterceptor.java
+++ b/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/cloudfoundry/CloudFoundrySecurityInterceptor.java
@@ -24,6 +24,7 @@ import org.apache.commons.logging.LogFactory;
 
 import org.springframework.boot.actuate.cloudfoundry.CloudFoundryAuthorizationException.Reason;
 import org.springframework.boot.actuate.endpoint.mvc.MvcEndpoint;
+import org.springframework.http.MediaType;
 import org.springframework.util.StringUtils;
 import org.springframework.web.cors.CorsUtils;
 import org.springframework.web.method.HandlerMethod;
@@ -74,6 +75,9 @@ class CloudFoundrySecurityInterceptor extends HandlerInterceptorAdapter {
 		}
 		catch (CloudFoundryAuthorizationException ex) {
 			this.logger.error(ex);
+			response.setContentType(MediaType.APPLICATION_JSON.toString());
+			response.getWriter()
+					.write("{\"security_error\":\"" + ex.getMessage() + "\"}");
 			response.setStatus(ex.getStatusCode().value());
 			return false;
 		}
diff --git a/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/cloudfoundry/CloudFoundrySecurityInterceptorTests.java b/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/cloudfoundry/CloudFoundrySecurityInterceptorTests.java
index a8e8ca51b2..7a338d210d 100644
--- a/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/cloudfoundry/CloudFoundrySecurityInterceptorTests.java
+++ b/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/cloudfoundry/CloudFoundrySecurityInterceptorTests.java
@@ -28,6 +28,7 @@ import org.springframework.boot.actuate.endpoint.AbstractEndpoint;
 import org.springframework.boot.actuate.endpoint.mvc.EndpointMvcAdapter;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;
 import org.springframework.util.Base64Utils;
@@ -87,6 +88,9 @@ public class CloudFoundrySecurityInterceptorTests {
 		assertThat(preHandle).isFalse();
 		assertThat(this.response.getStatus())
 				.isEqualTo(Reason.MISSING_AUTHORIZATION.getStatus().value());
+		assertThat(this.response.getContentAsString()).contains("security_error");
+		assertThat(this.response.getContentType())
+				.isEqualTo(MediaType.APPLICATION_JSON.toString());
 	}
 
 	@Test