The security checks done by the handlers added via ExtensibleHttpManagement.addManagementHandler() currently redirect to the standard html page with an error code of 200. This behaviour is impossible to change.
This is currently only used by MP Health, for which the ExtensibleHttpManagement API was added. Rather than expand this API we will change the behaviour of handlers added with this mechanism to return 500. The standard error page will be updated in
WFCORE-4046 to be more generic.