OAuth2 Envoy filter exclude route

Is there a way to ignore a specific route from Envoy Filter ?
In my case, i don’t want to protect /status to perform healthchecks.

My filter :

{{- if eq .Values.auth.enabled "true" }}
apiVersion: networking.istio.io/v1alpha3
kind: EnvoyFilter
metadata:
  name: {{ .Values.componentId }}-oauth2
spec:
  workloadSelector:
    labels:
      app: {{ .Values.componentId }}
  configPatches:
  - applyTo: CLUSTER
    match:
      cluster:
        service: oauth
    patch:
      operation: ADD
      value:
        name: oauth
        dns_lookup_family: V4_ONLY
        type: LOGICAL_DNS
        connect_timeout: 10s
        lb_policy: ROUND_ROBIN
        transport_socket:
          name: envoy.transport_sockets.tls
          typed_config:
            "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext
            sni: {{ .Values.lb_identera.hostname }}
        load_assignment:
          cluster_name: oauth
          endpoints:
          - lb_endpoints:
            - endpoint:
                address:
                  socket_address:
                    address: {{ .Values.lb_identera.hostname }}
                    port_value: 443
  - applyTo: HTTP_FILTER
    match:
      context: SIDECAR_INBOUND
      listener:
        filterChain:
          filter:
            name: "envoy.http_connection_manager"
            subFilter:
              name: "envoy.router"
    patch:
      operation: INSERT_BEFORE
      value:
       name: envoy.filters.http.oauth2
       typed_config:
         "@type": type.googleapis.com/envoy.extensions.filters.http.oauth2.v3alpha.OAuth2
         config:
          token_endpoint:
            cluster: oauth
            uri: https://{{ .Values.lb_identera.hostname }}/auth/realms/{{ .Values.auth.kc_realm }}
            timeout: 3s
          authorization_endpoint: https://{{ .Values.lb_identera.hostname }}/auth/realms/{{ .Values.auth.kc_realm }}
          redirect_uri: "https://%REQ(:authority)%/_oauth2_callback"
          redirect_path_matcher:
            path:
              exact: /_oauth2_callback
          signout_path:
            path:
              exact: /signout
          credentials:
            client_id: {{ .Values.auth.kc_client_id }}
            token_secret:
              name: token
              sds_config:
                path: "/etc/istio/config/token-secret.yaml"
            hmac_secret:
              name: hmac
              sds_config:
                path: "/etc/istio/config/hmac-secret.yaml"
{{- end }}

Any workaround will be apprecied.