Agentic Access and Companions
Knocknoc normally grants access to the single IP a user authenticates from. Agentic Access and Companions extend that for two cases: granting time-limited access to an automated agent, and keeping access for a user's other companions, such as a second device or a cloud instance.
Both are granular, opt-in features. They stay off until an administrator turns them on, and can be allowed or denied per user, group, or Knoc. Agents and companions count towards the user's session cap, alongside their active logins.
Agentic Access
Agentic Access grants time-limited access to an automated agent acting on a user's behalf, rather than to a person at a keyboard. It suits scripted or unattended tasks that need network access for a set window.
Companions
Companions let a user keep access for their own companions, such as a second device, a jump box, or a cloud instance, without an administrator granting each one by hand.
Each companion can access a subset of the resources assigned to the user, as decided by the user. Removing a companion revokes its access straight away.
Using it
Users create and manage their own agents and companions from their portal. Only the features they have been allowed to use are available.
Enabling it
Agentic Access and Companions are controlled at three levels, and all of them must allow it before a user can use the feature:
- Site-wide: an administrator turns each feature on for the installation.
- Per user or group: each identity is allowed or denied each feature.
- Per Knoc: each Knoc decides whether agents and companions may reach it.
Turning a feature off at any level immediately revokes the access it covers.
Reviewing and revoking
Administrators can review every agent and companion in use across the system, and revoke any of them.