SAML for the Admin Interface

SAML for the admin interface is the same as SAML for the user base with a few very small alterations. Follow the existing guides for EntraID, OKTA or JumpCloud while keeping the below in mind.

If the same IdP is in use for users and admins, a second Application MUST be created for admin users.
If the same IdP is in use for users and admins, a unique set of SAML certificates must be generated for admin instance.
In the SAML guides under Knocknoc SAML Config, adjust;
1. SAMLMetaDataFile to AdminSAMLMetaDataFile
2. SAMLCertFile to AdminSAMLCertFile
3. SAMLKeyFile to AdminSAMLKeyFile
4. SAMLMetadataUrl to AdminSAMLMetadataUrl
Only a single group is required within the IdP for Knocknoc-Admin users, assign this group to the SAML Application. All users within this group will be able to authenticate and administer Knocknoc.

Consider Your Use Case

SSH

Remote Desktop

Web application

Ivanti Connect Secure

Video

FortiOS, FortiProxy or SSL VPN

VOIP

AWS Infrastructure

Azure Portal

SAML

SAML Principles and Terms

Local Authentication

SAML with EntraID (Azure AD)

SAML with OKTA

Knocknoc with ADFS

SAML with Gsuite as IDP

SAML with Jumpcloud

SAML for the Admin Interface

LDAP

IPset (Linux Netfilter/IPTables)

HAProxy

IPsets with UFW

IPsets with Shorewall

Script Any Arbitrary Backend

AWS (EC2) Security Groups

Mikrotik RouterOS

Nginx

Apache Webserver

Fortigate Address Groups

Microsoft Entra

Allowlist

ACL Basics

Licensing Knocknoc

Server Installation

Agent Installation

Create Users

Create Groups

Admins

Settings

Time for NTP

LDAP Troubleshooting tips

Knocknoc server behind HAProxy

HAProxy tips and tricks

SAML for the Admin Interface