Settings

The Settings inpage lets administrators configure authentication, server options, threat intelligence, branding, and other system-wide preferences. Open it from the Admin portal sidebar.

Some sections are hidden when running on Knocknoc ~~allows you to configure some of the basic setup like authentication sources in a web interface. This is also where the license is applied, along with SAML configuration and more.~~Cloud.

License

The ~~License~~Knocknoc ~~is where you~~license can ~~cut~~be ~~and~~set via the support page (previously located on the settings page). To set the license, paste your license key from the ~~Licensing~~license ~~Portal.~~portal ~~Clicking save activates~~into the "License Key" box in the "License & Plan" section. This requires the Knocknoc server ~~immediately~~to ~~(requires~~have outbound internet ~~access)~~access.

Settings page:

Support page:

The License section displays the current server version. To view full license details (entitlements, expiry, support status), view the Support page.

Authentication

Authentication settings are split into two tabs: SAML and LDAP.

It is recommended ~~that~~to use the ~~SAML~~ Metadata url ~~be used~~ for SAML integration. Note you will need to generate a keypair unless a pair is uploaded. Follow the SAML documentation for more information.

~~Client~~

For ~~discovery~~information ~~relates~~on toconfiguring ~~CGNat~~LDAP, IPfollow ~~address discovery and is covered~~the LDAP documentation here.

Public URL

The ~~GelfListenerURL~~public ~~allows~~URL ~~for~~is the externally-reachable address of your Knocknoc server (e.g. https://knocknoc.example.com). Set this to the URL that users and identity providers use to reach Knocknoc.

Server Configuration

SSL/TLS Certificates

You can manage your Knocknoc server SSL certificates directly via the admin portal.

You may upload new key files and certificate files in this UI. The certificate and key file will be validated against each other, so there is no risk of uploading an invalid pair. If the server has multiple certificates (e.g. from a ~~destination~~certificate chain), a dropdown lets you select which certificate to ~~send~~inspect.

Logging & Diagnostics

Field Description Debug mode Enables verbose debug logging on the ~~logs~~server. Turn this off after troubleshooting, as it produces a large volume of log output. GELF Listener URL Sends structured log events in Graylog Extended Log Format (GELF) to an external log collector. Supported protocols: udp://, tcp://, tls://. Example: tcp://log.example.com:12201. Use this to forward logs to a SIEM, Graylog, or any system that accepts GELF ~~listener.~~input. ~~This~~ is ~~useful~~

Threat Intelligence

Knocknoc integrates with GreyNoise for ~~SIEM~~IP orreputation ~~other~~lookups. ~~logging~~When ~~activity, as GELF is a simple JSON over TCP and widely supported.~~

~~The Customization section allows for the admin to pick a theme for~~configured, Knocknoc ~~and~~checks ~~upload~~connecting aIP ~~custom~~addresses ~~logo:~~against GreyNoise's threat intelligence database.

This isallows ~~helpful~~Knocknoc to block access attempts from malicious IPs.

Kiosk Settings

Kiosk mode (also called "Public Computer" mode) sets a shorter session duration for users on shared or public computers. When a user logs in from a kiosk, their session expires after the configured duration regardless of activity.

Branding

You can customize the look of the Knocknoc interface to match your ~~company~~organization's ~~theme~~branding.

This includes changing the accent color in Knocknoc, which affects the color of UI elements. Enabling high accessibility mode, which subtly changes UI elements in the User dashboard to ~~meet~~increase ~~users'~~accessibility. ~~expectations.~~Uploading your organizations logo to display in place of the Knocknoc logo.