diff --git a/scripts/install b/scripts/install
index fef4106..799366a 100644
--- a/scripts/install
+++ b/scripts/install
@@ -300,11 +300,11 @@ ynh_add_fail2ban_config --logpath="/var/log/nginx/$domain-access.log" --failrege
 ynh_script_progression --message="Configuring permissions..." --weight=2
 
 if [ $is_public -eq 1 ]; then
-	ynh_permission_update --permission="main" --add="visitors"	
+	ynh_permission_update --permission="main" --add="visitors"
 fi
 
 # Only the admin can access the admin panel of the app (if the app has an admin panel)
-ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin
+ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin --auth_header=false
 
 #=================================================
 # RELOAD NGINX
diff --git a/scripts/upgrade b/scripts/upgrade
index dfe4f87..c811618 100644
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -135,6 +135,10 @@ fi
 if ! ynh_permission_exists --permission="admin"; then
   # Create the required permissions
   ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin
+else
+  # Make sure the admin panel is not exposed to the SSO's authentication headers
+  # AFAIK there is no helper to check if that flag is up or not, so let's force it.
+  ynh_permission_url --permission="admin" --auth_header=false
 fi
 
 #=================================================