I wanted to disable the admin user in Argo, primarily because I wanted to have all logins go through my SAML provider.

With ArgoCD you have the ability to use local users, external users (via SAML) or both.

I wanted to force all logins through the SAML provider and remove the username/password text boxes from the login screen. After a quick look through the source, I found I needed to disable the login on all local users in the Argo system. Since I did not have any users other than the admin, I only needed to disable that one user.

To do this, modify the argocd-cm config map and add a new entry, admin.enabled. Set it to false and apply it.

Below is the relevant parts of the config map.

apiVersion: v1
kind: ConfigMap
metadata:
  name: argocd-cm
data:
  admin.enabled: "false"

Conclusion

Argo is fun and I enjoy learning more about it as time goes on. It only gets better. Before I set the admin.enabled value I had just set the password hash on the admin user to an invalid value, hacky, but that worked. This is a much better solution.