community / community.general / 3.8.10 / module / keycloak_authentication Configure authentication in Keycloak | "added in version" 3.3.0 of community.general" Authors: Philippe Gauthier (@elfelip), Gaëtan Daubresse (@Gaetan2907)community.general.keycloak_authentication (3.8.10) — module
Install with ansible-galaxy collection install community.general:==3.8.10
collections: - name: community.general version: 3.8.10
This module actually can only make a copy of an existing authentication flow, add an execution to it and configure it.
It can also delete the flow.
- name: Create an authentication flow from first broker login and add an execution to it. community.general.keycloak_authentication: auth_keycloak_url: http://localhost:8080/auth auth_realm: master auth_username: admin auth_password: password realm: master alias: "Copy of first broker login" copyFrom: "first broker login" authenticationExecutions: - providerId: "test-execution1" requirement: "REQUIRED" authenticationConfig: alias: "test.execution1.property" config: test1.property: "value" - providerId: "test-execution2" requirement: "REQUIRED" authenticationConfig: alias: "test.execution2.property" config: test2.property: "value" state: present
- name: Re-create the authentication flow community.general.keycloak_authentication: auth_keycloak_url: http://localhost:8080/auth auth_realm: master auth_username: admin auth_password: password realm: master alias: "Copy of first broker login" copyFrom: "first broker login" authenticationExecutions: - providerId: "test-provisioning" requirement: "REQUIRED" authenticationConfig: alias: "test.provisioning.property" config: test.provisioning.property: "value" state: present force: true
- name: Create an authentication flow with subflow containing an execution. community.general.keycloak_authentication: auth_keycloak_url: http://localhost:8080/auth auth_realm: master auth_username: admin auth_password: password realm: master alias: "Copy of first broker login" copyFrom: "first broker login" authenticationExecutions: - providerId: "test-execution1" requirement: "REQUIRED" - displayName: "New Subflow" requirement: "REQUIRED" - providerId: "auth-cookie" requirement: "REQUIRED" flowAlias: "New Sublow" state: present
- name: Remove authentication. community.general.keycloak_authentication: auth_keycloak_url: http://localhost:8080/auth auth_realm: master auth_username: admin auth_password: password realm: master alias: "Copy of first broker login" state: absent
alias: description: - Alias for the authentication flow. required: true type: str force: default: false description: - If C(true), allows to remove the authentication flow and recreate it. type: bool realm: description: - The name of the realm in which is the authentication. required: true type: str state: choices: - present - absent default: present description: - Control if the authentication flow must exists or not. type: str token: description: - Authentication token for Keycloak API. type: str version_added: 3.0.0 version_added_collection: community.general copyFrom: description: - C(flowAlias) of the authentication flow to use for the copy. type: str auth_realm: description: - Keycloak realm name to authenticate to for API access. type: str providerId: description: - C(providerId) for the new flow when not copied from an existing flow. type: str description: description: - Description of the flow. type: str auth_password: aliases: - password description: - Password to authenticate for API access with. type: str auth_username: aliases: - username description: - Username to authenticate for API access with. type: str auth_client_id: default: admin-cli description: - OpenID Connect I(client_id) to authenticate to the API with. type: str validate_certs: default: true description: - Verify TLS certificates (do not disable this in production). type: bool auth_keycloak_url: aliases: - url description: - URL to the Keycloak instance. required: true type: str auth_client_secret: description: - Client Secret to use in conjunction with I(auth_client_id) (if required). type: str authenticationExecutions: description: - Configuration structure for the executions. elements: dict suboptions: authenticationConfig: description: - Describe the config of the authentication. type: dict displayName: description: - Name of the execution or subflow to create or update. type: str flowAlias: description: - Alias of parent flow. type: str index: description: - Priority order of the execution. type: int providerId: description: - C(providerID) for the new flow when not copied from an existing flow. type: str requirement: choices: - REQUIRED - ALTERNATIVE - DISABLED - CONDITIONAL description: - Control status of the subflow or execution. type: str type: list
flow: description: JSON representation for the authentication. returned: on success type: dict