/ home / community / community.general / 8.5.0 / module / keycloak_authentication_required_actions

community.general.keycloak_authentication_required_actions (8.5.0) — module

Allows administration of Keycloak authentication required actions

| "added in version" 7.1.0 of community.general"

Authors: Skrekulko (@Skrekulko)

Install collection

Install with ansible-galaxy collection install community.general:==8.5.0

Add to requirements.yml

  collections:
    - name: community.general
      version: 8.5.0

Description

This module can register, update and delete required actions.

It also filters out any duplicate required actions by their alias. The first occurrence is preserved.

Usage examples

Scanned by Steampunk Spotter

- name: Register a new required action.
  community.general.keycloak_authentication_required_actions:
    auth_client_id: "admin-cli"
    auth_keycloak_url: "http://localhost:8080"
    auth_password: "password"
    auth_realm: "master"
    auth_username: "admin"
    realm: "master"
    required_action:
      - alias: "TERMS_AND_CONDITIONS"
        name: "Terms and conditions"
        providerId: "TERMS_AND_CONDITIONS"
        enabled: true
    state: "present"

Scanned by Steampunk Spotter

- name: Update the newly registered required action.
  community.general.keycloak_authentication_required_actions:
    auth_client_id: "admin-cli"
    auth_keycloak_url: "http://localhost:8080"
    auth_password: "password"
    auth_realm: "master"
    auth_username: "admin"
    realm: "master"
    required_action:
      - alias: "TERMS_AND_CONDITIONS"
        enabled: false
    state: "present"

Scanned by Steampunk Spotter

- name: Delete the updated registered required action.
  community.general.keycloak_authentication_required_actions:
    auth_client_id: "admin-cli"
    auth_keycloak_url: "http://localhost:8080"
    auth_password: "password"
    auth_realm: "master"
    auth_username: "admin"
    realm: "master"
    required_action:
      - alias: "TERMS_AND_CONDITIONS"
    state: "absent"

Inputs

    
realm:
    description:
    - The name of the realm in which are the authentication required actions.
    required: true
    type: str

state:
    choices:
    - absent
    - present
    description:
    - Control if the realm authentication required actions are going to be registered/updated
      (V(present)) or deleted (V(absent)).
    required: true
    type: str

token:
    description:
    - Authentication token for Keycloak API.
    type: str
    version_added: 3.0.0
    version_added_collection: community.general

auth_realm:
    description:
    - Keycloak realm name to authenticate to for API access.
    type: str

http_agent:
    default: Ansible
    description:
    - Configures the HTTP User-Agent header.
    type: str
    version_added: 5.4.0
    version_added_collection: community.general

auth_password:
    aliases:
    - password
    description:
    - Password to authenticate for API access with.
    type: str

auth_username:
    aliases:
    - username
    description:
    - Username to authenticate for API access with.
    type: str

auth_client_id:
    default: admin-cli
    description:
    - OpenID Connect C(client_id) to authenticate to the API with.
    type: str

validate_certs:
    default: true
    description:
    - Verify TLS certificates (do not disable this in production).
    type: bool

required_actions:
    description:
    - Authentication required action.
    elements: dict
    suboptions:
      alias:
        description:
        - Unique name of the required action.
        required: true
        type: str
      config:
        description:
        - Configuration for the required action.
        type: dict
      defaultAction:
        description:
        - Indicates, if any new user will have the required action assigned to it.
        type: bool
      enabled:
        description:
        - Indicates, if the required action is enabled or not.
        type: bool
      name:
        description:
        - Displayed name of the required action. Required for registration.
        type: str
      priority:
        description:
        - Priority of the required action.
        type: int
      providerId:
        description:
        - Provider ID of the required action. Required for registration.
        type: str
    type: list

auth_keycloak_url:
    aliases:
    - url
    description:
    - URL to the Keycloak instance.
    required: true
    type: str

auth_client_secret:
    description:
    - Client Secret to use in conjunction with O(auth_client_id) (if required).
    type: str

connection_timeout:
    default: 10
    description:
    - Controls the HTTP connections timeout period (in seconds) to Keycloak API.
    type: int
    version_added: 4.5.0
    version_added_collection: community.general

Outputs

end_state:
  contains:
    alias:
      description:
      - Unique name of the required action.
      sample: test-provider-id
      type: str
    config:
      description:
      - Configuration for the required action.
      sample: {}
      type: dict
    defaultAction:
      description:
      - Indicates, if any new user will have the required action assigned to it.
      sample: false
      type: bool
    enabled:
      description:
      - Indicates, if the required action is enabled or not.
      sample: false
      type: bool
    name:
      description:
      - Displayed name of the required action. Required for registration.
      sample: Test provider ID
      type: str
    priority:
      description:
      - Priority of the required action.
      sample: 90
      type: int
    providerId:
      description:
      - Provider ID of the required action. Required for registration.
      sample: test-provider-id
      type: str
  description: Representation of the authentication required actions after module
    execution.
  returned: on success
  type: complex
msg:
  description: Message as to what action was taken.
  returned: always
  type: str