fortinet / fortinet.fortimanager / 2.4.0 / module / fmgr_user_saml_dynamicmapping SAML server entry configuration. | "added in version" 2.2.0 of fortinet.fortimanager" Authors: Xinwei Du (@dux-fortinet), Xing Li (@lix-fortinet), Jie Xue (@JieX19), Link Zheng (@chillancezen), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu) preview | supported by communityfortinet.fortimanager.fmgr_user_saml_dynamicmapping (2.4.0) — module
Install with ansible-galaxy collection install fortinet.fortimanager:==2.4.0
collections: - name: fortinet.fortimanager version: 2.4.0
This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- name: Example playbook (generated based on argument schema) hosts: fortimanagers connection: httpapi vars: ansible_httpapi_use_ssl: true ansible_httpapi_validate_certs: false ansible_httpapi_port: 443 tasks: - name: SAML server entry configuration. fortinet.fortimanager.fmgr_user_saml_dynamicmapping: # bypass_validation: false workspace_locking_adom: <value in [global, custom adom including root]> workspace_locking_timeout: 300 # rc_succeeded: [0, -2, -3, ...] # rc_failed: [-2, -3, ...] adom: <your own value> saml: <your own value> state: present # <value in [present, absent]> user_saml_dynamicmapping: _scope: - name: <string> vdom: <string> adfs_claim: <value in [disable, enable]> cert: <string> clock_tolerance: <integer> digest_method: <value in [sha1, sha256]> entity_id: <string> group_claim_type: <value in [email, given-name, name, ...]> group_name: <string> idp_cert: <string> idp_entity_id: <string> idp_single_logout_url: <string> idp_single_sign_on_url: <string> limit_relaystate: <value in [disable, enable]> single_logout_url: <string> single_sign_on_url: <string> user_claim_type: <value in [email, given-name, name, ...]> user_name: <string> auth_url: <string> reauth: <value in [disable, enable]>
adom: description: The parameter (adom) in requested url. required: true type: str saml: description: The parameter (saml) in requested url. required: true type: str state: choices: - present - absent description: The directive to create, update or delete an object. required: true type: str rc_failed: description: The rc codes list with which the conditions to fail will be overriden. elements: int type: list enable_log: default: false description: Enable/Disable logging for task. type: bool access_token: description: The token to access FortiManager without using username and password. type: str rc_succeeded: description: The rc codes list with which the conditions to succeed will be overriden. elements: int type: list proposed_method: choices: - update - set - add description: The overridden method for the underlying Json RPC request. type: str bypass_validation: default: false description: Only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters. type: bool workspace_locking_adom: description: The adom to lock for FortiManager running in workspace mode, the value can be global and others including root. type: str forticloud_access_token: description: Authenticate Ansible client with forticloud API access token. type: str user_saml_dynamicmapping: description: The top level parameters set. required: false suboptions: _scope: description: No description. elements: dict suboptions: name: description: No description. type: str vdom: description: No description. type: str type: list adfs-claim: choices: - disable - enable description: Deprecated, please rename it to adfs_claim. Enable/disable ADFS Claim for user/group attribute in assertion statement type: str auth-url: description: Deprecated, please rename it to auth_url. URL to verify authentication. type: str cert: description: Certificate to sign SAML messages. type: str clock-tolerance: description: Deprecated, please rename it to clock_tolerance. Clock skew tolerance in seconds type: int digest-method: choices: - sha1 - sha256 description: Deprecated, please rename it to digest_method. Digest method algorithm type: str entity-id: description: Deprecated, please rename it to entity_id. SP entity ID. type: str group-claim-type: choices: - email - given-name - name - upn - common-name - email-adfs-1x - group - upn-adfs-1x - role - sur-name - ppid - name-identifier - authentication-method - deny-only-group-sid - deny-only-primary-sid - deny-only-primary-group-sid - group-sid - primary-group-sid - primary-sid - windows-account-name description: Deprecated, please rename it to group_claim_type. Group claim in assertion statement. type: str group-name: description: Deprecated, please rename it to group_name. Group name in assertion statement. type: str idp-cert: description: Deprecated, please rename it to idp_cert. IDP Certificate name. type: str idp-entity-id: description: Deprecated, please rename it to idp_entity_id. IDP entity ID. type: str idp-single-logout-url: description: Deprecated, please rename it to idp_single_logout_url. IDP single logout url. type: str idp-single-sign-on-url: description: Deprecated, please rename it to idp_single_sign_on_url. IDP single sign-on URL. type: str limit-relaystate: choices: - disable - enable description: Deprecated, please rename it to limit_relaystate. Enable/disable limiting of relay-state parameter when it exceeds SAML 2. type: str reauth: choices: - disable - enable description: Enable/disable signalling of IDP to force user re-authentication type: str single-logout-url: description: Deprecated, please rename it to single_logout_url. SP single logout URL. type: str single-sign-on-url: description: Deprecated, please rename it to single_sign_on_url. SP single sign-on URL. type: str user-claim-type: choices: - email - given-name - name - upn - common-name - email-adfs-1x - group - upn-adfs-1x - role - sur-name - ppid - name-identifier - authentication-method - deny-only-group-sid - deny-only-primary-sid - deny-only-primary-group-sid - group-sid - primary-group-sid - primary-sid - windows-account-name description: Deprecated, please rename it to user_claim_type. User name claim in assertion statement. type: str user-name: description: Deprecated, please rename it to user_name. User name in assertion statement. type: str type: dict workspace_locking_timeout: default: 300 description: The maximum time in seconds to wait for other user to release the workspace lock. type: int
meta: contains: request_url: description: The full url requested. returned: always sample: /sys/login/user type: str response_code: description: The status of api request. returned: always sample: 0 type: int response_data: description: The api response. returned: always type: list response_message: description: The descriptive message of the api response. returned: always sample: OK. type: str system_information: description: The information of the target system. returned: always type: dict description: The result of the request. returned: always type: dict rc: description: The status the request. returned: always sample: 0 type: int version_check_warning: description: Warning if the parameters used in the playbook are not supported by the current FortiManager version. returned: complex type: list