netscaler / netscaler.adc / 2.5.1 / module / authenticationoauthaction Configuration for OAuth authentication action resource. | "added in version" 2.0.0 of netscaler.adc" Authors: Sumanth Lingappa (@sumanth-lingappa) preview | supported by communitynetscaler.adc.authenticationoauthaction (2.5.1) — module
Install with ansible-galaxy collection install netscaler.adc:==2.5.1
collections: - name: netscaler.adc version: 2.5.1
Configuration for OAuth authentication action resource.
name: description: - Name for the OAuth Authentication action. - Must begin with a letter, number, or the underscore character (_), and must contain only letters, numbers, and the hyphen (-), period (.) pound (#), space ( ), at (@), equals (=), colon (:), and underscore characters. Cannot be changed after the profile is created. - '' - 'The following requirement applies only to the Citrix ADC CLI:' - If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, "my authentication action" or 'my authentication action'). type: str nsip: description: - The ip address of the NetScaler ADC appliance where the nitro API calls will be made. - The port can be specified with the colon (:). E.g. 192.168.1.1:555. required: true type: str pkce: choices: - ENABLED - DISABLED description: - Option to enable/disable PKCE flow during authentication. type: str state: choices: - present - absent - unset default: present description: - The state of the resource being configured by the module on the NetScaler ADC node. - When C(present), the resource will be added/updated configured according to the module's parameters. - When C(absent), the resource will be deleted from the NetScaler ADC node. - When C(unset), the resource will be unset on the NetScaler ADC node. type: str issuer: description: - Identity of the server whose tokens are to be accepted. type: str api_path: default: nitro/v1/config description: - Base NITRO API path. - Define only in case of an ADM service proxy call type: str audience: description: - Audience for which token sent by Authorization server is applicable. This is typically entity name or url that represents the recipient type: str clientid: description: - Unique identity of the client/user who is getting authenticated. Authorization server infers client configuration using this ID type: str skewtime: description: - This option specifies the allowed clock skew in number of minutes that Citrix ADC allows on an incoming token. For example, if skewTime is 10, then token would be valid from (current time - 10) min to (current time + 10) min, ie 20min in all. type: float tenantid: description: - TenantID of the application. This is usually specific to providers such as Microsoft and usually refers to the deployment identifier. type: str granttype: choices: - CODE - PASSWORD description: - Grant type support. value can be code or password type: str oauthtype: choices: - GENERIC - INTUNE - ATHENA description: - Type of the OAuth implementation. Default value is generic implementation that is applicable for most deployments. type: str attribute1: description: - Name of the attribute to be extracted from OAuth Token and to be stored in the attribute1 type: str attribute2: description: - Name of the attribute to be extracted from OAuth Token and to be stored in the attribute2 type: str attribute3: description: - Name of the attribute to be extracted from OAuth Token and to be stored in the attribute3 type: str attribute4: description: - Name of the attribute to be extracted from OAuth Token and to be stored in the attribute4 type: str attribute5: description: - Name of the attribute to be extracted from OAuth Token and to be stored in the attribute5 type: str attribute6: description: - Name of the attribute to be extracted from OAuth Token and to be stored in the attribute6 type: str attribute7: description: - Name of the attribute to be extracted from OAuth Token and to be stored in the attribute7 type: str attribute8: description: - Name of the attribute to be extracted from OAuth Token and to be stored in the attribute8 type: str attribute9: description: - Name of the attribute to be extracted from OAuth Token and to be stored in the attribute9 type: str attributes: description: - List of attribute names separated by ',' which needs to be extracted. - Note that preceding and trailing spaces will be removed. - Attribute name can be 127 bytes and total length of this string should not cross 1023 bytes. - These attributes have multi-value support separated by ',' and stored as key-value pair in AAA session type: str nitro_pass: description: - The password with which to authenticate to the NetScaler ADC node. required: false type: str nitro_user: description: - The username with which to authenticate to the NetScaler ADC node. required: false type: str attribute10: description: - Name of the attribute to be extracted from OAuth Token and to be stored in the attribute10 type: str attribute11: description: - Name of the attribute to be extracted from OAuth Token and to be stored in the attribute11 type: str attribute12: description: - Name of the attribute to be extracted from OAuth Token and to be stored in the attribute12 type: str attribute13: description: - Name of the attribute to be extracted from OAuth Token and to be stored in the attribute13 type: str attribute14: description: - Name of the attribute to be extracted from OAuth Token and to be stored in the attribute14 type: str attribute15: description: - Name of the attribute to be extracted from OAuth Token and to be stored in the attribute15 type: str attribute16: description: - Name of the attribute to be extracted from OAuth Token and to be stored in the attribute16 type: str metadataurl: description: - Well-known configuration endpoint of the Authorization Server. Citrix ADC fetches server details from this endpoint. type: str resourceuri: description: - Resource URL for Oauth configuration. type: str save_config: default: false description: - If C(true) the module will save the configuration on the NetScaler ADC node if it makes any changes. - The module will not save the configuration on the NetScaler ADC node if it made no changes. type: bool userinfourl: description: - URL to which OAuth access token will be posted to obtain user information. type: str certendpoint: description: - URL of the endpoint that contains JWKs (Json Web Key) for JWT (Json Web Token) verification. type: str certfilepath: description: - Path to the file that contains JWKs (Json Web Key) for JWT (Json Web Token) verification. type: str clientsecret: description: - Secret string established by user and authorization server type: str graphendpoint: description: - URL of the Graph API service to learn Enterprise Mobility Services (EMS) endpoints. type: str introspecturl: description: - URL to which access token would be posted for validation type: str tokenendpoint: description: - URL to which OAuth token will be posted to verify its authenticity. User obtains this token from Authorization server upon successful authentication. Citrix ADC will validate presented token by posting it to the URL configured type: str usernamefield: description: - Attribute in the token from which username should be extracted. type: str authentication: choices: - ENABLED - DISABLED description: - If authentication is disabled, password is not sent in the request. type: str nitro_protocol: choices: - http - https default: https description: - Which protocol to use when accessing the nitro API objects. type: str validate_certs: default: true description: - If C(false), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. required: false type: bool refreshinterval: description: - Interval at which services are monitored for necessary configuration. type: float nitro_auth_token: description: - The authentication token provided by a login operation. type: str version_added: 2.6.0 version_added_collection: netscaler.adc allowedalgorithms: choices: - HS256 - RS256 - RS512 description: - Multivalued option to specify allowed token verification algorithms. elements: str type: list authorizationendpoint: description: - Authorization endpoint/url to which unauthenticated user will be redirected. Citrix ADC redirects user to this endpoint by adding query parameters including clientid. If this parameter not specified then as default value we take Token Endpoint/URL value. Please note that Authorization Endpoint or Token Endpoint is mandatory for oauthAction type: str idtokendecryptendpoint: description: - URL to which obtained idtoken will be posted to get a decrypted user identity. Encrypted idtoken will be obtained by posting OAuth token to token endpoint. In order to decrypt idtoken, Citrix ADC posts request to the URL configured type: str tokenendpointauthmethod: choices: - client_secret_post - client_secret_jwt - private_key_jwt - client_secret_basic description: - Option to select the variant of token authentication method. This method is used while exchanging code with IdP. type: str defaultauthenticationgroup: description: - This is the default group that is chosen when the authentication succeeds in addition to extracted groups. type: str
changed: description: Indicates if any change is made by the module returned: always sample: true type: bool diff: description: Dictionary of before and after changes returned: always sample: after: key2: pqr before: key1: xyz prepared: changes done type: dict diff_list: description: List of differences between the actual configured object and the configuration specified in the module returned: when changed sample: - 'Attribute `key1` differs. Desired: (<class ''str''>) XYZ. Existing: (<class ''str''>) PQR' type: list failed: description: Indicates if the module failed or not returned: always sample: false type: bool loglines: description: list of logged messages by the module returned: always sample: - message 1 - message 2 type: list