Try SpotterConfiguration for OAuth Identity Provider (IdP) profile resource.
| "added in version" 2.0.0 of netscaler.adc"
Authors: Sumanth Lingappa (@sumanth-lingappa)
preview | supported by community
Install with ansible-galaxy collection install netscaler.adc:==2.5.1
collections:
- name: netscaler.adc
version: 2.5.1Configuration for OAuth Identity Provider (IdP) profile resource.
name:
description:
- Name for the new OAuth Identity Provider (IdP) single sign-on profile. Must begin
with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII
alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals
(=), and hyphen (-) characters. Cannot be changed after an action is created.
- ''
- 'The following requirement applies only to the Citrix ADC CLI:'
- If the name includes one or more spaces, enclose the name in double or single quotation
marks (for example, "my action" or 'my action').
type: str
nsip:
description:
- The ip address of the NetScaler ADC appliance where the nitro API calls will be
made.
- The port can be specified with the colon (:). E.g. 192.168.1.1:555.
required: true
type: str
state:
choices:
- present
- absent
- unset
default: present
description:
- The state of the resource being configured by the module on the NetScaler ADC node.
- When C(present), the resource will be added/updated configured according to the
module's parameters.
- When C(absent), the resource will be deleted from the NetScaler ADC node.
- When C(unset), the resource will be unset on the NetScaler ADC node.
type: str
issuer:
description:
- "The name to be used in requests sent from\tCitrix ADC to IdP to uniquely identify\
\ Citrix ADC."
type: str
api_path:
default: nitro/v1/config
description:
- Base NITRO API path.
- Define only in case of an ADM service proxy call
type: str
audience:
description:
- Audience for which token is being sent by Citrix ADC IdP. This is typically entity
name or url that represents the recipient
type: str
clientid:
description:
- Unique identity of the relying party requesting for authentication.
type: str
skewtime:
description:
- This option specifies the duration for which the token sent by Citrix ADC IdP is
valid. For example, if skewTime is 10, then token would be valid from (current time
- 10) min to (current time + 10) min, ie 20min in all.
type: float
attributes:
description:
- Name-Value pairs of attributes to be inserted in idtoken. Configuration format is
name=value_expr@@@name2=value2_expr@@@.
- '''@@@'' is used as delimiter between Name-Value pairs. name is a literal string
whose value is 127 characters and does not contain ''='' character.'
- Value is advanced policy expression terminated by @@@ delimiter. Last value need
not contain the delimiter.
type: str
nitro_pass:
description:
- The password with which to authenticate to the NetScaler ADC node.
required: false
type: str
nitro_user:
description:
- The username with which to authenticate to the NetScaler ADC node.
required: false
type: str
redirecturl:
description:
- URL endpoint on relying party to which the OAuth token is to be sent.
type: str
save_config:
default: false
description:
- If C(true) the module will save the configuration on the NetScaler ADC node if it
makes any changes.
- The module will not save the configuration on the NetScaler ADC node if it made
no changes.
type: bool
clientsecret:
description:
- Unique secret string to authorize relying party at authorization server.
type: str
encrypttoken:
choices:
- 'ON'
- 'OFF'
description:
- Option to encrypt token when Citrix ADC IDP sends one.
type: str
sendpassword:
choices:
- 'ON'
- 'OFF'
description:
- Option to send encrypted password in idtoken.
type: str
signaturealg:
choices:
- RS256
- RS512
description:
- Algorithm to be used to sign OpenID tokens.
type: str
configservice:
description:
- Name of the entity that is used to obtain configuration for the current authentication
request. It is used only in Citrix Cloud.
type: str
nitro_protocol:
choices:
- http
- https
default: https
description:
- Which protocol to use when accessing the nitro API objects.
type: str
validate_certs:
default: true
description:
- If C(false), SSL certificates will not be validated. This should only be used on
personally controlled sites using self-signed certificates.
required: false
type: bool
refreshinterval:
description:
- Interval at which Relying Party metadata is refreshed.
type: float
nitro_auth_token:
description:
- The authentication token provided by a login operation.
type: str
version_added: 2.6.0
version_added_collection: netscaler.adc
signatureservice:
description:
- Name of the service in cloud used to sign the data. This is applicable only if signature
if offloaded to cloud.
type: str
relyingpartymetadataurl:
description:
- This is the endpoint at which Citrix ADC IdP can get details about Relying Party
(RP) being configured. Metadata response should include endpoints for jwks_uri for
RP public key(s).
type: str
defaultauthenticationgroup:
description:
- This group will be part of AAA session's internal group list. This will be helpful
to admin in Nfactor flow to decide right AAA configuration for Relaying Party. In
authentication policy AAA.USER.IS_MEMBER_OF("<default_auth_group>") is way to use
this feature.
type: str
changed:
description: Indicates if any change is made by the module
returned: always
sample: true
type: bool
diff:
description: Dictionary of before and after changes
returned: always
sample:
after:
key2: pqr
before:
key1: xyz
prepared: changes done
type: dict
diff_list:
description: List of differences between the actual configured object and the configuration
specified in the module
returned: when changed
sample:
- 'Attribute `key1` differs. Desired: (<class ''str''>) XYZ. Existing: (<class ''str''>)
PQR'
type: list
failed:
description: Indicates if the module failed or not
returned: always
sample: false
type: bool
loglines:
description: list of logged messages by the module
returned: always
sample:
- message 1
- message 2
type: list