community.general.keycloak_authentication module – Configure authentication in Keycloak
Note
This module is part of the community.general collection (version 5.8.3).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install community.general
.
To use it in a playbook, specify: community.general.keycloak_authentication
.
New in community.general 3.3.0
Synopsis
This module actually can only make a copy of an existing authentication flow, add an execution to it and configure it.
It can also delete the flow.
Parameters
Parameter |
Comments |
---|---|
Alias for the authentication flow. |
|
OpenID Connect client_id to authenticate to the API with. Default: |
|
Client Secret to use in conjunction with auth_client_id (if required). |
|
URL to the Keycloak instance. |
|
Password to authenticate for API access with. |
|
Keycloak realm name to authenticate to for API access. |
|
Username to authenticate for API access with. |
|
Configuration structure for the executions. |
|
Describe the config of the authentication. |
|
Name of the execution or subflow to create or update. |
|
Alias of parent flow. |
|
Priority order of the execution. |
|
|
|
Control status of the subflow or execution. Choices:
|
|
Controls the HTTP connections timeout period (in seconds) to Keycloak API. Default: |
|
|
|
Description of the flow. |
|
If Choices:
|
|
Configures the HTTP User-Agent header. Default: |
|
|
|
The name of the realm in which is the authentication. |
|
Control if the authentication flow must exists or not. Choices:
|
|
Authentication token for Keycloak API. |
|
Verify TLS certificates (do not disable this in production). Choices:
|
Examples
- name: Create an authentication flow from first broker login and add an execution to it.
community.general.keycloak_authentication:
auth_keycloak_url: http://localhost:8080/auth
auth_realm: master
auth_username: admin
auth_password: password
realm: master
alias: "Copy of first broker login"
copyFrom: "first broker login"
authenticationExecutions:
- providerId: "test-execution1"
requirement: "REQUIRED"
authenticationConfig:
alias: "test.execution1.property"
config:
test1.property: "value"
- providerId: "test-execution2"
requirement: "REQUIRED"
authenticationConfig:
alias: "test.execution2.property"
config:
test2.property: "value"
state: present
- name: Re-create the authentication flow
community.general.keycloak_authentication:
auth_keycloak_url: http://localhost:8080/auth
auth_realm: master
auth_username: admin
auth_password: password
realm: master
alias: "Copy of first broker login"
copyFrom: "first broker login"
authenticationExecutions:
- providerId: "test-provisioning"
requirement: "REQUIRED"
authenticationConfig:
alias: "test.provisioning.property"
config:
test.provisioning.property: "value"
state: present
force: true
- name: Create an authentication flow with subflow containing an execution.
community.general.keycloak_authentication:
auth_keycloak_url: http://localhost:8080/auth
auth_realm: master
auth_username: admin
auth_password: password
realm: master
alias: "Copy of first broker login"
copyFrom: "first broker login"
authenticationExecutions:
- providerId: "test-execution1"
requirement: "REQUIRED"
- displayName: "New Subflow"
requirement: "REQUIRED"
- providerId: "auth-cookie"
requirement: "REQUIRED"
flowAlias: "New Sublow"
state: present
- name: Remove authentication.
community.general.keycloak_authentication:
auth_keycloak_url: http://localhost:8080/auth
auth_realm: master
auth_username: admin
auth_password: password
realm: master
alias: "Copy of first broker login"
state: absent
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
---|---|
Representation of the authentication after module execution. Returned: on success Sample: |
|
JSON representation for the authentication. Deprecated return value, it will be removed in community.general 6.0.0. Please use the return value end_state instead. Returned: on success Sample: |
|
Message as to what action was taken. Returned: always |
Collection links
Issue Tracker Repository (Sources) Submit a bug report Request a feature Communication