community.general.keycloak_authentication_required_actions module – Allows administration of Keycloak authentication required actions
Note
This module is part of the community.general collection (version 10.1.0).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install community.general
.
To use it in a playbook, specify: community.general.keycloak_authentication_required_actions
.
New in community.general 7.1.0
Synopsis
This module can register, update and delete required actions.
It also filters out any duplicate required actions by their alias. The first occurrence is preserved.
Parameters
Parameter |
Comments |
---|---|
OpenID Connect Default: |
|
Client Secret to use in conjunction with |
|
URL to the Keycloak instance. |
|
Password to authenticate for API access with. |
|
Keycloak realm name to authenticate to for API access. |
|
Username to authenticate for API access with. |
|
Controls the HTTP connections timeout period (in seconds) to Keycloak API. Default: |
|
Configures the HTTP User-Agent header. Default: |
|
The name of the realm in which are the authentication required actions. |
|
Authentication required action. |
|
Unique name of the required action. |
|
Configuration for the required action. |
|
Indicates, if any new user will have the required action assigned to it. Choices:
|
|
Indicates, if the required action is enabled or not. Choices:
|
|
Displayed name of the required action. Required for registration. |
|
Priority of the required action. |
|
Provider ID of the required action. Required for registration. |
|
Control if the realm authentication required actions are going to be registered/updated ( Choices:
|
|
Authentication token for Keycloak API. |
|
Verify TLS certificates (do not disable this in production). Choices:
|
Attributes
Attribute |
Support |
Description |
---|---|---|
Support: full |
Can run in |
|
Support: full |
Will return details on what has changed (or possibly needs changing in |
Examples
- name: Register a new required action.
community.general.keycloak_authentication_required_actions:
auth_client_id: "admin-cli"
auth_keycloak_url: "http://localhost:8080"
auth_password: "password"
auth_realm: "master"
auth_username: "admin"
realm: "master"
required_action:
- alias: "TERMS_AND_CONDITIONS"
name: "Terms and conditions"
providerId: "TERMS_AND_CONDITIONS"
enabled: true
state: "present"
- name: Update the newly registered required action.
community.general.keycloak_authentication_required_actions:
auth_client_id: "admin-cli"
auth_keycloak_url: "http://localhost:8080"
auth_password: "password"
auth_realm: "master"
auth_username: "admin"
realm: "master"
required_action:
- alias: "TERMS_AND_CONDITIONS"
enabled: false
state: "present"
- name: Delete the updated registered required action.
community.general.keycloak_authentication_required_actions:
auth_client_id: "admin-cli"
auth_keycloak_url: "http://localhost:8080"
auth_password: "password"
auth_realm: "master"
auth_username: "admin"
realm: "master"
required_action:
- alias: "TERMS_AND_CONDITIONS"
state: "absent"
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
---|---|
Representation of the authentication required actions after module execution. Returned: on success |
|
Unique name of the required action. Returned: success Sample: |
|
Configuration for the required action. Returned: success Sample: |
|
Indicates, if any new user will have the required action assigned to it. Returned: success Sample: |
|
Indicates, if the required action is enabled or not. Returned: success Sample: |
|
Displayed name of the required action. Required for registration. Returned: success Sample: |
|
Priority of the required action. Returned: success Sample: |
|
Provider ID of the required action. Required for registration. Returned: success Sample: |
|
Message as to what action was taken. Returned: always |