.. Document meta :orphan: .. |antsibull-internal-nbsp| unicode:: 0xA0 :trim: .. meta:: :antsibull-docs: 2.24.0 .. Anchors .. _ansible_collections.middleware_automation.keycloak.keycloak_user_execute_actions_email_module: .. Anchors: short name for ansible.builtin .. Title keycloak_user_execute_actions_email -- Send a Keycloak execute\-actions email to a user +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. Collection note .. note:: This module is part of the `middleware_automation.keycloak collection `_. It is not included in ``ansible-core``. To check whether it is installed, run :code:`ansible-galaxy collection list`. To install it, use: :code:`ansible\-galaxy collection install middleware\_automation.keycloak`. To use it in a playbook, specify: :code:`middleware_automation.keycloak.keycloak_user_execute_actions_email`. .. version_added .. rst-class:: ansible-version-added New in middleware\_automation.keycloak 3.0.0 .. contents:: :local: :depth: 1 .. Deprecated Synopsis -------- .. Description - Triggers the Keycloak endpoint :literal:`execute\-actions\-email` for a user. This sends an email with one or more required actions the user must complete (for example resetting the password). - If no :ansopt:`middleware\_automation.keycloak.keycloak\_user\_execute\_actions\_email#module:actions` list is provided, the default action :literal:`UPDATE\_PASSWORD` is used. - You must supply either the user's :ansopt:`middleware\_automation.keycloak.keycloak\_user\_execute\_actions\_email#module:id` or :ansopt:`middleware\_automation.keycloak.keycloak\_user\_execute\_actions\_email#module:username`. Supplying only :literal:`username` causes an extra lookup call. - This module always reports :ansretval:`changed=true` because sending an email is a side effect and cannot be made idempotent. .. Aliases .. Requirements .. Options Parameters ---------- .. raw:: html

Parameter	Comments
actions list / elements=string	List of required actions to include in the email. Default: `["UPDATE_PASSWORD"]`
auth_client_id string	OpenID Connect client_id to authenticate to the API with. Default: `"admin-cli"`
auth_client_secret string	Client Secret to use in conjunction with auth_client_id (if required).
auth_keycloak_url aliases: url string / required	URL to the Keycloak instance.
auth_password aliases: password string	Password to authenticate for API access with.
auth_realm string	Keycloak realm name to authenticate to for API access.
auth_username string	Username to authenticate for API access with.
client_id aliases: clientId string	Optional client ID used for the redirect link.
connection_timeout integer	Controls the HTTP connections timeout period (in seconds) to Keycloak API. Default: `10`
http_agent string	Configures the HTTP User-Agent header. Default: `"Ansible"`
id string	The unique ID (UUID) of the user. Mutually exclusive with `username`.
lifespan integer	Optional lifespan (in seconds) for the action token (supported on newer Keycloak versions). Forwarded as query parameter if provided.
realm string	The Keycloak realm where the user resides. Default: `"master"`
redirect_uri aliases: redirectUri string	Optional redirect URI. Must be valid for the given client if `client_id` is set.
refresh_token string	Authentication refresh token for Keycloak API.
token string	Authentication token for Keycloak API.
username string	Username of the user. Mutually exclusive with `id`.
validate_certs boolean	Verify TLS certificates (do not disable this in production). Choices: `false` `true` ← (default)

.. Attributes Attributes ---------- .. tabularcolumns:: \X{2}{10}\X{3}{10}\X{5}{10} .. list-table:: :width: 100% :widths: auto :header-rows: 1 :class: longtable ansible-option-table * - Attribute - Support - Description * - .. raw:: html

.. _ansible_collections.middleware_automation.keycloak.keycloak_user_execute_actions_email_module__attribute-action_group: .. rst-class:: ansible-option-title **action_group** .. raw:: html .. raw:: html

- .. raw:: html

:ansible-attribute-support-property:`Action group:` |antsibull-internal-nbsp|:ansible-attribute-support-full:`middleware\_automation.keycloak.keycloak` .. raw:: html

- .. raw:: html

Use :literal:`group/middleware\_automation.keycloak.keycloak` in :literal:`module\_defaults` to set defaults for this module. .. raw:: html

* - .. raw:: html

.. _ansible_collections.middleware_automation.keycloak.keycloak_user_execute_actions_email_module__attribute-check_mode: .. rst-class:: ansible-option-title **check_mode** .. raw:: html .. raw:: html

- .. raw:: html

:ansible-attribute-support-label:`Support: \ `\ :ansible-attribute-support-full:`full` .. raw:: html

- .. raw:: html

Can run in :literal:`check\_mode` and return changed status prediction without modifying target. .. raw:: html

* - .. raw:: html

.. _ansible_collections.middleware_automation.keycloak.keycloak_user_execute_actions_email_module__attribute-diff_mode: .. rst-class:: ansible-option-title **diff_mode** .. raw:: html .. raw:: html

- .. raw:: html

:ansible-attribute-support-label:`Support: \ `\ :ansible-attribute-support-none:`none` .. raw:: html

- .. raw:: html

Will return details on what has changed (or possibly needs changing in :literal:`check\_mode`\ ), when in diff mode. .. raw:: html

.. Notes .. Seealso .. Examples Examples -------- .. code-block:: yaml+jinja - name: Password reset email (default action) with 1h lifespan middleware_automation.keycloak.keycloak_user_execute_actions_email: username: johndoe realm: MyRealm auth_client_id: admin-cli auth_keycloak_url: https://auth.example.com auth_realm: master auth_username: ADMIN auth_password: SECRET lifespan: 3600 delegate_to: localhost - name: Multiple required actions using token auth middleware_automation.keycloak.keycloak_user_execute_actions_email: username: johndoe actions: - UPDATE_PASSWORD - VERIFY_EMAIL realm: MyRealm auth_client_id: admin-cli auth_keycloak_url: https://auth.example.com token: TOKEN delegate_to: localhost - name: Email by user id with redirect middleware_automation.keycloak.keycloak_user_execute_actions_email: id: 9d59aa76-2755-48c6-b1af-beb70a82c3cd client_id: my-frontend redirect_uri: https://app.example.com/post-actions actions: - UPDATE_PASSWORD realm: MyRealm auth_client_id: admin-cli auth_keycloak_url: https://auth.example.com auth_realm: master auth_username: ADMIN auth_password: SECRET delegate_to: localhost .. Facts .. Return values Return Values ------------- Common return values are documented :ref:`here `, the following are the fields unique to this module: .. raw:: html

Key	Description
actions list / elements=string	List of actions included in the email. Returned: success
user_id string	The user ID the email was (or would be, in check mode) sent to. Returned: success

.. Status (Presently only deprecated) .. Authors Authors ~~~~~~~ - Marius Bertram (@mariusbertram) .. Extra links .. Parsing errors