keycloak_authentication_required_actions – Allows administration of Keycloak authentication required actions

Note

This module is part of the middleware_automation.keycloak collection.

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install middleware_automation.keycloak.

To use it in a playbook, specify: middleware_automation.keycloak.keycloak_authentication_required_actions.

New in middleware_automation.keycloak 3.0.0

Synopsis 

This module can register, update and delete required actions.
It also filters out any duplicate required actions by their alias. The first occurrence is preserved.

Parameters 

Parameter	Comments
auth_client_id string	OpenID Connect client_id to authenticate to the API with. Default: `"admin-cli"`
auth_client_secret string	Client Secret to use in conjunction with auth_client_id (if required).
auth_keycloak_url aliases: url string / required	URL to the Keycloak instance.
auth_password aliases: password string	Password to authenticate for API access with.
auth_realm string	Keycloak realm name to authenticate to for API access.
auth_username aliases: username string	Username to authenticate for API access with.
connection_timeout integer	Controls the HTTP connections timeout period (in seconds) to Keycloak API. Default: `10`
http_agent string	Configures the HTTP User-Agent header. Default: `"Ansible"`
realm string / required	The name of the realm in which are the authentication required actions.
refresh_token string	Authentication refresh token for Keycloak API.
required_actions list / elements=dictionary	Authentication required action.
alias string / required	Unique name of the required action.
config dictionary	Configuration for the required action.
defaultAction boolean	Indicates whether new users have the required action assigned to them. Choices: `false` `true`
enabled boolean	Indicates, if the required action is enabled or not. Choices: `false` `true`
name string	Displayed name of the required action. Required for registration.
priority integer	Priority of the required action.
providerId string	Provider ID of the required action. Required for registration.
state string / required	Control if the realm authentication required actions are going to be registered/updated (`present`) or deleted (`absent`). Choices: `"absent"` `"present"`
token string	Authentication token for Keycloak API.
validate_certs boolean	Verify TLS certificates (do not disable this in production). Choices: `false` `true` ← (default)

Attributes 

Attribute	Support	Description
action_group	Action group: middleware_automation.keycloak.keycloak added in middleware_automation.keycloak 3.0.0	Use `group/middleware_automation.keycloak.keycloak` in `module_defaults` to set defaults for this module.
check_mode	Support: full	Can run in `check_mode` and return changed status prediction without modifying target.
diff_mode	Support: full	Will return details on what has changed (or possibly needs changing in `check_mode`), when in diff mode.

Examples 

- name: Register a new required action.
  middleware_automation.keycloak.keycloak_authentication_required_actions:
    auth_client_id: "admin-cli"
    auth_keycloak_url: "http://localhost:8080"
    auth_password: "password"
    auth_realm: "master"
    auth_username: "admin"
    realm: "master"
    required_actions:
      - alias: "TERMS_AND_CONDITIONS"
        name: "Terms and conditions"
        providerId: "TERMS_AND_CONDITIONS"
        enabled: true
    state: "present"

- name: Update the newly registered required action.
  middleware_automation.keycloak.keycloak_authentication_required_actions:
    auth_client_id: "admin-cli"
    auth_keycloak_url: "http://localhost:8080"
    auth_password: "password"
    auth_realm: "master"
    auth_username: "admin"
    realm: "master"
    required_actions:
      - alias: "TERMS_AND_CONDITIONS"
        enabled: false
    state: "present"

- name: Delete the updated registered required action.
  middleware_automation.keycloak.keycloak_authentication_required_actions:
    auth_client_id: "admin-cli"
    auth_keycloak_url: "http://localhost:8080"
    auth_password: "password"
    auth_realm: "master"
    auth_username: "admin"
    realm: "master"
    required_actions:
      - alias: "TERMS_AND_CONDITIONS"
    state: "absent"

Return Values 

Common return values are documented here, the following are the fields unique to this module:

Key	Description
end_state complex	Representation of the authentication required actions after module execution. Returned: on success
alias string	Unique name of the required action. Returned: success Sample: `"test-provider-id"`
config dictionary	Configuration for the required action. Returned: success Sample: `{}`
defaultAction boolean	Indicates whether new users have the required action assigned to them. Returned: success Sample: `false`
enabled boolean	Indicates, if the required action is enabled or not. Returned: success Sample: `false`
name string	Displayed name of the required action. Required for registration. Returned: success Sample: `"Test provider ID"`
priority integer	Priority of the required action. Returned: success Sample: `90`
providerId string	Provider ID of the required action. Required for registration. Returned: success Sample: `"test-provider-id"`
msg string	Message as to what action was taken. Returned: always

Authors

Skrekulko (@Skrekulko)

keycloak_authentication_required_actions – Allows administration of Keycloak authentication required actions

Synopsis

Parameters

Attributes

Examples

Return Values