Add module documentation to collection and role READMEs

Document all six modules (including the two new ones) in the main collection README under a new 'Included modules' section. Add the three new example playbooks to the Config Playbooks section. Update the keycloak_realm role README with a 'Related Modules' table and inline examples for keycloak_client_scope and keycloak_authentication_flow usage. Made-with: Cursor
2026-05-06 21:33:05 +00:00 · 2026-04-23 12:54:22 +01:00
parent c6189bfc51
commit 06e096ac50
2 changed files with 69 additions and 2 deletions
--- a/README.md
+++ b/README.md
@@ -55,6 +55,15 @@ A requirement file is provided to install:

 <!--end roles_paths -->

+### Included modules
+
+* `keycloak_realm`: module for managing Keycloak realms (create/update/delete).
+* `keycloak_client`: module for managing Keycloak clients (create/update/delete).
+* `keycloak_role`: module for managing Keycloak roles — realm roles and client roles (create/update/delete).
+* `keycloak_user_federation`: module for managing user federations such as LDAP/AD (create/update/delete).
+* `keycloak_client_scope`: module for managing client scopes and protocol mappers (create/update/delete).
+* `keycloak_authentication_flow`: module for managing authentication flows and execution steps (create/delete, copy existing flows).
+
 ## Usage


@@ -109,10 +118,13 @@ Note: when deploying clustered configurations, all hosts belonging to the cluste
 ## Configuration


-### Config Playbook
+### Config Playbooks
 <!--start rhbk_realm_playbook -->
-[`playbooks/keycloak_realm.yml`](https://github.com/ansible-middleware/keycloak/blob/main/playbooks/keycloak_realm.yml) creates or updates provided realm, user federation(s), client(s), client role(s) and client user(s).
+* [`playbooks/keycloak_realm.yml`](https://github.com/ansible-middleware/keycloak/blob/main/playbooks/keycloak_realm.yml) creates or updates provided realm, user federation(s), client(s), client role(s) and client user(s).
 <!--end rhbk_realm_playbook -->
+* [`playbooks/keycloak_realm_client.yml`](https://github.com/ansible-middleware/keycloak/blob/main/playbooks/keycloak_realm_client.yml) creates a realm with clients, roles and users using the `keycloak_realm` role.
+* [`playbooks/keycloak_client_scope.yml`](https://github.com/ansible-middleware/keycloak/blob/main/playbooks/keycloak_client_scope.yml) creates a client scope with protocol mappers using the `keycloak_client_scope` module.
+* [`playbooks/keycloak_authentication_flow.yml`](https://github.com/ansible-middleware/keycloak/blob/main/playbooks/keycloak_authentication_flow.yml) creates a custom authentication flow with execution steps using the `keycloak_authentication_flow` module.

 ### Example configuration command

--- a/roles/keycloak_realm/README.md
+++ b/roles/keycloak_realm/README.md
@@ -107,6 +107,20 @@ Refer to [docs](https://docs.ansible.com/ansible/latest/collections/community/ge
 For a comprehensive example, refer to the [playbook](../../playbooks/keycloak_realm.yml).


+Related Modules
+---------------
+
+For features not covered by this role, the collection provides dedicated modules:
+
+| Module | What It Manages |
+|:-------|:----------------|
+| `keycloak_client_scope` | Client scopes and protocol mappers — see [example playbook](../../playbooks/keycloak_client_scope.yml) |
+| `keycloak_authentication_flow` | Authentication flows and execution steps — see [example playbook](../../playbooks/keycloak_authentication_flow.yml) |
+| `keycloak_client` | Clients (also used internally by this role) |
+| `keycloak_role` | Realm and client roles |
+| `keycloak_user_federation` | User federations such as LDAP (also used internally by this role) |
+
+
 Example Playbook
 ----------------

@@ -127,6 +141,47 @@ The following is an example playbook that makes use of the role to create a real
            keycloak_clients: [...]
 ```

+The following example uses the `keycloak_client_scope` module to create a client scope with protocol mappers:
+
+```yaml
+- name: Create client scope
+  middleware_automation.keycloak.keycloak_client_scope:
+    auth_keycloak_url: http://localhost:8080
+    auth_realm: master
+    auth_username: admin
+    auth_password: changeme
+    realm: TestRealm
+    name: my-scope
+    protocol_mappers:
+      - name: email
+        protocolMapper: oidc-usermodel-attribute-mapper
+        config:
+          user.attribute: email
+          claim.name: email
+          id.token.claim: "true"
+          access.token.claim: "true"
+    state: present
+```
+
+The following example uses the `keycloak_authentication_flow` module to create a custom authentication flow:
+
+```yaml
+- name: Create authentication flow
+  middleware_automation.keycloak.keycloak_authentication_flow:
+    auth_keycloak_url: http://localhost:8080
+    auth_realm: master
+    auth_username: admin
+    auth_password: changeme
+    realm: TestRealm
+    alias: my-browser-flow
+    executions:
+      - provider_id: auth-cookie
+        requirement: ALTERNATIVE
+      - provider_id: auth-password
+        requirement: REQUIRED
+    state: present
+```
+

 License
 -------