internet/ansible-middleware.keycloak
3
0
Fork 0
mirror of https://github.com/ansible-middleware/keycloak.git synced 2026-05-11 12:02:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #326 from paulomenon/add/example-playbooks-client-scope-auth-flow

Browse Source 
Add/example playbooks client scope auth flow
This commit is contained in:
Harsha Cherukuri
2026-04-24 08:29:16 -04:00
committed by GitHub
parent 55248de9ae 06e096ac50
commit 7be872cc48
7 changed files with 803 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
roles/keycloak_realm/README.md
View File

@@ -107,6 +107,20 @@ Refer to [docs](https://docs.ansible.com/ansible/latest/collections/community/ge
For a comprehensive example, refer to the [playbook](../../playbooks/keycloak_realm.yml).
Related Modules
---------------
For features not covered by this role, the collection provides dedicated modules:
| Module | What It Manages |
|:-------|:----------------|
| `keycloak_client_scope` | Client scopes and protocol mappers — see [example playbook](../../playbooks/keycloak_client_scope.yml) |
| `keycloak_authentication_flow` | Authentication flows and execution steps — see [example playbook](../../playbooks/keycloak_authentication_flow.yml) |
| `keycloak_client` | Clients (also used internally by this role) |
| `keycloak_role` | Realm and client roles |
| `keycloak_user_federation` | User federations such as LDAP (also used internally by this role) |
Example Playbook
----------------
@@ -127,6 +141,47 @@ The following is an example playbook that makes use of the role to create a real
keycloak_clients: [...]
```
The following example uses the `keycloak_client_scope` module to create a client scope with protocol mappers:
```yaml
- name: Create client scope
middleware_automation.keycloak.keycloak_client_scope:
auth_keycloak_url: http://localhost:8080
auth_realm: master
auth_username: admin
auth_password: changeme
realm: TestRealm
name: my-scope
protocol_mappers:
- name: email
protocolMapper: oidc-usermodel-attribute-mapper
config:
user.attribute: email
claim.name: email
id.token.claim: "true"
access.token.claim: "true"
state: present
```
The following example uses the `keycloak_authentication_flow` module to create a custom authentication flow:
```yaml
- name: Create authentication flow
middleware_automation.keycloak.keycloak_authentication_flow:
auth_keycloak_url: http://localhost:8080
auth_realm: master
auth_username: admin
auth_password: changeme
realm: TestRealm
alias: my-browser-flow
executions:
- provider_id: auth-cookie
requirement: ALTERNATIVE
- provider_id: auth-password
requirement: REQUIRED
state: present
```
License
-------