internet/ansible-middleware.keycloak
3
0
Fork 0
mirror of https://github.com/ansible-middleware/keycloak.git synced 2026-05-06 21:33:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update docs for main

Browse Source 
Signed-off-by: ansible-middleware-core <ansible-middleware-core@redhat.com>
This commit is contained in:
ansible-middleware-core
2026-04-24 14:51:44 +00:00
parent 0f356ad519
commit 87badfba06
36 changed files with 4904 additions and 692 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
main/.buildinfo
View File

@@ -1,4 +1,4 @@
# Sphinx build info version 1
# This file records the configuration used when building these files. When it is not found, a full rebuild will be done.
config: e985ada2ce50785bca1109d72ad71d01
config: d467fc61b229e225ee7a5201e1d13e3b
tags: 645f666f9bcd5a90fca523b33c5a78b7

732
main/CHANGELOG.html
View File

File diff suppressed because it is too large Load Diff

31
main/README.html
View File

@@ -16,8 +16,8 @@
<script src="_static/jquery.js?v=5d32c60e"></script>
<script src="_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
<script src="_static/documentation_options.js?v=5929fcd5"></script>
<script src="_static/doctools.js?v=9bcbadda"></script>
<script src="_static/sphinx_highlight.js?v=dc90522c"></script>
<script src="_static/doctools.js?v=fd6eb6e6"></script>
<script src="_static/sphinx_highlight.js?v=6ffebe34"></script>
<script src="_static/js/theme.js"></script>
<link rel="index" title="Index" href="genindex.html" />
<link rel="search" title="Search" href="search.html" />
@@ -51,6 +51,7 @@
<li class="toctree-l2"><a class="reference internal" href="#installation">Installation</a><ul>
<li class="toctree-l3"><a class="reference internal" href="#installing-the-collection-from-ansible-galaxy">Installing the Collection from Ansible Galaxy</a></li>
<li class="toctree-l3"><a class="reference internal" href="#included-roles">Included roles</a></li>
<li class="toctree-l3"><a class="reference internal" href="#included-modules">Included modules</a></li>
</ul>
</li>
<li class="toctree-l2"><a class="reference internal" href="#usage">Usage</a><ul>
@@ -63,7 +64,7 @@
</ul>
</li>
<li class="toctree-l2"><a class="reference internal" href="#configuration">Configuration</a><ul>
<li class="toctree-l3"><a class="reference internal" href="#config-playbook">Config Playbook</a></li>
<li class="toctree-l3"><a class="reference internal" href="#config-playbooks">Config Playbooks</a></li>
<li class="toctree-l3"><a class="reference internal" href="#example-configuration-command">Example configuration command</a></li>
</ul>
</li>
@@ -171,6 +172,17 @@
</ul>
<!--end roles_paths -->
</section>
<section id="included-modules">
<h3>Included modules<a class="headerlink" href="#included-modules" title="Link to this heading"></a></h3>
<ul class="simple">
<li><p><code class="docutils literal notranslate"><span class="pre">keycloak_realm</span></code>: module for managing Keycloak realms (create/update/delete).</p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">keycloak_client</span></code>: module for managing Keycloak clients (create/update/delete).</p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">keycloak_role</span></code>: module for managing Keycloak roles — realm roles and client roles (create/update/delete).</p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">keycloak_user_federation</span></code>: module for managing user federations such as LDAP/AD (create/update/delete).</p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">keycloak_client_scope</span></code>: module for managing client scopes and protocol mappers (create/update/delete).</p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">keycloak_authentication_flow</span></code>: module for managing authentication flows and execution steps (create/delete, copy existing flows).</p></li>
</ul>
</section>
</section>
<section id="usage">
<h2>Usage<a class="headerlink" href="#usage" title="Link to this heading"></a></h2>
@@ -219,11 +231,18 @@ the download tasks. The local path for the archive does match the downloaded arc
</section>
<section id="configuration">
<h2>Configuration<a class="headerlink" href="#configuration" title="Link to this heading"></a></h2>
<section id="config-playbook">
<h3>Config Playbook<a class="headerlink" href="#config-playbook" title="Link to this heading"></a></h3>
<section id="config-playbooks">
<h3>Config Playbooks<a class="headerlink" href="#config-playbooks" title="Link to this heading"></a></h3>
<!--start rhbk_realm_playbook -->
<p><a class="reference external" href="https://github.com/ansible-middleware/keycloak/blob/main/playbooks/keycloak_realm.yml"><code class="docutils literal notranslate"><span class="pre">playbooks/keycloak_realm.yml</span></code></a> creates or updates provided realm, user federation(s), client(s), client role(s) and client user(s).</p>
<ul class="simple">
<li><p><a class="reference external" href="https://github.com/ansible-middleware/keycloak/blob/main/playbooks/keycloak_realm.yml"><code class="docutils literal notranslate"><span class="pre">playbooks/keycloak_realm.yml</span></code></a> creates or updates provided realm, user federation(s), client(s), client role(s) and client user(s).</p></li>
</ul>
<!--end rhbk_realm_playbook -->
<ul class="simple">
<li><p><a class="reference external" href="https://github.com/ansible-middleware/keycloak/blob/main/playbooks/keycloak_realm_client.yml"><code class="docutils literal notranslate"><span class="pre">playbooks/keycloak_realm_client.yml</span></code></a> creates a realm with clients, roles and users using the <code class="docutils literal notranslate"><span class="pre">keycloak_realm</span></code> role.</p></li>
<li><p><a class="reference external" href="https://github.com/ansible-middleware/keycloak/blob/main/playbooks/keycloak_client_scope.yml"><code class="docutils literal notranslate"><span class="pre">playbooks/keycloak_client_scope.yml</span></code></a> creates a client scope with protocol mappers using the <code class="docutils literal notranslate"><span class="pre">keycloak_client_scope</span></code> module.</p></li>
<li><p><a class="reference external" href="https://github.com/ansible-middleware/keycloak/blob/main/playbooks/keycloak_authentication_flow.yml"><code class="docutils literal notranslate"><span class="pre">playbooks/keycloak_authentication_flow.yml</span></code></a> creates a custom authentication flow with execution steps using the <code class="docutils literal notranslate"><span class="pre">keycloak_authentication_flow</span></code> module.</p></li>
</ul>
</section>
<section id="example-configuration-command">
<h3>Example configuration command<a class="headerlink" href="#example-configuration-command" title="Link to this heading"></a></h3>

48
main/_downloads/7a1ffec81340e26b924b5291048874ac/keycloak_client_scope.yml Normal file
View File

@@ -0,0 +1,48 @@
---
- name: Playbook for Keycloak Client Scope Configuration
hosts: all
vars:
keycloak_admin_user: admin
keycloak_admin_password: "remembertochangeme"
keycloak_url: "http://localhost:8080"
keycloak_realm: TestRealm
tasks:
- name: Create client scope with protocol mappers
middleware_automation.keycloak.keycloak_client_scope:
auth_keycloak_url: "{{ keycloak_url }}"
auth_realm: master
auth_username: "{{ keycloak_admin_user }}"
auth_password: "{{ keycloak_admin_password }}"
realm: "{{ keycloak_realm }}"
name: TestClientScope
description: "Client scope created via Ansible"
protocol: openid-connect
protocol_mappers:
- name: email
protocolMapper: oidc-usermodel-attribute-mapper
config:
user.attribute: email
claim.name: email
jsonType.label: String
id.token.claim: "true"
access.token.claim: "true"
userinfo.token.claim: "true"
- name: firstName
protocolMapper: oidc-usermodel-attribute-mapper
config:
user.attribute: firstName
claim.name: given_name
jsonType.label: String
id.token.claim: "true"
access.token.claim: "true"
userinfo.token.claim: "true"
- name: username
protocolMapper: oidc-usermodel-attribute-mapper
config:
user.attribute: username
claim.name: preferred_username
jsonType.label: String
id.token.claim: "true"
access.token.claim: "true"
userinfo.token.claim: "true"
state: present

27
main/_downloads/bf30f2df147c4911eb753f8cef6007e1/keycloak_authentication_flow.yml Normal file
View File

@@ -0,0 +1,27 @@
---
- name: Playbook for Keycloak Authentication Flow Configuration
hosts: all
vars:
keycloak_admin_user: admin
keycloak_admin_password: "remembertochangeme"
keycloak_url: "http://localhost:8080"
keycloak_realm: TestRealm
tasks:
- name: Create authentication flow with executions
middleware_automation.keycloak.keycloak_authentication_flow:
auth_keycloak_url: "{{ keycloak_url }}"
auth_realm: master
auth_username: "{{ keycloak_admin_user }}"
auth_password: "{{ keycloak_admin_password }}"
realm: "{{ keycloak_realm }}"
alias: my-browser-flow
description: "Custom browser authentication flow"
provider_id: basic-flow
executions:
- provider_id: auth-cookie
requirement: ALTERNATIVE
- provider_id: auth-password
requirement: REQUIRED
- provider_id: auth-otp-form
requirement: ALTERNATIVE
state: present

5
main/_sources/CHANGELOG.rst.txt
View File

@@ -15,6 +15,11 @@ Major Changes
- AMW-467 Download keycloak binary from password protected HTTP location `#321 <https://github.com/ansible-middleware/keycloak/pull/321>`_
- v26.4.x compability `#317 <https://github.com/ansible-middleware/keycloak/pull/317>`_
Minor Changes
-------------
- AMW-518 Validating arguments against arg spec 'main' fails unexpectedly. `#324 <https://github.com/ansible-middleware/keycloak/pull/324>`_
Bugfixes
--------

16
main/_sources/README.md.txt
View File

@@ -55,6 +55,15 @@ A requirement file is provided to install:
<!--end roles_paths -->
### Included modules
* `keycloak_realm`: module for managing Keycloak realms (create/update/delete).
* `keycloak_client`: module for managing Keycloak clients (create/update/delete).
* `keycloak_role`: module for managing Keycloak roles — realm roles and client roles (create/update/delete).
* `keycloak_user_federation`: module for managing user federations such as LDAP/AD (create/update/delete).
* `keycloak_client_scope`: module for managing client scopes and protocol mappers (create/update/delete).
* `keycloak_authentication_flow`: module for managing authentication flows and execution steps (create/delete, copy existing flows).
## Usage
@@ -109,10 +118,13 @@ Note: when deploying clustered configurations, all hosts belonging to the cluste
## Configuration
### Config Playbook
### Config Playbooks
<!--start rhbk_realm_playbook -->
[`playbooks/keycloak_realm.yml`](https://github.com/ansible-middleware/keycloak/blob/main/playbooks/keycloak_realm.yml) creates or updates provided realm, user federation(s), client(s), client role(s) and client user(s).
* [`playbooks/keycloak_realm.yml`](https://github.com/ansible-middleware/keycloak/blob/main/playbooks/keycloak_realm.yml) creates or updates provided realm, user federation(s), client(s), client role(s) and client user(s).
<!--end rhbk_realm_playbook -->
* [`playbooks/keycloak_realm_client.yml`](https://github.com/ansible-middleware/keycloak/blob/main/playbooks/keycloak_realm_client.yml) creates a realm with clients, roles and users using the `keycloak_realm` role.
* [`playbooks/keycloak_client_scope.yml`](https://github.com/ansible-middleware/keycloak/blob/main/playbooks/keycloak_client_scope.yml) creates a client scope with protocol mappers using the `keycloak_client_scope` module.
* [`playbooks/keycloak_authentication_flow.yml`](https://github.com/ansible-middleware/keycloak/blob/main/playbooks/keycloak_authentication_flow.yml) creates a custom authentication flow with execution steps using the `keycloak_authentication_flow` module.
### Example configuration command

2
main/_sources/plugins/index.rst.txt
View File

@@ -5,7 +5,9 @@ Plugin Index
:caption: modules plugins
:maxdepth: 0
keycloak_authentication_flow
keycloak_client
keycloak_client_scope
keycloak_realm
keycloak_role
keycloak_user_federation

621
main/_sources/plugins/keycloak_authentication_flow.rst.txt Normal file
View File

@@ -0,0 +1,621 @@
.. Document meta
:orphan:
.. |antsibull-internal-nbsp| unicode:: 0xA0
:trim:
.. meta::
:antsibull-docs: 2.24.0
.. Anchors
.. _ansible_collections.middleware_automation.keycloak.keycloak_authentication_flow_module:
.. Anchors: short name for ansible.builtin
.. Title
keycloak_authentication_flow -- Allows administration of Keycloak authentication flows via Keycloak API
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
.. Collection note
.. note::
This module is part of the `middleware_automation.keycloak collection <https://galaxy.ansible.com/ui/repo/published/middleware_automation/keycloak/>`_.
It is not included in ``ansible-core``.
To check whether it is installed, run :code:`ansible-galaxy collection list`.
To install it, use: :code:`ansible\-galaxy collection install middleware\_automation.keycloak`.
To use it in a playbook, specify: :code:`middleware_automation.keycloak.keycloak_authentication_flow`.
.. version_added
.. contents::
:local:
:depth: 1
.. Deprecated
Synopsis
--------
.. Description
- This module allows you to add, remove or modify Keycloak authentication flows via the Keycloak REST API. It requires access to the REST API via OpenID Connect; the user connecting and the client being used must have the requisite access rights. In a default Keycloak installation, admin\-cli and an admin user would work, as would a separate client definition with the scope tailored to your needs and a user having the expected roles.
- This module supports creating new top\-level authentication flows, copying existing flows, and adding execution steps to a flow.
.. Aliases
.. Requirements
.. Options
Parameters
----------
.. raw:: html
<table class="colwidths-auto ansible-option-table docutils align-default" style="width: 100%">
<thead>
<tr class="row-odd">
<th class="head"><p>Parameter</p></th>
<th class="head"><p>Comments</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-alias"></div>
<p class="ansible-option-title"><strong>alias</strong></p>
<a class="ansibleOptionLink" href="#parameter-alias" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
/ <span class="ansible-option-required">required</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Alias (name) of the authentication flow.</p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-auth_client_id"></div>
<p class="ansible-option-title"><strong>auth_client_id</strong></p>
<a class="ansibleOptionLink" href="#parameter-auth_client_id" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>OpenID Connect <em>client_id</em> to authenticate to the API with.</p>
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">&#34;admin-cli&#34;</code></p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-auth_client_secret"></div>
<p class="ansible-option-title"><strong>auth_client_secret</strong></p>
<a class="ansibleOptionLink" href="#parameter-auth_client_secret" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Client Secret to use in conjunction with <em>auth_client_id</em> (if required).</p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-auth_keycloak_url"></div>
<div class="ansibleOptionAnchor" id="parameter-url"></div>
<p class="ansible-option-title"><strong>auth_keycloak_url</strong></p>
<a class="ansibleOptionLink" href="#parameter-auth_keycloak_url" title="Permalink to this option"></a>
<p class="ansible-option-type-line"><span class="ansible-option-aliases">aliases: url</span></p>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
/ <span class="ansible-option-required">required</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>URL to the Keycloak instance.</p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-auth_password"></div>
<div class="ansibleOptionAnchor" id="parameter-password"></div>
<p class="ansible-option-title"><strong>auth_password</strong></p>
<a class="ansibleOptionLink" href="#parameter-auth_password" title="Permalink to this option"></a>
<p class="ansible-option-type-line"><span class="ansible-option-aliases">aliases: password</span></p>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Password to authenticate for API access with.</p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-auth_realm"></div>
<p class="ansible-option-title"><strong>auth_realm</strong></p>
<a class="ansibleOptionLink" href="#parameter-auth_realm" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Keycloak realm name to authenticate to for API access.</p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-auth_username"></div>
<div class="ansibleOptionAnchor" id="parameter-username"></div>
<p class="ansible-option-title"><strong>auth_username</strong></p>
<a class="ansibleOptionLink" href="#parameter-auth_username" title="Permalink to this option"></a>
<p class="ansible-option-type-line"><span class="ansible-option-aliases">aliases: username</span></p>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Username to authenticate for API access with.</p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-connection_timeout"></div>
<p class="ansible-option-title"><strong>connection_timeout</strong></p>
<a class="ansibleOptionLink" href="#parameter-connection_timeout" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">integer</span>
</p>
<p><em class="ansible-option-versionadded">added in middleware_automation.keycloak 4.5.0</em></p>
</div></td>
<td><div class="ansible-option-cell">
<p>Controls the HTTP connections timeout period (in seconds) to Keycloak API.</p>
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">10</code></p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-copy_from"></div>
<div class="ansibleOptionAnchor" id="parameter-copyFrom"></div>
<p class="ansible-option-title"><strong>copy_from</strong></p>
<a class="ansibleOptionLink" href="#parameter-copy_from" title="Permalink to this option"></a>
<p class="ansible-option-type-line"><span class="ansible-option-aliases">aliases: copyFrom</span></p>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>If set, the new flow is created as a copy of the flow with this alias.</p>
<p>Cannot be used together with <code class="ansible-option literal notranslate"><strong><a class="reference internal" href="#parameter-executions"><span class="std std-ref"><span class="pre">executions</span></span></a></strong></code>.</p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-description"></div>
<p class="ansible-option-title"><strong>description</strong></p>
<a class="ansibleOptionLink" href="#parameter-description" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Description of the authentication flow.</p>
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">&#34;&#34;</code></p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-executions"></div>
<p class="ansible-option-title"><strong>executions</strong></p>
<a class="ansibleOptionLink" href="#parameter-executions" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">list</span>
/ <span class="ansible-option-elements">elements=dictionary</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>A list of executions (authenticator steps) to add to the flow.</p>
<p>Each execution is a dict with keys <code class='docutils literal notranslate'>provider_id</code> (or <code class='docutils literal notranslate'>providerId</code>) and <code class='docutils literal notranslate'>requirement</code>.</p>
<p>Executions are only added when the flow is first created.</p>
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">[]</code></p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-executions/provider_id"></div>
<div class="ansibleOptionAnchor" id="parameter-executions/providerId"></div>
<p class="ansible-option-title"><strong>provider_id</strong></p>
<a class="ansibleOptionLink" href="#parameter-executions/provider_id" title="Permalink to this option"></a>
<p class="ansible-option-type-line"><span class="ansible-option-aliases">aliases: providerId</span></p>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
/ <span class="ansible-option-required">required</span>
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>The authenticator provider ID (e.g. <code class="ansible-value literal notranslate">auth-cookie</code>, <code class="ansible-value literal notranslate">auth-password</code>, <code class="ansible-value literal notranslate">auth-otp-form</code>).</p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-executions/requirement"></div>
<p class="ansible-option-title"><strong>requirement</strong></p>
<a class="ansibleOptionLink" href="#parameter-executions/requirement" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
/ <span class="ansible-option-required">required</span>
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>The requirement level for this execution.</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
<ul class="simple">
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">&#34;REQUIRED&#34;</code></p></li>
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">&#34;ALTERNATIVE&#34;</code></p></li>
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">&#34;DISABLED&#34;</code></p></li>
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">&#34;CONDITIONAL&#34;</code></p></li>
</ul>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-http_agent"></div>
<p class="ansible-option-title"><strong>http_agent</strong></p>
<a class="ansibleOptionLink" href="#parameter-http_agent" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
<p><em class="ansible-option-versionadded">added in middleware_automation.keycloak 5.4.0</em></p>
</div></td>
<td><div class="ansible-option-cell">
<p>Configures the HTTP User-Agent header.</p>
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">&#34;Ansible&#34;</code></p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-provider_id"></div>
<div class="ansibleOptionAnchor" id="parameter-providerId"></div>
<p class="ansible-option-title"><strong>provider_id</strong></p>
<a class="ansibleOptionLink" href="#parameter-provider_id" title="Permalink to this option"></a>
<p class="ansible-option-type-line"><span class="ansible-option-aliases">aliases: providerId</span></p>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>The provider ID for the flow.</p>
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">&#34;basic-flow&#34;</code></p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-realm"></div>
<p class="ansible-option-title"><strong>realm</strong></p>
<a class="ansibleOptionLink" href="#parameter-realm" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>The Keycloak realm under which this authentication flow resides.</p>
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">&#34;master&#34;</code></p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-state"></div>
<p class="ansible-option-title"><strong>state</strong></p>
<a class="ansibleOptionLink" href="#parameter-state" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>State of the authentication flow.</p>
<p>On <code class="ansible-value literal notranslate">present</code>, the flow will be created if it does not yet exist.</p>
<p>On <code class="ansible-value literal notranslate">absent</code>, the flow will be removed if it exists.</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
<ul class="simple">
<li><p><code class="ansible-value literal notranslate ansible-option-default-bold"><strong>&#34;present&#34;</strong></code> <span class="ansible-option-choices-default-mark">← (default)</span></p></li>
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">&#34;absent&#34;</code></p></li>
</ul>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-token"></div>
<p class="ansible-option-title"><strong>token</strong></p>
<a class="ansibleOptionLink" href="#parameter-token" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
<p><em class="ansible-option-versionadded">added in middleware_automation.keycloak 3.0.0</em></p>
</div></td>
<td><div class="ansible-option-cell">
<p>Authentication token for Keycloak API.</p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-validate_certs"></div>
<p class="ansible-option-title"><strong>validate_certs</strong></p>
<a class="ansibleOptionLink" href="#parameter-validate_certs" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">boolean</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Verify TLS certificates (do not disable this in production).</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
<ul class="simple">
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">false</code></p></li>
<li><p><code class="ansible-value literal notranslate ansible-option-default-bold"><strong>true</strong></code> <span class="ansible-option-choices-default-mark">← (default)</span></p></li>
</ul>
</div></td>
</tr>
</tbody>
</table>
.. Attributes
Attributes
----------
.. tabularcolumns:: \X{2}{10}\X{3}{10}\X{5}{10}
.. list-table::
:width: 100%
:widths: auto
:header-rows: 1
:class: longtable ansible-option-table
* - Attribute
- Support
- Description
* - .. raw:: html
<div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="attribute-check_mode"></div>
.. _ansible_collections.middleware_automation.keycloak.keycloak_authentication_flow_module__attribute-check_mode:
.. rst-class:: ansible-option-title
**check_mode**
.. raw:: html
<a class="ansibleOptionLink" href="#attribute-check_mode" title="Permalink to this attribute"></a>
.. raw:: html
</div>
- .. raw:: html
<div class="ansible-option-cell">
:ansible-attribute-support-label:`Support: \ `\ :ansible-attribute-support-full:`full`
.. raw:: html
</div>
- .. raw:: html
<div class="ansible-option-cell">
Can run in :literal:`check\_mode` and return changed status prediction without modifying target.
.. raw:: html
</div>
* - .. raw:: html
<div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="attribute-diff_mode"></div>
.. _ansible_collections.middleware_automation.keycloak.keycloak_authentication_flow_module__attribute-diff_mode:
.. rst-class:: ansible-option-title
**diff_mode**
.. raw:: html
<a class="ansibleOptionLink" href="#attribute-diff_mode" title="Permalink to this attribute"></a>
.. raw:: html
</div>
- .. raw:: html
<div class="ansible-option-cell">
:ansible-attribute-support-label:`Support: \ `\ :ansible-attribute-support-full:`full`
.. raw:: html
</div>
- .. raw:: html
<div class="ansible-option-cell">
Will return details on what has changed (or possibly needs changing in :literal:`check\_mode`\ ), when in diff mode.
.. raw:: html
</div>
.. Notes
.. Seealso
.. Examples
Examples
--------
.. code-block:: yaml+jinja
- name: Create an authentication flow with executions
middleware_automation.keycloak.keycloak_authentication_flow:
auth_keycloak_url: http://localhost:8080
auth_realm: master
auth_username: admin
auth_password: password
realm: TestRealm
alias: my-browser-flow
description: "Custom browser flow"
provider_id: basic-flow
executions:
- provider_id: auth-cookie
requirement: ALTERNATIVE
- provider_id: auth-password
requirement: REQUIRED
- provider_id: auth-otp-form
requirement: ALTERNATIVE
state: present
delegate_to: localhost
- name: Create an authentication flow by copying an existing one
middleware_automation.keycloak.keycloak_authentication_flow:
auth_keycloak_url: http://localhost:8080
auth_realm: master
auth_username: admin
auth_password: password
realm: TestRealm
alias: my-copy-of-browser
copy_from: browser
state: present
delegate_to: localhost
- name: Create a flow using token authentication
middleware_automation.keycloak.keycloak_authentication_flow:
auth_keycloak_url: http://localhost:8080
token: MY_TOKEN
realm: TestRealm
alias: my-flow
state: present
delegate_to: localhost
- name: Delete an authentication flow
middleware_automation.keycloak.keycloak_authentication_flow:
auth_keycloak_url: http://localhost:8080
auth_realm: master
auth_username: admin
auth_password: password
realm: TestRealm
alias: my-browser-flow
state: absent
delegate_to: localhost
.. Facts
.. Return values
Return Values
-------------
Common return values are documented :ref:`here <common_return_values>`, the following are the fields unique to this module:
.. raw:: html
<table class="colwidths-auto ansible-option-table docutils align-default" style="width: 100%">
<thead>
<tr class="row-odd">
<th class="head"><p>Key</p></th>
<th class="head"><p>Description</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="return-end_state"></div>
<p class="ansible-option-title"><strong>end_state</strong></p>
<a class="ansibleOptionLink" href="#return-end_state" title="Permalink to this return value"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">dictionary</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Representation of the authentication flow after module execution.</p>
<p class="ansible-option-line"><strong class="ansible-option-returned-bold">Returned:</strong> on success</p>
<p class="ansible-option-line ansible-option-sample"><strong class="ansible-option-sample-bold">Sample:</strong> <code class="ansible-value literal notranslate ansible-option-sample">{&#34;alias&#34;: &#34;my-browser-flow&#34;, &#34;builtIn&#34;: false, &#34;id&#34;: &#34;uuid-here&#34;, &#34;providerId&#34;: &#34;basic-flow&#34;, &#34;topLevel&#34;: true}</code></p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="return-msg"></div>
<p class="ansible-option-title"><strong>msg</strong></p>
<a class="ansibleOptionLink" href="#return-msg" title="Permalink to this return value"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Message as to what action was taken.</p>
<p class="ansible-option-line"><strong class="ansible-option-returned-bold">Returned:</strong> always</p>
<p class="ansible-option-line ansible-option-sample"><strong class="ansible-option-sample-bold">Sample:</strong> <code class="ansible-value literal notranslate ansible-option-sample">&#34;Authentication flow my-browser-flow has been created&#34;</code></p>
</div></td>
</tr>
</tbody>
</table>
.. Status (Presently only deprecated)
.. Authors
Authors
~~~~~~~
- Paulo Menon (@paulomenon)
.. Extra links
.. Parsing errors

632
main/_sources/plugins/keycloak_client_scope.rst.txt Normal file
View File

@@ -0,0 +1,632 @@
.. Document meta
:orphan:
.. |antsibull-internal-nbsp| unicode:: 0xA0
:trim:
.. meta::
:antsibull-docs: 2.24.0
.. Anchors
.. _ansible_collections.middleware_automation.keycloak.keycloak_client_scope_module:
.. Anchors: short name for ansible.builtin
.. Title
keycloak_client_scope -- Allows administration of Keycloak client scopes via Keycloak API
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
.. Collection note
.. note::
This module is part of the `middleware_automation.keycloak collection <https://galaxy.ansible.com/ui/repo/published/middleware_automation/keycloak/>`_.
It is not included in ``ansible-core``.
To check whether it is installed, run :code:`ansible-galaxy collection list`.
To install it, use: :code:`ansible\-galaxy collection install middleware\_automation.keycloak`.
To use it in a playbook, specify: :code:`middleware_automation.keycloak.keycloak_client_scope`.
.. version_added
.. contents::
:local:
:depth: 1
.. Deprecated
Synopsis
--------
.. Description
- This module allows you to add, remove or modify Keycloak client scopes via the Keycloak REST API. It requires access to the REST API via OpenID Connect; the user connecting and the client being used must have the requisite access rights. In a default Keycloak installation, admin\-cli and an admin user would work, as would a separate client definition with the scope tailored to your needs and a user having the expected roles.
- This module also supports managing protocol mappers within a client scope.
.. Aliases
.. Requirements
.. Options
Parameters
----------
.. raw:: html
<table class="colwidths-auto ansible-option-table docutils align-default" style="width: 100%">
<thead>
<tr class="row-odd">
<th class="head"><p>Parameter</p></th>
<th class="head"><p>Comments</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-attributes"></div>
<p class="ansible-option-title"><strong>attributes</strong></p>
<a class="ansibleOptionLink" href="#parameter-attributes" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">dictionary</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>A dict of key/value pairs to set as attributes for the client scope.</p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-auth_client_id"></div>
<p class="ansible-option-title"><strong>auth_client_id</strong></p>
<a class="ansibleOptionLink" href="#parameter-auth_client_id" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>OpenID Connect <em>client_id</em> to authenticate to the API with.</p>
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">&#34;admin-cli&#34;</code></p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-auth_client_secret"></div>
<p class="ansible-option-title"><strong>auth_client_secret</strong></p>
<a class="ansibleOptionLink" href="#parameter-auth_client_secret" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Client Secret to use in conjunction with <em>auth_client_id</em> (if required).</p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-auth_keycloak_url"></div>
<div class="ansibleOptionAnchor" id="parameter-url"></div>
<p class="ansible-option-title"><strong>auth_keycloak_url</strong></p>
<a class="ansibleOptionLink" href="#parameter-auth_keycloak_url" title="Permalink to this option"></a>
<p class="ansible-option-type-line"><span class="ansible-option-aliases">aliases: url</span></p>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
/ <span class="ansible-option-required">required</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>URL to the Keycloak instance.</p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-auth_password"></div>
<div class="ansibleOptionAnchor" id="parameter-password"></div>
<p class="ansible-option-title"><strong>auth_password</strong></p>
<a class="ansibleOptionLink" href="#parameter-auth_password" title="Permalink to this option"></a>
<p class="ansible-option-type-line"><span class="ansible-option-aliases">aliases: password</span></p>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Password to authenticate for API access with.</p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-auth_realm"></div>
<p class="ansible-option-title"><strong>auth_realm</strong></p>
<a class="ansibleOptionLink" href="#parameter-auth_realm" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Keycloak realm name to authenticate to for API access.</p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-auth_username"></div>
<div class="ansibleOptionAnchor" id="parameter-username"></div>
<p class="ansible-option-title"><strong>auth_username</strong></p>
<a class="ansibleOptionLink" href="#parameter-auth_username" title="Permalink to this option"></a>
<p class="ansible-option-type-line"><span class="ansible-option-aliases">aliases: username</span></p>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Username to authenticate for API access with.</p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-connection_timeout"></div>
<p class="ansible-option-title"><strong>connection_timeout</strong></p>
<a class="ansibleOptionLink" href="#parameter-connection_timeout" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">integer</span>
</p>
<p><em class="ansible-option-versionadded">added in middleware_automation.keycloak 4.5.0</em></p>
</div></td>
<td><div class="ansible-option-cell">
<p>Controls the HTTP connections timeout period (in seconds) to Keycloak API.</p>
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">10</code></p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-description"></div>
<p class="ansible-option-title"><strong>description</strong></p>
<a class="ansibleOptionLink" href="#parameter-description" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Description of the client scope.</p>
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">&#34;&#34;</code></p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-http_agent"></div>
<p class="ansible-option-title"><strong>http_agent</strong></p>
<a class="ansibleOptionLink" href="#parameter-http_agent" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
<p><em class="ansible-option-versionadded">added in middleware_automation.keycloak 5.4.0</em></p>
</div></td>
<td><div class="ansible-option-cell">
<p>Configures the HTTP User-Agent header.</p>
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">&#34;Ansible&#34;</code></p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-name"></div>
<p class="ansible-option-title"><strong>name</strong></p>
<a class="ansibleOptionLink" href="#parameter-name" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
/ <span class="ansible-option-required">required</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Name of the client scope.</p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-protocol"></div>
<p class="ansible-option-title"><strong>protocol</strong></p>
<a class="ansibleOptionLink" href="#parameter-protocol" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>The protocol associated with the client scope.</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
<ul class="simple">
<li><p><code class="ansible-value literal notranslate ansible-option-default-bold"><strong>&#34;openid-connect&#34;</strong></code> <span class="ansible-option-choices-default-mark">← (default)</span></p></li>
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">&#34;saml&#34;</code></p></li>
</ul>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-protocol_mappers"></div>
<p class="ansible-option-title"><strong>protocol_mappers</strong></p>
<a class="ansibleOptionLink" href="#parameter-protocol_mappers" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">list</span>
/ <span class="ansible-option-elements">elements=dictionary</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>A list of protocol mappers to associate with the client scope.</p>
<p>Each mapper is a dict with the keys <code class='docutils literal notranslate'>name</code>, <code class='docutils literal notranslate'>protocol</code>, <code class='docutils literal notranslate'>protocolMapper</code>, and <code class='docutils literal notranslate'>config</code>.</p>
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">[]</code></p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-protocol_mappers/config"></div>
<p class="ansible-option-title"><strong>config</strong></p>
<a class="ansibleOptionLink" href="#parameter-protocol_mappers/config" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">dictionary</span>
/ <span class="ansible-option-required">required</span>
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>Configuration for the protocol mapper.</p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-protocol_mappers/name"></div>
<p class="ansible-option-title"><strong>name</strong></p>
<a class="ansibleOptionLink" href="#parameter-protocol_mappers/name" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
/ <span class="ansible-option-required">required</span>
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>Name of the protocol mapper.</p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-protocol_mappers/protocol"></div>
<p class="ansible-option-title"><strong>protocol</strong></p>
<a class="ansibleOptionLink" href="#parameter-protocol_mappers/protocol" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>Protocol for the mapper.</p>
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">&#34;openid-connect&#34;</code></p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-protocol_mappers/protocolMapper"></div>
<div class="ansibleOptionAnchor" id="parameter-protocol_mappers/protocol_mapper_type"></div>
<p class="ansible-option-title"><strong>protocolMapper</strong></p>
<a class="ansibleOptionLink" href="#parameter-protocol_mappers/protocolMapper" title="Permalink to this option"></a>
<p class="ansible-option-type-line"><span class="ansible-option-aliases">aliases: protocol_mapper_type</span></p>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
/ <span class="ansible-option-required">required</span>
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>The mapper type (e.g. <code class="ansible-value literal notranslate">oidc-usermodel-attribute-mapper</code>, <code class="ansible-value literal notranslate">oidc-audience-mapper</code>).</p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-realm"></div>
<p class="ansible-option-title"><strong>realm</strong></p>
<a class="ansibleOptionLink" href="#parameter-realm" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>The Keycloak realm under which this client scope resides.</p>
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">&#34;master&#34;</code></p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-state"></div>
<p class="ansible-option-title"><strong>state</strong></p>
<a class="ansibleOptionLink" href="#parameter-state" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>State of the client scope.</p>
<p>On <code class="ansible-value literal notranslate">present</code>, the client scope will be created if it does not yet exist, or updated with the parameters you provide.</p>
<p>On <code class="ansible-value literal notranslate">absent</code>, the client scope will be removed if it exists.</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
<ul class="simple">
<li><p><code class="ansible-value literal notranslate ansible-option-default-bold"><strong>&#34;present&#34;</strong></code> <span class="ansible-option-choices-default-mark">← (default)</span></p></li>
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">&#34;absent&#34;</code></p></li>
</ul>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-token"></div>
<p class="ansible-option-title"><strong>token</strong></p>
<a class="ansibleOptionLink" href="#parameter-token" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
<p><em class="ansible-option-versionadded">added in middleware_automation.keycloak 3.0.0</em></p>
</div></td>
<td><div class="ansible-option-cell">
<p>Authentication token for Keycloak API.</p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-validate_certs"></div>
<p class="ansible-option-title"><strong>validate_certs</strong></p>
<a class="ansibleOptionLink" href="#parameter-validate_certs" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">boolean</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Verify TLS certificates (do not disable this in production).</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
<ul class="simple">
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">false</code></p></li>
<li><p><code class="ansible-value literal notranslate ansible-option-default-bold"><strong>true</strong></code> <span class="ansible-option-choices-default-mark">← (default)</span></p></li>
</ul>
</div></td>
</tr>
</tbody>
</table>
.. Attributes
Attributes
----------
.. tabularcolumns:: \X{2}{10}\X{3}{10}\X{5}{10}
.. list-table::
:width: 100%
:widths: auto
:header-rows: 1
:class: longtable ansible-option-table
* - Attribute
- Support
- Description
* - .. raw:: html
<div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="attribute-check_mode"></div>
.. _ansible_collections.middleware_automation.keycloak.keycloak_client_scope_module__attribute-check_mode:
.. rst-class:: ansible-option-title
**check_mode**
.. raw:: html
<a class="ansibleOptionLink" href="#attribute-check_mode" title="Permalink to this attribute"></a>
.. raw:: html
</div>
- .. raw:: html
<div class="ansible-option-cell">
:ansible-attribute-support-label:`Support: \ `\ :ansible-attribute-support-full:`full`
.. raw:: html
</div>
- .. raw:: html
<div class="ansible-option-cell">
Can run in :literal:`check\_mode` and return changed status prediction without modifying target.
.. raw:: html
</div>
* - .. raw:: html
<div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="attribute-diff_mode"></div>
.. _ansible_collections.middleware_automation.keycloak.keycloak_client_scope_module__attribute-diff_mode:
.. rst-class:: ansible-option-title
**diff_mode**
.. raw:: html
<a class="ansibleOptionLink" href="#attribute-diff_mode" title="Permalink to this attribute"></a>
.. raw:: html
</div>
- .. raw:: html
<div class="ansible-option-cell">
:ansible-attribute-support-label:`Support: \ `\ :ansible-attribute-support-full:`full`
.. raw:: html
</div>
- .. raw:: html
<div class="ansible-option-cell">
Will return details on what has changed (or possibly needs changing in :literal:`check\_mode`\ ), when in diff mode.
.. raw:: html
</div>
.. Notes
.. Seealso
.. Examples
Examples
--------
.. code-block:: yaml+jinja
- name: Create a client scope with protocol mappers
middleware_automation.keycloak.keycloak_client_scope:
auth_keycloak_url: http://localhost:8080
auth_realm: master
auth_username: admin
auth_password: password
realm: TestRealm
name: my-client-scope
description: "A custom client scope"
protocol: openid-connect
protocol_mappers:
- name: email
protocol: openid-connect
protocolMapper: oidc-usermodel-attribute-mapper
config:
user.attribute: email
claim.name: email
jsonType.label: String
id.token.claim: "true"
access.token.claim: "true"
userinfo.token.claim: "true"
state: present
delegate_to: localhost
- name: Create a client scope using token authentication
middleware_automation.keycloak.keycloak_client_scope:
auth_keycloak_url: http://localhost:8080
token: MY_TOKEN
realm: TestRealm
name: my-scope
state: present
delegate_to: localhost
- name: Delete a client scope
middleware_automation.keycloak.keycloak_client_scope:
auth_keycloak_url: http://localhost:8080
auth_realm: master
auth_username: admin
auth_password: password
realm: TestRealm
name: my-client-scope
state: absent
delegate_to: localhost
.. Facts
.. Return values
Return Values
-------------
Common return values are documented :ref:`here <common_return_values>`, the following are the fields unique to this module:
.. raw:: html
<table class="colwidths-auto ansible-option-table docutils align-default" style="width: 100%">
<thead>
<tr class="row-odd">
<th class="head"><p>Key</p></th>
<th class="head"><p>Description</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="return-end_state"></div>
<p class="ansible-option-title"><strong>end_state</strong></p>
<a class="ansibleOptionLink" href="#return-end_state" title="Permalink to this return value"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">dictionary</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Representation of the client scope after module execution.</p>
<p class="ansible-option-line"><strong class="ansible-option-returned-bold">Returned:</strong> on success</p>
<p class="ansible-option-line ansible-option-sample"><strong class="ansible-option-sample-bold">Sample:</strong> <code class="ansible-value literal notranslate ansible-option-sample">{&#34;description&#34;: &#34;A custom scope&#34;, &#34;id&#34;: &#34;uuid-here&#34;, &#34;name&#34;: &#34;my-scope&#34;, &#34;protocol&#34;: &#34;openid-connect&#34;}</code></p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="return-msg"></div>
<p class="ansible-option-title"><strong>msg</strong></p>
<a class="ansibleOptionLink" href="#return-msg" title="Permalink to this return value"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Message as to what action was taken.</p>
<p class="ansible-option-line"><strong class="ansible-option-returned-bold">Returned:</strong> always</p>
<p class="ansible-option-line ansible-option-sample"><strong class="ansible-option-sample-bold">Sample:</strong> <code class="ansible-value literal notranslate ansible-option-sample">&#34;Client scope my-scope has been created&#34;</code></p>
</div></td>
</tr>
</tbody>
</table>
.. Status (Presently only deprecated)
.. Authors
Authors
~~~~~~~
- Paulo Menon (@paulomenon)
.. Extra links
.. Parsing errors

57
main/_sources/roles/keycloak_realm.md.txt
View File

@@ -12,7 +12,7 @@ Role Defaults
|:---------|:------------|:--------|
|`keycloak_admin_user`| Administration console user account | `admin` |
|`keycloak_host`| hostname | `localhost` |
|`keycloak_context`| Context path for rest calls | `/auth` |
|`keycloak_context`| Context path for rest calls (set to `/auth` for legacy WildFly-based Keycloak) | `` |
|`keycloak_http_port`| HTTP port | `8080` |
|`keycloak_https_port`| TLS HTTP port | `8443` |
|`keycloak_auth_realm`| Name of the main authentication realm | `master` |
@@ -107,6 +107,20 @@ Refer to [docs](https://docs.ansible.com/ansible/latest/collections/community/ge
For a comprehensive example, refer to the [playbook](../../playbooks/keycloak_realm.yml).
Related Modules
---------------
For features not covered by this role, the collection provides dedicated modules:
| Module | What It Manages |
|:-------|:----------------|
| `keycloak_client_scope` | Client scopes and protocol mappers — see [example playbook](../../playbooks/keycloak_client_scope.yml) |
| `keycloak_authentication_flow` | Authentication flows and execution steps — see [example playbook](../../playbooks/keycloak_authentication_flow.yml) |
| `keycloak_client` | Clients (also used internally by this role) |
| `keycloak_role` | Realm and client roles |
| `keycloak_user_federation` | User federations such as LDAP (also used internally by this role) |
Example Playbook
----------------
@@ -127,6 +141,47 @@ The following is an example playbook that makes use of the role to create a real
keycloak_clients: [...]
```
The following example uses the `keycloak_client_scope` module to create a client scope with protocol mappers:
```yaml
- name: Create client scope
middleware_automation.keycloak.keycloak_client_scope:
auth_keycloak_url: http://localhost:8080
auth_realm: master
auth_username: admin
auth_password: changeme
realm: TestRealm
name: my-scope
protocol_mappers:
- name: email
protocolMapper: oidc-usermodel-attribute-mapper
config:
user.attribute: email
claim.name: email
id.token.claim: "true"
access.token.claim: "true"
state: present
```
The following example uses the `keycloak_authentication_flow` module to create a custom authentication flow:
```yaml
- name: Create authentication flow
middleware_automation.keycloak.keycloak_authentication_flow:
auth_keycloak_url: http://localhost:8080
auth_realm: master
auth_username: admin
auth_password: changeme
realm: TestRealm
alias: my-browser-flow
executions:
- provider_id: auth-cookie
requirement: ALTERNATIVE
- provider_id: auth-password
requirement: REQUIRED
state: present
```
License
-------

476
main/_static/base-stemmer.js Normal file
View File

@@ -0,0 +1,476 @@
// @ts-check
/**@constructor*/
BaseStemmer = function() {
/** @protected */
this.current = '';
this.cursor = 0;
this.limit = 0;
this.limit_backward = 0;
this.bra = 0;
this.ket = 0;
/**
* @param {string} value
*/
this.setCurrent = function(value) {
this.current = value;
this.cursor = 0;
this.limit = this.current.length;
this.limit_backward = 0;
this.bra = this.cursor;
this.ket = this.limit;
};
/**
* @return {string}
*/
this.getCurrent = function() {
return this.current;
};
/**
* @param {BaseStemmer} other
*/
this.copy_from = function(other) {
/** @protected */
this.current = other.current;
this.cursor = other.cursor;
this.limit = other.limit;
this.limit_backward = other.limit_backward;
this.bra = other.bra;
this.ket = other.ket;
};
/**
* @param {number[]} s
* @param {number} min
* @param {number} max
* @return {boolean}
*/
this.in_grouping = function(s, min, max) {
/** @protected */
if (this.cursor >= this.limit) return false;
var ch = this.current.charCodeAt(this.cursor);
if (ch > max || ch < min) return false;
ch -= min;
if ((s[ch >>> 3] & (0x1 << (ch & 0x7))) == 0) return false;
this.cursor++;
return true;
};
/**
* @param {number[]} s
* @param {number} min
* @param {number} max
* @return {boolean}
*/
this.go_in_grouping = function(s, min, max) {
/** @protected */
while (this.cursor < this.limit) {
var ch = this.current.charCodeAt(this.cursor);
if (ch > max || ch < min)
return true;
ch -= min;
if ((s[ch >>> 3] & (0x1 << (ch & 0x7))) == 0)
return true;
this.cursor++;
}
return false;
};
/**
* @param {number[]} s
* @param {number} min
* @param {number} max
* @return {boolean}
*/
this.in_grouping_b = function(s, min, max) {
/** @protected */
if (this.cursor <= this.limit_backward) return false;
var ch = this.current.charCodeAt(this.cursor - 1);
if (ch > max || ch < min) return false;
ch -= min;
if ((s[ch >>> 3] & (0x1 << (ch & 0x7))) == 0) return false;
this.cursor--;
return true;
};
/**
* @param {number[]} s
* @param {number} min
* @param {number} max
* @return {boolean}
*/
this.go_in_grouping_b = function(s, min, max) {
/** @protected */
while (this.cursor > this.limit_backward) {
var ch = this.current.charCodeAt(this.cursor - 1);
if (ch > max || ch < min) return true;
ch -= min;
if ((s[ch >>> 3] & (0x1 << (ch & 0x7))) == 0) return true;
this.cursor--;
}
return false;
};
/**
* @param {number[]} s
* @param {number} min
* @param {number} max
* @return {boolean}
*/
this.out_grouping = function(s, min, max) {
/** @protected */
if (this.cursor >= this.limit) return false;
var ch = this.current.charCodeAt(this.cursor);
if (ch > max || ch < min) {
this.cursor++;
return true;
}
ch -= min;
if ((s[ch >>> 3] & (0X1 << (ch & 0x7))) == 0) {
this.cursor++;
return true;
}
return false;
};
/**
* @param {number[]} s
* @param {number} min
* @param {number} max
* @return {boolean}
*/
this.go_out_grouping = function(s, min, max) {
/** @protected */
while (this.cursor < this.limit) {
var ch = this.current.charCodeAt(this.cursor);
if (ch <= max && ch >= min) {
ch -= min;
if ((s[ch >>> 3] & (0X1 << (ch & 0x7))) != 0) {
return true;
}
}
this.cursor++;
}
return false;
};
/**
* @param {number[]} s
* @param {number} min
* @param {number} max
* @return {boolean}
*/
this.out_grouping_b = function(s, min, max) {
/** @protected */
if (this.cursor <= this.limit_backward) return false;
var ch = this.current.charCodeAt(this.cursor - 1);
if (ch > max || ch < min) {
this.cursor--;
return true;
}
ch -= min;
if ((s[ch >>> 3] & (0x1 << (ch & 0x7))) == 0) {
this.cursor--;
return true;
}
return false;
};
/**
* @param {number[]} s
* @param {number} min
* @param {number} max
* @return {boolean}
*/
this.go_out_grouping_b = function(s, min, max) {
/** @protected */
while (this.cursor > this.limit_backward) {
var ch = this.current.charCodeAt(this.cursor - 1);
if (ch <= max && ch >= min) {
ch -= min;
if ((s[ch >>> 3] & (0x1 << (ch & 0x7))) != 0) {
return true;
}
}
this.cursor--;
}
return false;
};
/**
* @param {string} s
* @return {boolean}
*/
this.eq_s = function(s)
{
/** @protected */
if (this.limit - this.cursor < s.length) return false;
if (this.current.slice(this.cursor, this.cursor + s.length) != s)
{
return false;
}
this.cursor += s.length;
return true;
};
/**
* @param {string} s
* @return {boolean}
*/
this.eq_s_b = function(s)
{
/** @protected */
if (this.cursor - this.limit_backward < s.length) return false;
if (this.current.slice(this.cursor - s.length, this.cursor) != s)
{
return false;
}
this.cursor -= s.length;
return true;
};
/**
* @param {Among[]} v
* @return {number}
*/
this.find_among = function(v)
{
/** @protected */
var i = 0;
var j = v.length;
var c = this.cursor;
var l = this.limit;
var common_i = 0;
var common_j = 0;
var first_key_inspected = false;
while (true)
{
var k = i + ((j - i) >>> 1);
var diff = 0;
var common = common_i < common_j ? common_i : common_j; // smaller
// w[0]: string, w[1]: substring_i, w[2]: result, w[3]: function (optional)
var w = v[k];
var i2;
for (i2 = common; i2 < w[0].length; i2++)
{
if (c + common == l)
{
diff = -1;
break;
}
diff = this.current.charCodeAt(c + common) - w[0].charCodeAt(i2);
if (diff != 0) break;
common++;
}
if (diff < 0)
{
j = k;
common_j = common;
}
else
{
i = k;
common_i = common;
}
if (j - i <= 1)
{
if (i > 0) break; // v->s has been inspected
if (j == i) break; // only one item in v
// - but now we need to go round once more to get
// v->s inspected. This looks messy, but is actually
// the optimal approach.
if (first_key_inspected) break;
first_key_inspected = true;
}
}
do {
var w = v[i];
if (common_i >= w[0].length)
{
this.cursor = c + w[0].length;
if (w.length < 4) return w[2];
var res = w[3](this);
this.cursor = c + w[0].length;
if (res) return w[2];
}
i = w[1];
} while (i >= 0);
return 0;
};
// find_among_b is for backwards processing. Same comments apply
/**
* @param {Among[]} v
* @return {number}
*/
this.find_among_b = function(v)
{
/** @protected */
var i = 0;
var j = v.length
var c = this.cursor;
var lb = this.limit_backward;
var common_i = 0;
var common_j = 0;
var first_key_inspected = false;
while (true)
{
var k = i + ((j - i) >> 1);
var diff = 0;
var common = common_i < common_j ? common_i : common_j;
var w = v[k];
var i2;
for (i2 = w[0].length - 1 - common; i2 >= 0; i2--)
{
if (c - common == lb)
{
diff = -1;
break;
}
diff = this.current.charCodeAt(c - 1 - common) - w[0].charCodeAt(i2);
if (diff != 0) break;
common++;
}
if (diff < 0)
{
j = k;
common_j = common;
}
else
{
i = k;
common_i = common;
}
if (j - i <= 1)
{
if (i > 0) break;
if (j == i) break;
if (first_key_inspected) break;
first_key_inspected = true;
}
}
do {
var w = v[i];
if (common_i >= w[0].length)
{
this.cursor = c - w[0].length;
if (w.length < 4) return w[2];
var res = w[3](this);
this.cursor = c - w[0].length;
if (res) return w[2];
}
i = w[1];
} while (i >= 0);
return 0;
};
/* to replace chars between c_bra and c_ket in this.current by the
* chars in s.
*/
/**
* @param {number} c_bra
* @param {number} c_ket
* @param {string} s
* @return {number}
*/
this.replace_s = function(c_bra, c_ket, s)
{
/** @protected */
var adjustment = s.length - (c_ket - c_bra);
this.current = this.current.slice(0, c_bra) + s + this.current.slice(c_ket);
this.limit += adjustment;
if (this.cursor >= c_ket) this.cursor += adjustment;
else if (this.cursor > c_bra) this.cursor = c_bra;
return adjustment;
};
/**
* @return {boolean}
*/
this.slice_check = function()
{
/** @protected */
if (this.bra < 0 ||
this.bra > this.ket ||
this.ket > this.limit ||
this.limit > this.current.length)
{
return false;
}
return true;
};
/**
* @param {number} c_bra
* @return {boolean}
*/
this.slice_from = function(s)
{
/** @protected */
var result = false;
if (this.slice_check())
{
this.replace_s(this.bra, this.ket, s);
result = true;
}
return result;
};
/**
* @return {boolean}
*/
this.slice_del = function()
{
/** @protected */
return this.slice_from("");
};
/**
* @param {number} c_bra
* @param {number} c_ket
* @param {string} s
*/
this.insert = function(c_bra, c_ket, s)
{
/** @protected */
var adjustment = this.replace_s(c_bra, c_ket, s);
if (c_bra <= this.bra) this.bra += adjustment;
if (c_bra <= this.ket) this.ket += adjustment;
};
/**
* @return {string}
*/
this.slice_to = function()
{
/** @protected */
var result = '';
if (this.slice_check())
{
result = this.current.slice(this.bra, this.ket);
}
return result;
};
/**
* @return {string}
*/
this.assign_to = function()
{
/** @protected */
return this.current.slice(0, this.limit);
};
};

11
main/_static/doctools.js
View File

@@ -59,7 +59,7 @@ const Documentation = {
Object.assign(Documentation.TRANSLATIONS, catalog.messages);
Documentation.PLURAL_EXPR = new Function(
"n",
`return (${catalog.plural_expr})`
`return (${catalog.plural_expr})`,
);
Documentation.LOCALE = catalog.locale;
},
@@ -89,7 +89,7 @@ const Documentation = {
const togglerElements = document.querySelectorAll("img.toggler");
togglerElements.forEach((el) =>
el.addEventListener("click", (event) => toggler(event.currentTarget))
el.addEventListener("click", (event) => toggler(event.currentTarget)),
);
togglerElements.forEach((el) => (el.style.display = ""));
if (DOCUMENTATION_OPTIONS.COLLAPSE_INDEX) togglerElements.forEach(toggler);
@@ -98,14 +98,15 @@ const Documentation = {
initOnKeyListeners: () => {
// only install a listener if it is really needed
if (
!DOCUMENTATION_OPTIONS.NAVIGATION_WITH_KEYS &&
!DOCUMENTATION_OPTIONS.ENABLE_SEARCH_SHORTCUTS
!DOCUMENTATION_OPTIONS.NAVIGATION_WITH_KEYS
&& !DOCUMENTATION_OPTIONS.ENABLE_SEARCH_SHORTCUTS
)
return;
document.addEventListener("keydown", (event) => {
// bail for input elements
if (BLACKLISTED_KEY_CONTROL_ELEMENTS.has(document.activeElement.tagName)) return;
if (BLACKLISTED_KEY_CONTROL_ELEMENTS.has(document.activeElement.tagName))
return;
// bail with special keys
if (event.altKey || event.ctrlKey || event.metaKey) return;

1066
main/_static/english-stemmer.js Normal file
View File

File diff suppressed because it is too large Load Diff

193
main/_static/language_data.js
View File

File diff suppressed because one or more lines are too long

172
main/_static/searchtools.js
View File

@@ -41,11 +41,12 @@ if (typeof Scorer === "undefined") {
}
// Global search result kind enum, used by themes to style search results.
// prettier-ignore
class SearchResultKind {
static get index() { return "index"; }
static get object() { return "object"; }
static get text() { return "text"; }
static get title() { return "title"; }
static get index() { return "index"; }
static get object() { return "object"; }
static get text() { return "text"; }
static get title() { return "title"; }
}
const _removeChildren = (element) => {
@@ -58,6 +59,15 @@ const _removeChildren = (element) => {
const _escapeRegExp = (string) =>
string.replace(/[.*+\-?^${}()|[\]\\]/g, "\\$&"); // $& means the whole matched string
const _escapeHTML = (text) => {
return text
.replaceAll("&", "&amp;")
.replaceAll("<", "&lt;")
.replaceAll(">", "&gt;")
.replaceAll('"', "&quot;")
.replaceAll("'", "&apos;");
};
const _displayItem = (item, searchTerms, highlightTerms) => {
const docBuilder = DOCUMENTATION_OPTIONS.BUILDER;
const docFileSuffix = DOCUMENTATION_OPTIONS.FILE_SUFFIX;
@@ -90,25 +100,30 @@ const _displayItem = (item, searchTerms, highlightTerms) => {
let linkEl = listItem.appendChild(document.createElement("a"));
linkEl.href = linkUrl + anchor;
linkEl.dataset.score = score;
linkEl.innerHTML = title;
linkEl.innerHTML = _escapeHTML(title);
if (descr) {
listItem.appendChild(document.createElement("span")).innerHTML =
" (" + descr + ")";
` (${_escapeHTML(descr)})`;
// highlight search terms in the description
if (SPHINX_HIGHLIGHT_ENABLED) // set in sphinx_highlight.js
highlightTerms.forEach((term) => _highlightText(listItem, term, "highlighted"));
}
else if (showSearchSummary)
if (SPHINX_HIGHLIGHT_ENABLED)
// SPHINX_HIGHLIGHT_ENABLED is set in sphinx_highlight.js
highlightTerms.forEach((term) =>
_highlightText(listItem, term, "highlighted"),
);
} else if (showSearchSummary)
fetch(requestUrl)
.then((responseData) => responseData.text())
.then((data) => {
if (data)
listItem.appendChild(
Search.makeSearchSummary(data, searchTerms, anchor)
Search.makeSearchSummary(data, searchTerms, anchor),
);
// highlight search terms in the summary
if (SPHINX_HIGHLIGHT_ENABLED) // set in sphinx_highlight.js
highlightTerms.forEach((term) => _highlightText(listItem, term, "highlighted"));
if (SPHINX_HIGHLIGHT_ENABLED)
// SPHINX_HIGHLIGHT_ENABLED is set in sphinx_highlight.js
highlightTerms.forEach((term) =>
_highlightText(listItem, term, "highlighted"),
);
});
Search.output.appendChild(listItem);
};
@@ -117,14 +132,14 @@ const _finishSearch = (resultCount) => {
Search.title.innerText = _("Search Results");
if (!resultCount)
Search.status.innerText = Documentation.gettext(
"Your search did not match any documents. Please make sure that all words are spelled correctly and that you've selected enough categories."
"Your search did not match any documents. Please make sure that all words are spelled correctly and that you've selected enough categories.",
);
else
Search.status.innerText = Documentation.ngettext(
"Search finished, found one page matching the search query.",
"Search finished, found ${resultCount} pages matching the search query.",
resultCount,
).replace('${resultCount}', resultCount);
).replace("${resultCount}", resultCount);
};
const _displayNextItem = (
results,
@@ -138,7 +153,7 @@ const _displayNextItem = (
_displayItem(results.pop(), searchTerms, highlightTerms);
setTimeout(
() => _displayNextItem(results, resultCount, searchTerms, highlightTerms),
5
5,
);
}
// search finished, update title and status message
@@ -170,9 +185,10 @@ const _orderResultsByScoreThenName = (a, b) => {
* This is the same as ``\W+`` in Python, preserving the surrogate pair area.
*/
if (typeof splitQuery === "undefined") {
var splitQuery = (query) => query
var splitQuery = (query) =>
query
.split(/[^\p{Letter}\p{Number}_\p{Emoji_Presentation}]+/gu)
.filter(term => term) // remove remaining empty strings
.filter((term) => term); // remove remaining empty strings
}
/**
@@ -184,16 +200,23 @@ const Search = {
_pulse_status: -1,
htmlToText: (htmlString, anchor) => {
const htmlElement = new DOMParser().parseFromString(htmlString, 'text/html');
const htmlElement = new DOMParser().parseFromString(
htmlString,
"text/html",
);
for (const removalQuery of [".headerlink", "script", "style"]) {
htmlElement.querySelectorAll(removalQuery).forEach((el) => { el.remove() });
htmlElement.querySelectorAll(removalQuery).forEach((el) => {
el.remove();
});
}
if (anchor) {
const anchorContent = htmlElement.querySelector(`[role="main"] ${anchor}`);
const anchorContent = htmlElement.querySelector(
`[role="main"] ${anchor}`,
);
if (anchorContent) return anchorContent.textContent;
console.warn(
`Anchored content block not found. Sphinx search tries to obtain it via DOM query '[role=main] ${anchor}'. Check your theme or template.`
`Anchored content block not found. Sphinx search tries to obtain it via DOM query '[role=main] ${anchor}'. Check your theme or template.`,
);
}
@@ -202,7 +225,7 @@ const Search = {
if (docContent) return docContent.textContent;
console.warn(
"Content block not found. Sphinx search tries to obtain it via DOM query '[role=main]'. Check your theme or template."
"Content block not found. Sphinx search tries to obtain it via DOM query '[role=main]'. Check your theme or template.",
);
return "";
},
@@ -287,12 +310,8 @@ const Search = {
const queryTermLower = queryTerm.toLowerCase();
// maybe skip this "word"
// stopwords array is from language_data.js
if (
stopwords.indexOf(queryTermLower) !== -1 ||
queryTerm.match(/^\d+$/)
)
return;
// stopwords set is from language_data.js
if (stopwords.has(queryTermLower) || queryTerm.match(/^\d+$/)) return;
// stem the word
let word = stemmer.stemWord(queryTermLower);
@@ -304,8 +323,12 @@ const Search = {
}
});
if (SPHINX_HIGHLIGHT_ENABLED) { // set in sphinx_highlight.js
localStorage.setItem("sphinx_highlight_terms", [...highlightTerms].join(" "))
if (SPHINX_HIGHLIGHT_ENABLED) {
// SPHINX_HIGHLIGHT_ENABLED is set in sphinx_highlight.js
localStorage.setItem(
"sphinx_highlight_terms",
[...highlightTerms].join(" "),
);
}
// console.debug("SEARCH: searching for:");
@@ -318,7 +341,13 @@ const Search = {
/**
* execute search (requires search index to be loaded)
*/
_performSearch: (query, searchTerms, excludedTerms, highlightTerms, objectTerms) => {
_performSearch: (
query,
searchTerms,
excludedTerms,
highlightTerms,
objectTerms,
) => {
const filenames = Search._index.filenames;
const docNames = Search._index.docnames;
const titles = Search._index.titles;
@@ -334,10 +363,15 @@ const Search = {
const queryLower = query.toLowerCase().trim();
for (const [title, foundTitles] of Object.entries(allTitles)) {
if (title.toLowerCase().trim().includes(queryLower) && (queryLower.length >= title.length/2)) {
if (
title.toLowerCase().trim().includes(queryLower)
&& queryLower.length >= title.length / 2
) {
for (const [file, id] of foundTitles) {
const score = Math.round(Scorer.title * queryLower.length / title.length);
const boost = titles[file] === title ? 1 : 0; // add a boost for document titles
const score = Math.round(
(Scorer.title * queryLower.length) / title.length,
);
const boost = titles[file] === title ? 1 : 0; // add a boost for document titles
normalResults.push([
docNames[file],
titles[file] !== title ? `${titles[file]} > ${title}` : title,
@@ -353,9 +387,9 @@ const Search = {
// search for explicit entries in index directives
for (const [entry, foundEntries] of Object.entries(indexEntries)) {
if (entry.includes(queryLower) && (queryLower.length >= entry.length/2)) {
if (entry.includes(queryLower) && queryLower.length >= entry.length / 2) {
for (const [file, id, isMain] of foundEntries) {
const score = Math.round(100 * queryLower.length / entry.length);
const score = Math.round((100 * queryLower.length) / entry.length);
const result = [
docNames[file],
titles[file],
@@ -376,11 +410,13 @@ const Search = {
// lookup as object
objectTerms.forEach((term) =>
normalResults.push(...Search.performObjectSearch(term, objectTerms))
normalResults.push(...Search.performObjectSearch(term, objectTerms)),
);
// lookup as search terms in fulltext
normalResults.push(...Search.performTermsSearch(searchTerms, excludedTerms));
normalResults.push(
...Search.performTermsSearch(searchTerms, excludedTerms),
);
// let the scorer override scores with a custom scoring function
if (Scorer.score) {
@@ -401,7 +437,11 @@ const Search = {
// note the reversing of results, so that in the case of duplicates, the highest-scoring entry is kept
let seen = new Set();
results = results.reverse().reduce((acc, result) => {
let resultStr = result.slice(0, 4).concat([result[5]]).map(v => String(v)).join(',');
let resultStr = result
.slice(0, 4)
.concat([result[5]])
.map((v) => String(v))
.join(",");
if (!seen.has(resultStr)) {
acc.push(result);
seen.add(resultStr);
@@ -413,8 +453,20 @@ const Search = {
},
query: (query) => {
const [searchQuery, searchTerms, excludedTerms, highlightTerms, objectTerms] = Search._parseQuery(query);
const results = Search._performSearch(searchQuery, searchTerms, excludedTerms, highlightTerms, objectTerms);
const [
searchQuery,
searchTerms,
excludedTerms,
highlightTerms,
objectTerms,
] = Search._parseQuery(query);
const results = Search._performSearch(
searchQuery,
searchTerms,
excludedTerms,
highlightTerms,
objectTerms,
);
// for debugging
//Search.lastresults = results.slice(); // a copy
@@ -437,7 +489,7 @@ const Search = {
const results = [];
const objectSearchCallback = (prefix, match) => {
const name = match[4]
const name = match[4];
const fullname = (prefix ? prefix + "." : "") + name;
const fullnameLower = fullname.toLowerCase();
if (fullnameLower.indexOf(object) < 0) return;
@@ -489,9 +541,7 @@ const Search = {
]);
};
Object.keys(objects).forEach((prefix) =>
objects[prefix].forEach((array) =>
objectSearchCallback(prefix, array)
)
objects[prefix].forEach((array) => objectSearchCallback(prefix, array)),
);
return results;
},
@@ -516,8 +566,14 @@ const Search = {
// find documents, if any, containing the query word in their text/title term indices
// use Object.hasOwnProperty to avoid mismatching against prototype properties
const arr = [
{ files: terms.hasOwnProperty(word) ? terms[word] : undefined, score: Scorer.term },
{ files: titleTerms.hasOwnProperty(word) ? titleTerms[word] : undefined, score: Scorer.title },
{
files: terms.hasOwnProperty(word) ? terms[word] : undefined,
score: Scorer.term,
},
{
files: titleTerms.hasOwnProperty(word) ? titleTerms[word] : undefined,
score: Scorer.title,
},
];
// add support for partial matches
if (word.length > 2) {
@@ -558,7 +614,8 @@ const Search = {
// create the mapping
files.forEach((file) => {
if (!fileMap.has(file)) fileMap.set(file, [word]);
else if (fileMap.get(file).indexOf(word) === -1) fileMap.get(file).push(word);
else if (fileMap.get(file).indexOf(word) === -1)
fileMap.get(file).push(word);
});
});
@@ -569,11 +626,11 @@ const Search = {
// as search terms with length < 3 are discarded
const filteredTermCount = [...searchTerms].filter(
(term) => term.length > 2
(term) => term.length > 2,
).length;
if (
wordList.length !== searchTerms.size &&
wordList.length !== filteredTermCount
wordList.length !== searchTerms.size
&& wordList.length !== filteredTermCount
)
continue;
@@ -581,10 +638,10 @@ const Search = {
if (
[...excludedTerms].some(
(term) =>
terms[term] === file ||
titleTerms[term] === file ||
(terms[term] || []).includes(file) ||
(titleTerms[term] || []).includes(file)
terms[term] === file
|| titleTerms[term] === file
|| (terms[term] || []).includes(file)
|| (titleTerms[term] || []).includes(file),
)
)
break;
@@ -626,7 +683,8 @@ const Search = {
let summary = document.createElement("p");
summary.classList.add("context");
summary.textContent = top + text.substr(startWithContext, 240).trim() + tail;
summary.textContent =
top + text.substr(startWithContext, 240).trim() + tail;
return summary;
},

67
main/_static/sphinx_highlight.js
View File

@@ -1,7 +1,7 @@
/* Highlighting utilities for Sphinx HTML documentation. */
"use strict";
const SPHINX_HIGHLIGHT_ENABLED = true
const SPHINX_HIGHLIGHT_ENABLED = true;
/**
* highlight a given string on a node by wrapping it in
@@ -13,9 +13,9 @@ const _highlight = (node, addItems, text, className) => {
const parent = node.parentNode;
const pos = val.toLowerCase().indexOf(text);
if (
pos >= 0 &&
!parent.classList.contains(className) &&
!parent.classList.contains("nohighlight")
pos >= 0
&& !parent.classList.contains(className)
&& !parent.classList.contains("nohighlight")
) {
let span;
@@ -30,13 +30,7 @@ const _highlight = (node, addItems, text, className) => {
span.appendChild(document.createTextNode(val.substr(pos, text.length)));
const rest = document.createTextNode(val.substr(pos + text.length));
parent.insertBefore(
span,
parent.insertBefore(
rest,
node.nextSibling
)
);
parent.insertBefore(span, parent.insertBefore(rest, node.nextSibling));
node.nodeValue = val.substr(0, pos);
/* There may be more occurrences of search term in this node. So call this
* function recursively on the remaining fragment.
@@ -46,7 +40,7 @@ const _highlight = (node, addItems, text, className) => {
if (isInSVG) {
const rect = document.createElementNS(
"http://www.w3.org/2000/svg",
"rect"
"rect",
);
const bbox = parent.getBBox();
rect.x.baseVal.value = bbox.x;
@@ -65,7 +59,7 @@ const _highlightText = (thisNode, text, className) => {
let addItems = [];
_highlight(thisNode, addItems, text, className);
addItems.forEach((obj) =>
obj.parent.insertAdjacentElement("beforebegin", obj.target)
obj.parent.insertAdjacentElement("beforebegin", obj.target),
);
};
@@ -73,25 +67,31 @@ const _highlightText = (thisNode, text, className) => {
* Small JavaScript module for the documentation.
*/
const SphinxHighlight = {
/**
* highlight the search words provided in localstorage in the text
*/
highlightSearchWords: () => {
if (!SPHINX_HIGHLIGHT_ENABLED) return; // bail if no highlight
if (!SPHINX_HIGHLIGHT_ENABLED) return; // bail if no highlight
// get and clear terms from localstorage
const url = new URL(window.location);
const highlight =
localStorage.getItem("sphinx_highlight_terms")
|| url.searchParams.get("highlight")
|| "";
localStorage.removeItem("sphinx_highlight_terms")
url.searchParams.delete("highlight");
window.history.replaceState({}, "", url);
localStorage.getItem("sphinx_highlight_terms")
|| url.searchParams.get("highlight")
|| "";
localStorage.removeItem("sphinx_highlight_terms");
// Update history only if '?highlight' is present; otherwise it
// clears text fragments (not set in window.location by the browser)
if (url.searchParams.has("highlight")) {
url.searchParams.delete("highlight");
window.history.replaceState({}, "", url);
}
// get individual terms from highlight string
const terms = highlight.toLowerCase().split(/\s+/).filter(x => x);
const terms = highlight
.toLowerCase()
.split(/\s+/)
.filter((x) => x);
if (terms.length === 0) return; // nothing to do
// There should never be more than one element matching "div.body"
@@ -107,11 +107,11 @@ const SphinxHighlight = {
document
.createRange()
.createContextualFragment(
'<p class="highlight-link">' +
'<a href="javascript:SphinxHighlight.hideSearchWords()">' +
_("Hide Search Matches") +
"</a></p>"
)
'<p class="highlight-link">'
+ '<a href="javascript:SphinxHighlight.hideSearchWords()">'
+ _("Hide Search Matches")
+ "</a></p>",
),
);
},
@@ -125,7 +125,7 @@ const SphinxHighlight = {
document
.querySelectorAll("span.highlighted")
.forEach((el) => el.classList.remove("highlighted"));
localStorage.removeItem("sphinx_highlight_terms")
localStorage.removeItem("sphinx_highlight_terms");
},
initEscapeListener: () => {
@@ -134,10 +134,15 @@ const SphinxHighlight = {
document.addEventListener("keydown", (event) => {
// bail for input elements
if (BLACKLISTED_KEY_CONTROL_ELEMENTS.has(document.activeElement.tagName)) return;
if (BLACKLISTED_KEY_CONTROL_ELEMENTS.has(document.activeElement.tagName))
return;
// bail with special keys
if (event.shiftKey || event.altKey || event.ctrlKey || event.metaKey) return;
if (DOCUMENTATION_OPTIONS.ENABLE_SEARCH_SHORTCUTS && (event.key === "Escape")) {
if (event.shiftKey || event.altKey || event.ctrlKey || event.metaKey)
return;
if (
DOCUMENTATION_OPTIONS.ENABLE_SEARCH_SHORTCUTS
&& event.key === "Escape"
) {
SphinxHighlight.hideSearchWords();
event.preventDefault();
}

4
main/developing.html
View File

@@ -16,8 +16,8 @@
<script src="_static/jquery.js?v=5d32c60e"></script>
<script src="_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
<script src="_static/documentation_options.js?v=5929fcd5"></script>
<script src="_static/doctools.js?v=9bcbadda"></script>
<script src="_static/sphinx_highlight.js?v=dc90522c"></script>
<script src="_static/doctools.js?v=fd6eb6e6"></script>
<script src="_static/sphinx_highlight.js?v=6ffebe34"></script>
<script src="_static/js/theme.js"></script>
<link rel="index" title="Index" href="genindex.html" />
<link rel="search" title="Search" href="search.html" />

4
main/genindex.html
View File

@@ -15,8 +15,8 @@
<script src="_static/jquery.js?v=5d32c60e"></script>
<script src="_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
<script src="_static/documentation_options.js?v=5929fcd5"></script>
<script src="_static/doctools.js?v=9bcbadda"></script>
<script src="_static/sphinx_highlight.js?v=dc90522c"></script>
<script src="_static/doctools.js?v=fd6eb6e6"></script>
<script src="_static/sphinx_highlight.js?v=6ffebe34"></script>
<script src="_static/js/theme.js"></script>
<link rel="index" title="Index" href="#" />
<link rel="search" title="Search" href="search.html" />

6
main/index.html
View File

@@ -16,8 +16,8 @@
<script src="_static/jquery.js?v=5d32c60e"></script>
<script src="_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
<script src="_static/documentation_options.js?v=5929fcd5"></script>
<script src="_static/doctools.js?v=9bcbadda"></script>
<script src="_static/sphinx_highlight.js?v=dc90522c"></script>
<script src="_static/doctools.js?v=fd6eb6e6"></script>
<script src="_static/sphinx_highlight.js?v=6ffebe34"></script>
<script src="_static/js/theme.js"></script>
<link rel="index" title="Index" href="genindex.html" />
<link rel="search" title="Search" href="search.html" />
@@ -107,7 +107,9 @@
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="plugins/index.html">Plugin Index</a><ul>
<li class="toctree-l2"><a class="reference internal" href="plugins/keycloak_authentication_flow.html">keycloak_authentication_flow Allows administration of Keycloak authentication flows via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="plugins/keycloak_client.html">keycloak_client Allows administration of Keycloak clients via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="plugins/keycloak_client_scope.html">keycloak_client_scope Allows administration of Keycloak client scopes via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="plugins/keycloak_realm.html">keycloak_realm Allows administration of Keycloak realm via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="plugins/keycloak_role.html">keycloak_role Allows administration of Keycloak roles via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="plugins/keycloak_user_federation.html">keycloak_user_federation Allows administration of Keycloak user federations via Keycloak API</a></li>

BIN
main/objects.inv
View File

Binary file not shown.

32
main/plugins/index.html
View File

@@ -16,12 +16,12 @@
<script src="../_static/jquery.js?v=5d32c60e"></script>
<script src="../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
<script src="../_static/documentation_options.js?v=5929fcd5"></script>
<script src="../_static/doctools.js?v=9bcbadda"></script>
<script src="../_static/sphinx_highlight.js?v=dc90522c"></script>
<script src="../_static/doctools.js?v=fd6eb6e6"></script>
<script src="../_static/sphinx_highlight.js?v=6ffebe34"></script>
<script src="../_static/js/theme.js"></script>
<link rel="index" title="Index" href="../genindex.html" />
<link rel="search" title="Search" href="../search.html" />
<link rel="next" title="keycloak_client Allows administration of Keycloak clients via Keycloak API" href="keycloak_client.html" />
<link rel="next" title="keycloak_authentication_flow Allows administration of Keycloak authentication flows via Keycloak API" href="keycloak_authentication_flow.html" />
<link rel="prev" title="Ansible Collection - middleware_automation.keycloak" href="../README.html" />
</head>
@@ -48,7 +48,9 @@
<ul class="current">
<li class="toctree-l1"><a class="reference internal" href="../README.html">Ansible Collection - middleware_automation.keycloak</a></li>
<li class="toctree-l1 current"><a class="current reference internal" href="#">Plugin Index</a><ul>
<li class="toctree-l2"><a class="reference internal" href="keycloak_authentication_flow.html">keycloak_authentication_flow Allows administration of Keycloak authentication flows via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_client.html">keycloak_client Allows administration of Keycloak clients via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_client_scope.html">keycloak_client_scope Allows administration of Keycloak client scopes via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_realm.html">keycloak_realm Allows administration of Keycloak realm via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_role.html">keycloak_role Allows administration of Keycloak roles via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_user_federation.html">keycloak_user_federation Allows administration of Keycloak user federations via Keycloak API</a></li>
@@ -105,6 +107,17 @@
<div class="toctree-wrapper compound">
<p class="caption" role="heading"><span class="caption-text">modules plugins</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="keycloak_authentication_flow.html">keycloak_authentication_flow Allows administration of Keycloak authentication flows via Keycloak API</a><ul>
<li class="toctree-l2"><a class="reference internal" href="keycloak_authentication_flow.html#synopsis">Synopsis</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_authentication_flow.html#parameters">Parameters</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_authentication_flow.html#attributes">Attributes</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_authentication_flow.html#examples">Examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_authentication_flow.html#return-values">Return Values</a><ul>
<li class="toctree-l3"><a class="reference internal" href="keycloak_authentication_flow.html#authors">Authors</a></li>
</ul>
</li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="keycloak_client.html">keycloak_client Allows administration of Keycloak clients via Keycloak API</a><ul>
<li class="toctree-l2"><a class="reference internal" href="keycloak_client.html#synopsis">Synopsis</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_client.html#parameters">Parameters</a></li>
@@ -116,6 +129,17 @@
</li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="keycloak_client_scope.html">keycloak_client_scope Allows administration of Keycloak client scopes via Keycloak API</a><ul>
<li class="toctree-l2"><a class="reference internal" href="keycloak_client_scope.html#synopsis">Synopsis</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_client_scope.html#parameters">Parameters</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_client_scope.html#attributes">Attributes</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_client_scope.html#examples">Examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_client_scope.html#return-values">Return Values</a><ul>
<li class="toctree-l3"><a class="reference internal" href="keycloak_client_scope.html#authors">Authors</a></li>
</ul>
</li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="keycloak_realm.html">keycloak_realm Allows administration of Keycloak realm via Keycloak API</a><ul>
<li class="toctree-l2"><a class="reference internal" href="keycloak_realm.html#synopsis">Synopsis</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_realm.html#parameters">Parameters</a></li>
@@ -158,7 +182,7 @@
</div>
<footer><div class="rst-footer-buttons" role="navigation" aria-label="Footer">
<a href="../README.html" class="btn btn-neutral float-left" title="Ansible Collection - middleware_automation.keycloak" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
<a href="keycloak_client.html" class="btn btn-neutral float-right" title="keycloak_client Allows administration of Keycloak clients via Keycloak API" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
<a href="keycloak_authentication_flow.html" class="btn btn-neutral float-right" title="keycloak_authentication_flow Allows administration of Keycloak authentication flows via Keycloak API" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
</div>
<hr/>

622
main/plugins/keycloak_authentication_flow.html Normal file
View File

@@ -0,0 +1,622 @@
<!DOCTYPE html>
<html class="writer-html5" lang="en" data-content_root="../">
<head>
<meta charset="utf-8" /><meta name="viewport" content="width=device-width, initial-scale=1" />
<meta content="2.24.0" name="antsibull-docs" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>keycloak_authentication_flow Allows administration of Keycloak authentication flows via Keycloak API &mdash; Keycloak Ansible Collection documentation</title>
<link rel="stylesheet" type="text/css" href="../_static/pygments.css?v=41de9001" />
<link rel="stylesheet" type="text/css" href="../_static/css/theme.css?v=9edc463e" />
<link rel="stylesheet" type="text/css" href="../_static/antsibull-minimal.css" />
<link rel="stylesheet" type="text/css" href="../_static/ansible-basic-sphinx-ext.css" />
<script src="../_static/jquery.js?v=5d32c60e"></script>
<script src="../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
<script src="../_static/documentation_options.js?v=5929fcd5"></script>
<script src="../_static/doctools.js?v=fd6eb6e6"></script>
<script src="../_static/sphinx_highlight.js?v=6ffebe34"></script>
<script src="../_static/js/theme.js"></script>
<link rel="index" title="Index" href="../genindex.html" />
<link rel="search" title="Search" href="../search.html" />
<link rel="next" title="keycloak_client Allows administration of Keycloak clients via Keycloak API" href="keycloak_client.html" />
<link rel="prev" title="Plugin Index" href="index.html" />
</head>
<body class="wy-body-for-nav">
<div class="wy-grid-for-nav">
<nav data-toggle="wy-nav-shift" class="wy-nav-side">
<div class="wy-side-scroll">
<div class="wy-side-nav-search" >
<a href="../index.html" class="icon icon-home">
Keycloak Ansible Collection
</a>
<div role="search">
<form id="rtd-search-form" class="wy-form" action="../search.html" method="get">
<input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
</div>
</div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
<p class="caption" role="heading"><span class="caption-text">User documentation</span></p>
<ul class="current">
<li class="toctree-l1"><a class="reference internal" href="../README.html">Ansible Collection - middleware_automation.keycloak</a></li>
<li class="toctree-l1 current"><a class="reference internal" href="index.html">Plugin Index</a><ul class="current">
<li class="toctree-l2 current"><a class="current reference internal" href="#">keycloak_authentication_flow Allows administration of Keycloak authentication flows via Keycloak API</a><ul>
<li class="toctree-l3"><a class="reference internal" href="#synopsis">Synopsis</a></li>
<li class="toctree-l3"><a class="reference internal" href="#parameters">Parameters</a></li>
<li class="toctree-l3"><a class="reference internal" href="#attributes">Attributes</a></li>
<li class="toctree-l3"><a class="reference internal" href="#examples">Examples</a></li>
<li class="toctree-l3"><a class="reference internal" href="#return-values">Return Values</a><ul>
<li class="toctree-l4"><a class="reference internal" href="#authors">Authors</a></li>
</ul>
</li>
</ul>
</li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_client.html">keycloak_client Allows administration of Keycloak clients via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_client_scope.html">keycloak_client_scope Allows administration of Keycloak client scopes via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_realm.html">keycloak_realm Allows administration of Keycloak realm via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_role.html">keycloak_role Allows administration of Keycloak roles via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_user_federation.html">keycloak_user_federation Allows administration of Keycloak user federations via Keycloak API</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../roles/index.html">Role Index</a></li>
<li class="toctree-l1"><a class="reference internal" href="../CHANGELOG.html">Changelog</a></li>
</ul>
<p class="caption" role="heading"><span class="caption-text">Developer documentation</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../developing.html">Developing</a></li>
<li class="toctree-l1"><a class="reference internal" href="../developing.html#contributor-s-guidelines">Contributors Guidelines</a></li>
<li class="toctree-l1"><a class="reference internal" href="../testing.html">Testing</a></li>
<li class="toctree-l1"><a class="reference internal" href="../releasing.html">Releasing</a></li>
</ul>
<p class="caption" role="heading"><span class="caption-text">Middleware collections</span></p>
<ul>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/keycloak/main/">Keycloak / Red Hat Single Sign-On</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/infinispan/main/">Infinispan / Red Hat Data Grid</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/wildfly/main/">Wildfly / Red Hat JBoss EAP</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/jws/main/">Tomcat / Red Hat JWS</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/amq/main/">ActiveMQ / Red Hat AMQ Broker</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/amq_streams/main/">Kafka / Red Hat AMQ Streams</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/common/main/">Ansible Middleware utilities</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/ansible_collections_jcliff/main/">JCliff</a></li>
</ul>
</div>
</div>
</nav>
<section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
<i data-toggle="wy-nav-top" class="fa fa-bars"></i>
<a href="../index.html">Keycloak Ansible Collection</a>
</nav>
<div class="wy-nav-content">
<div class="rst-content">
<div role="navigation" aria-label="Page navigation">
<ul class="wy-breadcrumbs">
<li><a href="../index.html" class="icon icon-home" aria-label="Home"></a></li>
<li class="breadcrumb-item"><a href="index.html">Plugin Index</a></li>
<li class="breadcrumb-item active">keycloak_authentication_flow Allows administration of Keycloak authentication flows via Keycloak API</li>
<li class="wy-breadcrumbs-aside">
<a href="../_sources/plugins/keycloak_authentication_flow.rst.txt" rel="nofollow"> View page source</a>
</li>
</ul>
<hr/>
</div>
<div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
<div itemprop="articleBody">
<span class="target" id="ansible-collections-middleware-automation-keycloak-keycloak-authentication-flow-module"></span><section id="keycloak-authentication-flow-allows-administration-of-keycloak-authentication-flows-via-keycloak-api">
<h1>keycloak_authentication_flow Allows administration of Keycloak authentication flows via Keycloak API<a class="headerlink" href="#keycloak-authentication-flow-allows-administration-of-keycloak-authentication-flows-via-keycloak-api" title="Link to this heading"></a></h1>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p>This module is part of the <a class="reference external" href="https://galaxy.ansible.com/ui/repo/published/middleware_automation/keycloak/">middleware_automation.keycloak collection</a>.</p>
<p>It is not included in <code class="docutils literal notranslate"><span class="pre">ansible-core</span></code>.
To check whether it is installed, run <code class="code docutils literal notranslate"><span class="pre">ansible-galaxy</span> <span class="pre">collection</span> <span class="pre">list</span></code>.</p>
<p>To install it, use: <code class="code docutils literal notranslate"><span class="pre">ansible-galaxy</span> <span class="pre">collection</span> <span class="pre">install</span> <span class="pre">middleware_automation.keycloak</span></code>.</p>
<p>To use it in a playbook, specify: <code class="code docutils literal notranslate"><span class="pre">middleware_automation.keycloak.keycloak_authentication_flow</span></code>.</p>
</div>
<nav class="contents local" id="contents">
<ul class="simple">
<li><p><a class="reference internal" href="#synopsis" id="id1">Synopsis</a></p></li>
<li><p><a class="reference internal" href="#parameters" id="id2">Parameters</a></p></li>
<li><p><a class="reference internal" href="#attributes" id="id3">Attributes</a></p></li>
<li><p><a class="reference internal" href="#examples" id="id4">Examples</a></p></li>
<li><p><a class="reference internal" href="#return-values" id="id5">Return Values</a></p></li>
</ul>
</nav>
<section id="synopsis">
<h2><a class="toc-backref" href="#id1" role="doc-backlink">Synopsis</a><a class="headerlink" href="#synopsis" title="Link to this heading"></a></h2>
<ul class="simple">
<li><p>This module allows you to add, remove or modify Keycloak authentication flows via the Keycloak REST API. It requires access to the REST API via OpenID Connect; the user connecting and the client being used must have the requisite access rights. In a default Keycloak installation, admin-cli and an admin user would work, as would a separate client definition with the scope tailored to your needs and a user having the expected roles.</p></li>
<li><p>This module supports creating new top-level authentication flows, copying existing flows, and adding execution steps to a flow.</p></li>
</ul>
</section>
<section id="parameters">
<h2><a class="toc-backref" href="#id2" role="doc-backlink">Parameters</a><a class="headerlink" href="#parameters" title="Link to this heading"></a></h2>
<table class="colwidths-auto ansible-option-table docutils align-default" style="width: 100%">
<thead>
<tr class="row-odd">
<th class="head"><p>Parameter</p></th>
<th class="head"><p>Comments</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-alias"></div>
<p class="ansible-option-title"><strong>alias</strong></p>
<a class="ansibleOptionLink" href="#parameter-alias" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
/ <span class="ansible-option-required">required</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Alias (name) of the authentication flow.</p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-auth_client_id"></div>
<p class="ansible-option-title"><strong>auth_client_id</strong></p>
<a class="ansibleOptionLink" href="#parameter-auth_client_id" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>OpenID Connect <em>client_id</em> to authenticate to the API with.</p>
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">&#34;admin-cli&#34;</code></p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-auth_client_secret"></div>
<p class="ansible-option-title"><strong>auth_client_secret</strong></p>
<a class="ansibleOptionLink" href="#parameter-auth_client_secret" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Client Secret to use in conjunction with <em>auth_client_id</em> (if required).</p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-auth_keycloak_url"></div>
<div class="ansibleOptionAnchor" id="parameter-url"></div>
<p class="ansible-option-title"><strong>auth_keycloak_url</strong></p>
<a class="ansibleOptionLink" href="#parameter-auth_keycloak_url" title="Permalink to this option"></a>
<p class="ansible-option-type-line"><span class="ansible-option-aliases">aliases: url</span></p>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
/ <span class="ansible-option-required">required</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>URL to the Keycloak instance.</p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-auth_password"></div>
<div class="ansibleOptionAnchor" id="parameter-password"></div>
<p class="ansible-option-title"><strong>auth_password</strong></p>
<a class="ansibleOptionLink" href="#parameter-auth_password" title="Permalink to this option"></a>
<p class="ansible-option-type-line"><span class="ansible-option-aliases">aliases: password</span></p>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Password to authenticate for API access with.</p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-auth_realm"></div>
<p class="ansible-option-title"><strong>auth_realm</strong></p>
<a class="ansibleOptionLink" href="#parameter-auth_realm" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Keycloak realm name to authenticate to for API access.</p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-auth_username"></div>
<div class="ansibleOptionAnchor" id="parameter-username"></div>
<p class="ansible-option-title"><strong>auth_username</strong></p>
<a class="ansibleOptionLink" href="#parameter-auth_username" title="Permalink to this option"></a>
<p class="ansible-option-type-line"><span class="ansible-option-aliases">aliases: username</span></p>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Username to authenticate for API access with.</p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-connection_timeout"></div>
<p class="ansible-option-title"><strong>connection_timeout</strong></p>
<a class="ansibleOptionLink" href="#parameter-connection_timeout" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">integer</span>
</p>
<p><em class="ansible-option-versionadded">added in middleware_automation.keycloak 4.5.0</em></p>
</div></td>
<td><div class="ansible-option-cell">
<p>Controls the HTTP connections timeout period (in seconds) to Keycloak API.</p>
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">10</code></p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-copy_from"></div>
<div class="ansibleOptionAnchor" id="parameter-copyFrom"></div>
<p class="ansible-option-title"><strong>copy_from</strong></p>
<a class="ansibleOptionLink" href="#parameter-copy_from" title="Permalink to this option"></a>
<p class="ansible-option-type-line"><span class="ansible-option-aliases">aliases: copyFrom</span></p>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>If set, the new flow is created as a copy of the flow with this alias.</p>
<p>Cannot be used together with <code class="ansible-option literal notranslate"><strong><a class="reference internal" href="#parameter-executions"><span class="std std-ref"><span class="pre">executions</span></span></a></strong></code>.</p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-description"></div>
<p class="ansible-option-title"><strong>description</strong></p>
<a class="ansibleOptionLink" href="#parameter-description" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Description of the authentication flow.</p>
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">&#34;&#34;</code></p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-executions"></div>
<p class="ansible-option-title"><strong>executions</strong></p>
<a class="ansibleOptionLink" href="#parameter-executions" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">list</span>
/ <span class="ansible-option-elements">elements=dictionary</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>A list of executions (authenticator steps) to add to the flow.</p>
<p>Each execution is a dict with keys <code class='docutils literal notranslate'>provider_id</code> (or <code class='docutils literal notranslate'>providerId</code>) and <code class='docutils literal notranslate'>requirement</code>.</p>
<p>Executions are only added when the flow is first created.</p>
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">[]</code></p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-executions/provider_id"></div>
<div class="ansibleOptionAnchor" id="parameter-executions/providerId"></div>
<p class="ansible-option-title"><strong>provider_id</strong></p>
<a class="ansibleOptionLink" href="#parameter-executions/provider_id" title="Permalink to this option"></a>
<p class="ansible-option-type-line"><span class="ansible-option-aliases">aliases: providerId</span></p>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
/ <span class="ansible-option-required">required</span>
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>The authenticator provider ID (e.g. <code class="ansible-value literal notranslate">auth-cookie</code>, <code class="ansible-value literal notranslate">auth-password</code>, <code class="ansible-value literal notranslate">auth-otp-form</code>).</p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-executions/requirement"></div>
<p class="ansible-option-title"><strong>requirement</strong></p>
<a class="ansibleOptionLink" href="#parameter-executions/requirement" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
/ <span class="ansible-option-required">required</span>
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>The requirement level for this execution.</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
<ul class="simple">
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">&#34;REQUIRED&#34;</code></p></li>
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">&#34;ALTERNATIVE&#34;</code></p></li>
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">&#34;DISABLED&#34;</code></p></li>
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">&#34;CONDITIONAL&#34;</code></p></li>
</ul>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-http_agent"></div>
<p class="ansible-option-title"><strong>http_agent</strong></p>
<a class="ansibleOptionLink" href="#parameter-http_agent" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
<p><em class="ansible-option-versionadded">added in middleware_automation.keycloak 5.4.0</em></p>
</div></td>
<td><div class="ansible-option-cell">
<p>Configures the HTTP User-Agent header.</p>
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">&#34;Ansible&#34;</code></p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-provider_id"></div>
<div class="ansibleOptionAnchor" id="parameter-providerId"></div>
<p class="ansible-option-title"><strong>provider_id</strong></p>
<a class="ansibleOptionLink" href="#parameter-provider_id" title="Permalink to this option"></a>
<p class="ansible-option-type-line"><span class="ansible-option-aliases">aliases: providerId</span></p>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>The provider ID for the flow.</p>
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">&#34;basic-flow&#34;</code></p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-realm"></div>
<p class="ansible-option-title"><strong>realm</strong></p>
<a class="ansibleOptionLink" href="#parameter-realm" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>The Keycloak realm under which this authentication flow resides.</p>
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">&#34;master&#34;</code></p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-state"></div>
<p class="ansible-option-title"><strong>state</strong></p>
<a class="ansibleOptionLink" href="#parameter-state" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>State of the authentication flow.</p>
<p>On <code class="ansible-value literal notranslate">present</code>, the flow will be created if it does not yet exist.</p>
<p>On <code class="ansible-value literal notranslate">absent</code>, the flow will be removed if it exists.</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
<ul class="simple">
<li><p><code class="ansible-value literal notranslate ansible-option-default-bold"><strong>&#34;present&#34;</strong></code> <span class="ansible-option-choices-default-mark">← (default)</span></p></li>
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">&#34;absent&#34;</code></p></li>
</ul>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-token"></div>
<p class="ansible-option-title"><strong>token</strong></p>
<a class="ansibleOptionLink" href="#parameter-token" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
<p><em class="ansible-option-versionadded">added in middleware_automation.keycloak 3.0.0</em></p>
</div></td>
<td><div class="ansible-option-cell">
<p>Authentication token for Keycloak API.</p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-validate_certs"></div>
<p class="ansible-option-title"><strong>validate_certs</strong></p>
<a class="ansibleOptionLink" href="#parameter-validate_certs" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">boolean</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Verify TLS certificates (do not disable this in production).</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
<ul class="simple">
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">false</code></p></li>
<li><p><code class="ansible-value literal notranslate ansible-option-default-bold"><strong>true</strong></code> <span class="ansible-option-choices-default-mark">← (default)</span></p></li>
</ul>
</div></td>
</tr>
</tbody>
</table></section>
<section id="attributes">
<h2><a class="toc-backref" href="#id3" role="doc-backlink">Attributes</a><a class="headerlink" href="#attributes" title="Link to this heading"></a></h2>
<table class="longtable ansible-option-table docutils align-default" style="width: 100%">
<thead>
<tr class="row-odd"><th class="head"><p>Attribute</p></th>
<th class="head"><p>Support</p></th>
<th class="head"><p>Description</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even"><td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="attribute-check_mode"></div><p class="ansible-option-title" id="ansible-collections-middleware-automation-keycloak-keycloak-authentication-flow-module-attribute-check-mode"><strong>check_mode</strong></p>
<a class="ansibleOptionLink" href="#attribute-check_mode" title="Permalink to this attribute"></a></div></td>
<td><div class="ansible-option-cell"><p><strong class="ansible-attribute-support-label">Support: </strong><strong class="ansible-attribute-support-full">full</strong></p>
</div></td>
<td><div class="ansible-option-cell"><p>Can run in <code class="docutils literal notranslate"><span class="pre">check_mode</span></code> and return changed status prediction without modifying target.</p>
</div></td>
</tr>
<tr class="row-odd"><td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="attribute-diff_mode"></div><p class="ansible-option-title" id="ansible-collections-middleware-automation-keycloak-keycloak-authentication-flow-module-attribute-diff-mode"><strong>diff_mode</strong></p>
<a class="ansibleOptionLink" href="#attribute-diff_mode" title="Permalink to this attribute"></a></div></td>
<td><div class="ansible-option-cell"><p><strong class="ansible-attribute-support-label">Support: </strong><strong class="ansible-attribute-support-full">full</strong></p>
</div></td>
<td><div class="ansible-option-cell"><p>Will return details on what has changed (or possibly needs changing in <code class="docutils literal notranslate"><span class="pre">check_mode</span></code>), when in diff mode.</p>
</div></td>
</tr>
</tbody>
</table>
</section>
<section id="examples">
<h2><a class="toc-backref" href="#id4" role="doc-backlink">Examples</a><a class="headerlink" href="#examples" title="Link to this heading"></a></h2>
<div class="highlight-yaml+jinja notranslate"><div class="highlight"><pre><span></span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Create an authentication flow with executions</span>
<span class="w"> </span><span class="nt">middleware_automation.keycloak.keycloak_authentication_flow</span><span class="p">:</span>
<span class="w"> </span><span class="nt">auth_keycloak_url</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">http://localhost:8080</span>
<span class="w"> </span><span class="nt">auth_realm</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">master</span>
<span class="w"> </span><span class="nt">auth_username</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">admin</span>
<span class="w"> </span><span class="nt">auth_password</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">password</span>
<span class="w"> </span><span class="nt">realm</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">TestRealm</span>
<span class="w"> </span><span class="nt">alias</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">my-browser-flow</span>
<span class="w"> </span><span class="nt">description</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;Custom</span><span class="nv"> </span><span class="s">browser</span><span class="nv"> </span><span class="s">flow&quot;</span>
<span class="w"> </span><span class="nt">provider_id</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">basic-flow</span>
<span class="w"> </span><span class="nt">executions</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">provider_id</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">auth-cookie</span>
<span class="w"> </span><span class="nt">requirement</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ALTERNATIVE</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">provider_id</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">auth-password</span>
<span class="w"> </span><span class="nt">requirement</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">REQUIRED</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">provider_id</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">auth-otp-form</span>
<span class="w"> </span><span class="nt">requirement</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ALTERNATIVE</span>
<span class="w"> </span><span class="nt">state</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">present</span>
<span class="w"> </span><span class="nt">delegate_to</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">localhost</span>
<span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Create an authentication flow by copying an existing one</span>
<span class="w"> </span><span class="nt">middleware_automation.keycloak.keycloak_authentication_flow</span><span class="p">:</span>
<span class="w"> </span><span class="nt">auth_keycloak_url</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">http://localhost:8080</span>
<span class="w"> </span><span class="nt">auth_realm</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">master</span>
<span class="w"> </span><span class="nt">auth_username</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">admin</span>
<span class="w"> </span><span class="nt">auth_password</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">password</span>
<span class="w"> </span><span class="nt">realm</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">TestRealm</span>
<span class="w"> </span><span class="nt">alias</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">my-copy-of-browser</span>
<span class="w"> </span><span class="nt">copy_from</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">browser</span>
<span class="w"> </span><span class="nt">state</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">present</span>
<span class="w"> </span><span class="nt">delegate_to</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">localhost</span>
<span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Create a flow using token authentication</span>
<span class="w"> </span><span class="nt">middleware_automation.keycloak.keycloak_authentication_flow</span><span class="p">:</span>
<span class="w"> </span><span class="nt">auth_keycloak_url</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">http://localhost:8080</span>
<span class="w"> </span><span class="nt">token</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">MY_TOKEN</span>
<span class="w"> </span><span class="nt">realm</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">TestRealm</span>
<span class="w"> </span><span class="nt">alias</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">my-flow</span>
<span class="w"> </span><span class="nt">state</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">present</span>
<span class="w"> </span><span class="nt">delegate_to</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">localhost</span>
<span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Delete an authentication flow</span>
<span class="w"> </span><span class="nt">middleware_automation.keycloak.keycloak_authentication_flow</span><span class="p">:</span>
<span class="w"> </span><span class="nt">auth_keycloak_url</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">http://localhost:8080</span>
<span class="w"> </span><span class="nt">auth_realm</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">master</span>
<span class="w"> </span><span class="nt">auth_username</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">admin</span>
<span class="w"> </span><span class="nt">auth_password</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">password</span>
<span class="w"> </span><span class="nt">realm</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">TestRealm</span>
<span class="w"> </span><span class="nt">alias</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">my-browser-flow</span>
<span class="w"> </span><span class="nt">state</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">absent</span>
<span class="w"> </span><span class="nt">delegate_to</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">localhost</span>
</pre></div>
</div>
</section>
<section id="return-values">
<h2><a class="toc-backref" href="#id5" role="doc-backlink">Return Values</a><a class="headerlink" href="#return-values" title="Link to this heading"></a></h2>
<p>Common return values are documented <a class="reference external" href="https://docs.ansible.com/projects/ansible/latest/reference_appendices/common_return_values.html#common-return-values" title="(in Ansible v13)"><span class="xref std std-ref">here</span></a>, the following are the fields unique to this module:</p>
<table class="colwidths-auto ansible-option-table docutils align-default" style="width: 100%">
<thead>
<tr class="row-odd">
<th class="head"><p>Key</p></th>
<th class="head"><p>Description</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="return-end_state"></div>
<p class="ansible-option-title"><strong>end_state</strong></p>
<a class="ansibleOptionLink" href="#return-end_state" title="Permalink to this return value"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">dictionary</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Representation of the authentication flow after module execution.</p>
<p class="ansible-option-line"><strong class="ansible-option-returned-bold">Returned:</strong> on success</p>
<p class="ansible-option-line ansible-option-sample"><strong class="ansible-option-sample-bold">Sample:</strong> <code class="ansible-value literal notranslate ansible-option-sample">{&#34;alias&#34;: &#34;my-browser-flow&#34;, &#34;builtIn&#34;: false, &#34;id&#34;: &#34;uuid-here&#34;, &#34;providerId&#34;: &#34;basic-flow&#34;, &#34;topLevel&#34;: true}</code></p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="return-msg"></div>
<p class="ansible-option-title"><strong>msg</strong></p>
<a class="ansibleOptionLink" href="#return-msg" title="Permalink to this return value"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Message as to what action was taken.</p>
<p class="ansible-option-line"><strong class="ansible-option-returned-bold">Returned:</strong> always</p>
<p class="ansible-option-line ansible-option-sample"><strong class="ansible-option-sample-bold">Sample:</strong> <code class="ansible-value literal notranslate ansible-option-sample">&#34;Authentication flow my-browser-flow has been created&#34;</code></p>
</div></td>
</tr>
</tbody>
</table><section id="authors">
<h3>Authors<a class="headerlink" href="#authors" title="Link to this heading"></a></h3>
<ul class="simple">
<li><p>Paulo Menon (&#64;paulomenon)</p></li>
</ul>
</section>
</section>
</section>
</div>
</div>
<footer><div class="rst-footer-buttons" role="navigation" aria-label="Footer">
<a href="index.html" class="btn btn-neutral float-left" title="Plugin Index" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
<a href="keycloak_client.html" class="btn btn-neutral float-right" title="keycloak_client Allows administration of Keycloak clients via Keycloak API" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
</div>
<hr/>
<div role="contentinfo">
<p>&#169; Copyright 2026, Red Hat, Inc..</p>
</div>
Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
<a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
provided by <a href="https://readthedocs.org">Read the Docs</a>.
</footer>
</div>
</div>
</section>
</div>
<script>
jQuery(function () {
SphinxRtdTheme.Navigation.enable(true);
});
</script>
</body>
</html>

14
main/plugins/keycloak_client.html
View File

@@ -17,13 +17,13 @@
<script src="../_static/jquery.js?v=5d32c60e"></script>
<script src="../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
<script src="../_static/documentation_options.js?v=5929fcd5"></script>
<script src="../_static/doctools.js?v=9bcbadda"></script>
<script src="../_static/sphinx_highlight.js?v=dc90522c"></script>
<script src="../_static/doctools.js?v=fd6eb6e6"></script>
<script src="../_static/sphinx_highlight.js?v=6ffebe34"></script>
<script src="../_static/js/theme.js"></script>
<link rel="index" title="Index" href="../genindex.html" />
<link rel="search" title="Search" href="../search.html" />
<link rel="next" title="keycloak_realm Allows administration of Keycloak realm via Keycloak API" href="keycloak_realm.html" />
<link rel="prev" title="Plugin Index" href="index.html" />
<link rel="next" title="keycloak_client_scope Allows administration of Keycloak client scopes via Keycloak API" href="keycloak_client_scope.html" />
<link rel="prev" title="keycloak_authentication_flow Allows administration of Keycloak authentication flows via Keycloak API" href="keycloak_authentication_flow.html" />
</head>
<body class="wy-body-for-nav">
@@ -49,6 +49,7 @@
<ul class="current">
<li class="toctree-l1"><a class="reference internal" href="../README.html">Ansible Collection - middleware_automation.keycloak</a></li>
<li class="toctree-l1 current"><a class="reference internal" href="index.html">Plugin Index</a><ul class="current">
<li class="toctree-l2"><a class="reference internal" href="keycloak_authentication_flow.html">keycloak_authentication_flow Allows administration of Keycloak authentication flows via Keycloak API</a></li>
<li class="toctree-l2 current"><a class="current reference internal" href="#">keycloak_client Allows administration of Keycloak clients via Keycloak API</a><ul>
<li class="toctree-l3"><a class="reference internal" href="#synopsis">Synopsis</a></li>
<li class="toctree-l3"><a class="reference internal" href="#parameters">Parameters</a></li>
@@ -60,6 +61,7 @@
</li>
</ul>
</li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_client_scope.html">keycloak_client_scope Allows administration of Keycloak client scopes via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_realm.html">keycloak_realm Allows administration of Keycloak realm via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_role.html">keycloak_role Allows administration of Keycloak roles via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_user_federation.html">keycloak_user_federation Allows administration of Keycloak user federations via Keycloak API</a></li>
@@ -1830,8 +1832,8 @@ To check whether it is installed, run <code class="code docutils literal notrans
</div>
</div>
<footer><div class="rst-footer-buttons" role="navigation" aria-label="Footer">
<a href="index.html" class="btn btn-neutral float-left" title="Plugin Index" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
<a href="keycloak_realm.html" class="btn btn-neutral float-right" title="keycloak_realm Allows administration of Keycloak realm via Keycloak API" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
<a href="keycloak_authentication_flow.html" class="btn btn-neutral float-left" title="keycloak_authentication_flow Allows administration of Keycloak authentication flows via Keycloak API" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
<a href="keycloak_client_scope.html" class="btn btn-neutral float-right" title="keycloak_client_scope Allows administration of Keycloak client scopes via Keycloak API" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
</div>
<hr/>

633
main/plugins/keycloak_client_scope.html Normal file
View File

@@ -0,0 +1,633 @@
<!DOCTYPE html>
<html class="writer-html5" lang="en" data-content_root="../">
<head>
<meta charset="utf-8" /><meta name="viewport" content="width=device-width, initial-scale=1" />
<meta content="2.24.0" name="antsibull-docs" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>keycloak_client_scope Allows administration of Keycloak client scopes via Keycloak API &mdash; Keycloak Ansible Collection documentation</title>
<link rel="stylesheet" type="text/css" href="../_static/pygments.css?v=41de9001" />
<link rel="stylesheet" type="text/css" href="../_static/css/theme.css?v=9edc463e" />
<link rel="stylesheet" type="text/css" href="../_static/antsibull-minimal.css" />
<link rel="stylesheet" type="text/css" href="../_static/ansible-basic-sphinx-ext.css" />
<script src="../_static/jquery.js?v=5d32c60e"></script>
<script src="../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
<script src="../_static/documentation_options.js?v=5929fcd5"></script>
<script src="../_static/doctools.js?v=fd6eb6e6"></script>
<script src="../_static/sphinx_highlight.js?v=6ffebe34"></script>
<script src="../_static/js/theme.js"></script>
<link rel="index" title="Index" href="../genindex.html" />
<link rel="search" title="Search" href="../search.html" />
<link rel="next" title="keycloak_realm Allows administration of Keycloak realm via Keycloak API" href="keycloak_realm.html" />
<link rel="prev" title="keycloak_client Allows administration of Keycloak clients via Keycloak API" href="keycloak_client.html" />
</head>
<body class="wy-body-for-nav">
<div class="wy-grid-for-nav">
<nav data-toggle="wy-nav-shift" class="wy-nav-side">
<div class="wy-side-scroll">
<div class="wy-side-nav-search" >
<a href="../index.html" class="icon icon-home">
Keycloak Ansible Collection
</a>
<div role="search">
<form id="rtd-search-form" class="wy-form" action="../search.html" method="get">
<input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
</div>
</div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
<p class="caption" role="heading"><span class="caption-text">User documentation</span></p>
<ul class="current">
<li class="toctree-l1"><a class="reference internal" href="../README.html">Ansible Collection - middleware_automation.keycloak</a></li>
<li class="toctree-l1 current"><a class="reference internal" href="index.html">Plugin Index</a><ul class="current">
<li class="toctree-l2"><a class="reference internal" href="keycloak_authentication_flow.html">keycloak_authentication_flow Allows administration of Keycloak authentication flows via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_client.html">keycloak_client Allows administration of Keycloak clients via Keycloak API</a></li>
<li class="toctree-l2 current"><a class="current reference internal" href="#">keycloak_client_scope Allows administration of Keycloak client scopes via Keycloak API</a><ul>
<li class="toctree-l3"><a class="reference internal" href="#synopsis">Synopsis</a></li>
<li class="toctree-l3"><a class="reference internal" href="#parameters">Parameters</a></li>
<li class="toctree-l3"><a class="reference internal" href="#attributes">Attributes</a></li>
<li class="toctree-l3"><a class="reference internal" href="#examples">Examples</a></li>
<li class="toctree-l3"><a class="reference internal" href="#return-values">Return Values</a><ul>
<li class="toctree-l4"><a class="reference internal" href="#authors">Authors</a></li>
</ul>
</li>
</ul>
</li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_realm.html">keycloak_realm Allows administration of Keycloak realm via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_role.html">keycloak_role Allows administration of Keycloak roles via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_user_federation.html">keycloak_user_federation Allows administration of Keycloak user federations via Keycloak API</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../roles/index.html">Role Index</a></li>
<li class="toctree-l1"><a class="reference internal" href="../CHANGELOG.html">Changelog</a></li>
</ul>
<p class="caption" role="heading"><span class="caption-text">Developer documentation</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../developing.html">Developing</a></li>
<li class="toctree-l1"><a class="reference internal" href="../developing.html#contributor-s-guidelines">Contributors Guidelines</a></li>
<li class="toctree-l1"><a class="reference internal" href="../testing.html">Testing</a></li>
<li class="toctree-l1"><a class="reference internal" href="../releasing.html">Releasing</a></li>
</ul>
<p class="caption" role="heading"><span class="caption-text">Middleware collections</span></p>
<ul>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/keycloak/main/">Keycloak / Red Hat Single Sign-On</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/infinispan/main/">Infinispan / Red Hat Data Grid</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/wildfly/main/">Wildfly / Red Hat JBoss EAP</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/jws/main/">Tomcat / Red Hat JWS</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/amq/main/">ActiveMQ / Red Hat AMQ Broker</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/amq_streams/main/">Kafka / Red Hat AMQ Streams</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/common/main/">Ansible Middleware utilities</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/ansible_collections_jcliff/main/">JCliff</a></li>
</ul>
</div>
</div>
</nav>
<section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
<i data-toggle="wy-nav-top" class="fa fa-bars"></i>
<a href="../index.html">Keycloak Ansible Collection</a>
</nav>
<div class="wy-nav-content">
<div class="rst-content">
<div role="navigation" aria-label="Page navigation">
<ul class="wy-breadcrumbs">
<li><a href="../index.html" class="icon icon-home" aria-label="Home"></a></li>
<li class="breadcrumb-item"><a href="index.html">Plugin Index</a></li>
<li class="breadcrumb-item active">keycloak_client_scope Allows administration of Keycloak client scopes via Keycloak API</li>
<li class="wy-breadcrumbs-aside">
<a href="../_sources/plugins/keycloak_client_scope.rst.txt" rel="nofollow"> View page source</a>
</li>
</ul>
<hr/>
</div>
<div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
<div itemprop="articleBody">
<span class="target" id="ansible-collections-middleware-automation-keycloak-keycloak-client-scope-module"></span><section id="keycloak-client-scope-allows-administration-of-keycloak-client-scopes-via-keycloak-api">
<h1>keycloak_client_scope Allows administration of Keycloak client scopes via Keycloak API<a class="headerlink" href="#keycloak-client-scope-allows-administration-of-keycloak-client-scopes-via-keycloak-api" title="Link to this heading"></a></h1>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p>This module is part of the <a class="reference external" href="https://galaxy.ansible.com/ui/repo/published/middleware_automation/keycloak/">middleware_automation.keycloak collection</a>.</p>
<p>It is not included in <code class="docutils literal notranslate"><span class="pre">ansible-core</span></code>.
To check whether it is installed, run <code class="code docutils literal notranslate"><span class="pre">ansible-galaxy</span> <span class="pre">collection</span> <span class="pre">list</span></code>.</p>
<p>To install it, use: <code class="code docutils literal notranslate"><span class="pre">ansible-galaxy</span> <span class="pre">collection</span> <span class="pre">install</span> <span class="pre">middleware_automation.keycloak</span></code>.</p>
<p>To use it in a playbook, specify: <code class="code docutils literal notranslate"><span class="pre">middleware_automation.keycloak.keycloak_client_scope</span></code>.</p>
</div>
<nav class="contents local" id="contents">
<ul class="simple">
<li><p><a class="reference internal" href="#synopsis" id="id1">Synopsis</a></p></li>
<li><p><a class="reference internal" href="#parameters" id="id2">Parameters</a></p></li>
<li><p><a class="reference internal" href="#attributes" id="id3">Attributes</a></p></li>
<li><p><a class="reference internal" href="#examples" id="id4">Examples</a></p></li>
<li><p><a class="reference internal" href="#return-values" id="id5">Return Values</a></p></li>
</ul>
</nav>
<section id="synopsis">
<h2><a class="toc-backref" href="#id1" role="doc-backlink">Synopsis</a><a class="headerlink" href="#synopsis" title="Link to this heading"></a></h2>
<ul class="simple">
<li><p>This module allows you to add, remove or modify Keycloak client scopes via the Keycloak REST API. It requires access to the REST API via OpenID Connect; the user connecting and the client being used must have the requisite access rights. In a default Keycloak installation, admin-cli and an admin user would work, as would a separate client definition with the scope tailored to your needs and a user having the expected roles.</p></li>
<li><p>This module also supports managing protocol mappers within a client scope.</p></li>
</ul>
</section>
<section id="parameters">
<h2><a class="toc-backref" href="#id2" role="doc-backlink">Parameters</a><a class="headerlink" href="#parameters" title="Link to this heading"></a></h2>
<table class="colwidths-auto ansible-option-table docutils align-default" style="width: 100%">
<thead>
<tr class="row-odd">
<th class="head"><p>Parameter</p></th>
<th class="head"><p>Comments</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-attributes"></div>
<p class="ansible-option-title"><strong>attributes</strong></p>
<a class="ansibleOptionLink" href="#parameter-attributes" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">dictionary</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>A dict of key/value pairs to set as attributes for the client scope.</p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-auth_client_id"></div>
<p class="ansible-option-title"><strong>auth_client_id</strong></p>
<a class="ansibleOptionLink" href="#parameter-auth_client_id" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>OpenID Connect <em>client_id</em> to authenticate to the API with.</p>
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">&#34;admin-cli&#34;</code></p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-auth_client_secret"></div>
<p class="ansible-option-title"><strong>auth_client_secret</strong></p>
<a class="ansibleOptionLink" href="#parameter-auth_client_secret" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Client Secret to use in conjunction with <em>auth_client_id</em> (if required).</p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-auth_keycloak_url"></div>
<div class="ansibleOptionAnchor" id="parameter-url"></div>
<p class="ansible-option-title"><strong>auth_keycloak_url</strong></p>
<a class="ansibleOptionLink" href="#parameter-auth_keycloak_url" title="Permalink to this option"></a>
<p class="ansible-option-type-line"><span class="ansible-option-aliases">aliases: url</span></p>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
/ <span class="ansible-option-required">required</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>URL to the Keycloak instance.</p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-auth_password"></div>
<div class="ansibleOptionAnchor" id="parameter-password"></div>
<p class="ansible-option-title"><strong>auth_password</strong></p>
<a class="ansibleOptionLink" href="#parameter-auth_password" title="Permalink to this option"></a>
<p class="ansible-option-type-line"><span class="ansible-option-aliases">aliases: password</span></p>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Password to authenticate for API access with.</p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-auth_realm"></div>
<p class="ansible-option-title"><strong>auth_realm</strong></p>
<a class="ansibleOptionLink" href="#parameter-auth_realm" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Keycloak realm name to authenticate to for API access.</p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-auth_username"></div>
<div class="ansibleOptionAnchor" id="parameter-username"></div>
<p class="ansible-option-title"><strong>auth_username</strong></p>
<a class="ansibleOptionLink" href="#parameter-auth_username" title="Permalink to this option"></a>
<p class="ansible-option-type-line"><span class="ansible-option-aliases">aliases: username</span></p>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Username to authenticate for API access with.</p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-connection_timeout"></div>
<p class="ansible-option-title"><strong>connection_timeout</strong></p>
<a class="ansibleOptionLink" href="#parameter-connection_timeout" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">integer</span>
</p>
<p><em class="ansible-option-versionadded">added in middleware_automation.keycloak 4.5.0</em></p>
</div></td>
<td><div class="ansible-option-cell">
<p>Controls the HTTP connections timeout period (in seconds) to Keycloak API.</p>
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">10</code></p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-description"></div>
<p class="ansible-option-title"><strong>description</strong></p>
<a class="ansibleOptionLink" href="#parameter-description" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Description of the client scope.</p>
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">&#34;&#34;</code></p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-http_agent"></div>
<p class="ansible-option-title"><strong>http_agent</strong></p>
<a class="ansibleOptionLink" href="#parameter-http_agent" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
<p><em class="ansible-option-versionadded">added in middleware_automation.keycloak 5.4.0</em></p>
</div></td>
<td><div class="ansible-option-cell">
<p>Configures the HTTP User-Agent header.</p>
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">&#34;Ansible&#34;</code></p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-name"></div>
<p class="ansible-option-title"><strong>name</strong></p>
<a class="ansibleOptionLink" href="#parameter-name" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
/ <span class="ansible-option-required">required</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Name of the client scope.</p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-protocol"></div>
<p class="ansible-option-title"><strong>protocol</strong></p>
<a class="ansibleOptionLink" href="#parameter-protocol" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>The protocol associated with the client scope.</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
<ul class="simple">
<li><p><code class="ansible-value literal notranslate ansible-option-default-bold"><strong>&#34;openid-connect&#34;</strong></code> <span class="ansible-option-choices-default-mark">← (default)</span></p></li>
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">&#34;saml&#34;</code></p></li>
</ul>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-protocol_mappers"></div>
<p class="ansible-option-title"><strong>protocol_mappers</strong></p>
<a class="ansibleOptionLink" href="#parameter-protocol_mappers" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">list</span>
/ <span class="ansible-option-elements">elements=dictionary</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>A list of protocol mappers to associate with the client scope.</p>
<p>Each mapper is a dict with the keys <code class='docutils literal notranslate'>name</code>, <code class='docutils literal notranslate'>protocol</code>, <code class='docutils literal notranslate'>protocolMapper</code>, and <code class='docutils literal notranslate'>config</code>.</p>
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">[]</code></p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-protocol_mappers/config"></div>
<p class="ansible-option-title"><strong>config</strong></p>
<a class="ansibleOptionLink" href="#parameter-protocol_mappers/config" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">dictionary</span>
/ <span class="ansible-option-required">required</span>
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>Configuration for the protocol mapper.</p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-protocol_mappers/name"></div>
<p class="ansible-option-title"><strong>name</strong></p>
<a class="ansibleOptionLink" href="#parameter-protocol_mappers/name" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
/ <span class="ansible-option-required">required</span>
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>Name of the protocol mapper.</p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-protocol_mappers/protocol"></div>
<p class="ansible-option-title"><strong>protocol</strong></p>
<a class="ansibleOptionLink" href="#parameter-protocol_mappers/protocol" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>Protocol for the mapper.</p>
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">&#34;openid-connect&#34;</code></p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-protocol_mappers/protocolMapper"></div>
<div class="ansibleOptionAnchor" id="parameter-protocol_mappers/protocol_mapper_type"></div>
<p class="ansible-option-title"><strong>protocolMapper</strong></p>
<a class="ansibleOptionLink" href="#parameter-protocol_mappers/protocolMapper" title="Permalink to this option"></a>
<p class="ansible-option-type-line"><span class="ansible-option-aliases">aliases: protocol_mapper_type</span></p>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
/ <span class="ansible-option-required">required</span>
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>The mapper type (e.g. <code class="ansible-value literal notranslate">oidc-usermodel-attribute-mapper</code>, <code class="ansible-value literal notranslate">oidc-audience-mapper</code>).</p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-realm"></div>
<p class="ansible-option-title"><strong>realm</strong></p>
<a class="ansibleOptionLink" href="#parameter-realm" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>The Keycloak realm under which this client scope resides.</p>
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">&#34;master&#34;</code></p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-state"></div>
<p class="ansible-option-title"><strong>state</strong></p>
<a class="ansibleOptionLink" href="#parameter-state" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>State of the client scope.</p>
<p>On <code class="ansible-value literal notranslate">present</code>, the client scope will be created if it does not yet exist, or updated with the parameters you provide.</p>
<p>On <code class="ansible-value literal notranslate">absent</code>, the client scope will be removed if it exists.</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
<ul class="simple">
<li><p><code class="ansible-value literal notranslate ansible-option-default-bold"><strong>&#34;present&#34;</strong></code> <span class="ansible-option-choices-default-mark">← (default)</span></p></li>
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">&#34;absent&#34;</code></p></li>
</ul>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-token"></div>
<p class="ansible-option-title"><strong>token</strong></p>
<a class="ansibleOptionLink" href="#parameter-token" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
<p><em class="ansible-option-versionadded">added in middleware_automation.keycloak 3.0.0</em></p>
</div></td>
<td><div class="ansible-option-cell">
<p>Authentication token for Keycloak API.</p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-validate_certs"></div>
<p class="ansible-option-title"><strong>validate_certs</strong></p>
<a class="ansibleOptionLink" href="#parameter-validate_certs" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">boolean</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Verify TLS certificates (do not disable this in production).</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
<ul class="simple">
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">false</code></p></li>
<li><p><code class="ansible-value literal notranslate ansible-option-default-bold"><strong>true</strong></code> <span class="ansible-option-choices-default-mark">← (default)</span></p></li>
</ul>
</div></td>
</tr>
</tbody>
</table></section>
<section id="attributes">
<h2><a class="toc-backref" href="#id3" role="doc-backlink">Attributes</a><a class="headerlink" href="#attributes" title="Link to this heading"></a></h2>
<table class="longtable ansible-option-table docutils align-default" style="width: 100%">
<thead>
<tr class="row-odd"><th class="head"><p>Attribute</p></th>
<th class="head"><p>Support</p></th>
<th class="head"><p>Description</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even"><td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="attribute-check_mode"></div><p class="ansible-option-title" id="ansible-collections-middleware-automation-keycloak-keycloak-client-scope-module-attribute-check-mode"><strong>check_mode</strong></p>
<a class="ansibleOptionLink" href="#attribute-check_mode" title="Permalink to this attribute"></a></div></td>
<td><div class="ansible-option-cell"><p><strong class="ansible-attribute-support-label">Support: </strong><strong class="ansible-attribute-support-full">full</strong></p>
</div></td>
<td><div class="ansible-option-cell"><p>Can run in <code class="docutils literal notranslate"><span class="pre">check_mode</span></code> and return changed status prediction without modifying target.</p>
</div></td>
</tr>
<tr class="row-odd"><td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="attribute-diff_mode"></div><p class="ansible-option-title" id="ansible-collections-middleware-automation-keycloak-keycloak-client-scope-module-attribute-diff-mode"><strong>diff_mode</strong></p>
<a class="ansibleOptionLink" href="#attribute-diff_mode" title="Permalink to this attribute"></a></div></td>
<td><div class="ansible-option-cell"><p><strong class="ansible-attribute-support-label">Support: </strong><strong class="ansible-attribute-support-full">full</strong></p>
</div></td>
<td><div class="ansible-option-cell"><p>Will return details on what has changed (or possibly needs changing in <code class="docutils literal notranslate"><span class="pre">check_mode</span></code>), when in diff mode.</p>
</div></td>
</tr>
</tbody>
</table>
</section>
<section id="examples">
<h2><a class="toc-backref" href="#id4" role="doc-backlink">Examples</a><a class="headerlink" href="#examples" title="Link to this heading"></a></h2>
<div class="highlight-yaml+jinja notranslate"><div class="highlight"><pre><span></span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Create a client scope with protocol mappers</span>
<span class="w"> </span><span class="nt">middleware_automation.keycloak.keycloak_client_scope</span><span class="p">:</span>
<span class="w"> </span><span class="nt">auth_keycloak_url</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">http://localhost:8080</span>
<span class="w"> </span><span class="nt">auth_realm</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">master</span>
<span class="w"> </span><span class="nt">auth_username</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">admin</span>
<span class="w"> </span><span class="nt">auth_password</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">password</span>
<span class="w"> </span><span class="nt">realm</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">TestRealm</span>
<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">my-client-scope</span>
<span class="w"> </span><span class="nt">description</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;A</span><span class="nv"> </span><span class="s">custom</span><span class="nv"> </span><span class="s">client</span><span class="nv"> </span><span class="s">scope&quot;</span>
<span class="w"> </span><span class="nt">protocol</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">openid-connect</span>
<span class="w"> </span><span class="nt">protocol_mappers</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">email</span>
<span class="w"> </span><span class="nt">protocol</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">openid-connect</span>
<span class="w"> </span><span class="nt">protocolMapper</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">oidc-usermodel-attribute-mapper</span>
<span class="w"> </span><span class="nt">config</span><span class="p">:</span>
<span class="w"> </span><span class="nt">user.attribute</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">email</span>
<span class="w"> </span><span class="nt">claim.name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">email</span>
<span class="w"> </span><span class="nt">jsonType.label</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">String</span>
<span class="w"> </span><span class="nt">id.token.claim</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;true&quot;</span>
<span class="w"> </span><span class="nt">access.token.claim</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;true&quot;</span>
<span class="w"> </span><span class="nt">userinfo.token.claim</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;true&quot;</span>
<span class="w"> </span><span class="nt">state</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">present</span>
<span class="w"> </span><span class="nt">delegate_to</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">localhost</span>
<span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Create a client scope using token authentication</span>
<span class="w"> </span><span class="nt">middleware_automation.keycloak.keycloak_client_scope</span><span class="p">:</span>
<span class="w"> </span><span class="nt">auth_keycloak_url</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">http://localhost:8080</span>
<span class="w"> </span><span class="nt">token</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">MY_TOKEN</span>
<span class="w"> </span><span class="nt">realm</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">TestRealm</span>
<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">my-scope</span>
<span class="w"> </span><span class="nt">state</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">present</span>
<span class="w"> </span><span class="nt">delegate_to</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">localhost</span>
<span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Delete a client scope</span>
<span class="w"> </span><span class="nt">middleware_automation.keycloak.keycloak_client_scope</span><span class="p">:</span>
<span class="w"> </span><span class="nt">auth_keycloak_url</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">http://localhost:8080</span>
<span class="w"> </span><span class="nt">auth_realm</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">master</span>
<span class="w"> </span><span class="nt">auth_username</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">admin</span>
<span class="w"> </span><span class="nt">auth_password</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">password</span>
<span class="w"> </span><span class="nt">realm</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">TestRealm</span>
<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">my-client-scope</span>
<span class="w"> </span><span class="nt">state</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">absent</span>
<span class="w"> </span><span class="nt">delegate_to</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">localhost</span>
</pre></div>
</div>
</section>
<section id="return-values">
<h2><a class="toc-backref" href="#id5" role="doc-backlink">Return Values</a><a class="headerlink" href="#return-values" title="Link to this heading"></a></h2>
<p>Common return values are documented <a class="reference external" href="https://docs.ansible.com/projects/ansible/latest/reference_appendices/common_return_values.html#common-return-values" title="(in Ansible v13)"><span class="xref std std-ref">here</span></a>, the following are the fields unique to this module:</p>
<table class="colwidths-auto ansible-option-table docutils align-default" style="width: 100%">
<thead>
<tr class="row-odd">
<th class="head"><p>Key</p></th>
<th class="head"><p>Description</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="return-end_state"></div>
<p class="ansible-option-title"><strong>end_state</strong></p>
<a class="ansibleOptionLink" href="#return-end_state" title="Permalink to this return value"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">dictionary</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Representation of the client scope after module execution.</p>
<p class="ansible-option-line"><strong class="ansible-option-returned-bold">Returned:</strong> on success</p>
<p class="ansible-option-line ansible-option-sample"><strong class="ansible-option-sample-bold">Sample:</strong> <code class="ansible-value literal notranslate ansible-option-sample">{&#34;description&#34;: &#34;A custom scope&#34;, &#34;id&#34;: &#34;uuid-here&#34;, &#34;name&#34;: &#34;my-scope&#34;, &#34;protocol&#34;: &#34;openid-connect&#34;}</code></p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="return-msg"></div>
<p class="ansible-option-title"><strong>msg</strong></p>
<a class="ansibleOptionLink" href="#return-msg" title="Permalink to this return value"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Message as to what action was taken.</p>
<p class="ansible-option-line"><strong class="ansible-option-returned-bold">Returned:</strong> always</p>
<p class="ansible-option-line ansible-option-sample"><strong class="ansible-option-sample-bold">Sample:</strong> <code class="ansible-value literal notranslate ansible-option-sample">&#34;Client scope my-scope has been created&#34;</code></p>
</div></td>
</tr>
</tbody>
</table><section id="authors">
<h3>Authors<a class="headerlink" href="#authors" title="Link to this heading"></a></h3>
<ul class="simple">
<li><p>Paulo Menon (&#64;paulomenon)</p></li>
</ul>
</section>
</section>
</section>
</div>
</div>
<footer><div class="rst-footer-buttons" role="navigation" aria-label="Footer">
<a href="keycloak_client.html" class="btn btn-neutral float-left" title="keycloak_client Allows administration of Keycloak clients via Keycloak API" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
<a href="keycloak_realm.html" class="btn btn-neutral float-right" title="keycloak_realm Allows administration of Keycloak realm via Keycloak API" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
</div>
<hr/>
<div role="contentinfo">
<p>&#169; Copyright 2026, Red Hat, Inc..</p>
</div>
Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
<a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
provided by <a href="https://readthedocs.org">Read the Docs</a>.
</footer>
</div>
</div>
</section>
</div>
<script>
jQuery(function () {
SphinxRtdTheme.Navigation.enable(true);
});
</script>
</body>
</html>

10
main/plugins/keycloak_realm.html
View File

@@ -17,13 +17,13 @@
<script src="../_static/jquery.js?v=5d32c60e"></script>
<script src="../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
<script src="../_static/documentation_options.js?v=5929fcd5"></script>
<script src="../_static/doctools.js?v=9bcbadda"></script>
<script src="../_static/sphinx_highlight.js?v=dc90522c"></script>
<script src="../_static/doctools.js?v=fd6eb6e6"></script>
<script src="../_static/sphinx_highlight.js?v=6ffebe34"></script>
<script src="../_static/js/theme.js"></script>
<link rel="index" title="Index" href="../genindex.html" />
<link rel="search" title="Search" href="../search.html" />
<link rel="next" title="keycloak_role Allows administration of Keycloak roles via Keycloak API" href="keycloak_role.html" />
<link rel="prev" title="keycloak_client Allows administration of Keycloak clients via Keycloak API" href="keycloak_client.html" />
<link rel="prev" title="keycloak_client_scope Allows administration of Keycloak client scopes via Keycloak API" href="keycloak_client_scope.html" />
</head>
<body class="wy-body-for-nav">
@@ -49,7 +49,9 @@
<ul class="current">
<li class="toctree-l1"><a class="reference internal" href="../README.html">Ansible Collection - middleware_automation.keycloak</a></li>
<li class="toctree-l1 current"><a class="reference internal" href="index.html">Plugin Index</a><ul class="current">
<li class="toctree-l2"><a class="reference internal" href="keycloak_authentication_flow.html">keycloak_authentication_flow Allows administration of Keycloak authentication flows via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_client.html">keycloak_client Allows administration of Keycloak clients via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_client_scope.html">keycloak_client_scope Allows administration of Keycloak client scopes via Keycloak API</a></li>
<li class="toctree-l2 current"><a class="current reference internal" href="#">keycloak_realm Allows administration of Keycloak realm via Keycloak API</a><ul>
<li class="toctree-l3"><a class="reference internal" href="#synopsis">Synopsis</a></li>
<li class="toctree-l3"><a class="reference internal" href="#parameters">Parameters</a></li>
@@ -1717,7 +1719,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</div>
</div>
<footer><div class="rst-footer-buttons" role="navigation" aria-label="Footer">
<a href="keycloak_client.html" class="btn btn-neutral float-left" title="keycloak_client Allows administration of Keycloak clients via Keycloak API" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
<a href="keycloak_client_scope.html" class="btn btn-neutral float-left" title="keycloak_client_scope Allows administration of Keycloak client scopes via Keycloak API" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
<a href="keycloak_role.html" class="btn btn-neutral float-right" title="keycloak_role Allows administration of Keycloak roles via Keycloak API" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
</div>

6
main/plugins/keycloak_role.html
View File

@@ -17,8 +17,8 @@
<script src="../_static/jquery.js?v=5d32c60e"></script>
<script src="../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
<script src="../_static/documentation_options.js?v=5929fcd5"></script>
<script src="../_static/doctools.js?v=9bcbadda"></script>
<script src="../_static/sphinx_highlight.js?v=dc90522c"></script>
<script src="../_static/doctools.js?v=fd6eb6e6"></script>
<script src="../_static/sphinx_highlight.js?v=6ffebe34"></script>
<script src="../_static/js/theme.js"></script>
<link rel="index" title="Index" href="../genindex.html" />
<link rel="search" title="Search" href="../search.html" />
@@ -49,7 +49,9 @@
<ul class="current">
<li class="toctree-l1"><a class="reference internal" href="../README.html">Ansible Collection - middleware_automation.keycloak</a></li>
<li class="toctree-l1 current"><a class="reference internal" href="index.html">Plugin Index</a><ul class="current">
<li class="toctree-l2"><a class="reference internal" href="keycloak_authentication_flow.html">keycloak_authentication_flow Allows administration of Keycloak authentication flows via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_client.html">keycloak_client Allows administration of Keycloak clients via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_client_scope.html">keycloak_client_scope Allows administration of Keycloak client scopes via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_realm.html">keycloak_realm Allows administration of Keycloak realm via Keycloak API</a></li>
<li class="toctree-l2 current"><a class="current reference internal" href="#">keycloak_role Allows administration of Keycloak roles via Keycloak API</a><ul>
<li class="toctree-l3"><a class="reference internal" href="#synopsis">Synopsis</a></li>

6
main/plugins/keycloak_user_federation.html
View File

@@ -17,8 +17,8 @@
<script src="../_static/jquery.js?v=5d32c60e"></script>
<script src="../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
<script src="../_static/documentation_options.js?v=5929fcd5"></script>
<script src="../_static/doctools.js?v=9bcbadda"></script>
<script src="../_static/sphinx_highlight.js?v=dc90522c"></script>
<script src="../_static/doctools.js?v=fd6eb6e6"></script>
<script src="../_static/sphinx_highlight.js?v=6ffebe34"></script>
<script src="../_static/js/theme.js"></script>
<link rel="index" title="Index" href="../genindex.html" />
<link rel="search" title="Search" href="../search.html" />
@@ -49,7 +49,9 @@
<ul class="current">
<li class="toctree-l1"><a class="reference internal" href="../README.html">Ansible Collection - middleware_automation.keycloak</a></li>
<li class="toctree-l1 current"><a class="reference internal" href="index.html">Plugin Index</a><ul class="current">
<li class="toctree-l2"><a class="reference internal" href="keycloak_authentication_flow.html">keycloak_authentication_flow Allows administration of Keycloak authentication flows via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_client.html">keycloak_client Allows administration of Keycloak clients via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_client_scope.html">keycloak_client_scope Allows administration of Keycloak client scopes via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_realm.html">keycloak_realm Allows administration of Keycloak realm via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_role.html">keycloak_role Allows administration of Keycloak roles via Keycloak API</a></li>
<li class="toctree-l2 current"><a class="current reference internal" href="#">keycloak_user_federation Allows administration of Keycloak user federations via Keycloak API</a><ul>

4
main/releasing.html
View File

@@ -16,8 +16,8 @@
<script src="_static/jquery.js?v=5d32c60e"></script>
<script src="_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
<script src="_static/documentation_options.js?v=5929fcd5"></script>
<script src="_static/doctools.js?v=9bcbadda"></script>
<script src="_static/sphinx_highlight.js?v=dc90522c"></script>
<script src="_static/doctools.js?v=fd6eb6e6"></script>
<script src="_static/sphinx_highlight.js?v=6ffebe34"></script>
<script src="_static/js/theme.js"></script>
<link rel="index" title="Index" href="genindex.html" />
<link rel="search" title="Search" href="search.html" />

5
main/roles/index.html
View File

@@ -16,8 +16,8 @@
<script src="../_static/jquery.js?v=5d32c60e"></script>
<script src="../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
<script src="../_static/documentation_options.js?v=5929fcd5"></script>
<script src="../_static/doctools.js?v=9bcbadda"></script>
<script src="../_static/sphinx_highlight.js?v=dc90522c"></script>
<script src="../_static/doctools.js?v=fd6eb6e6"></script>
<script src="../_static/sphinx_highlight.js?v=6ffebe34"></script>
<script src="../_static/js/theme.js"></script>
<link rel="index" title="Index" href="../genindex.html" />
<link rel="search" title="Search" href="../search.html" />
@@ -144,6 +144,7 @@
<li class="toctree-l2"><a class="reference internal" href="keycloak_realm.html#role-defaults">Role Defaults</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_realm.html#role-variables">Role Variables</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_realm.html#variable-formats">Variable formats</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_realm.html#related-modules">Related Modules</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_realm.html#example-playbook">Example Playbook</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_realm.html#license">License</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_realm.html#author-information">Author Information</a></li>

4
main/roles/keycloak.html
View File

@@ -16,8 +16,8 @@
<script src="../_static/jquery.js?v=5d32c60e"></script>
<script src="../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
<script src="../_static/documentation_options.js?v=5929fcd5"></script>
<script src="../_static/doctools.js?v=9bcbadda"></script>
<script src="../_static/sphinx_highlight.js?v=dc90522c"></script>
<script src="../_static/doctools.js?v=fd6eb6e6"></script>
<script src="../_static/sphinx_highlight.js?v=6ffebe34"></script>
<script src="../_static/js/theme.js"></script>
<link rel="index" title="Index" href="../genindex.html" />
<link rel="search" title="Search" href="../search.html" />

4
main/roles/keycloak_quarkus.html
View File

@@ -16,8 +16,8 @@
<script src="../_static/jquery.js?v=5d32c60e"></script>
<script src="../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
<script src="../_static/documentation_options.js?v=5929fcd5"></script>
<script src="../_static/doctools.js?v=9bcbadda"></script>
<script src="../_static/sphinx_highlight.js?v=dc90522c"></script>
<script src="../_static/doctools.js?v=fd6eb6e6"></script>
<script src="../_static/sphinx_highlight.js?v=6ffebe34"></script>
<script src="../_static/js/theme.js"></script>
<link rel="index" title="Index" href="../genindex.html" />
<link rel="search" title="Search" href="../search.html" />

74
main/roles/keycloak_realm.html
View File

@@ -16,8 +16,8 @@
<script src="../_static/jquery.js?v=5d32c60e"></script>
<script src="../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
<script src="../_static/documentation_options.js?v=5929fcd5"></script>
<script src="../_static/doctools.js?v=9bcbadda"></script>
<script src="../_static/sphinx_highlight.js?v=dc90522c"></script>
<script src="../_static/doctools.js?v=fd6eb6e6"></script>
<script src="../_static/sphinx_highlight.js?v=6ffebe34"></script>
<script src="../_static/js/theme.js"></script>
<link rel="index" title="Index" href="../genindex.html" />
<link rel="search" title="Search" href="../search.html" />
@@ -55,6 +55,7 @@
<li class="toctree-l3"><a class="reference internal" href="#role-defaults">Role Defaults</a></li>
<li class="toctree-l3"><a class="reference internal" href="#role-variables">Role Variables</a></li>
<li class="toctree-l3"><a class="reference internal" href="#variable-formats">Variable formats</a></li>
<li class="toctree-l3"><a class="reference internal" href="#related-modules">Related Modules</a></li>
<li class="toctree-l3"><a class="reference internal" href="#example-playbook">Example Playbook</a></li>
<li class="toctree-l3"><a class="reference internal" href="#license">License</a></li>
<li class="toctree-l3"><a class="reference internal" href="#author-information">Author Information</a></li>
@@ -132,8 +133,8 @@
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">localhost</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_context</span></code></p></td>
<td class="text-left"><p>Context path for rest calls</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">/auth</span></code></p></td>
<td class="text-left"><p>Context path for rest calls (set to <code class="docutils literal notranslate"><span class="pre">/auth</span></code> for legacy WildFly-based Keycloak)</p></td>
<td class="text-left"><p>``</p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_http_port</span></code></p></td>
<td class="text-left"><p>HTTP port</p></td>
@@ -281,6 +282,34 @@
</div>
<p>For a comprehensive example, refer to the <a class="reference download internal" download="" href="../_downloads/a0468922d38230cfdad1d445a6b10b9e/keycloak_realm.yml"><span class="xref download myst">playbook</span></a>.</p>
</section>
<section id="related-modules">
<h2>Related Modules<a class="headerlink" href="#related-modules" title="Link to this heading"></a></h2>
<p>For features not covered by this role, the collection provides dedicated modules:</p>
<table class="docutils align-default">
<thead>
<tr class="row-odd"><th class="head text-left"><p>Module</p></th>
<th class="head text-left"><p>What It Manages</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_client_scope</span></code></p></td>
<td class="text-left"><p>Client scopes and protocol mappers — see <a class="reference download internal" download="" href="../_downloads/7a1ffec81340e26b924b5291048874ac/keycloak_client_scope.yml"><span class="xref download myst">example playbook</span></a></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_authentication_flow</span></code></p></td>
<td class="text-left"><p>Authentication flows and execution steps — see <a class="reference download internal" download="" href="../_downloads/bf30f2df147c4911eb753f8cef6007e1/keycloak_authentication_flow.yml"><span class="xref download myst">example playbook</span></a></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_client</span></code></p></td>
<td class="text-left"><p>Clients (also used internally by this role)</p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_role</span></code></p></td>
<td class="text-left"><p>Realm and client roles</p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_user_federation</span></code></p></td>
<td class="text-left"><p>User federations such as LDAP (also used internally by this role)</p></td>
</tr>
</tbody>
</table>
</section>
<section id="example-playbook">
<h2>Example Playbook<a class="headerlink" href="#example-playbook" title="Link to this heading"></a></h2>
<p>The following is an example playbook that makes use of the role to create a realm in keycloak.</p>
@@ -298,6 +327,43 @@
<span class="w"> </span><span class="nt">keycloak_clients</span><span class="p">:</span><span class="w"> </span><span class="p p-Indicator">[</span><span class="nv">...</span><span class="p p-Indicator">]</span>
</pre></div>
</div>
<p>The following example uses the <code class="docutils literal notranslate"><span class="pre">keycloak_client_scope</span></code> module to create a client scope with protocol mappers:</p>
<div class="highlight-yaml notranslate"><div class="highlight"><pre><span></span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Create client scope</span>
<span class="w"> </span><span class="nt">middleware_automation.keycloak.keycloak_client_scope</span><span class="p">:</span>
<span class="w"> </span><span class="nt">auth_keycloak_url</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">http://localhost:8080</span>
<span class="w"> </span><span class="nt">auth_realm</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">master</span>
<span class="w"> </span><span class="nt">auth_username</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">admin</span>
<span class="w"> </span><span class="nt">auth_password</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">changeme</span>
<span class="w"> </span><span class="nt">realm</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">TestRealm</span>
<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">my-scope</span>
<span class="w"> </span><span class="nt">protocol_mappers</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">email</span>
<span class="w"> </span><span class="nt">protocolMapper</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">oidc-usermodel-attribute-mapper</span>
<span class="w"> </span><span class="nt">config</span><span class="p">:</span>
<span class="w"> </span><span class="nt">user.attribute</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">email</span>
<span class="w"> </span><span class="nt">claim.name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">email</span>
<span class="w"> </span><span class="nt">id.token.claim</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;true&quot;</span>
<span class="w"> </span><span class="nt">access.token.claim</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;true&quot;</span>
<span class="w"> </span><span class="nt">state</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">present</span>
</pre></div>
</div>
<p>The following example uses the <code class="docutils literal notranslate"><span class="pre">keycloak_authentication_flow</span></code> module to create a custom authentication flow:</p>
<div class="highlight-yaml notranslate"><div class="highlight"><pre><span></span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Create authentication flow</span>
<span class="w"> </span><span class="nt">middleware_automation.keycloak.keycloak_authentication_flow</span><span class="p">:</span>
<span class="w"> </span><span class="nt">auth_keycloak_url</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">http://localhost:8080</span>
<span class="w"> </span><span class="nt">auth_realm</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">master</span>
<span class="w"> </span><span class="nt">auth_username</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">admin</span>
<span class="w"> </span><span class="nt">auth_password</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">changeme</span>
<span class="w"> </span><span class="nt">realm</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">TestRealm</span>
<span class="w"> </span><span class="nt">alias</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">my-browser-flow</span>
<span class="w"> </span><span class="nt">executions</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">provider_id</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">auth-cookie</span>
<span class="w"> </span><span class="nt">requirement</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ALTERNATIVE</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">provider_id</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">auth-password</span>
<span class="w"> </span><span class="nt">requirement</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">REQUIRED</span>
<span class="w"> </span><span class="nt">state</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">present</span>
</pre></div>
</div>
</section>
<section id="license">
<h2>License<a class="headerlink" href="#license" title="Link to this heading"></a></h2>

4
main/search.html
View File

@@ -16,8 +16,8 @@
<script src="_static/jquery.js?v=5d32c60e"></script>
<script src="_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
<script src="_static/documentation_options.js?v=5929fcd5"></script>
<script src="_static/doctools.js?v=9bcbadda"></script>
<script src="_static/sphinx_highlight.js?v=dc90522c"></script>
<script src="_static/doctools.js?v=fd6eb6e6"></script>
<script src="_static/sphinx_highlight.js?v=6ffebe34"></script>
<script src="_static/js/theme.js"></script>
<script src="_static/searchtools.js"></script>
<script src="_static/language_data.js"></script>

2
main/searchindex.js
View File

File diff suppressed because one or more lines are too long

4
main/testing.html
View File

@@ -16,8 +16,8 @@
<script src="_static/jquery.js?v=5d32c60e"></script>
<script src="_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
<script src="_static/documentation_options.js?v=5929fcd5"></script>
<script src="_static/doctools.js?v=9bcbadda"></script>
<script src="_static/sphinx_highlight.js?v=dc90522c"></script>
<script src="_static/doctools.js?v=fd6eb6e6"></script>
<script src="_static/sphinx_highlight.js?v=6ffebe34"></script>
<script src="_static/js/theme.js"></script>
<link rel="index" title="Index" href="genindex.html" />
<link rel="search" title="Search" href="search.html" />