ansible-collections/middleware_automation.keycloak
1
0
Fork 0
mirror of https://github.com/ansible-middleware/keycloak.git synced 2025-07-26 14:41:31 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Update docs for main

Browse source 
Signed-off-by: ansible-middleware-core <ansible-middleware-core@redhat.com>
This commit is contained in:
ansible-middleware-core 2024-10-14 13:14:59 +00:00
commit 20c47f83b7
64 changed files with 5300 additions and 1100 deletions
Download patch file Download diff file Expand all files Collapse all files

43
main/plugins/index.html
View file

@ -1,3 +1,5 @@
<!DOCTYPE html>
<html class="writer-html5" lang="en" data-content_root="../">
<head>
@ -6,20 +8,16 @@
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>Plugin Index &mdash; Keycloak Ansible Collection documentation</title>
<link rel="stylesheet" type="text/css" href="../_static/pygments.css?v=5707b69d" />
<link rel="stylesheet" type="text/css" href="../_static/css/theme.css?v=19f00094" />
<link rel="stylesheet" type="text/css" href="../_static/css/theme.css?v=e59714d7" />
<link rel="stylesheet" type="text/css" href="../_static/antsibull-minimal.css" />
<link rel="stylesheet" type="text/css" href="../_static/ansible-basic-sphinx-ext.css" />
<!--[if lt IE 9]>
<script src="../_static/js/html5shiv.min.js"></script>
<![endif]-->
<script src="../_static/jquery.js?v=5d32c60e"></script>
<script src="../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
<script src="../_static/documentation_options.js?v=5929fcd5"></script>
<script src="../_static/doctools.js?v=9a2dae69"></script>
<script src="../_static/sphinx_highlight.js?v=dc90522c"></script>
<script src="../_static/jquery.js?v=5d32c60e"></script>
<script src="../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
<script src="../_static/documentation_options.js?v=5929fcd5"></script>
<script src="../_static/doctools.js?v=9bcbadda"></script>
<script src="../_static/sphinx_highlight.js?v=dc90522c"></script>
<script src="../_static/js/theme.js"></script>
<link rel="index" title="Index" href="../genindex.html" />
<link rel="search" title="Search" href="../search.html" />
@ -51,32 +49,30 @@
<li class="toctree-l1"><a class="reference internal" href="../README.html">Ansible Collection - middleware_automation.keycloak</a></li>
<li class="toctree-l1 current"><a class="current reference internal" href="#">Plugin Index</a><ul>
<li class="toctree-l2"><a class="reference internal" href="keycloak_client.html">keycloak_client Allows administration of Keycloak clients via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_realm.html">keycloak_realm Allows administration of Keycloak realm via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_role.html">keycloak_role Allows administration of Keycloak roles via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_user_federation.html">keycloak_user_federation Allows administration of Keycloak user federations via Keycloak API</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../roles/index.html">Role Index</a></li>
<li class="toctree-l1"><a class="reference internal" href="../CHANGELOG.html">Changelog</a></li>
</ul>
<p class="caption" role="heading"><span class="caption-text">Developer documentation</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../developing.html">Developing</a></li>
<li class="toctree-l1"><a class="reference internal" href="../developing.html#contributor-s-guidelines">Contributors Guidelines</a></li>
<li class="toctree-l1"><a class="reference internal" href="../testing.html">Testing</a></li>
<li class="toctree-l1"><a class="reference internal" href="../developing.html">Contributors Guidelines</a></li>
<li class="toctree-l1"><a class="reference internal" href="../releasing.html">Collection Versioning Strategy</a></li>
</ul>
<p class="caption" role="heading"><span class="caption-text">General</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../CHANGELOG.html">Changelog</a></li>
<li class="toctree-l1"><a class="reference internal" href="../releasing.html">Releasing</a></li>
</ul>
<p class="caption" role="heading"><span class="caption-text">Middleware collections</span></p>
<ul>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/infinispan/main/">Infinispan / Red Hat Data Grid</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/keycloak/main/">Keycloak / Red Hat Single Sign-On</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/infinispan/main/">Infinispan / Red Hat Data Grid</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/wildfly/main/">Wildfly / Red Hat JBoss EAP</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/jws/main/">Tomcat / Red Hat JWS</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/amq/main/">ActiveMQ / Red Hat AMQ Broker</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/amq_streams/main/">Kafka / Red Hat AMQ Streams</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/common/main/">Ansible Middleware utilities</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/redhat-csp-download/main/">Red Hat CSP Download</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/ansible_collections_jcliff/main/">JCliff</a></li>
</ul>
@ -120,6 +116,17 @@
</li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="keycloak_realm.html">keycloak_realm Allows administration of Keycloak realm via Keycloak API</a><ul>
<li class="toctree-l2"><a class="reference internal" href="keycloak_realm.html#synopsis">Synopsis</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_realm.html#parameters">Parameters</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_realm.html#attributes">Attributes</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_realm.html#examples">Examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_realm.html#return-values">Return Values</a><ul>
<li class="toctree-l3"><a class="reference internal" href="keycloak_realm.html#authors">Authors</a></li>
</ul>
</li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="keycloak_role.html">keycloak_role Allows administration of Keycloak roles via Keycloak API</a><ul>
<li class="toctree-l2"><a class="reference internal" href="keycloak_role.html#synopsis">Synopsis</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_role.html#parameters">Parameters</a></li>

250
main/plugins/keycloak_client.html
View file

@ -1,30 +1,28 @@
<!DOCTYPE html>
<html class="writer-html5" lang="en" data-content_root="../">
<head>
<meta charset="utf-8" /><meta name="viewport" content="width=device-width, initial-scale=1" />
<meta content="2.14.0" name="antsibull-docs" />
<meta content="2.15.0" name="antsibull-docs" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>keycloak_client Allows administration of Keycloak clients via Keycloak API &mdash; Keycloak Ansible Collection documentation</title>
<link rel="stylesheet" type="text/css" href="../_static/pygments.css?v=5707b69d" />
<link rel="stylesheet" type="text/css" href="../_static/css/theme.css?v=19f00094" />
<link rel="stylesheet" type="text/css" href="../_static/css/theme.css?v=e59714d7" />
<link rel="stylesheet" type="text/css" href="../_static/antsibull-minimal.css" />
<link rel="stylesheet" type="text/css" href="../_static/ansible-basic-sphinx-ext.css" />
<!--[if lt IE 9]>
<script src="../_static/js/html5shiv.min.js"></script>
<![endif]-->
<script src="../_static/jquery.js?v=5d32c60e"></script>
<script src="../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
<script src="../_static/documentation_options.js?v=5929fcd5"></script>
<script src="../_static/doctools.js?v=9a2dae69"></script>
<script src="../_static/sphinx_highlight.js?v=dc90522c"></script>
<script src="../_static/jquery.js?v=5d32c60e"></script>
<script src="../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
<script src="../_static/documentation_options.js?v=5929fcd5"></script>
<script src="../_static/doctools.js?v=9bcbadda"></script>
<script src="../_static/sphinx_highlight.js?v=dc90522c"></script>
<script src="../_static/js/theme.js"></script>
<link rel="index" title="Index" href="../genindex.html" />
<link rel="search" title="Search" href="../search.html" />
<link rel="next" title="keycloak_role Allows administration of Keycloak roles via Keycloak API" href="keycloak_role.html" />
<link rel="next" title="keycloak_realm Allows administration of Keycloak realm via Keycloak API" href="keycloak_realm.html" />
<link rel="prev" title="Plugin Index" href="index.html" />
</head>
@ -62,32 +60,30 @@
</li>
</ul>
</li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_realm.html">keycloak_realm Allows administration of Keycloak realm via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_role.html">keycloak_role Allows administration of Keycloak roles via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_user_federation.html">keycloak_user_federation Allows administration of Keycloak user federations via Keycloak API</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../roles/index.html">Role Index</a></li>
<li class="toctree-l1"><a class="reference internal" href="../CHANGELOG.html">Changelog</a></li>
</ul>
<p class="caption" role="heading"><span class="caption-text">Developer documentation</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../developing.html">Developing</a></li>
<li class="toctree-l1"><a class="reference internal" href="../developing.html#contributor-s-guidelines">Contributors Guidelines</a></li>
<li class="toctree-l1"><a class="reference internal" href="../testing.html">Testing</a></li>
<li class="toctree-l1"><a class="reference internal" href="../developing.html">Contributors Guidelines</a></li>
<li class="toctree-l1"><a class="reference internal" href="../releasing.html">Collection Versioning Strategy</a></li>
</ul>
<p class="caption" role="heading"><span class="caption-text">General</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../CHANGELOG.html">Changelog</a></li>
<li class="toctree-l1"><a class="reference internal" href="../releasing.html">Releasing</a></li>
</ul>
<p class="caption" role="heading"><span class="caption-text">Middleware collections</span></p>
<ul>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/infinispan/main/">Infinispan / Red Hat Data Grid</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/keycloak/main/">Keycloak / Red Hat Single Sign-On</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/infinispan/main/">Infinispan / Red Hat Data Grid</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/wildfly/main/">Wildfly / Red Hat JBoss EAP</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/jws/main/">Tomcat / Red Hat JWS</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/amq/main/">ActiveMQ / Red Hat AMQ Broker</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/amq_streams/main/">Kafka / Red Hat AMQ Streams</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/common/main/">Ansible Middleware utilities</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/redhat-csp-download/main/">Red Hat CSP Download</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/ansible_collections_jcliff/main/">JCliff</a></li>
</ul>
@ -239,7 +235,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>For OpenID-Connect clients, JWA algorithm which the client needs to use when sending OIDC request object. One of <code class='docutils literal notranslate'>any</code>, <code class='docutils literal notranslate'>none</code>, <code class='docutils literal notranslate'>RS256</code>.</p>
<p>For OpenID-Connect clients, JWA algorithm which the client needs to use when sending OIDC request object. One of <code class="ansible-value literal notranslate">any</code>, <code class="ansible-value literal notranslate">none</code>, <code class="ansible-value literal notranslate">RS256</code>.</p>
</div></td>
</tr>
<tr class="row-even">
@ -343,7 +339,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>Signature algorithm used to sign SAML documents. One of <code class='docutils literal notranslate'>RSA_SHA256</code>, <code class='docutils literal notranslate'>RSA_SHA1</code>, <code class='docutils literal notranslate'>RSA_SHA512</code>, or <code class='docutils literal notranslate'>DSA_SHA1</code>.</p>
<p>Signature algorithm used to sign SAML documents. One of <code class="ansible-value literal notranslate">RSA_SHA256</code>, <code class="ansible-value literal notranslate">RSA_SHA1</code>, <code class="ansible-value literal notranslate">RSA_SHA512</code>, or <code class="ansible-value literal notranslate">DSA_SHA1</code>.</p>
</div></td>
</tr>
<tr class="row-even">
@ -421,7 +417,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>For SAML clients, the NameID format to use (one of <code class='docutils literal notranslate'>username</code>, <code class='docutils literal notranslate'>email</code>, <code class='docutils literal notranslate'>transient</code>, or <code class='docutils literal notranslate'>persistent</code>)</p>
<p>For SAML clients, the NameID format to use (one of <code class="ansible-value literal notranslate">username</code>, <code class="ansible-value literal notranslate">email</code>, <code class="ansible-value literal notranslate">transient</code>, or <code class="ansible-value literal notranslate">persistent</code>)</p>
</div></td>
</tr>
<tr class="row-even">
@ -434,7 +430,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>SAML signature canonicalization method. This is one of four values, namely <code class='docutils literal notranslate'>http://www.w3.org/2001/10/xml-exc-c14n#</code> for EXCLUSIVE, <code class='docutils literal notranslate'>http://www.w3.org/2001/10/xml-exc-c14n#WithComments</code> for EXCLUSIVE_WITH_COMMENTS, <code class='docutils literal notranslate'>http://www.w3.org/TR/2001/REC-xml-c14n-20010315</code> for INCLUSIVE, and <code class='docutils literal notranslate'>http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments</code> for INCLUSIVE_WITH_COMMENTS.</p>
<p>SAML signature canonicalization method. This is one of four values, namely <code class="ansible-value literal notranslate">http://www.w3.org/2001/10/xml-exc-c14n#</code> for EXCLUSIVE, <code class="ansible-value literal notranslate">http://www.w3.org/2001/10/xml-exc-c14n#WithComments</code> for EXCLUSIVE_WITH_COMMENTS, <code class="ansible-value literal notranslate">http://www.w3.org/TR/2001/REC-xml-c14n-20010315</code> for INCLUSIVE, and <code class="ansible-value literal notranslate">http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments</code> for INCLUSIVE_WITH_COMMENTS.</p>
</div></td>
</tr>
<tr class="row-odd">
@ -486,7 +482,41 @@ To check whether it is installed, run <code class="code docutils literal notrans
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>For OpenID-Connect clients, JWA algorithm for signed UserInfo-endpoint responses. One of <code class='docutils literal notranslate'>RS256</code> or <code class='docutils literal notranslate'>unsigned</code>.</p>
<p>For OpenID-Connect clients, JWA algorithm for signed UserInfo-endpoint responses. One of <code class="ansible-value literal notranslate">RS256</code> or <code class="ansible-value literal notranslate">unsigned</code>.</p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-attributes/x509.allow.regex.pattern.comparison"></div>
<p class="ansible-option-title"><strong>x509.allow.regex.pattern.comparison</strong></p>
<a class="ansibleOptionLink" href="#parameter-attributes/x509.allow.regex.pattern.comparison" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">boolean</span>
</p>
<p><em class="ansible-option-versionadded">added in middleware_automation.keycloak 9.5.0</em></p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>For OpenID-Connect clients, boolean specifying whether to allow <code class='docutils literal notranslate'>x509.subjectdn</code> as regular expression.</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
<ul class="simple">
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">false</code></p></li>
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">true</code></p></li>
</ul>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-attributes/x509.subjectdn"></div>
<p class="ansible-option-title"><strong>x509.subjectdn</strong></p>
<a class="ansibleOptionLink" href="#parameter-attributes/x509.subjectdn" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
<p><em class="ansible-option-versionadded">added in middleware_automation.keycloak 9.5.0</em></p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>For OpenID-Connect clients, subject which will be used to authenticate the client.</p>
</div></td>
</tr>
@ -592,6 +622,78 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p>Override realm authentication flow bindings.</p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-authentication_flow_binding_overrides/browser"></div>
<div class="ansibleOptionAnchor" id="parameter-authenticationFlowBindingOverrides/browser"></div>
<p class="ansible-option-title"><strong>browser</strong></p>
<a class="ansibleOptionLink" href="#parameter-authentication_flow_binding_overrides/browser" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>Flow ID of the browser authentication flow.</p>
<p><code class="ansible-option literal notranslate"><strong><a class="reference internal" href="#parameter-authentication_flow_binding_overrides/browser"><span class="std std-ref"><span class="pre">authentication_flow_binding_overrides.browser</span></span></a></strong></code> and <code class="ansible-option literal notranslate"><strong><a class="reference internal" href="#parameter-authentication_flow_binding_overrides/browser_name"><span class="std std-ref"><span class="pre">authentication_flow_binding_overrides.browser_name</span></span></a></strong></code> are mutually exclusive.</p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-authentication_flow_binding_overrides/browser_name"></div>
<div class="ansibleOptionAnchor" id="parameter-authenticationFlowBindingOverrides/browser_name"></div>
<div class="ansibleOptionAnchor" id="parameter-authentication_flow_binding_overrides/browserName"></div>
<div class="ansibleOptionAnchor" id="parameter-authenticationFlowBindingOverrides/browserName"></div>
<p class="ansible-option-title"><strong>browser_name</strong></p>
<a class="ansibleOptionLink" href="#parameter-authentication_flow_binding_overrides/browser_name" title="Permalink to this option"></a>
<p class="ansible-option-type-line"><span class="ansible-option-aliases">aliases: browserName</span></p>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
<p><em class="ansible-option-versionadded">added in middleware_automation.keycloak 9.1.0</em></p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>Flow name of the browser authentication flow.</p>
<p><code class="ansible-option literal notranslate"><strong><a class="reference internal" href="#parameter-authentication_flow_binding_overrides/browser"><span class="std std-ref"><span class="pre">authentication_flow_binding_overrides.browser</span></span></a></strong></code> and <code class="ansible-option literal notranslate"><strong><a class="reference internal" href="#parameter-authentication_flow_binding_overrides/browser_name"><span class="std std-ref"><span class="pre">authentication_flow_binding_overrides.browser_name</span></span></a></strong></code> are mutually exclusive.</p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-authentication_flow_binding_overrides/direct_grant"></div>
<div class="ansibleOptionAnchor" id="parameter-authenticationFlowBindingOverrides/direct_grant"></div>
<div class="ansibleOptionAnchor" id="parameter-authentication_flow_binding_overrides/directGrant"></div>
<div class="ansibleOptionAnchor" id="parameter-authenticationFlowBindingOverrides/directGrant"></div>
<p class="ansible-option-title"><strong>direct_grant</strong></p>
<a class="ansibleOptionLink" href="#parameter-authentication_flow_binding_overrides/direct_grant" title="Permalink to this option"></a>
<p class="ansible-option-type-line"><span class="ansible-option-aliases">aliases: directGrant</span></p>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>Flow ID of the direct grant authentication flow.</p>
<p><code class="ansible-option literal notranslate"><strong><a class="reference internal" href="#parameter-authentication_flow_binding_overrides/direct_grant"><span class="std std-ref"><span class="pre">authentication_flow_binding_overrides.direct_grant</span></span></a></strong></code> and <code class="ansible-option literal notranslate"><strong><a class="reference internal" href="#parameter-authentication_flow_binding_overrides/direct_grant_name"><span class="std std-ref"><span class="pre">authentication_flow_binding_overrides.direct_grant_name</span></span></a></strong></code> are mutually exclusive.</p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-authentication_flow_binding_overrides/direct_grant_name"></div>
<div class="ansibleOptionAnchor" id="parameter-authenticationFlowBindingOverrides/direct_grant_name"></div>
<div class="ansibleOptionAnchor" id="parameter-authentication_flow_binding_overrides/directGrantName"></div>
<div class="ansibleOptionAnchor" id="parameter-authenticationFlowBindingOverrides/directGrantName"></div>
<p class="ansible-option-title"><strong>direct_grant_name</strong></p>
<a class="ansibleOptionLink" href="#parameter-authentication_flow_binding_overrides/direct_grant_name" title="Permalink to this option"></a>
<p class="ansible-option-type-line"><span class="ansible-option-aliases">aliases: directGrantName</span></p>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
<p><em class="ansible-option-versionadded">added in middleware_automation.keycloak 9.1.0</em></p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>Flow name of the direct grant authentication flow.</p>
<p><code class="ansible-option literal notranslate"><strong><a class="reference internal" href="#parameter-authentication_flow_binding_overrides/direct_grant"><span class="std std-ref"><span class="pre">authentication_flow_binding_overrides.direct_grant</span></span></a></strong></code> and <code class="ansible-option literal notranslate"><strong><a class="reference internal" href="#parameter-authentication_flow_binding_overrides/direct_grant_name"><span class="std std-ref"><span class="pre">authentication_flow_binding_overrides.direct_grant_name</span></span></a></strong></code> are mutually exclusive.</p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-authorization_services_enabled"></div>
@ -676,11 +778,13 @@ To check whether it is installed, run <code class="code docutils literal notrans
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>How do clients authenticate with the auth server? Either <code class='docutils literal notranslate'>client-secret</code> or <code class='docutils literal notranslate'>client-jwt</code> can be chosen. When using <code class='docutils literal notranslate'>client-secret</code>, the module parameter <em>secret</em> can set it, while for <code class='docutils literal notranslate'>client-jwt</code>, you can use the keys <code class='docutils literal notranslate'>use.jwks.url</code>, <code class='docutils literal notranslate'>jwks.url</code>, and <code class='docutils literal notranslate'>jwt.credential.certificate</code> in the <em>attributes</em> module parameter to configure its behavior. This is &#x27;clientAuthenticatorType&#x27; in the Keycloak REST API.</p>
<p>How do clients authenticate with the auth server? Either <code class="ansible-value literal notranslate">client-secret</code>, <code class="ansible-value literal notranslate">client-jwt</code>, or <code class="ansible-value literal notranslate">client-x509</code> can be chosen. When using <code class="ansible-value literal notranslate">client-secret</code>, the module parameter <code class="ansible-option literal notranslate"><strong><a class="reference internal" href="#parameter-secret"><span class="std std-ref"><span class="pre">secret</span></span></a></strong></code> can set it, for <code class="ansible-value literal notranslate">client-jwt</code>, you can use the keys <code class='docutils literal notranslate'>use.jwks.url</code>, <code class='docutils literal notranslate'>jwks.url</code>, and <code class='docutils literal notranslate'>jwt.credential.certificate</code> in the <code class="ansible-option literal notranslate"><strong><a class="reference internal" href="#parameter-attributes"><span class="std std-ref"><span class="pre">attributes</span></span></a></strong></code> module parameter to configure its behavior. For <code class="ansible-value literal notranslate">client-x509</code> you can use the keys <code class='docutils literal notranslate'>x509.allow.regex.pattern.comparison</code> and <code class='docutils literal notranslate'>x509.subjectdn</code> in the <code class="ansible-option literal notranslate"><strong><a class="reference internal" href="#parameter-attributes"><span class="std std-ref"><span class="pre">attributes</span></span></a></strong></code> module parameter to configure which certificate(s) to accept.</p>
<p>This is &#x27;clientAuthenticatorType&#x27; in the Keycloak REST API.</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
<ul class="simple">
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">&#34;client-secret&#34;</code></p></li>
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">&#34;client-jwt&#34;</code></p></li>
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">&#34;client-x509&#34;</code></p></li>
</ul>
</div></td>
@ -697,7 +801,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Client id of client to be worked on. This is usually an alphanumeric name chosen by you. Either this or <em>id</em> is required. If you specify both, <em>id</em> takes precedence. This is &#x27;clientId&#x27; in the Keycloak REST API.</p>
<p>Client id of client to be worked on. This is usually an alphanumeric name chosen by you. Either this or <code class="ansible-option literal notranslate"><strong><a class="reference internal" href="#parameter-id"><span class="std std-ref"><span class="pre">id</span></span></a></strong></code> is required. If you specify both, <code class="ansible-option literal notranslate"><strong><a class="reference internal" href="#parameter-id"><span class="std std-ref"><span class="pre">id</span></span></a></strong></code> takes precedence. This is &#x27;clientId&#x27; in the Keycloak REST API.</p>
</div></td>
</tr>
<tr class="row-even">
@ -904,7 +1008,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Id of client to be worked on. This is usually an UUID. Either this or <em>client_id</em> is required. If you specify both, this takes precedence.</p>
<p>Id of client to be worked on. This is usually an UUID. Either this or <code class="ansible-option literal notranslate"><strong><a class="reference internal" href="#parameter-client_id"><span class="std std-ref"><span class="pre">client_id</span></span></a></strong></code> is required. If you specify both, this takes precedence.</p>
</div></td>
</tr>
<tr class="row-even">
@ -938,7 +1042,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Name of the client (this is not the same as <em>client_id</em>).</p>
<p>Name of the client (this is not the same as <code class="ansible-option literal notranslate"><strong><a class="reference internal" href="#parameter-client_id"><span class="std std-ref"><span class="pre">client_id</span></span></a></strong></code>).</p>
</div></td>
</tr>
<tr class="row-even">
@ -998,11 +1102,14 @@ To check whether it is installed, run <code class="code docutils literal notrans
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Type of client (either <code class='docutils literal notranslate'>openid-connect</code> or <code class='docutils literal notranslate'>saml</code>.</p>
<p>Type of client.</p>
<p>At creation only, default value will be <code class="ansible-value literal notranslate">openid-connect</code> if <code class="ansible-option literal notranslate"><strong><a class="reference internal" href="#parameter-protocol"><span class="std std-ref"><span class="pre">protocol</span></span></a></strong></code> is omitted.</p>
<p>The <code class="ansible-value literal notranslate">docker-v2</code> value was added in community.general 8.6.0.</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
<ul class="simple">
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">&#34;openid-connect&#34;</code></p></li>
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">&#34;saml&#34;</code></p></li>
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">&#34;docker-v2&#34;</code></p></li>
</ul>
</div></td>
@ -1034,7 +1141,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>Dict specifying the configuration options for the protocol mapper; the contents differ depending on the value of <em>protocolMapper</em> and are not documented other than by the source of the mappers and its parent class(es). An example is given below. It is easiest to obtain valid config values by dumping an already-existing protocol mapper configuration through check-mode in the <em>existing</em> field.</p>
<p>Dict specifying the configuration options for the protocol mapper; the contents differ depending on the value of <code class="ansible-option literal notranslate"><strong><a class="reference internal" href="#parameter-protocol_mappers/protocolMapper"><span class="std std-ref"><span class="pre">protocol_mappers[].protocolMapper</span></span></a></strong></code> and are not documented other than by the source of the mappers and its parent class(es). An example is given below. It is easiest to obtain valid config values by dumping an already-existing protocol mapper configuration through check-mode in the <code class="ansible-return-value literal notranslate"><a class="reference internal" href="#return-existing"><span class="std std-ref"><span class="pre">existing</span></span></a></code> field.</p>
</div></td>
</tr>
<tr class="row-even">
@ -1110,11 +1217,12 @@ To check whether it is installed, run <code class="code docutils literal notrans
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>This is either <code class='docutils literal notranslate'>openid-connect</code> or <code class='docutils literal notranslate'>saml</code>, this specifies for which protocol this protocol mapper. is active.</p>
<p>This specifies for which protocol this protocol mapper is active.</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
<ul class="simple">
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">&#34;openid-connect&#34;</code></p></li>
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">&#34;saml&#34;</code></p></li>
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">&#34;docker-v2&#34;</code></p></li>
</ul>
</div></td>
@ -1130,29 +1238,29 @@ To check whether it is installed, run <code class="code docutils literal notrans
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>The Keycloak-internal name of the type of this protocol-mapper. While an exhaustive list is impossible to provide since this may be extended through SPIs by the user of Keycloak, by default Keycloak as of 3.4 ships with at least</p>
<p><code class='docutils literal notranslate'>docker-v2-allow-all-mapper</code></p>
<p><code class='docutils literal notranslate'>oidc-address-mapper</code></p>
<p><code class='docutils literal notranslate'>oidc-full-name-mapper</code></p>
<p><code class='docutils literal notranslate'>oidc-group-membership-mapper</code></p>
<p><code class='docutils literal notranslate'>oidc-hardcoded-claim-mapper</code></p>
<p><code class='docutils literal notranslate'>oidc-hardcoded-role-mapper</code></p>
<p><code class='docutils literal notranslate'>oidc-role-name-mapper</code></p>
<p><code class='docutils literal notranslate'>oidc-script-based-protocol-mapper</code></p>
<p><code class='docutils literal notranslate'>oidc-sha256-pairwise-sub-mapper</code></p>
<p><code class='docutils literal notranslate'>oidc-usermodel-attribute-mapper</code></p>
<p><code class='docutils literal notranslate'>oidc-usermodel-client-role-mapper</code></p>
<p><code class='docutils literal notranslate'>oidc-usermodel-property-mapper</code></p>
<p><code class='docutils literal notranslate'>oidc-usermodel-realm-role-mapper</code></p>
<p><code class='docutils literal notranslate'>oidc-usersessionmodel-note-mapper</code></p>
<p><code class='docutils literal notranslate'>saml-group-membership-mapper</code></p>
<p><code class='docutils literal notranslate'>saml-hardcode-attribute-mapper</code></p>
<p><code class='docutils literal notranslate'>saml-hardcode-role-mapper</code></p>
<p><code class='docutils literal notranslate'>saml-role-list-mapper</code></p>
<p><code class='docutils literal notranslate'>saml-role-name-mapper</code></p>
<p><code class='docutils literal notranslate'>saml-user-attribute-mapper</code></p>
<p><code class='docutils literal notranslate'>saml-user-property-mapper</code></p>
<p><code class='docutils literal notranslate'>saml-user-session-note-mapper</code></p>
<p>The Keycloak-internal name of the type of this protocol-mapper. While an exhaustive list is impossible to provide since this may be extended through SPIs by the user of Keycloak, by default Keycloak as of 3.4 ships with at least:</p>
<p><code class="ansible-value literal notranslate">docker-v2-allow-all-mapper</code></p>
<p><code class="ansible-value literal notranslate">oidc-address-mapper</code></p>
<p><code class="ansible-value literal notranslate">oidc-full-name-mapper</code></p>
<p><code class="ansible-value literal notranslate">oidc-group-membership-mapper</code></p>
<p><code class="ansible-value literal notranslate">oidc-hardcoded-claim-mapper</code></p>
<p><code class="ansible-value literal notranslate">oidc-hardcoded-role-mapper</code></p>
<p><code class="ansible-value literal notranslate">oidc-role-name-mapper</code></p>
<p><code class="ansible-value literal notranslate">oidc-script-based-protocol-mapper</code></p>
<p><code class="ansible-value literal notranslate">oidc-sha256-pairwise-sub-mapper</code></p>
<p><code class="ansible-value literal notranslate">oidc-usermodel-attribute-mapper</code></p>
<p><code class="ansible-value literal notranslate">oidc-usermodel-client-role-mapper</code></p>
<p><code class="ansible-value literal notranslate">oidc-usermodel-property-mapper</code></p>
<p><code class="ansible-value literal notranslate">oidc-usermodel-realm-role-mapper</code></p>
<p><code class="ansible-value literal notranslate">oidc-usersessionmodel-note-mapper</code></p>
<p><code class="ansible-value literal notranslate">saml-group-membership-mapper</code></p>
<p><code class="ansible-value literal notranslate">saml-hardcode-attribute-mapper</code></p>
<p><code class="ansible-value literal notranslate">saml-hardcode-role-mapper</code></p>
<p><code class="ansible-value literal notranslate">saml-role-list-mapper</code></p>
<p><code class="ansible-value literal notranslate">saml-role-name-mapper</code></p>
<p><code class="ansible-value literal notranslate">saml-user-attribute-mapper</code></p>
<p><code class="ansible-value literal notranslate">saml-user-property-mapper</code></p>
<p><code class="ansible-value literal notranslate">saml-user-session-note-mapper</code></p>
<p>An exhaustive list of available mappers on your installation can be obtained on the admin console by going to Server Info -&gt; Providers and looking under &#x27;protocol-mapper&#x27;.</p>
</div></td>
</tr>
@ -1263,7 +1371,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>When using <em>client_authenticator_type</em> <code class='docutils literal notranslate'>client-secret</code> (the default), you can specify a secret here (otherwise one will be generated if it does not exit). If changing this secret, the module will not register a change currently (but the changed secret will be saved).</p>
<p>When using <code class="ansible-option-value literal notranslate"><a class="reference internal" href="#parameter-client_authenticator_type"><span class="std std-ref"><span class="pre">client_authenticator_type=client-secret</span></span></a></code> (the default), you can specify a secret here (otherwise one will be generated if it does not exit). If changing this secret, the module will not register a change currently (but the changed secret will be saved).</p>
</div></td>
</tr>
<tr class="row-odd">
@ -1319,8 +1427,8 @@ To check whether it is installed, run <code class="code docutils literal notrans
</div></td>
<td><div class="ansible-option-cell">
<p>State of the client</p>
<p>On <code class='docutils literal notranslate'>present</code>, the client will be created (or updated if it exists already).</p>
<p>On <code class='docutils literal notranslate'>absent</code>, the client will be removed if it exists</p>
<p>On <code class="ansible-value literal notranslate">present</code>, the client will be created (or updated if it exists already).</p>
<p>On <code class="ansible-value literal notranslate">absent</code>, the client will be removed if it exists</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
<ul class="simple">
<li><p><code class="ansible-value literal notranslate ansible-option-default-bold"><strong>&#34;present&#34;</strong></code> <span class="ansible-option-choices-default-mark">← (default)</span></p></li>
@ -1376,7 +1484,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Whether or not to use configuration from the <em>client_template</em>. This is &#x27;useTemplateConfig&#x27; in the Keycloak REST API.</p>
<p>Whether or not to use configuration from the <code class="ansible-option literal notranslate"><strong><a class="reference internal" href="#parameter-client_template"><span class="std std-ref"><span class="pre">client_template</span></span></a></strong></code>. This is &#x27;useTemplateConfig&#x27; in the Keycloak REST API.</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
<ul class="simple">
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">false</code></p></li>
@ -1397,7 +1505,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Whether or not to use mapper configuration from the <em>client_template</em>. This is &#x27;useTemplateMappers&#x27; in the Keycloak REST API.</p>
<p>Whether or not to use mapper configuration from the <code class="ansible-option literal notranslate"><strong><a class="reference internal" href="#parameter-client_template"><span class="std std-ref"><span class="pre">client_template</span></span></a></strong></code>. This is &#x27;useTemplateMappers&#x27; in the Keycloak REST API.</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
<ul class="simple">
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">false</code></p></li>
@ -1418,7 +1526,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Whether or not to use scope configuration from the <em>client_template</em>. This is &#x27;useTemplateScope&#x27; in the Keycloak REST API.</p>
<p>Whether or not to use scope configuration from the <code class="ansible-option literal notranslate"><strong><a class="reference internal" href="#parameter-client_template"><span class="std std-ref"><span class="pre">client_template</span></span></a></strong></code>. This is &#x27;useTemplateScope&#x27; in the Keycloak REST API.</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
<ul class="simple">
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">false</code></p></li>
@ -1529,6 +1637,22 @@ To check whether it is installed, run <code class="code docutils literal notrans
<span class="w"> </span><span class="nt">delegate_to</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">localhost</span>
<span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Create or update a Keycloak client (minimal example), with x509 authentication</span>
<span class="w"> </span><span class="nt">middleware_automation.keycloak.keycloak_client</span><span class="p">:</span>
<span class="w"> </span><span class="nt">auth_client_id</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">admin-cli</span>
<span class="w"> </span><span class="nt">auth_keycloak_url</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">https://auth.example.com/auth</span>
<span class="w"> </span><span class="nt">auth_realm</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">master</span>
<span class="w"> </span><span class="nt">auth_username</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">USERNAME</span>
<span class="w"> </span><span class="nt">auth_password</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">PASSWORD</span>
<span class="w"> </span><span class="nt">realm</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">master</span>
<span class="w"> </span><span class="nt">state</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">present</span>
<span class="w"> </span><span class="nt">client_id</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">test</span>
<span class="w"> </span><span class="nt">client_authenticator_type</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">client-x509</span>
<span class="w"> </span><span class="nt">attributes</span><span class="p">:</span>
<span class="w"> </span><span class="nt">x509.subjectdn</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;CN=client&quot;</span>
<span class="w"> </span><span class="nt">x509.allow.regex.pattern.comparison</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">false</span>
<span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Create or update a Keycloak client (with all the bells and whistles)</span>
<span class="w"> </span><span class="nt">middleware_automation.keycloak.keycloak_client</span><span class="p">:</span>
<span class="w"> </span><span class="nt">auth_client_id</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">admin-cli</span>
@ -1579,7 +1703,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">test01</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">test02</span>
<span class="w"> </span><span class="nt">authentication_flow_binding_overrides</span><span class="p">:</span>
<span class="w"> </span><span class="nt">browser</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">4c90336b-bf1d-4b87-916d-3677ba4e5fbb</span>
<span class="w"> </span><span class="nt">browser</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">4c90336b-bf1d-4b87-916d-3677ba4e5fbb</span>
<span class="w"> </span><span class="nt">protocol_mappers</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">config</span><span class="p">:</span>
<span class="w"> </span><span class="nt">access.token.claim</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
@ -1707,7 +1831,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</div>
<footer><div class="rst-footer-buttons" role="navigation" aria-label="Footer">
<a href="index.html" class="btn btn-neutral float-left" title="Plugin Index" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
<a href="keycloak_role.html" class="btn btn-neutral float-right" title="keycloak_role Allows administration of Keycloak roles via Keycloak API" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
<a href="keycloak_realm.html" class="btn btn-neutral float-right" title="keycloak_realm Allows administration of Keycloak realm via Keycloak API" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
</div>
<hr/>

1747
main/plugins/keycloak_realm.html Normal file
View file

File diff suppressed because it is too large Load diff

159
main/plugins/keycloak_role.html
View file

@ -1,31 +1,29 @@
<!DOCTYPE html>
<html class="writer-html5" lang="en" data-content_root="../">
<head>
<meta charset="utf-8" /><meta name="viewport" content="width=device-width, initial-scale=1" />
<meta content="2.14.0" name="antsibull-docs" />
<meta content="2.15.0" name="antsibull-docs" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>keycloak_role Allows administration of Keycloak roles via Keycloak API &mdash; Keycloak Ansible Collection documentation</title>
<link rel="stylesheet" type="text/css" href="../_static/pygments.css?v=5707b69d" />
<link rel="stylesheet" type="text/css" href="../_static/css/theme.css?v=19f00094" />
<link rel="stylesheet" type="text/css" href="../_static/css/theme.css?v=e59714d7" />
<link rel="stylesheet" type="text/css" href="../_static/antsibull-minimal.css" />
<link rel="stylesheet" type="text/css" href="../_static/ansible-basic-sphinx-ext.css" />
<!--[if lt IE 9]>
<script src="../_static/js/html5shiv.min.js"></script>
<![endif]-->
<script src="../_static/jquery.js?v=5d32c60e"></script>
<script src="../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
<script src="../_static/documentation_options.js?v=5929fcd5"></script>
<script src="../_static/doctools.js?v=9a2dae69"></script>
<script src="../_static/sphinx_highlight.js?v=dc90522c"></script>
<script src="../_static/jquery.js?v=5d32c60e"></script>
<script src="../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
<script src="../_static/documentation_options.js?v=5929fcd5"></script>
<script src="../_static/doctools.js?v=9bcbadda"></script>
<script src="../_static/sphinx_highlight.js?v=dc90522c"></script>
<script src="../_static/js/theme.js"></script>
<link rel="index" title="Index" href="../genindex.html" />
<link rel="search" title="Search" href="../search.html" />
<link rel="next" title="keycloak_user_federation Allows administration of Keycloak user federations via Keycloak API" href="keycloak_user_federation.html" />
<link rel="prev" title="keycloak_client Allows administration of Keycloak clients via Keycloak API" href="keycloak_client.html" />
<link rel="prev" title="keycloak_realm Allows administration of Keycloak realm via Keycloak API" href="keycloak_realm.html" />
</head>
<body class="wy-body-for-nav">
@ -52,6 +50,7 @@
<li class="toctree-l1"><a class="reference internal" href="../README.html">Ansible Collection - middleware_automation.keycloak</a></li>
<li class="toctree-l1 current"><a class="reference internal" href="index.html">Plugin Index</a><ul class="current">
<li class="toctree-l2"><a class="reference internal" href="keycloak_client.html">keycloak_client Allows administration of Keycloak clients via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_realm.html">keycloak_realm Allows administration of Keycloak realm via Keycloak API</a></li>
<li class="toctree-l2 current"><a class="current reference internal" href="#">keycloak_role Allows administration of Keycloak roles via Keycloak API</a><ul>
<li class="toctree-l3"><a class="reference internal" href="#synopsis">Synopsis</a></li>
<li class="toctree-l3"><a class="reference internal" href="#parameters">Parameters</a></li>
@ -67,27 +66,24 @@
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../roles/index.html">Role Index</a></li>
<li class="toctree-l1"><a class="reference internal" href="../CHANGELOG.html">Changelog</a></li>
</ul>
<p class="caption" role="heading"><span class="caption-text">Developer documentation</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../developing.html">Developing</a></li>
<li class="toctree-l1"><a class="reference internal" href="../developing.html#contributor-s-guidelines">Contributors Guidelines</a></li>
<li class="toctree-l1"><a class="reference internal" href="../testing.html">Testing</a></li>
<li class="toctree-l1"><a class="reference internal" href="../developing.html">Contributors Guidelines</a></li>
<li class="toctree-l1"><a class="reference internal" href="../releasing.html">Collection Versioning Strategy</a></li>
</ul>
<p class="caption" role="heading"><span class="caption-text">General</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../CHANGELOG.html">Changelog</a></li>
<li class="toctree-l1"><a class="reference internal" href="../releasing.html">Releasing</a></li>
</ul>
<p class="caption" role="heading"><span class="caption-text">Middleware collections</span></p>
<ul>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/infinispan/main/">Infinispan / Red Hat Data Grid</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/keycloak/main/">Keycloak / Red Hat Single Sign-On</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/infinispan/main/">Infinispan / Red Hat Data Grid</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/wildfly/main/">Wildfly / Red Hat JBoss EAP</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/jws/main/">Tomcat / Red Hat JWS</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/amq/main/">ActiveMQ / Red Hat AMQ Broker</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/amq_streams/main/">Kafka / Red Hat AMQ Streams</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/common/main/">Ansible Middleware utilities</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/redhat-csp-download/main/">Red Hat CSP Download</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/ansible_collections_jcliff/main/">JCliff</a></li>
</ul>
@ -269,6 +265,93 @@ To check whether it is installed, run <code class="code docutils literal notrans
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-composite"></div>
<p class="ansible-option-title"><strong>composite</strong></p>
<a class="ansibleOptionLink" href="#parameter-composite" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">boolean</span>
</p>
<p><em class="ansible-option-versionadded">added in middleware_automation.keycloak 7.1.0</em></p>
</div></td>
<td><div class="ansible-option-cell">
<p>If <code class="ansible-value literal notranslate">true</code>, the role is a composition of other realm and/or client role.</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
<ul class="simple">
<li><p><code class="ansible-value literal notranslate ansible-option-default-bold"><strong>false</strong></code> <span class="ansible-option-choices-default-mark">← (default)</span></p></li>
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">true</code></p></li>
</ul>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-composites"></div>
<p class="ansible-option-title"><strong>composites</strong></p>
<a class="ansibleOptionLink" href="#parameter-composites" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">list</span>
/ <span class="ansible-option-elements">elements=dictionary</span>
</p>
<p><em class="ansible-option-versionadded">added in middleware_automation.keycloak 7.1.0</em></p>
</div></td>
<td><div class="ansible-option-cell">
<p>List of roles to include to the composite realm role.</p>
<p>If the composite role is a client role, the <code class='docutils literal notranslate'>clientId</code> (not ID of the client) must be specified.</p>
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">[]</code></p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-composites/client_id"></div>
<div class="ansibleOptionAnchor" id="parameter-composites/clientId"></div>
<p class="ansible-option-title"><strong>client_id</strong></p>
<a class="ansibleOptionLink" href="#parameter-composites/client_id" title="Permalink to this option"></a>
<p class="ansible-option-type-line"><span class="ansible-option-aliases">aliases: clientId</span></p>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>Client ID if the role is a client role. Do not include this option for a REALM role.</p>
<p>Use the client ID you can see in the Keycloak console, not the technical ID of the client.</p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-composites/name"></div>
<p class="ansible-option-title"><strong>name</strong></p>
<a class="ansibleOptionLink" href="#parameter-composites/name" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
/ <span class="ansible-option-required">required</span>
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>Name of the role. This can be the name of a REALM role or a client role.</p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-composites/state"></div>
<p class="ansible-option-title"><strong>state</strong></p>
<a class="ansibleOptionLink" href="#parameter-composites/state" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>Create the composite if present, remove it if absent.</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
<ul class="simple">
<li><p><code class="ansible-value literal notranslate ansible-option-default-bold"><strong>&#34;present&#34;</strong></code> <span class="ansible-option-choices-default-mark">← (default)</span></p></li>
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">&#34;absent&#34;</code></p></li>
</ul>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-connection_timeout"></div>
<p class="ansible-option-title"><strong>connection_timeout</strong></p>
@ -283,7 +366,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">10</code></p>
</div></td>
</tr>
<tr class="row-odd">
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-description"></div>
<p class="ansible-option-title"><strong>description</strong></p>
@ -296,7 +379,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p>The role description.</p>
</div></td>
</tr>
<tr class="row-even">
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-http_agent"></div>
<p class="ansible-option-title"><strong>http_agent</strong></p>
@ -311,7 +394,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">&#34;Ansible&#34;</code></p>
</div></td>
</tr>
<tr class="row-odd">
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-name"></div>
<p class="ansible-option-title"><strong>name</strong></p>
@ -326,7 +409,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p>This parameter is required.</p>
</div></td>
</tr>
<tr class="row-even">
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-realm"></div>
<p class="ansible-option-title"><strong>realm</strong></p>
@ -340,7 +423,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">&#34;master&#34;</code></p>
</div></td>
</tr>
<tr class="row-odd">
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-state"></div>
<p class="ansible-option-title"><strong>state</strong></p>
@ -351,8 +434,8 @@ To check whether it is installed, run <code class="code docutils literal notrans
</div></td>
<td><div class="ansible-option-cell">
<p>State of the role.</p>
<p>On <code class='docutils literal notranslate'>present</code>, the role will be created if it does not yet exist, or updated with the parameters you provide.</p>
<p>On <code class='docutils literal notranslate'>absent</code>, the role will be removed if it exists.</p>
<p>On <code class="ansible-value literal notranslate">present</code>, the role will be created if it does not yet exist, or updated with the parameters you provide.</p>
<p>On <code class="ansible-value literal notranslate">absent</code>, the role will be removed if it exists.</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
<ul class="simple">
<li><p><code class="ansible-value literal notranslate ansible-option-default-bold"><strong>&#34;present&#34;</strong></code> <span class="ansible-option-choices-default-mark">← (default)</span></p></li>
@ -361,7 +444,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</div></td>
</tr>
<tr class="row-even">
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-token"></div>
<p class="ansible-option-title"><strong>token</strong></p>
@ -375,7 +458,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p>Authentication token for Keycloak API.</p>
</div></td>
</tr>
<tr class="row-odd">
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-validate_certs"></div>
<p class="ansible-option-title"><strong>validate_certs</strong></p>
@ -482,14 +565,14 @@ To check whether it is installed, run <code class="code docutils literal notrans
<span class="w"> </span><span class="nt">auth_password</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">PASSWORD</span>
<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">my-new-role</span>
<span class="w"> </span><span class="nt">attributes</span><span class="p">:</span>
<span class="w"> </span><span class="nt">attrib1</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">value1</span>
<span class="w"> </span><span class="nt">attrib2</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">value2</span>
<span class="w"> </span><span class="nt">attrib3</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">with</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">numerous</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">individual</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">list</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">items</span>
<span class="w"> </span><span class="nt">attrib1</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">value1</span>
<span class="w"> </span><span class="nt">attrib2</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">value2</span>
<span class="w"> </span><span class="nt">attrib3</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">with</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">numerous</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">individual</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">list</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">items</span>
<span class="w"> </span><span class="nt">delegate_to</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">localhost</span>
</pre></div>
</div>
@ -579,7 +662,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</div>
</div>
<footer><div class="rst-footer-buttons" role="navigation" aria-label="Footer">
<a href="keycloak_client.html" class="btn btn-neutral float-left" title="keycloak_client Allows administration of Keycloak clients via Keycloak API" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
<a href="keycloak_realm.html" class="btn btn-neutral float-left" title="keycloak_realm Allows administration of Keycloak realm via Keycloak API" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
<a href="keycloak_user_federation.html" class="btn btn-neutral float-right" title="keycloak_user_federation Allows administration of Keycloak user federations via Keycloak API" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
</div>

286
main/plugins/keycloak_user_federation.html
View file

@ -1,26 +1,24 @@
<!DOCTYPE html>
<html class="writer-html5" lang="en" data-content_root="../">
<head>
<meta charset="utf-8" /><meta name="viewport" content="width=device-width, initial-scale=1" />
<meta content="2.14.0" name="antsibull-docs" />
<meta content="2.15.0" name="antsibull-docs" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>keycloak_user_federation Allows administration of Keycloak user federations via Keycloak API &mdash; Keycloak Ansible Collection documentation</title>
<link rel="stylesheet" type="text/css" href="../_static/pygments.css?v=5707b69d" />
<link rel="stylesheet" type="text/css" href="../_static/css/theme.css?v=19f00094" />
<link rel="stylesheet" type="text/css" href="../_static/css/theme.css?v=e59714d7" />
<link rel="stylesheet" type="text/css" href="../_static/antsibull-minimal.css" />
<link rel="stylesheet" type="text/css" href="../_static/ansible-basic-sphinx-ext.css" />
<!--[if lt IE 9]>
<script src="../_static/js/html5shiv.min.js"></script>
<![endif]-->
<script src="../_static/jquery.js?v=5d32c60e"></script>
<script src="../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
<script src="../_static/documentation_options.js?v=5929fcd5"></script>
<script src="../_static/doctools.js?v=9a2dae69"></script>
<script src="../_static/sphinx_highlight.js?v=dc90522c"></script>
<script src="../_static/jquery.js?v=5d32c60e"></script>
<script src="../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
<script src="../_static/documentation_options.js?v=5929fcd5"></script>
<script src="../_static/doctools.js?v=9bcbadda"></script>
<script src="../_static/sphinx_highlight.js?v=dc90522c"></script>
<script src="../_static/js/theme.js"></script>
<link rel="index" title="Index" href="../genindex.html" />
<link rel="search" title="Search" href="../search.html" />
@ -52,6 +50,7 @@
<li class="toctree-l1"><a class="reference internal" href="../README.html">Ansible Collection - middleware_automation.keycloak</a></li>
<li class="toctree-l1 current"><a class="reference internal" href="index.html">Plugin Index</a><ul class="current">
<li class="toctree-l2"><a class="reference internal" href="keycloak_client.html">keycloak_client Allows administration of Keycloak clients via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_realm.html">keycloak_realm Allows administration of Keycloak realm via Keycloak API</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_role.html">keycloak_role Allows administration of Keycloak roles via Keycloak API</a></li>
<li class="toctree-l2 current"><a class="current reference internal" href="#">keycloak_user_federation Allows administration of Keycloak user federations via Keycloak API</a><ul>
<li class="toctree-l3"><a class="reference internal" href="#synopsis">Synopsis</a></li>
@ -67,27 +66,24 @@
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../roles/index.html">Role Index</a></li>
<li class="toctree-l1"><a class="reference internal" href="../CHANGELOG.html">Changelog</a></li>
</ul>
<p class="caption" role="heading"><span class="caption-text">Developer documentation</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../developing.html">Developing</a></li>
<li class="toctree-l1"><a class="reference internal" href="../developing.html#contributor-s-guidelines">Contributors Guidelines</a></li>
<li class="toctree-l1"><a class="reference internal" href="../testing.html">Testing</a></li>
<li class="toctree-l1"><a class="reference internal" href="../developing.html">Contributors Guidelines</a></li>
<li class="toctree-l1"><a class="reference internal" href="../releasing.html">Collection Versioning Strategy</a></li>
</ul>
<p class="caption" role="heading"><span class="caption-text">General</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../CHANGELOG.html">Changelog</a></li>
<li class="toctree-l1"><a class="reference internal" href="../releasing.html">Releasing</a></li>
</ul>
<p class="caption" role="heading"><span class="caption-text">Middleware collections</span></p>
<ul>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/infinispan/main/">Infinispan / Red Hat Data Grid</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/keycloak/main/">Keycloak / Red Hat Single Sign-On</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/infinispan/main/">Infinispan / Red Hat Data Grid</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/wildfly/main/">Wildfly / Red Hat JBoss EAP</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/jws/main/">Tomcat / Red Hat JWS</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/amq/main/">ActiveMQ / Red Hat AMQ Broker</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/amq_streams/main/">Kafka / Red Hat AMQ Streams</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/common/main/">Ansible Middleware utilities</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/redhat-csp-download/main/">Red Hat CSP Download</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/ansible_collections_jcliff/main/">JCliff</a></li>
</ul>
@ -240,6 +236,27 @@ To check whether it is installed, run <code class="code docutils literal notrans
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-bind_credential_update_mode"></div>
<p class="ansible-option-title"><strong>bind_credential_update_mode</strong></p>
<a class="ansibleOptionLink" href="#parameter-bind_credential_update_mode" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>The value of the config parameter <code class="ansible-option literal notranslate"><strong><a class="reference internal" href="#parameter-config/bindCredential"><span class="std std-ref"><span class="pre">config.bindCredential</span></span></a></strong></code> is redacted in the Keycloak responses. Comparing the redacted value with the desired value always evaluates to not equal. This means the before and desired states are never equal if the parameter is set.</p>
<p>Set to <code class="ansible-value literal notranslate">always</code> to include <code class="ansible-option literal notranslate"><strong><a class="reference internal" href="#parameter-config/bindCredential"><span class="std std-ref"><span class="pre">config.bindCredential</span></span></a></strong></code> in the comparison of before and desired state. Because of the redacted value returned by Keycloak the module will always detect a change and make an update if a <code class="ansible-option literal notranslate"><strong><a class="reference internal" href="#parameter-config/bindCredential"><span class="std std-ref"><span class="pre">config.bindCredential</span></span></a></strong></code> value is set.</p>
<p>Set to <code class="ansible-value literal notranslate">only_indirect</code> to exclude <code class="ansible-option literal notranslate"><strong><a class="reference internal" href="#parameter-config/bindCredential"><span class="std std-ref"><span class="pre">config.bindCredential</span></span></a></strong></code> when comparing the before state with the desired state. The value of <code class="ansible-option literal notranslate"><strong><a class="reference internal" href="#parameter-config/bindCredential"><span class="std std-ref"><span class="pre">config.bindCredential</span></span></a></strong></code> will only be updated if there are other changes to the user federation that require an update.</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
<ul class="simple">
<li><p><code class="ansible-value literal notranslate ansible-option-default-bold"><strong>&#34;always&#34;</strong></code> <span class="ansible-option-choices-default-mark">← (default)</span></p></li>
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">&#34;only_indirect&#34;</code></p></li>
</ul>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config"></div>
<p class="ansible-option-title"><strong>config</strong></p>
@ -249,11 +266,11 @@ To check whether it is installed, run <code class="code docutils literal notrans
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Dict specifying the configuration options for the provider; the contents differ depending on the value of <em>provider_id</em>. Examples are given below for <code class='docutils literal notranslate'>ldap</code>, <code class='docutils literal notranslate'>kerberos</code> and <code class='docutils literal notranslate'>sssd</code>. It is easiest to obtain valid config values by dumping an already-existing user federation configuration through check-mode in the <em>existing</em> field.</p>
<p>The value <code class='docutils literal notranslate'>sssd</code> has been supported since middleware_automation.keycloak 1.0.0.</p>
<p>Dict specifying the configuration options for the provider; the contents differ depending on the value of <code class="ansible-option literal notranslate"><strong><a class="reference internal" href="#parameter-provider_id"><span class="std std-ref"><span class="pre">provider_id</span></span></a></strong></code>. Examples are given below for <code class="ansible-value literal notranslate">ldap</code>, <code class="ansible-value literal notranslate">kerberos</code> and <code class="ansible-value literal notranslate">sssd</code>. It is easiest to obtain valid config values by dumping an already-existing user federation configuration through check-mode in the <code class="ansible-return-value literal notranslate"><a class="reference internal" href="#return-existing"><span class="std std-ref"><span class="pre">existing</span></span></a></code> field.</p>
<p>The value <code class="ansible-value literal notranslate">sssd</code> has been supported since middleware_automation.keycloak 2.0.0.</p>
</div></td>
</tr>
<tr class="row-odd">
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/allowKerberosAuthentication"></div>
<p class="ansible-option-title"><strong>allowKerberosAuthentication</strong></p>
@ -272,7 +289,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</div></td>
</tr>
<tr class="row-even">
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/allowPasswordAuthentication"></div>
<p class="ansible-option-title"><strong>allowPasswordAuthentication</strong></p>
@ -291,7 +308,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</div></td>
</tr>
<tr class="row-odd">
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/authType"></div>
<p class="ansible-option-title"><strong>authType</strong></p>
@ -310,7 +327,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</div></td>
</tr>
<tr class="row-even">
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/batchSizeForSync"></div>
<p class="ansible-option-title"><strong>batchSizeForSync</strong></p>
@ -324,7 +341,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">1000</code></p>
</div></td>
</tr>
<tr class="row-odd">
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/bindCredential"></div>
<p class="ansible-option-title"><strong>bindCredential</strong></p>
@ -337,7 +354,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p>Password of LDAP admin.</p>
</div></td>
</tr>
<tr class="row-even">
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/bindDn"></div>
<p class="ansible-option-title"><strong>bindDn</strong></p>
@ -350,7 +367,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p>DN of LDAP user which will be used by Keycloak to access LDAP server.</p>
</div></td>
</tr>
<tr class="row-odd">
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/cachePolicy"></div>
<p class="ansible-option-title"><strong>cachePolicy</strong></p>
@ -372,7 +389,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</div></td>
</tr>
<tr class="row-even">
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/changedSyncPeriod"></div>
<p class="ansible-option-title"><strong>changedSyncPeriod</strong></p>
@ -386,7 +403,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">-1</code></p>
</div></td>
</tr>
<tr class="row-odd">
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/connectionPooling"></div>
<p class="ansible-option-title"><strong>connectionPooling</strong></p>
@ -405,7 +422,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</div></td>
</tr>
<tr class="row-even">
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/connectionPoolingAuthentication"></div>
<p class="ansible-option-title"><strong>connectionPoolingAuthentication</strong></p>
@ -425,7 +442,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</div></td>
</tr>
<tr class="row-odd">
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/connectionPoolingDebug"></div>
<p class="ansible-option-title"><strong>connectionPoolingDebug</strong></p>
@ -435,10 +452,10 @@ To check whether it is installed, run <code class="code docutils literal notrans
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>A string that indicates the level of debug output to produce. Example valid values are <code class='docutils literal notranslate'>fine</code> (trace connection creation and removal) and <code class='docutils literal notranslate'>all</code> (all debugging information).</p>
<p>A string that indicates the level of debug output to produce. Example valid values are <code class="ansible-value literal notranslate">fine</code> (trace connection creation and removal) and <code class="ansible-value literal notranslate">all</code> (all debugging information).</p>
</div></td>
</tr>
<tr class="row-even">
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/connectionPoolingInitSize"></div>
<p class="ansible-option-title"><strong>connectionPoolingInitSize</strong></p>
@ -451,7 +468,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p>The number of connections per connection identity to create when initially creating a connection for the identity.</p>
</div></td>
</tr>
<tr class="row-odd">
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/connectionPoolingMaxSize"></div>
<p class="ansible-option-title"><strong>connectionPoolingMaxSize</strong></p>
@ -464,7 +481,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p>The maximum number of connections per connection identity that can be maintained concurrently.</p>
</div></td>
</tr>
<tr class="row-even">
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/connectionPoolingPrefSize"></div>
<p class="ansible-option-title"><strong>connectionPoolingPrefSize</strong></p>
@ -477,7 +494,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p>The preferred number of connections per connection identity that should be maintained concurrently.</p>
</div></td>
</tr>
<tr class="row-odd">
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/connectionPoolingProtocol"></div>
<p class="ansible-option-title"><strong>connectionPoolingProtocol</strong></p>
@ -487,10 +504,10 @@ To check whether it is installed, run <code class="code docutils literal notrans
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>A list of space-separated protocol types of connections that may be pooled. Valid types are <code class='docutils literal notranslate'>plain</code> and <code class='docutils literal notranslate'>ssl</code>.</p>
<p>A list of space-separated protocol types of connections that may be pooled. Valid types are <code class="ansible-value literal notranslate">plain</code> and <code class="ansible-value literal notranslate">ssl</code>.</p>
</div></td>
</tr>
<tr class="row-even">
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/connectionPoolingTimeout"></div>
<p class="ansible-option-title"><strong>connectionPoolingTimeout</strong></p>
@ -503,7 +520,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p>The number of milliseconds that an idle connection may remain in the pool without being closed and removed from the pool.</p>
</div></td>
</tr>
<tr class="row-odd">
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/connectionTimeout"></div>
<p class="ansible-option-title"><strong>connectionTimeout</strong></p>
@ -516,7 +533,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p>LDAP Connection Timeout in milliseconds.</p>
</div></td>
</tr>
<tr class="row-even">
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/connectionUrl"></div>
<p class="ansible-option-title"><strong>connectionUrl</strong></p>
@ -529,7 +546,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p>Connection URL to your LDAP server.</p>
</div></td>
</tr>
<tr class="row-odd">
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/customUserSearchFilter"></div>
<p class="ansible-option-title"><strong>customUserSearchFilter</strong></p>
@ -542,7 +559,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p>Additional LDAP Filter for filtering searched users. Leave this empty if you don&#x27;t need additional filter.</p>
</div></td>
</tr>
<tr class="row-even">
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/debug"></div>
<p class="ansible-option-title"><strong>debug</strong></p>
@ -561,7 +578,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</div></td>
</tr>
<tr class="row-odd">
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/editMode"></div>
<p class="ansible-option-title"><strong>editMode</strong></p>
@ -571,7 +588,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p><code class='docutils literal notranslate'>READ_ONLY</code> is a read-only LDAP store. <code class='docutils literal notranslate'>WRITABLE</code> means data will be synced back to LDAP on demand. <code class='docutils literal notranslate'>UNSYNCED</code> means user data will be imported, but not synced back to LDAP.</p>
<p><code class="ansible-value literal notranslate">READ_ONLY</code> is a read-only LDAP store. <code class="ansible-value literal notranslate">WRITABLE</code> means data will be synced back to LDAP on demand. <code class="ansible-value literal notranslate">UNSYNCED</code> means user data will be imported, but not synced back to LDAP.</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
<ul class="simple">
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">&#34;READ_ONLY&#34;</code></p></li>
@ -581,7 +598,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</div></td>
</tr>
<tr class="row-even">
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/enabled"></div>
<p class="ansible-option-title"><strong>enabled</strong></p>
@ -600,7 +617,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</div></td>
</tr>
<tr class="row-odd">
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/evictionDay"></div>
<p class="ansible-option-title"><strong>evictionDay</strong></p>
@ -613,7 +630,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p>Day of the week the entry will become invalid on.</p>
</div></td>
</tr>
<tr class="row-even">
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/evictionHour"></div>
<p class="ansible-option-title"><strong>evictionHour</strong></p>
@ -626,7 +643,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p>Hour of day the entry will become invalid on.</p>
</div></td>
</tr>
<tr class="row-odd">
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/evictionMinute"></div>
<p class="ansible-option-title"><strong>evictionMinute</strong></p>
@ -639,7 +656,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p>Minute of day the entry will become invalid on.</p>
</div></td>
</tr>
<tr class="row-even">
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/fullSyncPeriod"></div>
<p class="ansible-option-title"><strong>fullSyncPeriod</strong></p>
@ -653,7 +670,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">-1</code></p>
</div></td>
</tr>
<tr class="row-odd">
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/importEnabled"></div>
<p class="ansible-option-title"><strong>importEnabled</strong></p>
@ -663,7 +680,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>If <code class='docutils literal notranslate'>true</code>, LDAP users will be imported into Keycloak DB and synced by the configured sync policies.</p>
<p>If <code class="ansible-value literal notranslate">true</code>, LDAP users will be imported into Keycloak DB and synced by the configured sync policies.</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
<ul class="simple">
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">false</code></p></li>
@ -672,7 +689,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</div></td>
</tr>
<tr class="row-even">
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/kerberosRealm"></div>
<p class="ansible-option-title"><strong>kerberosRealm</strong></p>
@ -685,7 +702,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p>Name of kerberos realm.</p>
</div></td>
</tr>
<tr class="row-odd">
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/keyTab"></div>
<p class="ansible-option-title"><strong>keyTab</strong></p>
@ -695,7 +712,20 @@ To check whether it is installed, run <code class="code docutils literal notrans
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>Location of Kerberos KeyTab file containing the credentials of server principal. For example <code class='docutils literal notranslate'>/etc/krb5.keytab</code>.</p>
<p>Location of Kerberos KeyTab file containing the credentials of server principal. For example <code class="ansible-value literal notranslate">/etc/krb5.keytab</code>.</p>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/krbPrincipalAttribute"></div>
<p class="ansible-option-title"><strong>krbPrincipalAttribute</strong></p>
<a class="ansibleOptionLink" href="#parameter-config/krbPrincipalAttribute" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>Name of the LDAP attribute, which refers to Kerberos principal. This is used to lookup appropriate LDAP user after successful Kerberos/SPNEGO authentication in Keycloak. When this is empty, the LDAP user will be looked based on LDAP username corresponding to the first part of his Kerberos principal. For instance, for principal <code class='docutils literal notranslate'>john@KEYCLOAK.ORG</code>, it will assume that LDAP username is <code class="ansible-value literal notranslate">john</code>.</p>
</div></td>
</tr>
<tr class="row-even">
@ -754,7 +784,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>Name of LDAP attribute, which is used as RDN (top attribute) of typical user DN. Usually it&#x27;s the same as Username LDAP attribute, however it is not required. For example for Active directory, it is common to use <code class='docutils literal notranslate'>cn</code> as RDN attribute when username attribute might be <code class='docutils literal notranslate'>sAMAccountName</code>.</p>
<p>Name of LDAP attribute, which is used as RDN (top attribute) of typical user DN. Usually it&#x27;s the same as Username LDAP attribute, however it is not required. For example for Active directory, it is common to use <code class="ansible-value literal notranslate">cn</code> as RDN attribute when username attribute might be <code class="ansible-value literal notranslate">sAMAccountName</code>.</p>
</div></td>
</tr>
<tr class="row-even">
@ -771,6 +801,25 @@ To check whether it is installed, run <code class="code docutils literal notrans
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/referral"></div>
<p class="ansible-option-title"><strong>referral</strong></p>
<a class="ansibleOptionLink" href="#parameter-config/referral" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">string</span>
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>Specifies if LDAP referrals should be followed or ignored. Please note that enabling referrals can slow down authentication as it allows the LDAP server to decide which other LDAP servers to use. This could potentially include untrusted servers.</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
<ul class="simple">
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">&#34;ignore&#34;</code></p></li>
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">&#34;follow&#34;</code></p></li>
</ul>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/searchScope"></div>
<p class="ansible-option-title"><strong>searchScope</strong></p>
@ -789,7 +838,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</div></td>
</tr>
<tr class="row-even">
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/serverPrincipal"></div>
<p class="ansible-option-title"><strong>serverPrincipal</strong></p>
@ -799,10 +848,10 @@ To check whether it is installed, run <code class="code docutils literal notrans
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>Full name of server principal for HTTP service including server and domain name. For example <code class='docutils literal notranslate'>HTTP/host.foo.org@FOO.ORG</code>. Use <code class='docutils literal notranslate'>*</code> to accept any service principal in the KeyTab file.</p>
<p>Full name of server principal for HTTP service including server and domain name. For example <code class="ansible-value literal notranslate">HTTP/host.foo.org@FOO.ORG</code>. Use <code class="ansible-value literal notranslate">*</code> to accept any service principal in the KeyTab file.</p>
</div></td>
</tr>
<tr class="row-odd">
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/startTls"></div>
<p class="ansible-option-title"><strong>startTls</strong></p>
@ -821,7 +870,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</div></td>
</tr>
<tr class="row-even">
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/syncRegistrations"></div>
<p class="ansible-option-title"><strong>syncRegistrations</strong></p>
@ -840,7 +889,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</div></td>
</tr>
<tr class="row-odd">
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/trustEmail"></div>
<p class="ansible-option-title"><strong>trustEmail</strong></p>
@ -859,7 +908,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</div></td>
</tr>
<tr class="row-even">
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/updateProfileFirstLogin"></div>
<p class="ansible-option-title"><strong>updateProfileFirstLogin</strong></p>
@ -878,7 +927,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</div></td>
</tr>
<tr class="row-odd">
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/useKerberosForPasswordAuthentication"></div>
<p class="ansible-option-title"><strong>useKerberosForPasswordAuthentication</strong></p>
@ -897,7 +946,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</div></td>
</tr>
<tr class="row-even">
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/usePasswordModifyExtendedOp"></div>
<p class="ansible-option-title"><strong>usePasswordModifyExtendedOp</strong></p>
@ -916,7 +965,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</div></td>
</tr>
<tr class="row-odd">
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/usernameLDAPAttribute"></div>
<p class="ansible-option-title"><strong>usernameLDAPAttribute</strong></p>
@ -926,10 +975,10 @@ To check whether it is installed, run <code class="code docutils literal notrans
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>Name of LDAP attribute, which is mapped as Keycloak username. For many LDAP server vendors it can be <code class='docutils literal notranslate'>uid</code>. For Active directory it can be <code class='docutils literal notranslate'>sAMAccountName</code> or <code class='docutils literal notranslate'>cn</code>. The attribute should be filled for all LDAP user records you want to import from LDAP to Keycloak.</p>
<p>Name of LDAP attribute, which is mapped as Keycloak username. For many LDAP server vendors it can be <code class="ansible-value literal notranslate">uid</code>. For Active directory it can be <code class="ansible-value literal notranslate">sAMAccountName</code> or <code class="ansible-value literal notranslate">cn</code>. The attribute should be filled for all LDAP user records you want to import from LDAP to Keycloak.</p>
</div></td>
</tr>
<tr class="row-even">
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/userObjectClasses"></div>
<p class="ansible-option-title"><strong>userObjectClasses</strong></p>
@ -939,10 +988,10 @@ To check whether it is installed, run <code class="code docutils literal notrans
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>All values of LDAP objectClass attribute for users in LDAP divided by comma. For example <code class='docutils literal notranslate'>inetOrgPerson, organizationalPerson</code>. Newly created Keycloak users will be written to LDAP with all those object classes and existing LDAP user records are found just if they contain all those object classes.</p>
<p>All values of LDAP objectClass attribute for users in LDAP divided by comma. For example <code class="ansible-value literal notranslate">inetOrgPerson, organizationalPerson</code>. Newly created Keycloak users will be written to LDAP with all those object classes and existing LDAP user records are found just if they contain all those object classes.</p>
</div></td>
</tr>
<tr class="row-odd">
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/usersDn"></div>
<p class="ansible-option-title"><strong>usersDn</strong></p>
@ -955,7 +1004,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p>Full DN of LDAP tree where your users are. This DN is the parent of LDAP users.</p>
</div></td>
</tr>
<tr class="row-even">
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/useTruststoreSpi"></div>
<p class="ansible-option-title"><strong>useTruststoreSpi</strong></p>
@ -965,7 +1014,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>Specifies whether LDAP connection will use the truststore SPI with the truststore configured in standalone.xml/domain.xml. <code class='docutils literal notranslate'>Always</code> means that it will always use it. <code class='docutils literal notranslate'>Never</code> means that it will not use it. <code class='docutils literal notranslate'>Only for ldaps</code> means that it will use if your connection URL use ldaps. Note even if standalone.xml/domain.xml is not configured, the default Java cacerts or certificate specified by <code class='docutils literal notranslate'>javax.net.ssl.trustStore</code> property will be used.</p>
<p>Specifies whether LDAP connection will use the truststore SPI with the truststore configured in standalone.xml/domain.xml. <code class="ansible-value literal notranslate">always</code> means that it will always use it. <code class="ansible-value literal notranslate">never</code> means that it will not use it. <code class="ansible-value literal notranslate">ldapsOnly</code> means that it will use if your connection URL use ldaps. Note even if standalone.xml/domain.xml is not configured, the default Java cacerts or certificate specified by <code class='docutils literal notranslate'>javax.net.ssl.trustStore</code> property will be used.</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
<ul class="simple">
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">&#34;always&#34;</code></p></li>
@ -975,7 +1024,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</div></td>
</tr>
<tr class="row-odd">
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/uuidLDAPAttribute"></div>
<p class="ansible-option-title"><strong>uuidLDAPAttribute</strong></p>
@ -985,10 +1034,10 @@ To check whether it is installed, run <code class="code docutils literal notrans
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>Name of LDAP attribute, which is used as unique object identifier (UUID) for objects in LDAP. For many LDAP server vendors, it is <code class='docutils literal notranslate'>entryUUID</code>; however some are different. For example for Active directory it should be <code class='docutils literal notranslate'>objectGUID</code>. If your LDAP server does not support the notion of UUID, you can use any other attribute that is supposed to be unique among LDAP users in tree.</p>
<p>Name of LDAP attribute, which is used as unique object identifier (UUID) for objects in LDAP. For many LDAP server vendors, it is <code class="ansible-value literal notranslate">entryUUID</code>; however some are different. For example for Active directory it should be <code class="ansible-value literal notranslate">objectGUID</code>. If your LDAP server does not support the notion of UUID, you can use any other attribute that is supposed to be unique among LDAP users in tree.</p>
</div></td>
</tr>
<tr class="row-even">
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/validatePasswordPolicy"></div>
<p class="ansible-option-title"><strong>validatePasswordPolicy</strong></p>
@ -1007,7 +1056,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</div></td>
</tr>
<tr class="row-odd">
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-config/vendor"></div>
<p class="ansible-option-title"><strong>vendor</strong></p>
@ -1018,11 +1067,11 @@ To check whether it is installed, run <code class="code docutils literal notrans
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>LDAP vendor (provider).</p>
<p>Use short name. For instance, write <code class='docutils literal notranslate'>rhds</code> for "Red Hat Directory Server".</p>
<p>Use short name. For instance, write <code class="ansible-value literal notranslate">rhds</code> for "Red Hat Directory Server".</p>
</div></td>
</tr>
<tr class="row-even">
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-connection_timeout"></div>
<p class="ansible-option-title"><strong>connection_timeout</strong></p>
@ -1037,7 +1086,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">10</code></p>
</div></td>
</tr>
<tr class="row-odd">
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-http_agent"></div>
<p class="ansible-option-title"><strong>http_agent</strong></p>
@ -1052,7 +1101,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">&#34;Ansible&#34;</code></p>
</div></td>
</tr>
<tr class="row-even">
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-id"></div>
<p class="ansible-option-title"><strong>id</strong></p>
@ -1062,10 +1111,10 @@ To check whether it is installed, run <code class="code docutils literal notrans
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>The unique ID for this user federation. If left empty, the user federation will be searched by its <em>name</em>.</p>
<p>The unique ID for this user federation. If left empty, the user federation will be searched by its <code class="ansible-option literal notranslate"><strong><a class="reference internal" href="#parameter-name"><span class="std std-ref"><span class="pre">name</span></span></a></strong></code>.</p>
</div></td>
</tr>
<tr class="row-odd">
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-mappers"></div>
<p class="ansible-option-title"><strong>mappers</strong></p>
@ -1079,7 +1128,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p>A list of dicts defining mappers associated with this Identity Provider.</p>
</div></td>
</tr>
<tr class="row-even">
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-mappers/config"></div>
<p class="ansible-option-title"><strong>config</strong></p>
@ -1092,7 +1141,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p>Dict specifying the configuration options for the mapper; the contents differ depending on the value of <em>identityProviderMapper</em>.</p>
</div></td>
</tr>
<tr class="row-odd">
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-mappers/id"></div>
<p class="ansible-option-title"><strong>id</strong></p>
@ -1105,7 +1154,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p>Unique ID of this mapper.</p>
</div></td>
</tr>
<tr class="row-even">
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-mappers/name"></div>
<p class="ansible-option-title"><strong>name</strong></p>
@ -1118,7 +1167,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p>Name of the mapper. If no ID is given, the mapper will be searched by name.</p>
</div></td>
</tr>
<tr class="row-odd">
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-mappers/parentId"></div>
<p class="ansible-option-title"><strong>parentId</strong></p>
@ -1131,7 +1180,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p>Unique ID for the parent of this mapper. ID of the user federation will automatically be used if left blank.</p>
</div></td>
</tr>
<tr class="row-even">
<tr class="row-odd">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-mappers/providerId"></div>
<p class="ansible-option-title"><strong>providerId</strong></p>
@ -1141,10 +1190,10 @@ To check whether it is installed, run <code class="code docutils literal notrans
</p>
</div></td>
<td><div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">
<p>The mapper type for this mapper (for instance <code class='docutils literal notranslate'>user-attribute-ldap-mapper</code>).</p>
<p>The mapper type for this mapper (for instance <code class="ansible-value literal notranslate">user-attribute-ldap-mapper</code>).</p>
</div></td>
</tr>
<tr class="row-odd">
<tr class="row-even">
<td><div class="ansible-option-indent"></div><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-mappers/providerType"></div>
<p class="ansible-option-title"><strong>providerType</strong></p>
@ -1159,7 +1208,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
</div></td>
</tr>
<tr class="row-even">
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-name"></div>
<p class="ansible-option-title"><strong>name</strong></p>
@ -1172,7 +1221,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p>Display name of provider when linked in admin console.</p>
</div></td>
</tr>
<tr class="row-odd">
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-parent_id"></div>
<div class="ansibleOptionAnchor" id="parameter-parentId"></div>
@ -1187,7 +1236,7 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p>Unique ID for the parent of this user federation. Realm ID will be automatically used if left blank.</p>
</div></td>
</tr>
<tr class="row-even">
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-provider_id"></div>
<div class="ansibleOptionAnchor" id="parameter-providerId"></div>
@ -1199,17 +1248,10 @@ To check whether it is installed, run <code class="code docutils literal notrans
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Provider for this user federation.</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
<ul class="simple">
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">&#34;ldap&#34;</code></p></li>
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">&#34;kerberos&#34;</code></p></li>
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">&#34;sssd&#34;</code></p></li>
</ul>
<p>Provider for this user federation. Built-in providers are <code class="ansible-value literal notranslate">ldap</code>, <code class="ansible-value literal notranslate">kerberos</code>, and <code class="ansible-value literal notranslate">sssd</code>. Custom user storage providers can also be used.</p>
</div></td>
</tr>
<tr class="row-odd">
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-provider_type"></div>
<div class="ansibleOptionAnchor" id="parameter-providerType"></div>
@ -1221,11 +1263,11 @@ To check whether it is installed, run <code class="code docutils literal notrans
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Component type for user federation (only supported value is <code class='docutils literal notranslate'>org.keycloak.storage.UserStorageProvider</code>).</p>
<p>Component type for user federation (only supported value is <code class="ansible-value literal notranslate">org.keycloak.storage.UserStorageProvider</code>).</p>
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">&#34;org.keycloak.storage.UserStorageProvider&#34;</code></p>
</div></td>
</tr>
<tr class="row-even">
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-realm"></div>
<p class="ansible-option-title"><strong>realm</strong></p>
@ -1239,6 +1281,26 @@ To check whether it is installed, run <code class="code docutils literal notrans
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-value literal notranslate ansible-option-default">&#34;master&#34;</code></p>
</div></td>
</tr>
<tr class="row-even">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-remove_unspecified_mappers"></div>
<p class="ansible-option-title"><strong>remove_unspecified_mappers</strong></p>
<a class="ansibleOptionLink" href="#parameter-remove_unspecified_mappers" title="Permalink to this option"></a>
<p class="ansible-option-type-line">
<span class="ansible-option-type">boolean</span>
</p>
</div></td>
<td><div class="ansible-option-cell">
<p>Remove mappers that are not specified in the configuration for this federation.</p>
<p>Set to <code class="ansible-value literal notranslate">false</code> to keep mappers that are not listed in <code class="ansible-option literal notranslate"><strong><a class="reference internal" href="#parameter-mappers"><span class="std std-ref"><span class="pre">mappers</span></span></a></strong></code>.</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
<ul class="simple">
<li><p><code class="ansible-value literal notranslate ansible-option-choices-entry">false</code></p></li>
<li><p><code class="ansible-value literal notranslate ansible-option-default-bold"><strong>true</strong></code> <span class="ansible-option-choices-default-mark">← (default)</span></p></li>
</ul>
</div></td>
</tr>
<tr class="row-odd">
<td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-state"></div>
@ -1250,8 +1312,8 @@ To check whether it is installed, run <code class="code docutils literal notrans
</div></td>
<td><div class="ansible-option-cell">
<p>State of the user federation.</p>
<p>On <code class='docutils literal notranslate'>present</code>, the user federation will be created if it does not yet exist, or updated with the parameters you provide.</p>
<p>On <code class='docutils literal notranslate'>absent</code>, the user federation will be removed if it exists.</p>
<p>On <code class="ansible-value literal notranslate">present</code>, the user federation will be created if it does not yet exist, or updated with the parameters you provide.</p>
<p>On <code class="ansible-value literal notranslate">absent</code>, the user federation will be removed if it exists.</p>
<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
<ul class="simple">
<li><p><code class="ansible-value literal notranslate ansible-option-default-bold"><strong>&#34;present&#34;</strong></code> <span class="ansible-option-choices-default-mark">← (default)</span></p></li>
@ -1385,14 +1447,14 @@ To check whether it is installed, run <code class="code docutils literal notrans
<span class="w"> </span><span class="nt">provider_id</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">kerberos</span>
<span class="w"> </span><span class="nt">provider_type</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">org.keycloak.storage.UserStorageProvider</span>
<span class="w"> </span><span class="nt">config</span><span class="p">:</span>
<span class="w"> </span><span class="nt">priority</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">0</span>
<span class="w"> </span><span class="nt">enabled</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
<span class="w"> </span><span class="nt">cachePolicy</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">DEFAULT</span>
<span class="w"> </span><span class="nt">kerberosRealm</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">EXAMPLE.COM</span>
<span class="w"> </span><span class="nt">serverPrincipal</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">HTTP/host.example.com@EXAMPLE.COM</span>
<span class="w"> </span><span class="nt">keyTab</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">keytab</span>
<span class="w"> </span><span class="nt">allowPasswordAuthentication</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">false</span>
<span class="w"> </span><span class="nt">updateProfileFirstLogin</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">false</span>
<span class="w"> </span><span class="nt">priority</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">0</span>
<span class="w"> </span><span class="nt">enabled</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
<span class="w"> </span><span class="nt">cachePolicy</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">DEFAULT</span>
<span class="w"> </span><span class="nt">kerberosRealm</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">EXAMPLE.COM</span>
<span class="w"> </span><span class="nt">serverPrincipal</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">HTTP/host.example.com@EXAMPLE.COM</span>
<span class="w"> </span><span class="nt">keyTab</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">keytab</span>
<span class="w"> </span><span class="nt">allowPasswordAuthentication</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">false</span>
<span class="w"> </span><span class="nt">updateProfileFirstLogin</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">false</span>
<span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Create sssd user federation</span>
<span class="w"> </span><span class="nt">middleware_automation.keycloak.keycloak_user_federation</span><span class="p">:</span>