ansible-keycloak/roles/keycloak_realm/tasks/manage_user.yml

---
- name: "Check if User Already Exists"
  ansible.builtin.uri:
    url: "{{ keycloak_url }}/auth/admin/realms/{{ keycloak_realm }}/users?username={{ user.username }}"
    validate_certs: no
    headers:
      Authorization: "Bearer {{ keycloak_auth_response.json.access_token }}"
  register: keycloak_user_search_result

- name: "Create User"
  ansible.builtin.uri:
    url: "{{ keycloak_url }}/auth/admin/realms/{{ keycloak_realm }}/users"
    method: POST
    body:
      enabled: true
      attributes: "{{ user.attributes | default(omit) }}"
      username: "{{ user.username }}"
      email: "{{ user.email | default(omit) }}"
      firstName: "{{ user.firstName | default(omit) }}"
      lastName: "{{ user.lastName | default(omit) }}"
    validate_certs: no
    body_format: json
    headers:
      Authorization: "Bearer {{ keycloak_auth_response.json.access_token }}"
    status_code: 201
  when: keycloak_user_search_result.json | length == 0

- name: "Get User"
  ansible.builtin.uri:
    url: "{{ keycloak_url }}/auth/admin/realms/{{ keycloak_realm }}/users?username={{ user.username }}"
    validate_certs: no
    headers:
      Authorization: "Bearer {{ keycloak_auth_response.json.access_token }}"
  register: keycloak_user

- name: "Update User Password"
  ansible.builtin.uri:
    url: "{{ keycloak_url }}/auth/admin/realms/{{ keycloak_realm }}/users/{{ (keycloak_user.json | first).id }}/reset-password"
    method: PUT
    body:
      type: password
      temporary: false
      value: "{{ user.password }}"
    validate_certs: no
    body_format: json
    status_code:
      - 200
      - 204
    headers:
      Authorization: "Bearer {{ keycloak_auth_response.json.access_token }}"
  register: keycloak_user
Add base role and playbook, molecule configuration 2021-12-14 10:26:42 +00:00			`---`
			`- name: "Check if User Already Exists"`
fix: use FQCN 2022-02-24 14:00:10 +00:00			`ansible.builtin.uri:`
Add base role and playbook, molecule configuration 2021-12-14 10:26:42 +00:00			`url: "{{ keycloak_url }}/auth/admin/realms/{{ keycloak_realm }}/users?username={{ user.username }}"`
			`validate_certs: no`
			`headers:`
			`Authorization: "Bearer {{ keycloak_auth_response.json.access_token }}"`
Extract new keycloak_realm role out of keycloak 2021-12-22 09:05:48 +00:00			`register: keycloak_user_search_result`
Add base role and playbook, molecule configuration 2021-12-14 10:26:42 +00:00
			`- name: "Create User"`
fix: use FQCN 2022-02-24 14:00:10 +00:00			`ansible.builtin.uri:`
Add base role and playbook, molecule configuration 2021-12-14 10:26:42 +00:00			`url: "{{ keycloak_url }}/auth/admin/realms/{{ keycloak_realm }}/users"`
			`method: POST`
			`body:`
			`enabled: true`
			`attributes: "{{ user.attributes \| default(omit) }}"`
			`username: "{{ user.username }}"`
			`email: "{{ user.email \| default(omit) }}"`
			`firstName: "{{ user.firstName \| default(omit) }}"`
			`lastName: "{{ user.lastName \| default(omit) }}"`
			`validate_certs: no`
			`body_format: json`
			`headers:`
			`Authorization: "Bearer {{ keycloak_auth_response.json.access_token }}"`
			`status_code: 201`
Extract new keycloak_realm role out of keycloak 2021-12-22 09:05:48 +00:00			`when: keycloak_user_search_result.json \| length == 0`
Add base role and playbook, molecule configuration 2021-12-14 10:26:42 +00:00
			`- name: "Get User"`
fix: use FQCN 2022-02-24 14:00:10 +00:00			`ansible.builtin.uri:`
Add base role and playbook, molecule configuration 2021-12-14 10:26:42 +00:00			`url: "{{ keycloak_url }}/auth/admin/realms/{{ keycloak_realm }}/users?username={{ user.username }}"`
			`validate_certs: no`
			`headers:`
			`Authorization: "Bearer {{ keycloak_auth_response.json.access_token }}"`
			`register: keycloak_user`

			`- name: "Update User Password"`
fix: use FQCN 2022-02-24 14:00:10 +00:00			`ansible.builtin.uri:`
Add base role and playbook, molecule configuration 2021-12-14 10:26:42 +00:00			`url: "{{ keycloak_url }}/auth/admin/realms/{{ keycloak_realm }}/users/{{ (keycloak_user.json \| first).id }}/reset-password"`
			`method: PUT`
			`body:`
			`type: password`
			`temporary: false`
			`value: "{{ user.password }}"`
			`validate_certs: no`
			`body_format: json`
			`status_code:`
			`- 200`
			`- 204`
			`headers:`
			`Authorization: "Bearer {{ keycloak_auth_response.json.access_token }}"`
			`register: keycloak_user`