--- - name: "Get Realm for role" ansible.builtin.uri: url: "{{ keycloak_url }}/auth/admin/realms/{{ client_role.realm }}" method: GET status_code: - 200 headers: Accept: "application/json" Authorization: "Bearer {{ keycloak_auth_response.json.access_token }}" register: client_role_realm - name: Check if Mapping is available ansible.builtin.uri: url: "{{ keycloak_url }}/auth/admin/realms/{{ client_role.realm }}/users/{{ (keycloak_user.json | first).id }}/role-mappings/clients/{{ (create_client_result.results | selectattr('end_state.clientId', 'equalto', client_role.client) | list | first).end_state.id }}/available" method: GET status_code: - 200 headers: Accept: "application/json" Authorization: "Bearer {{ keycloak_auth_response.json.access_token }}" register: client_role_user_available - name: "Create Role Mapping" ansible.builtin.uri: url: "{{ keycloak_url }}/auth/admin/realms/{{ client_role.realm }}/users/{{ (keycloak_user.json | first).id }}/role-mappings/clients/{{ (create_client_result.results | selectattr('end_state.clientId', 'equalto', client_role.client) | list | first).end_state.id }}" method: POST body: - id: "{{ item.id }}" clientRole: "{{ item.clientRole }}" containerId: "{{ item.containerId }}" name: "{{ item.name }}" composite: "{{ item.composite }}" validate_certs: False body_format: json headers: Authorization: "Bearer {{ keycloak_auth_response.json.access_token }}" status_code: 204 loop: "{{ client_role_user_available.json | flatten }}" when: item.name == client_role.role