benschubert.infrastructure.authentik_propertymappings_scope module – Allows administration of Authentik scope propertymappings

Note

This module is part of the benschubert.infrastructure collection (version 0.0.1).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install benschubert.infrastructure.

To use it in a playbook, specify: benschubert.infrastructure.authentik_propertymappings_scope.

Synopsis

Parameters

Parameter

Comments

authentik_token

string / required

The token used to authenticate against the Authentik server

authentik_url

string / required

The URL at which to contact the Authentik server

ca_path

string

PEM formatted file that contains a CA certificate to be used for validation

scope

dictionary / required

The configuration for the specified group

description

string / required

Describe what this scope is for

expression

string / required

The actual implementation

name

string / required

The name of the scope as shown in Authentik

scope_name

string / required

The name of the scope as claimed by the client

state

string

Whether the entity should exist or not

Choices:

  • "present" ← (default)

  • "absent"

timeout

integer

The timeout to set when contacting the Authentik Server.

If your server is slow to respond, it might be necessary to bump this

Default: 10

validate_certs

boolean

If false, SSL certificates will not be validated.

This should only set to false used on personally controlled sites using self-signed certificates.

Choices:

  • false

  • true ← (default)

Examples

- name: Create a scope named 'nextcloud_quota'
  benschubert.infrastructure.authentik_propertymappings_scope:
    authentik_token: <my-secret-token>
    authentik_url: https://authentik.test/
    scope:
      name: Nextcloud quota
      scope_name: nextcloud_quota
      description: Scope representing available quota for Nextcloud usage
      expression: "return {'quota': user.group_attributes().get('nextcloud_quota', '10 GB')}"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

data

dictionary

The information returned by the Authentik API

Returned: always

Sample: {"description": "Scope representing available quota for Nextcloud usage", "expression": "return {'quota': user.group_attributes().get('nextcloud_quota', '10 GB')}", "name": "Nextcloud quota", "scope_name": "nextcloud_quota"}

Authors

  • Benjamin Schubert (@benjaminschubert)