--- - name: Read realms uri: url: "{{ keycloak_server_url }}/auth/admin/realms" method: GET headers: Authorization: "Bearer {{ access_token }}" status_code: [200] register: realms tags: - update_realms - name: Save realms as variable (fact) set_fact: realms_json: "{{ realms.json }}" tags: - update_realms - name: Read realm ids set_fact: realm_ids: "{{ realms_json | json_query(jmesquery) }}" vars: jmesquery: '[*].id' tags: - update_realms - name: Create realm {{ current_realm_name }} uri: url: "{{ keycloak_server_url }}/auth/admin/realms" method: POST body_format: json body: "{{ lookup('template','keycloak-realm-create.json.j2') }}" headers: Authorization: "Bearer {{ access_token }}" status_code: [201] when: current_realm_name not in realm_ids tags: - update_realms - name: Read clients from realm {{ current_realm_name }} uri: url: "{{ keycloak_server_url }}/auth/admin/realms/{{ current_realm_name }}/clients" method: GET headers: Authorization: "Bearer {{ access_token }}" status_code: [200] register: realm_clients tags: - update_realms - name: Save clients from realm as variable (fact) set_fact: realm_clients_json: "{{ realm_clients.json }}" tags: - update_realms - name: Save client ids from realm {{ current_realm_name }} set_fact: realm_client_ids: "{{ realm_clients_json | json_query(jmesquery) }}" vars: jmesquery: '[*].{id: id, clientId: clientId}' tags: - update_realms - name: Print client ids debug: msg: "{{ realm_client_ids }}" tags: - always when: - debug - name: Create clients from realm {{ current_realm_name }} include_tasks: configure_client.yml vars: realm_name: '{{ current_realm_name }}' client_id: '{{ client.clientId }}' client_name: '{{ client.name }}' admin_url: '{{ client.admin_url }}' root_url: '{{ client.root_url }}' redirect_uris: '{{ client.redirect_uris }}' secret: '{{ client.secret }}' web_origins: '{{ client.web_origins }}' access_token: '{{ keycloak_authentication.json.access_token }}' with_items: "{{ current_realm_clients }}" loop_control: loop_var: client tags: - update_realms