auth_vpn_saml_server - VPN User SSO Resource

Added in version 1.0.0.

Synopsis

VPN User SSO Resource.

Use API “/resource-api/v2/auth/vpn-saml-server”.

Requirements

The below requirements are needed on the host that executes this module.

  • ansible>=2.17.0

Parameters

  • state The state of the module. "present" means update the resource. This resource can't be deleted, and does not support "absent" state.type: strchoices: ['present', 'absent']default: present
  • force_behavior Specify this option to force the method to use to interact with the resource.type: strchoices: ['none', 'read', 'create', 'update', 'delete']default: none
  • bypass_validation Bypass validation of the module.type: booldefault: False
  • params The parameters of the module.[Required]type: dict
    • primary_key [Required]type: str
    • enabled type: bool
    • idp_entity_id type: str
    • idp_sign_on_url type: str
    • idp_log_out_url type: str
    • username type: str
    • group_name type: str
    • group_id type: str
    • sp_cert type: dict
      • primary_key type: str
      • datasource type: str
    • idp_certificate type: dict
      • primary_key type: str
      • datasource type: str
    • digest_method type: strchoices: ['sha1', 'sha256']
    • entra_id_enabled type: bool
    • scim_enabled type: bool
    • domain_name type: str
    • application_id type: str

Examples

- name: Auth VPN SAML Server
  hosts: fortisase
  gather_facts: false
  vars:
    primary_key: "$sase-global"
  tasks:
    - name: Create/Update Auth VPN SAML Server with full configuration
      fortinet.fortisase.auth_vpn_saml_server:
        state: present
        params:
          primary_key: "{{ primary_key }}"
          enabled: true
          digest_method: "sha256"
          idp_entity_id: "https://sts.windows.net/example/"
          idp_sign_on_url: "https://login.microsoftonline.com/example/saml1"
          idp_log_out_url: "https://login.microsoftonline.com/example/saml1"
          idp_certificate:
            primary_key: "certificate"
            datasource: "system/certificate/remote-certificates"
          username: "example_username"
          group_name: "example_group_name"
          sp_cert:
            primary_key: "FortiSASE Default Certificate"
            datasource: "system/certificate/local-certificates"
          scim_enabled: false
          group_id: ""
          entra_id_enabled: false
    - name: Wait until the resource $meta.state is done
      fortinet.fortisase.fortisase_facts:
        selector: "auth_vpn_saml_server"
        params:
          primary_key: "{{ primary_key }}"
      register: result
      until: result.response[0]['$meta'].state == "done"
      retries: 20
      delay: 10
      failed_when: result.response[0]['$meta'].state != "done"

    - name: Delete Auth VPN SAML Server
      fortinet.fortisase.auth_vpn_saml_server:
        params:
          primary_key: "{{ primary_key }}"
          enabled: false
    - name: Wait until the resource $meta doesn't have state
      fortinet.fortisase.fortisase_facts:
        selector: "auth_vpn_saml_server"
        params:
          primary_key: "{{ primary_key }}"
      register: result
      until: result.response[0]['$meta']['state'] is not defined
      retries: 20
      delay: 10

Return Values

  • http_code type: intreturned: always
  • response type: rawreturned: always

Authors

  • Xinwei Du (@dux-fortinet)