zscaler.zpacloud.zpa_idp_controller_info module – Retrieves Identity Provider information.

Note

This module is part of the zscaler.zpacloud collection (version 1.3.1).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install zscaler.zpacloud. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: zscaler.zpacloud.zpa_idp_controller_info.

New in zscaler.zpacloud 1.0.0

Synopsis

  • This module will allow the retrieval of information about an Identity Provider (IdP) detail from the ZPA Cloud.

Requirements

The below requirements are needed on the host that executes this module.

Parameters

Parameter

Comments

client_id

string

The ZPA API client ID generated from the ZPA console.

client_secret

string

The ZPA API client secret generated from the ZPA console.

cloud

string

The ZPA cloud provisioned for your organization.

Choices:

  • "PRODUCTION"

  • "BETA"

  • "QA"

  • "QA2"

  • "GOV"

  • "GOVUS"

  • "PREVIEW"

  • "ZPATWO"

customer_id

string

The ZPA tenant ID found in the Administration Company menu in the ZPA console.

id

string

ID of the Identity Provider.

name

string

Name of the Identity Provider.

provider

dictionary

A dict object containing authentication details.

client_id

string

The ZPA API client ID generated from the ZPA console.

client_secret

string

The ZPA API client secret generated from the ZPA console.

cloud

string

The ZPA cloud provisioned for your organization.

Choices:

  • "PRODUCTION"

  • "BETA"

  • "QA"

  • "QA2"

  • "GOV"

  • "GOVUS"

  • "PREVIEW"

  • "ZPATWO"

customer_id

string

The ZPA tenant ID found in the Administration Company menu in the ZPA console.

state

string

The state of the module, which determines if the settings are to be applied.

Choices:

  • "gathered" ← (default)

Notes

Note

  • Check mode is not supported.

Examples

- name: Get Details of All IdP Controllers
  zscaler.zpacloud.zpa_idp_controller_facts:
    provider: "{{ zpa_cloud }}"

- name: Get Details of a Specific IdP Controller by Name
  zscaler.zpacloud.zpa_idp_controller_facts:
    provider: "{{ zpa_cloud }}"
    name: User_IdP_Name

- name: Get Details of a Specific IdP Controller by ID
  zscaler.zpacloud.zpa_idp_controller_facts:
    provider: "{{ zpa_cloud }}"
    id: "216196257331282583"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

idps

list / elements=dictionary

Details of the Identity Providers (IdPs).

Returned: always

certificates

list / elements=dictionary

A list of certificates associated with the Identity Provider.

Returned: always

certificate

string

The full certificate in PEM format.

Returned: always

Sample: "-----BEGIN CERTIFICATE-----\nMIIDqDCCApCgAwIBAgIGAYvHDvDlMA0GCSqGSIb3DQEBCwUAMIGUMQswCQYDVQQG\n...\n-----END CERTIFICATE-----\n"

cname

string

The common name (CN) of the certificate.

Returned: always

Sample: "dev-123456"

serial_no

string

The serial number of the certificate.

Returned: always

Sample: "1699851727077"

valid_from_in_sec

string

The start of the certificate validity period in epoch seconds.

Returned: always

Sample: "1699851667"

valid_to_in_sec

string

The end of the certificate validity period in epoch seconds.

Returned: always

Sample: "2015470926"

creation_time

string

The time when the Identity Provider was created, in epoch format.

Returned: always

Sample: "1651556913"

domain_list

list / elements=string

A list of domains associated with the Identity Provider.

Returned: always

Sample: ["acme.com"]

enabled

boolean

Indicates whether the Identity Provider is enabled.

Returned: always

Sample: true

id

string

The unique identifier of the Identity Provider.

Returned: always

Sample: "216199618143191058"

idp_entity_id

string

The entity ID of the Identity Provider.

Returned: always

Sample: "http://www.okta.com/exkd8q2goavjgTfyj5d7"

login_url

string

The login URL of the Identity Provider.

Returned: always

Sample: "https://dev-123456.okta.com/app/zscaler_private_access/exkd8q2goavjgTfyj5d7/sso/saml"

modified_by

string

The ID of the user who last modified the Identity Provider.

Returned: always

Sample: "123456789"

modified_time

string

The time when the Identity Provider was last modified, in epoch format.

Returned: always

Sample: "1720842468"

name

string

The name of the Identity Provider.

Returned: always

Sample: "Okta_Users"

scim_enabled

boolean

Indicates whether SCIM (System for Cross-domain Identity Management) is enabled.

Returned: always

Sample: true

scim_service_provider_endpoint

string

The SCIM service provider endpoint URL.

Returned: always

Sample: "https://scim1.private.zscaler.com/scim/1/123456789/v2"

scim_shared_secret_exists

boolean

Indicates whether the SCIM shared secret exists.

Returned: always

Sample: true

user_metadata

dictionary

Metadata related to the Identity Provider’s service provider.

Returned: always

certificate_url

string

The URL to download the Identity Provider’s certificate.

Returned: always

Sample: "https://samlsp.private.zscaler.com/auth/123456789/certificate"

sp_base_url

string

The base URL for the service provider.

Returned: always

Sample: "https://samlsp.private.zscaler.com/auth"

sp_entity_id

string

The service provider’s entity ID.

Returned: always

Sample: "https://samlsp.private.zscaler.com/auth/metadata/123456789"

sp_metadata_url

string

The URL to download the service provider’s metadata.

Returned: always

Sample: "https://samlsp.private.zscaler.com/auth/123456789/metadata"

sp_post_url

string

The URL for the service provider’s SSO POST binding.

Returned: always

Sample: "https://samlsp.private.zscaler.com/auth/123456789/sso"

Authors

  • William Guilherme (@willguibr)