github.com/Venafi/vcert/v5@v5.10.2/examples/ansible/oauth2.Auth0_clientcredentials.yaml (about) 1 --- 2 - name: Authenticate to Auth0 OAuth2.0 provider using Client Credentials Flow. 3 hosts: localhost 4 vars: 5 # The value of these variables are specific to the Application that is being automated. 6 # Each application or team should have a separate IDP application integration with separate credentials. 7 # Reuse of the same IDP integration across the entire company is not advised due to the access 8 # the Venafi service account will need to be given inside the TLSPC platform. 9 idp_token_url: <Your Auth0 Token URL with https://> 10 idp_audience: <Your Audience value> 11 idp_client_id: <Your Client ID> 12 idp_client_secret: <Your Client Secret> 13 14 tasks: 15 - name: Authenticate to Auth0 16 ansible.builtin.uri: 17 url: '{{ idp_token_url }}' 18 method: POST 19 body_format: form-urlencoded 20 body: 21 - [ audience, '{{ idp_audience }}'] 22 - [ scope, certificates:request ] 23 - [ client_id, '{{ idp_client_id }}' ] 24 - [ client_secret, '{{ idp_client_secret }}' ] 25 - [ grant_type, client_credentials ] 26 status_code: 200 27 register: auth 28 29 - name: Execute VCert Playbook on WebApp Servers 30 #hosts: my_app_servers 31 hosts: <My inventory> 32 vars: 33 # The fully qualified path to the Vcert Playbook file is stored here. 34 # This should be the same for all hosts in the chosen inventory. 35 vcert_playbook_path: <Vcert Playbook Fully Qualified Path> 36 37 tasks: 38 - name : Execute VCert playbook with JWT. 39 shell: vcert run --file '{{ vcert_playbook_path }}' 40 environment: 41 TLSPC_EXTERNAL_JWT: '{{ auth.json.access_token }}' 42