From ae7656b8da89d4f3ff54fc946b613f5b2ba90d2d Mon Sep 17 00:00:00 2001
From: "patchback[bot]" <45432694+patchback[bot]@users.noreply.github.com>
Date: Sat, 6 Dec 2025 13:53:04 +0100
Subject: [PATCH] [PR #11256/a9540f93 backport][stable-12]
 keycloak_user_rolemapping: fix: failling to assign role to user (#11263)

keycloak_user_rolemapping: fix: failling to assign role to user (#11256)

* docs: clarify keycloak documentation example section with uid

* fix: allow assign role to user

* Add changelog frag

* Update changelogs/fragments/11256-fix-keycloak-roles-mapping.yml



---------



(cherry picked from commit a9540f93d2905db95703f17f4a312e799c0ba595)

Co-authored-by: Guillaume Dorschner <44686652+GuillaumeDorschner@users.noreply.github.com>
Co-authored-by: Guillaume Dorschner <guillaume.dorschner@thalesgroup.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
---
 changelogs/fragments/11256-fix-keycloak-roles-mapping.yml | 4 ++++
 plugins/modules/keycloak_user_rolemapping.py              | 8 +++++---
 2 files changed, 9 insertions(+), 3 deletions(-)
 create mode 100644 changelogs/fragments/11256-fix-keycloak-roles-mapping.yml

diff --git a/changelogs/fragments/11256-fix-keycloak-roles-mapping.yml b/changelogs/fragments/11256-fix-keycloak-roles-mapping.yml
new file mode 100644
index 0000000000..be567ca833
--- /dev/null
+++ b/changelogs/fragments/11256-fix-keycloak-roles-mapping.yml
@@ -0,0 +1,4 @@
+---
+bugfixes:
+  - keycloak_user_rolemapping module - fixed crash when assigning roles to users
+    without an existing role (https://github.com/ansible-collections/community.general/issues/10960, https://github.com/ansible-collections/community.general/pull/11256).
diff --git a/plugins/modules/keycloak_user_rolemapping.py b/plugins/modules/keycloak_user_rolemapping.py
index 2e5609e08a..b2bac72106 100644
--- a/plugins/modules/keycloak_user_rolemapping.py
+++ b/plugins/modules/keycloak_user_rolemapping.py
@@ -117,7 +117,7 @@ EXAMPLES = r"""
     auth_username: USERNAME
     auth_password: PASSWORD
     state: present
-    user_id: user1Id
+    uid: user_uid
     roles:
       - name: role_name1
         id: role_id1
@@ -135,7 +135,7 @@ EXAMPLES = r"""
     auth_password: PASSWORD
     state: present
     client_id: client1
-    user_id: user1Id
+    uid: user_uid
     roles:
       - name: role_name1
         id: role_id1
@@ -351,7 +351,9 @@ def main():
             # Fetch missing role_name
             else:
                 if cid is None:
-                    role["name"] = kc.get_realm_user_rolemapping_by_id(uid=uid, rid=role.get("id"), realm=realm)["name"]
+                    role_rep = kc.get_realm_user_rolemapping_by_id(uid=uid, rid=role.get("id"), realm=realm)
+                    if role_rep is not None:
+                        role["name"] = role_rep["name"]
                 else:
                     role["name"] = kc.get_client_user_rolemapping_by_id(
                         uid=uid, cid=cid, rid=role.get("id"), realm=realm