Ruby client library for FreeIPA JSON API

This is a simple Ruby client library that allows to interact with the FreeIPA JSON API. It currently only supports authenticating via Kerberos/GSSAPI tickets.

Pull requests to add additional API features are very welcome. I only implemented what I needed.


To install it simply issue the following command:

gem install ipa-ruby


You can optionally pass a ca_cert keyword argument specifying the path to the FreeIPA CA certificate. Default is /etc/ipa/ca.crt.

require 'ipa/client'
ipa = '')

Note that additional parameters can be passed via the params keyword argument.

Add a host (with a random password):

ipa.host_add(hostname: '', force: true, random: true, all: true)

Add a host (with a specific password)

ipa.host_add(hostname: '', force: true, userpassword: 'bar', all: true)

Delete a host:

ipa.host_del(hostname: '')

Show a host:

ipa.host_show(hostname: '', all: true)

Find hosts:

ipa.host_find(all: true, params: {:in_hostgroup => true})

Check if a host exists

if ipa.host_exists?('
  puts "Yep :)"
  puts "Nope :("


  • Implement user API
  • Implement group API
  • Implement hostgroup API
  • Implement sudocmd API
  • Implement sudocmdgroup API
  • Implement hbacrule API
  • Implement hbacsvcgroup API


Matteo Cerutti - [email protected]