diff --git a/themes/src/main/resources/theme/base/admin/messages/admin-messages_en.properties b/themes/src/main/resources/theme/base/admin/messages/admin-messages_en.properties index c59e771cd2..0a0cfc58fe 100644 --- a/themes/src/main/resources/theme/base/admin/messages/admin-messages_en.properties +++ b/themes/src/main/resources/theme/base/admin/messages/admin-messages_en.properties @@ -36,7 +36,7 @@ sslRequired=Require SSL sslRequired.option.all=all requests sslRequired.option.external=external requests sslRequired.option.none=none -sslRequired.tooltip=Is HTTPS required? 'None' means HTTPS is not required for any client IP address. 'External requests' means localhost and private IP addresses can access without HTTPS. 'All requests' means HTTPS is required for all IP addresses. +sslRequired.tooltip=Is HTTPS required? 'None' means HTTPS is not required for any client IP address. 'External requests' means localhost and private IP addresses can access without HTTPS. 'All requests' means HTTPS is required for all IP addresses. publicKey=Public key privateKey=Private key gen-new-keys=Generate new keys @@ -95,7 +95,7 @@ login-action-timeout.tooltip=Max time a user has to complete login related actio headers=Headers brute-force-detection=Brute Force Detection x-frame-options=X-Frame-Options -click-label-for-info=Click on label link for more information. The default value prevents pages from being included via non-origin iframes. +click-label-for-info=Click on label link for more information. The default value prevents pages from being included via non-origin iframes. content-sec-policy=Content-Security-Policy max-login-failures=Max Login Failures max-login-failures.tooltip=How many failures before wait is triggered. @@ -134,7 +134,7 @@ push.tooltip=For every client that has an admin URL, notify them of the new revo #Protocol Mapper usermodel.prop.label=Property -usermodel.prop.tooltip=Name of the property method in the UserModel interface. For example, a value of 'email' would reference the UserModel.getEmail() method. +usermodel.prop.tooltip=Name of the property method in the UserModel interface. For example, a value of 'email' would reference the UserModel.getEmail() method. usermodel.attr.label=User Attribute usermodel.attr.tooltip=Name of stored user attribute which is the name of an attribute within the UserModel.attribute map. userSession.modelNote.label=User Session Note @@ -144,9 +144,9 @@ multivalued.tooltip=Indicates if attribute supports multiple values. If true, th selectRole.label=Select Role selectRole.tooltip=Enter role in the textbox to the left, or click this button to browse and select the role you want. tokenClaimName.label=Token Claim Name -tokenClaimName.tooltip=Name of the claim to insert into the token. This can be a fully qualified name like 'address.street'. In this case, a nested json object will be created. +tokenClaimName.tooltip=Name of the claim to insert into the token. This can be a fully qualified name like 'address.street'. In this case, a nested json object will be created. jsonType.label=Claim JSON Type -jsonType.tooltip=JSON type that should be used to populate the json claim in the token. long, int, boolean, and String are valid values. +jsonType.tooltip=JSON type that should be used to populate the json claim in the token. long, int, boolean, and String are valid values. includeInIdToken.label=Add to ID token includeInIdToken.tooltip=Should the claim be added to the ID token? includeInAccessToken.label=Add to access token @@ -154,7 +154,7 @@ includeInAccessToken.tooltip=Should the claim be added to the access token? # client details -clients.tooltip=Clients are trusted browser apps and web services in a realm. These clients can request a login. You can also define client specific roles. +clients.tooltip=Clients are trusted browser apps and web services in a realm. These clients can request a login. You can also define client specific roles. search.placeholder=Search... create=Create import=Import @@ -170,7 +170,7 @@ add-client=Add Client select-file=Select file view-details=View details clear-import=Clear import -client-id.tooltip=Specifies ID referenced in URI and tokens. For example 'my-client'. For SAML this is also the expected issuer value from authn requests +client-id.tooltip=Specifies ID referenced in URI and tokens. For example 'my-client'. For SAML this is also the expected issuer value from authn requests client.name.tooltip=Specifies display name of the client. For example 'My Client'. Supports keys for localized values as well. For example\\: ${my_client} client.enabled.tooltip=Disabled clients cannot initiate a login or have obtain access tokens. consent-required=Consent Required @@ -178,7 +178,7 @@ consent-required.tooltip=If enabled users have to consent to client access. client-protocol=Client Protocol client-protocol.tooltip='OpenID connect' allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server.'SAML' enables web-based authentication and authorization scenarios including cross-domain single sign-on (SSO) and uses security tokens containing assertions to pass information. access-type=Access Type -access-type.tooltip='Confidential' clients require a secret to initiate login protocol. 'Public' clients do not require a secret. 'Bearer-only' clients are web services that never initiate a login. +access-type.tooltip='Confidential' clients require a secret to initiate login protocol. 'Public' clients do not require a secret. 'Bearer-only' clients are web services that never initiate a login. standard-flow-enabled=Standard Flow Enabled standard-flow-enabled.tooltip=This enables standard OpenID Connect redirect based authentication with authorization code. In terms of OpenID Connect or OAuth2 specifications, this enables support of 'Authorization Code Flow' for this client. implicit-flow-enabled=Implicit Flow Enabled @@ -192,7 +192,7 @@ include-authnstatement.tooltip=Should a statement specifying the method and time sign-documents=Sign Documents sign-documents.tooltip=Should SAML documents be signed by the realm? sign-assertions=Sign Assertions -sign-assertions.tooltip=Should assertions inside SAML documents be signed? This setting isn't needed if document is already being signed. +sign-assertions.tooltip=Should assertions inside SAML documents be signed? This setting isn't needed if document is already being signed. signature-algorithm=Signature Algorithm signature-algorithm.tooltip=The signature algorithm to use to sign documents. canonicalization-method=Canonicalization Method @@ -200,11 +200,11 @@ canonicalization-method.tooltip=Canonicalization Method for XML signatures. encrypt-assertions=Encrypt Assertions encrypt-assertions.tooltip=Should SAML assertions be encrypted with client's public key using AES? client-signature-required=Client Signature Required -client-signature-required.tooltip=Will the client sign their saml requests and responses? And should they be validated? +client-signature-required.tooltip=Will the client sign their saml requests and responses? And should they be validated? force-post-binding=Force POST Binding force-post-binding.tooltip=Always use POST binding for responses. front-channel-logout=Front Channel Logout -front-channel-logout.tooltip=When true, logout requires a browser redirect to client. When false, server performs a background invocation for logout. +front-channel-logout.tooltip=When true, logout requires a browser redirect to client. When false, server performs a background invocation for logout. force-name-id-format=Force Name ID Format force-name-id-format.tooltip=Ignore requested NameID subject format and use admin console configured one. name-id-format=Name ID Format @@ -212,14 +212,14 @@ name-id-format.tooltip=The name ID format to use for the subject. root-url=Root URL root-url.tooltip=Root URL appended to relative URLs valid-redirect-uris=Valid Redirect URIs -valid-redirect-uris.tooltip=Valid URI pattern a browser can redirect to after a successful login or logout. Simple wildcards are allowed i.e. 'http://example.com/*'. Relative path can be specified too i.e. /my/relative/path/*. Relative paths will generate a redirect URI using the request's host and port. For SAML, you must set valid URI patterns if you are relying on the consumer service URL embedded with the login request. +valid-redirect-uris.tooltip=Valid URI pattern a browser can redirect to after a successful login or logout. Simple wildcards are allowed i.e. 'http://example.com/*'. Relative path can be specified too i.e. /my/relative/path/*. Relative paths are relative to the client root URL, or if none is specified the auth server root URL is used. For SAML, you must set valid URI patterns if you are relying on the consumer service URL embedded with the login request. base-url.tooltip=Default URL to use when the auth server needs to redirect or link back to the client. admin-url=Admin URL -admin-url.tooltip=URL to the admin interface of the client. Set this if the client supports the adapter REST API. This REST API allows the auth server to push revocation policies and other adminstrative tasks. Usually this is set to the base URL of the client. +admin-url.tooltip=URL to the admin interface of the client. Set this if the client supports the adapter REST API. This REST API allows the auth server to push revocation policies and other adminstrative tasks. Usually this is set to the base URL of the client. master-saml-processing-url=Master SAML Processing URL -master-saml-processing-url.tooltip=If configured, this URL will be used for every binding to both the SP's Assertion Consumer and Single Logout Services. This can be individually overiden for each binding and service in the Fine Grain SAML Endpoint Configuration. +master-saml-processing-url.tooltip=If configured, this URL will be used for every binding to both the SP's Assertion Consumer and Single Logout Services. This can be individually overiden for each binding and service in the Fine Grain SAML Endpoint Configuration. idp-sso-url-ref=IDP Initiated SSO URL Name -idp-sso-url-ref.tooltip=URL fragment name to reference client when you want to do IDP Initiated SSO. Leaving this empty will disable IDP Initiated SSO. The URL you will reference from your browser will be: {server-root}/realms/{realm}/protocol/saml/clients/{client-url-name} +idp-sso-url-ref.tooltip=URL fragment name to reference client when you want to do IDP Initiated SSO. Leaving this empty will disable IDP Initiated SSO. The URL you will reference from your browser will be: {server-root}/realms/{realm}/protocol/saml/clients/{client-url-name} idp-sso-relay-state=IDP Initiated SSO Relay State idp-sso-relay-state.tooltip=Relay state you want to send with SAML request when you want to do IDP Initiated SSO. web-origins=Web Origins @@ -227,13 +227,13 @@ web-origins.tooltip=Allowed CORS origins. To permit all origins of Valid Redirec fine-saml-endpoint-conf=Fine Grain SAML Endpoint Configuration fine-saml-endpoint-conf.tooltip=Expand this section to configure exact URLs for Assertion Consumer and Single Logout Service. assertion-consumer-post-binding-url=Assertion Consumer Service POST Binding URL -assertion-consumer-post-binding-url.tooltip=SAML POST Binding URL for the client's assertion consumer service (login responses). You can leave this blank if you do not have a URL for this binding. +assertion-consumer-post-binding-url.tooltip=SAML POST Binding URL for the client's assertion consumer service (login responses). You can leave this blank if you do not have a URL for this binding. assertion-consumer-redirect-binding-url=Assertion Consumer Service Redirect Binding URL -assertion-consumer-redirect-binding-url.tooltip=SAML Redirect Binding URL for the client's assertion consumer service (login responses). You can leave this blank if you do not have a URL for this binding. +assertion-consumer-redirect-binding-url.tooltip=SAML Redirect Binding URL for the client's assertion consumer service (login responses). You can leave this blank if you do not have a URL for this binding. logout-service-binding-post-url=Logout Service POST Binding URL -logout-service-binding-post-url.tooltip=SAML POST Binding URL for the client's single logout service. You can leave this blank if you are using a different binding +logout-service-binding-post-url.tooltip=SAML POST Binding URL for the client's single logout service. You can leave this blank if you are using a different binding logout-service-redir-binding-url=Logout Service Redirect Binding URL -logout-service-redir-binding-url.tooltip=SAML Redirect Binding URL for the client's single logout service. You can leave this blank if you are using a different binding. +logout-service-redir-binding-url.tooltip=SAML Redirect Binding URL for the client's single logout service. You can leave this blank if you are using a different binding. # client import import-client=Import Client @@ -247,12 +247,12 @@ credentials=Credentials saml-keys=SAML Keys roles=Roles mappers=Mappers -mappers.tooltip=Protocol mappers perform transformation on tokens and documents. They can do things like map user data into protocol claims, or just transform any requests going between the client and auth server. +mappers.tooltip=Protocol mappers perform transformation on tokens and documents. They can do things like map user data into protocol claims, or just transform any requests going between the client and auth server. scope=Scope scope.tooltip=Scope mappings allow you to restrict which user role mappings are included within the access token requested by the client. -sessions.tooltip=View active sessions for this client. Allows you to see which users are active and when they logged in. +sessions.tooltip=View active sessions for this client. Allows you to see which users are active and when they logged in. offline-access=Offline Access -offline-access.tooltip=View offline sessions for this client. Allows you to see which users retrieve offline token and when they retrieve it. To revoke all tokens for the client, go to Revocation tab and set not before value to now. +offline-access.tooltip=View offline sessions for this client. Allows you to see which users retrieve offline token and when they retrieve it. To revoke all tokens for the client, go to Revocation tab and set not before value to now. clustering=Clustering installation=Installation installation.tooltip=Helper utility for generating various client adapter configuration formats which you can download or cut and paste to configure your clients. @@ -359,7 +359,7 @@ key-import=Key Import export-saml-key=Export SAML Key import-saml-key=Import SAML Key realm-certificate-alias=Realm Certificate Alias -realm-certificate-alias.tooltip=Realm certificate is stored in archive too. This is the alias to it. +realm-certificate-alias.tooltip=Realm certificate is stored in archive too. This is the alias to it. signing-key=Signing Key saml-signing-key=SAML Signing Key. private-key=Private Key @@ -422,7 +422,7 @@ identity-provider.logout-url.tooltip=End session endpoint to use to logout user backchannel-logout=Backchannel Logout backchannel-logout.tooltip=Does the external IDP support backchannel logout? user-info-url=User Info URL -user-info-url.tooltip=The User Info Url. This is optional. +user-info-url.tooltip=The User Info Url. This is optional. identity-provider.client-id.tooltip=The client or client identifier registered within the identity provider. client-secret=Client Secret show-secret=Show secret @@ -513,10 +513,10 @@ groups=Groups group.add-selected.tooltip=Realm roles that can be assigned to the group. group.assigned-roles.tooltip=Realm roles mapped to the group -group.effective-roles.tooltip=All realm role mappings. Some roles here might be inherited from a mapped composite role. +group.effective-roles.tooltip=All realm role mappings. Some roles here might be inherited from a mapped composite role. group.available-roles.tooltip=Assignable roles from this client. group.assigned-roles-client.tooltip=Role mappings for this client. -group.effective-roles-client.tooltip=Role mappings for this client. Some roles here might be inherited from a mapped composite role. +group.effective-roles-client.tooltip=Role mappings for this client. Some roles here might be inherited from a mapped composite role. default-roles=Default Roles no-realm-roles-available=No realm roles available @@ -524,10 +524,10 @@ no-realm-roles-available=No realm roles available users=Users user.add-selected.tooltip=Realm roles that can be assigned to the user. user.assigned-roles.tooltip=Realm roles mapped to the user -user.effective-roles.tooltip=All realm role mappings. Some roles here might be inherited from a mapped composite role. +user.effective-roles.tooltip=All realm role mappings. Some roles here might be inherited from a mapped composite role. user.available-roles.tooltip=Assignable roles from this client. user.assigned-roles-client.tooltip=Role mappings for this client. -user.effective-roles-client.tooltip=Role mappings for this client. Some roles here might be inherited from a mapped composite role. +user.effective-roles-client.tooltip=Role mappings for this client. Some roles here might be inherited from a mapped composite role. default.available-roles.tooltip=Realm level roles that can be assigned. realm-default-roles=Realm Default Roles realm-default-roles.tooltip=Realm level roles assigned to new users. @@ -578,7 +578,7 @@ configure=Configure select-realm=Select realm add=Add -client-template.name.tooltip=Name of the client template. Must be unique in the realm +client-template.name.tooltip=Name of the client template. Must be unique in the realm client-template.description.tooltip=Description of the client template client-template.protocol.tooltip=Which SSO protocol configuration is being supplied by this client template @@ -588,7 +588,7 @@ provider-id=Provider ID console-display-name=Console Display Name console-display-name.tooltip=Display name of provider when linked in admin console. priority=Priority -priority.tooltip=Priority of provider when doing a user lookup. Lowest first. +priority.tooltip=Priority of provider when doing a user lookup. Lowest first. sync-settings=Sync Settings periodic-full-sync=Periodic Full Sync periodic-full-sync.tooltip=Does periodic full synchronization of provider users to Keycloak should be enabled or not @@ -612,11 +612,11 @@ allow-password-authentication=Allow Password Authentication allow-password-authentication.tooltip=Enable/disable possibility of username/password authentication against Kerberos database edit-mode=Edit Mode edit-mode.tooltip=READ_ONLY means that password updates are not allowed and user always authenticates with Kerberos password. UNSYNCED means user can change his password in Keycloak database and this one will be used instead of Kerberos password then -ldap.edit-mode.tooltip=READ_ONLY is a read only LDAP store. WRITABLE means data will be synced back to LDAP on demand. UNSYNCED means user data will be imported, but not synced back to LDAP. +ldap.edit-mode.tooltip=READ_ONLY is a read only LDAP store. WRITABLE means data will be synced back to LDAP on demand. UNSYNCED means user data will be imported, but not synced back to LDAP. update-profile-first-login=Update Profile First Login update-profile-first-login.tooltip=Update profile on first login sync-registrations=Sync Registrations -ldap.sync-registrations.tooltip=Should newly created users be created within LDAP store? Priority effects which provider is chose to sync the new user. +ldap.sync-registrations.tooltip=Should newly created users be created within LDAP store? Priority effects which provider is chose to sync the new user. vendor=Vendor ldap.vendor.tooltip=LDAP vendor (provider) username-ldap-attribute=Username LDAP attribute @@ -707,7 +707,7 @@ authenticator.alias.tooltip=Name of the configuration otp-type=OTP Type time-based=Time Based counter-based=Counter Based -otp-type.tooltip=totp is Time-Based One Time Password. 'hotp' is a counter base one time password in which the server keeps a counter to hash against. +otp-type.tooltip=totp is Time-Based One Time Password. 'hotp' is a counter base one time password in which the server keeps a counter to hash against. otp-hash-algorithm=OTP Hash Algorithm otp-hash-algorithm.tooltip=What hashing algorithm should be used to generate the OTP. number-of-digits=Number of Digits @@ -839,10 +839,10 @@ credentials.temporary.tooltip=If enabled user is required to change password on remove-totp=Remove TOTP credentials.remove-totp.tooltip=Remove one time password generator for user. reset-actions=Reset Actions -credentials.reset-actions.tooltip=Set of actions to execute when sending the user a Reset Actions Email. 'Verify email' sends an email to the user to verify their email address. 'Update profile' requires user to enter in new personal information. 'Update password' requires user to enter in a new password. 'Configure TOTP' requires setup of a mobile password generator. +credentials.reset-actions.tooltip=Set of actions to execute when sending the user a Reset Actions Email. 'Verify email' sends an email to the user to verify their email address. 'Update profile' requires user to enter in new personal information. 'Update password' requires user to enter in a new password. 'Configure TOTP' requires setup of a mobile password generator. reset-actions-email=Reset Actions Email send-email=Send email -credentials.reset-actions-email.tooltip=Sends an email to user with an embedded link. Clicking on link will allow the user to execute the reset actions. They will not have to login prior to this. For example, set the action to update password, click this button, and the user will be able to change their password without logging in. +credentials.reset-actions-email.tooltip=Sends an email to user with an embedded link. Clicking on link will allow the user to execute the reset actions. They will not have to login prior to this. For example, set the action to update password, click this button, and the user will be able to change their password without logging in. add-user=Add user created-at=Created At user-enabled=User Enabled @@ -854,20 +854,20 @@ federation-link=Federation Link email-verified=Email Verified email-verified.tooltip=Has the user's email been verified? required-user-actions=Required User Actions -required-user-actions.tooltip=Require an action when the user logs in. 'Verify email' sends an email to the user to verify their email address. 'Update profile' requires user to enter in new personal information. 'Update password' requires user to enter in a new password. 'Configure TOTP' requires setup of a mobile password generator. +required-user-actions.tooltip=Require an action when the user logs in. 'Verify email' sends an email to the user to verify their email address. 'Update profile' requires user to enter in new personal information. 'Update password' requires user to enter in a new password. 'Configure TOTP' requires setup of a mobile password generator. locale=Locale select-one.placeholder=Select one... impersonate=Impersonate impersonate-user=Impersonate user -impersonate-user.tooltip=Login as this user. If user is in same realm as you, your current login session will be logged out before you are logged in as this user. +impersonate-user.tooltip=Login as this user. If user is in same realm as you, your current login session will be logged out before you are logged in as this user. identity-provider-alias=Identity Provider Alias provider-user-id=Provider User ID provider-username=Provider Username no-identity-provider-links-available=No identity provider links available group-membership=Group Membership leave=Leave -group-membership.tooltip=Groups user is a member of. Select a listed group and click the Leave button to leave the group. -membership.available-groups.tooltip=Groups a user can join. Select a group and click the join button. +group-membership.tooltip=Groups user is a member of. Select a listed group and click the Leave button to leave the group. +membership.available-groups.tooltip=Groups a user can join. Select a group and click the join button. table-of-realm-users=Table of Realm Users view-all-users=View all users unlock-users=Unlock users