From 564441899bef70cdcb75dcdeb983ff7e64dc5580 Mon Sep 17 00:00:00 2001 From: Erik Jan de Wit Date: Fri, 8 Sep 2023 15:17:17 +0200 Subject: [PATCH] merge all namespaces into one (#22949) * merge all namespaces into one added fallback namespace to the configuration to minimize changes to the keys * small fix * Fix the broken `OverridesBackend` * remove stray console log * restore ns argument * PR review * merge main --------- Co-authored-by: Jon Koops --- .../admin-ui/cypress/e2e/clients_test.spec.ts | 4 +- .../admin-ui/cypress/e2e/i18n_test.spec.ts | 4 +- .../manage/clients/CreateClientPage.ts | 2 +- .../client_details/tabs/AdvancedTab.ts | 4 +- .../pages/admin-ui/manage/groups/GroupPage.ts | 2 +- .../groups/group_details/tabs/MembersTab.ts | 4 +- .../public/locales/ca/authentication.json | 7 - .../public/locales/ca/client-scopes-help.json | 6 - .../public/locales/ca/client-scopes.json | 6 - .../public/locales/ca/clients-help.json | 41 - .../admin-ui/public/locales/ca/clients.json | 65 - .../admin-ui/public/locales/ca/common.json | 33 - .../admin-ui/public/locales/ca/dynamic.json | 47 - .../admin-ui/public/locales/ca/events.json | 4 - .../admin-ui/public/locales/ca/groups.json | 3 - .../locales/ca/identity-providers-help.json | 28 - .../public/locales/ca/identity-providers.json | 35 - .../locales/ca/realm-settings-help.json | 18 - .../public/locales/ca/realm-settings.json | 63 - js/apps/admin-ui/public/locales/ca/realm.json | 3 - js/apps/admin-ui/public/locales/ca/roles.json | 8 - .../admin-ui/public/locales/ca/sessions.json | 10 - .../public/locales/ca/translation.json | 313 ++ .../locales/ca/user-federation-help.json | 3 - .../public/locales/ca/user-federation.json | 5 - js/apps/admin-ui/public/locales/ca/users.json | 10 - .../locales/de/authentication-help.json | 1 - .../public/locales/de/authentication.json | 4 - .../public/locales/de/client-scopes-help.json | 1 - .../public/locales/de/client-scopes.json | 6 - .../public/locales/de/clients-help.json | 9 - .../admin-ui/public/locales/de/clients.json | 25 - .../public/locales/de/common-help.json | 1 - .../admin-ui/public/locales/de/common.json | 65 - .../admin-ui/public/locales/de/dashboard.json | 3 - .../admin-ui/public/locales/de/dynamic.json | 9 - .../admin-ui/public/locales/de/events.json | 8 - .../admin-ui/public/locales/de/groups.json | 14 - .../locales/de/identity-providers-help.json | 4 - .../public/locales/de/identity-providers.json | 14 - .../locales/de/realm-settings-help.json | 5 - .../public/locales/de/realm-settings.json | 51 - js/apps/admin-ui/public/locales/de/realm.json | 3 - js/apps/admin-ui/public/locales/de/roles.json | 11 - .../admin-ui/public/locales/de/sessions.json | 5 - .../public/locales/de/translation.json | 205 ++ .../locales/de/user-federation-help.json | 1 - .../public/locales/de/user-federation.json | 3 - .../public/locales/de/users-help.json | 5 - js/apps/admin-ui/public/locales/de/users.json | 50 - .../locales/en/authentication-help.json | 51 - .../public/locales/en/authentication.json | 166 - .../public/locales/en/client-scopes-help.json | 21 - .../public/locales/en/client-scopes.json | 59 - .../public/locales/en/clientScopes.json | 4 - .../public/locales/en/clients-help.json | 190 - .../admin-ui/public/locales/en/clients.json | 552 --- .../public/locales/en/common-help.json | 7 - .../admin-ui/public/locales/en/common.json | 219 -- .../admin-ui/public/locales/en/dashboard.json | 26 - .../admin-ui/public/locales/en/dynamic.json | 188 - .../admin-ui/public/locales/en/events.json | 36 - .../admin-ui/public/locales/en/groups.json | 71 - .../locales/en/identity-providers-help.json | 104 - .../public/locales/en/identity-providers.json | 187 - .../locales/en/realm-settings-help.json | 102 - .../public/locales/en/realm-settings.json | 918 ----- js/apps/admin-ui/public/locales/en/realm.json | 12 - js/apps/admin-ui/public/locales/en/roles.json | 70 - .../admin-ui/public/locales/en/sessions.json | 36 - .../public/locales/en/translation.json | 3269 +++++++++++++++++ .../locales/en/user-federation-help.json | 110 - .../public/locales/en/user-federation.json | 180 - .../public/locales/en/users-help.json | 10 - js/apps/admin-ui/public/locales/en/users.json | 183 - .../locales/es/authentication-help.json | 1 - .../public/locales/es/authentication.json | 7 - .../public/locales/es/client-scopes-help.json | 6 - .../public/locales/es/client-scopes.json | 6 - .../public/locales/es/clients-help.json | 41 - .../admin-ui/public/locales/es/clients.json | 65 - .../public/locales/es/common-help.json | 1 - .../admin-ui/public/locales/es/common.json | 33 - .../admin-ui/public/locales/es/dashboard.json | 1 - .../admin-ui/public/locales/es/dynamic.json | 47 - .../admin-ui/public/locales/es/events.json | 4 - .../admin-ui/public/locales/es/groups.json | 3 - .../locales/es/identity-providers-help.json | 28 - .../public/locales/es/identity-providers.json | 35 - .../locales/es/realm-settings-help.json | 18 - .../public/locales/es/realm-settings.json | 63 - js/apps/admin-ui/public/locales/es/realm.json | 3 - js/apps/admin-ui/public/locales/es/roles.json | 8 - .../admin-ui/public/locales/es/sessions.json | 10 - .../public/locales/es/translation.json | 313 ++ .../locales/es/user-federation-help.json | 3 - .../public/locales/es/user-federation.json | 5 - .../public/locales/es/users-help.json | 1 - js/apps/admin-ui/public/locales/es/users.json | 10 - .../locales/fr/authentication-help.json | 1 - .../public/locales/fr/authentication.json | 3 - .../public/locales/fr/client-scopes-help.json | 1 - .../public/locales/fr/client-scopes.json | 3 - .../public/locales/fr/clients-help.json | 4 - .../admin-ui/public/locales/fr/clients.json | 13 - .../public/locales/fr/common-help.json | 1 - .../admin-ui/public/locales/fr/common.json | 21 - .../admin-ui/public/locales/fr/dashboard.json | 1 - .../admin-ui/public/locales/fr/dynamic.json | 1 - .../admin-ui/public/locales/fr/events.json | 3 - .../admin-ui/public/locales/fr/groups.json | 1 - .../locales/fr/identity-providers-help.json | 1 - .../public/locales/fr/identity-providers.json | 3 - .../locales/fr/realm-settings-help.json | 16 - .../public/locales/fr/realm-settings.json | 57 - js/apps/admin-ui/public/locales/fr/realm.json | 3 - js/apps/admin-ui/public/locales/fr/roles.json | 3 - .../admin-ui/public/locales/fr/sessions.json | 8 - .../public/locales/fr/translation.json | 102 + .../locales/fr/user-federation-help.json | 1 - .../public/locales/fr/user-federation.json | 4 - .../public/locales/fr/users-help.json | 1 - js/apps/admin-ui/public/locales/fr/users.json | 10 - .../locales/it/authentication-help.json | 1 - .../public/locales/it/authentication.json | 1 - .../public/locales/it/client-scopes-help.json | 1 - .../public/locales/it/client-scopes.json | 1 - .../public/locales/it/clients-help.json | 1 - .../admin-ui/public/locales/it/clients.json | 1 - .../public/locales/it/common-help.json | 1 - .../admin-ui/public/locales/it/common.json | 1 - .../admin-ui/public/locales/it/dashboard.json | 1 - .../admin-ui/public/locales/it/dynamic.json | 1 - .../admin-ui/public/locales/it/events.json | 1 - .../admin-ui/public/locales/it/groups.json | 1 - .../locales/it/identity-providers-help.json | 1 - .../public/locales/it/identity-providers.json | 1 - .../locales/it/realm-settings-help.json | 1 - .../public/locales/it/realm-settings.json | 1 - js/apps/admin-ui/public/locales/it/realm.json | 1 - js/apps/admin-ui/public/locales/it/roles.json | 1 - .../admin-ui/public/locales/it/sessions.json | 1 - .../translation.json} | 0 .../locales/it/user-federation-help.json | 1 - .../public/locales/it/user-federation.json | 1 - .../public/locales/it/users-help.json | 1 - js/apps/admin-ui/public/locales/it/users.json | 1 - .../public/locales/ja/translation.json | 926 +++++ .../public/locales/lt/translation.json | 638 ++++ .../common-help.json => lv/translation.json} | 0 .../dashboard.json => nl/translation.json} | 0 .../public/locales/no/translation.json | 596 +++ .../users-help.json => pl/translation.json} | 0 .../public/locales/pt-BR/translation.json | 590 +++ .../public/locales/ru/translation.json | 695 ++++ .../public/locales/zh-CN/translation.json | 3247 ++++++++++++++++ js/apps/admin-ui/src/ForbiddenSection.tsx | 2 +- js/apps/admin-ui/src/PageNav.tsx | 4 +- .../authentication/AuthenticationSection.tsx | 8 +- .../src/authentication/BindFlowDialog.tsx | 2 +- .../src/authentication/BuildInLabel.tsx | 2 +- .../src/authentication/DuplicateFlowModal.tsx | 2 +- .../src/authentication/EditFlowModal.tsx | 2 +- .../authentication/EmptyExecutionState.tsx | 2 +- .../src/authentication/FlowDetails.tsx | 2 +- .../src/authentication/RequiredActions.tsx | 2 +- .../components/AddFlowDropdown.tsx | 2 +- .../components/DraggableTable.tsx | 2 +- .../authentication/components/EditFlow.tsx | 9 +- .../components/ExecutionConfigModal.tsx | 2 +- .../authentication/components/FlowHeader.tsx | 2 +- .../components/FlowRequirementDropdown.tsx | 2 +- .../src/authentication/components/FlowRow.tsx | 2 +- .../src/authentication/components/UsedBy.tsx | 4 +- .../components/modals/AddStepModal.tsx | 2 +- .../components/modals/AddSubFlowModal.tsx | 9 +- .../src/authentication/form/CreateFlow.tsx | 2 +- .../src/authentication/form/FlowType.tsx | 4 +- .../authentication/form/NameDescription.tsx | 9 +- .../authentication/policies/CibaPolicy.tsx | 8 +- .../src/authentication/policies/OtpPolicy.tsx | 18 +- .../policies/PasswordPolicy.tsx | 4 +- .../src/authentication/policies/Policies.tsx | 2 +- .../src/authentication/policies/PolicyRow.tsx | 2 +- .../policies/WebauthnPolicy.tsx | 12 +- .../src/client-scopes/ChangeTypeDropdown.tsx | 2 +- .../src/client-scopes/ClientScopesSection.tsx | 12 +- .../src/client-scopes/CreateClientScope.tsx | 6 +- .../src/client-scopes/EditClientScope.tsx | 12 +- .../src/client-scopes/add/MapperDialog.tsx | 2 +- .../src/client-scopes/details/MapperList.tsx | 2 +- .../client-scopes/details/MappingDetails.tsx | 2 +- .../src/client-scopes/details/ScopeForm.tsx | 19 +- .../client-scopes/details/SearchFilter.tsx | 4 +- js/apps/admin-ui/src/clients/AdvancedTab.tsx | 4 +- .../src/clients/ClientDescription.tsx | 8 +- .../admin-ui/src/clients/ClientDetails.tsx | 6 +- .../admin-ui/src/clients/ClientSessions.tsx | 2 +- .../admin-ui/src/clients/ClientSettings.tsx | 2 +- .../admin-ui/src/clients/ClientsSection.tsx | 6 +- .../src/clients/add/AccessSettings.tsx | 4 +- .../src/clients/add/CapabilityConfig.tsx | 20 +- .../src/clients/add/GeneralSettings.tsx | 2 +- .../src/clients/add/LoginSettings.tsx | 18 +- .../src/clients/add/LoginSettingsPanel.tsx | 10 +- .../admin-ui/src/clients/add/LogoutPanel.tsx | 10 +- .../src/clients/add/NewClientForm.tsx | 6 +- .../admin-ui/src/clients/add/SamlConfig.tsx | 6 +- .../src/clients/add/SamlSignature.tsx | 8 +- .../src/clients/advanced/AddHostDialog.tsx | 2 +- .../src/clients/advanced/AdvancedSettings.tsx | 18 +- .../src/clients/advanced/ApplicationUrls.tsx | 8 +- .../advanced/AuthenticationOverrides.tsx | 6 +- .../src/clients/advanced/ClusteringPanel.tsx | 4 +- .../advanced/FineGrainOpenIdConnect.tsx | 26 +- .../advanced/FineGrainSamlEndpointConfig.tsx | 18 +- .../OpenIdConnectCompatibilityModes.tsx | 8 +- .../src/clients/advanced/RevocationPanel.tsx | 4 +- .../src/clients/advanced/TokenLifespan.tsx | 2 +- .../authorization/AuthorizationDataModal.tsx | 2 +- .../authorization/AuthorizationEvaluate.tsx | 8 +- .../AuthorizationEvaluateResource.tsx | 2 +- .../AuthorizationEvaluateResourcePolicies.tsx | 2 +- .../authorization/AuthorizationExport.tsx | 4 +- .../authorization/DecisionStrategySelect.tsx | 2 +- .../authorization/DeleteScopeDialog.tsx | 2 +- .../authorization/DetailDescription.tsx | 2 +- .../authorization/EmptyPermissionsState.tsx | 6 +- .../clients/authorization/ImportDialog.tsx | 6 +- .../authorization/KeyBasedAttributeInput.tsx | 4 +- .../src/clients/authorization/MoreLabel.tsx | 2 +- .../clients/authorization/NewPolicyDialog.tsx | 2 +- .../authorization/PermissionDetails.tsx | 8 +- .../src/clients/authorization/Permissions.tsx | 2 +- .../src/clients/authorization/Policies.tsx | 2 +- .../clients/authorization/ResourceDetails.tsx | 17 +- .../src/clients/authorization/Resources.tsx | 2 +- .../authorization/ResourcesPolicySelect.tsx | 2 +- .../clients/authorization/ScopeDetails.tsx | 4 +- .../src/clients/authorization/ScopePicker.tsx | 2 +- .../src/clients/authorization/ScopeSelect.tsx | 2 +- .../src/clients/authorization/Scopes.tsx | 2 +- .../clients/authorization/SearchDropdown.tsx | 2 +- .../src/clients/authorization/Settings.tsx | 8 +- .../authorization/evaluate/Results.tsx | 2 +- .../authorization/policy/Aggregate.tsx | 4 +- .../clients/authorization/policy/Client.tsx | 2 +- .../authorization/policy/ClientScope.tsx | 6 +- .../clients/authorization/policy/Group.tsx | 6 +- .../authorization/policy/JavaScript.tsx | 2 +- .../authorization/policy/LogicSelector.tsx | 7 +- .../authorization/policy/NameDescription.tsx | 2 +- .../authorization/policy/PolicyDetails.tsx | 2 +- .../clients/authorization/policy/Regex.tsx | 6 +- .../src/clients/authorization/policy/Role.tsx | 4 +- .../src/clients/authorization/policy/Time.tsx | 13 +- .../src/clients/credentials/ClientSecret.tsx | 6 +- .../src/clients/credentials/Credentials.tsx | 2 +- .../src/clients/credentials/SignedJWT.tsx | 2 +- .../admin-ui/src/clients/credentials/X509.tsx | 6 +- .../src/clients/import/ImportForm.tsx | 2 +- .../initial-access/AccessTokenDialog.tsx | 2 +- .../CreateInitialAccessToken.tsx | 6 +- .../initial-access/InitialAccessTokenList.tsx | 2 +- .../admin-ui/src/clients/keys/Certificate.tsx | 6 +- .../src/clients/keys/ExportSamlKeyDialog.tsx | 2 +- .../src/clients/keys/GenerateKeyDialog.tsx | 8 +- .../src/clients/keys/ImportKeyDialog.tsx | 4 +- js/apps/admin-ui/src/clients/keys/Keys.tsx | 6 +- .../src/clients/keys/SamlImportKeyDialog.tsx | 2 +- .../admin-ui/src/clients/keys/SamlKeys.tsx | 4 +- .../src/clients/keys/SamlKeysDialog.tsx | 4 +- .../src/clients/keys/StoreSettings.tsx | 10 +- .../registration/AddProviderDialog.tsx | 2 +- .../registration/ClientRegistration.tsx | 6 +- .../registration/ClientRegistrationList.tsx | 2 +- .../clients/registration/DetailProvider.tsx | 2 +- .../src/clients/roles/CreateClientRole.tsx | 2 +- .../src/clients/scopes/AddScopeDialog.tsx | 6 +- .../src/clients/scopes/ClientScopes.tsx | 6 +- .../clients/scopes/CopyToClipboardButton.tsx | 2 +- .../src/clients/scopes/DecicatedScope.tsx | 4 +- .../src/clients/scopes/DedicatedScopes.tsx | 2 +- .../src/clients/scopes/EvaluateScopes.tsx | 18 +- .../src/clients/scopes/GeneratedCodeTab.tsx | 2 +- .../service-account/ServiceAccount.tsx | 2 +- js/apps/admin-ui/src/clients/utils.ts | 2 +- .../admin-ui/src/components/SwitchControl.tsx | 2 +- .../client-scope/ClientScopeTypes.tsx | 4 +- .../download-dialog/DownloadDialog.tsx | 4 +- .../components/dynamic/BooleanComponent.tsx | 2 +- .../src/components/dynamic/FileComponent.tsx | 2 +- .../src/components/dynamic/GroupComponent.tsx | 2 +- .../src/components/dynamic/ListComponent.tsx | 2 +- .../src/components/dynamic/MapComponent.tsx | 2 +- .../dynamic/MultivaluedListComponent.tsx | 2 +- .../dynamic/MultivaluedStringComponent.tsx | 2 +- .../components/dynamic/PasswordComponent.tsx | 2 +- .../src/components/dynamic/RoleComponent.tsx | 2 +- .../components/dynamic/ScriptComponent.tsx | 2 +- .../components/dynamic/StringComponent.tsx | 2 +- .../src/components/dynamic/TextComponent.tsx | 2 +- .../src/components/form/FixedButtonGroup.tsx | 2 +- .../key-value-form/AttributeForm.tsx | 2 +- .../components/key-value-form/KeySelect.tsx | 2 +- .../key-value-form/KeyValueInput.tsx | 2 +- .../password-input/PasswordInput.tsx | 2 +- .../permission-tab/PermissionTab.tsx | 4 +- .../realm-selector/RealmSelector.tsx | 4 +- .../src/components/role-form/RoleForm.tsx | 2 +- .../components/role-mapping/RoleMapping.tsx | 6 +- .../src/components/roles-list/RolesList.tsx | 10 +- .../src/components/scroll-form/ScrollForm.tsx | 2 +- .../table-toolbar/PaginatingTableToolbar.tsx | 2 +- .../components/time-selector/TimeSelector.tsx | 2 +- .../src/components/users/UserDataTable.tsx | 6 +- .../UserDataTableAttributeSearchForm.tsx | 2 +- .../users/UserDataTableToolbarItems.tsx | 2 +- .../src/components/users/UserSelect.tsx | 2 +- js/apps/admin-ui/src/dashboard/Dashboard.tsx | 4 +- .../admin-ui/src/dashboard/ProviderInfo.tsx | 2 +- js/apps/admin-ui/src/events/AdminEvents.tsx | 4 +- js/apps/admin-ui/src/events/EventsSection.tsx | 8 +- js/apps/admin-ui/src/events/routes/Events.tsx | 2 +- .../admin-ui/src/groups/GroupAttributes.tsx | 2 +- .../admin-ui/src/groups/GroupRoleMapping.tsx | 2 +- js/apps/admin-ui/src/groups/GroupTable.tsx | 2 +- js/apps/admin-ui/src/groups/GroupsModal.tsx | 2 +- js/apps/admin-ui/src/groups/GroupsSection.tsx | 2 +- js/apps/admin-ui/src/groups/Members.tsx | 2 +- js/apps/admin-ui/src/groups/MembersModal.tsx | 4 +- .../src/groups/components/DeleteGroup.tsx | 4 +- .../src/groups/components/GroupToolbar.tsx | 2 +- .../src/groups/components/GroupTree.tsx | 4 +- .../src/groups/components/MoveDialog.tsx | 2 +- js/apps/admin-ui/src/i18n/OverridesBackend.ts | 55 +- js/apps/admin-ui/src/i18n/i18n.ts | 33 +- .../IdentityProvidersSection.tsx | 8 +- .../identity-providers/ManageOrderDialog.tsx | 2 +- .../add/AddIdentityProvider.tsx | 6 +- .../src/identity-providers/add/AddMapper.tsx | 4 +- .../identity-providers/add/AddMapperForm.tsx | 4 +- .../add/AddOpenIdConnect.tsx | 6 +- .../identity-providers/add/AddSamlConnect.tsx | 6 +- .../add/AdvancedSettings.tsx | 10 +- .../add/DescriptorSettings.tsx | 10 +- .../identity-providers/add/DetailSettings.tsx | 18 +- .../add/DiscoverySettings.tsx | 6 +- .../add/ExtendedNonDiscoverySettings.tsx | 2 +- .../add/OIDCAuthentication.tsx | 6 +- .../add/OIDCGeneralSettings.tsx | 2 +- .../add/OpenIdConnectSettings.tsx | 4 +- .../add/ReqAuthnConstraintsSettings.tsx | 8 +- .../add/SamlConnectSettings.tsx | 6 +- .../add/SamlGeneralSettings.tsx | 2 +- .../component/ClientIdSecret.tsx | 6 +- .../component/DiscoveryEndpointField.tsx | 18 +- .../component/DisplayOrder.tsx | 4 +- .../component/FormGroupField.tsx | 9 +- .../component/RedirectUrl.tsx | 4 +- .../component/SwitchField.tsx | 2 +- .../src/realm-roles/CreateRealmRole.tsx | 2 +- .../src/realm-roles/RealmRoleTabs.tsx | 2 +- .../src/realm-roles/RealmRolesSection.tsx | 2 +- .../src/realm-roles/UsersInRoleTab.tsx | 6 +- .../realm-settings/AddClientProfileModal.tsx | 4 +- .../realm-settings/AddMessageBundleModal.tsx | 2 +- .../src/realm-settings/ClientProfileForm.tsx | 2 +- .../src/realm-settings/DefaultGroupsTab.tsx | 2 +- .../admin-ui/src/realm-settings/EmailTab.tsx | 10 +- .../src/realm-settings/ExecutorForm.tsx | 2 +- .../src/realm-settings/GeneralTab.tsx | 14 +- .../src/realm-settings/LocalizationTab.tsx | 4 +- .../admin-ui/src/realm-settings/LoginTab.tsx | 2 +- .../realm-settings/NewAttributeSettings.tsx | 4 +- .../NewClientPolicyCondition.tsx | 2 +- .../realm-settings/NewClientPolicyForm.tsx | 8 +- .../src/realm-settings/PartialExport.tsx | 2 +- .../src/realm-settings/PartialImport.tsx | 2 +- .../src/realm-settings/PoliciesTab.tsx | 2 +- .../src/realm-settings/ProfilesTab.tsx | 2 +- .../src/realm-settings/RealmSettingsTabs.tsx | 16 +- .../src/realm-settings/SessionsTab.tsx | 16 +- .../admin-ui/src/realm-settings/ThemesTab.tsx | 10 +- .../admin-ui/src/realm-settings/TokensTab.tsx | 20 +- .../src/realm-settings/UserRegistration.tsx | 2 +- .../event-config/AddEventTypesDialog.tsx | 2 +- .../event-config/EventConfigForm.tsx | 6 +- .../event-config/EventListenersForm.tsx | 2 +- .../realm-settings/event-config/EventsTab.tsx | 2 +- .../event-config/EventsTypeTable.tsx | 2 +- .../src/realm-settings/keys/KeysListTab.tsx | 4 +- .../realm-settings/keys/KeysProvidersTab.tsx | 2 +- .../src/realm-settings/keys/KeysTab.tsx | 2 +- .../keys/key-providers/KeyProviderForm.tsx | 11 +- .../keys/key-providers/KeyProviderModal.tsx | 2 +- .../keys/key-providers/KeyProvidersPicker.tsx | 2 +- .../security-defences/BruteForceDetection.tsx | 4 +- .../security-defences/HelpLinkTextInput.tsx | 2 +- .../security-defences/SecurityDefenses.tsx | 2 +- .../realm-settings/security-defences/Time.tsx | 2 +- .../user-profile/AttributesGroupTab.tsx | 2 +- .../user-profile/AttributesTab.tsx | 2 +- .../user-profile/UserProfileTab.tsx | 2 +- .../attribute/AddValidatorDialog.tsx | 2 +- .../attribute/AttributeAnnotations.tsx | 2 +- .../attribute/AttributeGeneralSettings.tsx | 4 +- .../attribute/AttributePermission.tsx | 4 +- .../attribute/AttributeValidations.tsx | 2 +- .../attribute/ValidatorSelect.tsx | 2 +- .../admin-ui/src/realm/add/NewRealmForm.tsx | 4 +- .../admin-ui/src/sessions/RevocationModal.tsx | 2 +- .../admin-ui/src/sessions/SessionsSection.tsx | 6 +- .../admin-ui/src/sessions/SessionsTable.tsx | 4 +- .../admin-ui/src/sessions/routes/Sessions.tsx | 2 +- .../CreateUserFederationLdapSettings.tsx | 6 +- .../user-federation/ManagePriorityDialog.tsx | 6 +- .../UserFederationKerberosSettings.tsx | 12 +- .../UserFederationKerberosWizard.tsx | 2 +- .../UserFederationLdapForm.tsx | 2 +- .../UserFederationLdapSettings.tsx | 6 +- .../UserFederationLdapWizard.tsx | 2 +- .../user-federation/UserFederationSection.tsx | 2 +- .../custom/CustomProviderSettings.tsx | 12 +- .../user-federation/custom/SyncSettings.tsx | 2 +- .../kerberos/KerberosSettingsRequired.tsx | 5 +- .../ldap/LdapSettingsAdvanced.tsx | 5 +- .../ldap/LdapSettingsConnection.tsx | 7 +- .../ldap/LdapSettingsGeneral.tsx | 5 +- .../ldap/LdapSettingsKerberosIntegration.tsx | 5 +- .../ldap/LdapSettingsSearching.tsx | 5 +- .../ldap/LdapSettingsSynchronization.tsx | 5 +- .../ldap/mappers/LdapMapperDetails.tsx | 6 +- .../ldap/mappers/LdapMapperList.tsx | 2 +- .../user-federation/shared/ExtendedHeader.tsx | 2 +- .../src/user-federation/shared/Header.tsx | 2 +- .../user-federation/shared/SettingsCache.tsx | 7 +- js/apps/admin-ui/src/user/CreateUser.tsx | 2 +- js/apps/admin-ui/src/user/EditUser.tsx | 4 +- js/apps/admin-ui/src/user/UserConsents.tsx | 2 +- js/apps/admin-ui/src/user/UserCredentials.tsx | 2 +- js/apps/admin-ui/src/user/UserForm.tsx | 12 +- js/apps/admin-ui/src/user/UserGroups.tsx | 6 +- js/apps/admin-ui/src/user/UserIdPModal.tsx | 2 +- .../src/user/UserIdentityProviderLinks.tsx | 2 +- .../admin-ui/src/user/UserProfileFields.tsx | 2 +- js/apps/admin-ui/src/user/UserRoleMapping.tsx | 4 +- js/apps/admin-ui/src/user/UserSessions.tsx | 2 +- js/apps/admin-ui/src/user/UsersSection.tsx | 4 +- .../src/user/components/SelectComponent.tsx | 2 +- .../src/user/components/UserProfileGroup.tsx | 2 +- .../src/user/details/SearchFilter.tsx | 4 +- js/apps/admin-ui/src/user/routes/Users.tsx | 2 +- .../user-credentials/CredentialDataDialog.tsx | 2 +- .../user/user-credentials/CredentialRow.tsx | 2 +- .../user/user-credentials/InlineLabelEdit.tsx | 2 +- .../user/user-credentials/LifespanField.tsx | 7 +- .../RequiredActionMultiSelect.tsx | 6 +- .../ResetCredentialDialog.tsx | 6 +- .../user-credentials/ResetPasswordDialog.tsx | 2 +- 460 files changed, 11599 insertions(+), 5564 deletions(-) delete mode 100644 js/apps/admin-ui/public/locales/ca/authentication.json delete mode 100644 js/apps/admin-ui/public/locales/ca/client-scopes-help.json delete mode 100644 js/apps/admin-ui/public/locales/ca/client-scopes.json delete mode 100644 js/apps/admin-ui/public/locales/ca/clients-help.json delete mode 100644 js/apps/admin-ui/public/locales/ca/clients.json delete mode 100644 js/apps/admin-ui/public/locales/ca/common.json delete mode 100644 js/apps/admin-ui/public/locales/ca/dynamic.json delete mode 100644 js/apps/admin-ui/public/locales/ca/events.json delete mode 100644 js/apps/admin-ui/public/locales/ca/groups.json delete mode 100644 js/apps/admin-ui/public/locales/ca/identity-providers-help.json delete mode 100644 js/apps/admin-ui/public/locales/ca/identity-providers.json delete mode 100644 js/apps/admin-ui/public/locales/ca/realm-settings-help.json delete mode 100644 js/apps/admin-ui/public/locales/ca/realm-settings.json delete mode 100644 js/apps/admin-ui/public/locales/ca/realm.json delete mode 100644 js/apps/admin-ui/public/locales/ca/roles.json delete mode 100644 js/apps/admin-ui/public/locales/ca/sessions.json create mode 100644 js/apps/admin-ui/public/locales/ca/translation.json delete mode 100644 js/apps/admin-ui/public/locales/ca/user-federation-help.json delete mode 100644 js/apps/admin-ui/public/locales/ca/user-federation.json delete mode 100644 js/apps/admin-ui/public/locales/ca/users.json delete mode 100644 js/apps/admin-ui/public/locales/de/authentication-help.json delete mode 100644 js/apps/admin-ui/public/locales/de/authentication.json delete mode 100644 js/apps/admin-ui/public/locales/de/client-scopes-help.json delete mode 100644 js/apps/admin-ui/public/locales/de/client-scopes.json delete mode 100644 js/apps/admin-ui/public/locales/de/clients-help.json delete mode 100644 js/apps/admin-ui/public/locales/de/clients.json delete mode 100644 js/apps/admin-ui/public/locales/de/common-help.json delete mode 100644 js/apps/admin-ui/public/locales/de/common.json delete mode 100644 js/apps/admin-ui/public/locales/de/dashboard.json delete mode 100644 js/apps/admin-ui/public/locales/de/dynamic.json delete mode 100644 js/apps/admin-ui/public/locales/de/events.json delete mode 100644 js/apps/admin-ui/public/locales/de/groups.json delete mode 100644 js/apps/admin-ui/public/locales/de/identity-providers-help.json delete mode 100644 js/apps/admin-ui/public/locales/de/identity-providers.json delete mode 100644 js/apps/admin-ui/public/locales/de/realm-settings-help.json delete mode 100644 js/apps/admin-ui/public/locales/de/realm-settings.json delete mode 100644 js/apps/admin-ui/public/locales/de/realm.json delete mode 100644 js/apps/admin-ui/public/locales/de/roles.json delete mode 100644 js/apps/admin-ui/public/locales/de/sessions.json create mode 100644 js/apps/admin-ui/public/locales/de/translation.json delete mode 100644 js/apps/admin-ui/public/locales/de/user-federation-help.json delete mode 100644 js/apps/admin-ui/public/locales/de/user-federation.json delete mode 100644 js/apps/admin-ui/public/locales/de/users-help.json delete mode 100644 js/apps/admin-ui/public/locales/de/users.json delete mode 100644 js/apps/admin-ui/public/locales/en/authentication-help.json delete mode 100644 js/apps/admin-ui/public/locales/en/authentication.json delete mode 100644 js/apps/admin-ui/public/locales/en/client-scopes-help.json delete mode 100644 js/apps/admin-ui/public/locales/en/client-scopes.json delete mode 100644 js/apps/admin-ui/public/locales/en/clientScopes.json delete mode 100644 js/apps/admin-ui/public/locales/en/clients-help.json delete mode 100644 js/apps/admin-ui/public/locales/en/clients.json delete mode 100644 js/apps/admin-ui/public/locales/en/common-help.json delete mode 100644 js/apps/admin-ui/public/locales/en/common.json delete mode 100644 js/apps/admin-ui/public/locales/en/dashboard.json delete mode 100644 js/apps/admin-ui/public/locales/en/dynamic.json delete mode 100644 js/apps/admin-ui/public/locales/en/events.json delete mode 100644 js/apps/admin-ui/public/locales/en/groups.json delete mode 100644 js/apps/admin-ui/public/locales/en/identity-providers-help.json delete mode 100644 js/apps/admin-ui/public/locales/en/identity-providers.json delete mode 100644 js/apps/admin-ui/public/locales/en/realm-settings-help.json delete mode 100644 js/apps/admin-ui/public/locales/en/realm-settings.json delete mode 100644 js/apps/admin-ui/public/locales/en/realm.json delete mode 100644 js/apps/admin-ui/public/locales/en/roles.json delete mode 100644 js/apps/admin-ui/public/locales/en/sessions.json create mode 100644 js/apps/admin-ui/public/locales/en/translation.json delete mode 100644 js/apps/admin-ui/public/locales/en/user-federation-help.json delete mode 100644 js/apps/admin-ui/public/locales/en/user-federation.json delete mode 100644 js/apps/admin-ui/public/locales/en/users-help.json delete mode 100644 js/apps/admin-ui/public/locales/en/users.json delete mode 100644 js/apps/admin-ui/public/locales/es/authentication-help.json delete mode 100644 js/apps/admin-ui/public/locales/es/authentication.json delete mode 100644 js/apps/admin-ui/public/locales/es/client-scopes-help.json delete mode 100644 js/apps/admin-ui/public/locales/es/client-scopes.json delete mode 100644 js/apps/admin-ui/public/locales/es/clients-help.json delete mode 100644 js/apps/admin-ui/public/locales/es/clients.json delete mode 100644 js/apps/admin-ui/public/locales/es/common-help.json delete mode 100644 js/apps/admin-ui/public/locales/es/common.json delete mode 100644 js/apps/admin-ui/public/locales/es/dashboard.json delete mode 100644 js/apps/admin-ui/public/locales/es/dynamic.json delete mode 100644 js/apps/admin-ui/public/locales/es/events.json delete mode 100644 js/apps/admin-ui/public/locales/es/groups.json delete mode 100644 js/apps/admin-ui/public/locales/es/identity-providers-help.json delete mode 100644 js/apps/admin-ui/public/locales/es/identity-providers.json delete mode 100644 js/apps/admin-ui/public/locales/es/realm-settings-help.json delete mode 100644 js/apps/admin-ui/public/locales/es/realm-settings.json delete mode 100644 js/apps/admin-ui/public/locales/es/realm.json delete mode 100644 js/apps/admin-ui/public/locales/es/roles.json delete mode 100644 js/apps/admin-ui/public/locales/es/sessions.json create mode 100644 js/apps/admin-ui/public/locales/es/translation.json delete mode 100644 js/apps/admin-ui/public/locales/es/user-federation-help.json delete mode 100644 js/apps/admin-ui/public/locales/es/user-federation.json delete mode 100644 js/apps/admin-ui/public/locales/es/users-help.json delete mode 100644 js/apps/admin-ui/public/locales/es/users.json delete mode 100644 js/apps/admin-ui/public/locales/fr/authentication-help.json delete mode 100644 js/apps/admin-ui/public/locales/fr/authentication.json delete mode 100644 js/apps/admin-ui/public/locales/fr/client-scopes-help.json delete mode 100644 js/apps/admin-ui/public/locales/fr/client-scopes.json delete mode 100644 js/apps/admin-ui/public/locales/fr/clients-help.json delete mode 100644 js/apps/admin-ui/public/locales/fr/clients.json delete mode 100644 js/apps/admin-ui/public/locales/fr/common-help.json delete mode 100644 js/apps/admin-ui/public/locales/fr/common.json delete mode 100644 js/apps/admin-ui/public/locales/fr/dashboard.json delete mode 100644 js/apps/admin-ui/public/locales/fr/dynamic.json delete mode 100644 js/apps/admin-ui/public/locales/fr/events.json delete mode 100644 js/apps/admin-ui/public/locales/fr/groups.json delete mode 100644 js/apps/admin-ui/public/locales/fr/identity-providers-help.json delete mode 100644 js/apps/admin-ui/public/locales/fr/identity-providers.json delete mode 100644 js/apps/admin-ui/public/locales/fr/realm-settings-help.json delete mode 100644 js/apps/admin-ui/public/locales/fr/realm-settings.json delete mode 100644 js/apps/admin-ui/public/locales/fr/realm.json delete mode 100644 js/apps/admin-ui/public/locales/fr/roles.json delete mode 100644 js/apps/admin-ui/public/locales/fr/sessions.json create mode 100644 js/apps/admin-ui/public/locales/fr/translation.json delete mode 100644 js/apps/admin-ui/public/locales/fr/user-federation-help.json delete mode 100644 js/apps/admin-ui/public/locales/fr/user-federation.json delete mode 100644 js/apps/admin-ui/public/locales/fr/users-help.json delete mode 100644 js/apps/admin-ui/public/locales/fr/users.json delete mode 100644 js/apps/admin-ui/public/locales/it/authentication-help.json delete mode 100644 js/apps/admin-ui/public/locales/it/authentication.json delete mode 100644 js/apps/admin-ui/public/locales/it/client-scopes-help.json delete mode 100644 js/apps/admin-ui/public/locales/it/client-scopes.json delete mode 100644 js/apps/admin-ui/public/locales/it/clients-help.json delete mode 100644 js/apps/admin-ui/public/locales/it/clients.json delete mode 100644 js/apps/admin-ui/public/locales/it/common-help.json delete mode 100644 js/apps/admin-ui/public/locales/it/common.json delete mode 100644 js/apps/admin-ui/public/locales/it/dashboard.json delete mode 100644 js/apps/admin-ui/public/locales/it/dynamic.json delete mode 100644 js/apps/admin-ui/public/locales/it/events.json delete mode 100644 js/apps/admin-ui/public/locales/it/groups.json delete mode 100644 js/apps/admin-ui/public/locales/it/identity-providers-help.json delete mode 100644 js/apps/admin-ui/public/locales/it/identity-providers.json delete mode 100644 js/apps/admin-ui/public/locales/it/realm-settings-help.json delete mode 100644 js/apps/admin-ui/public/locales/it/realm-settings.json delete mode 100644 js/apps/admin-ui/public/locales/it/realm.json delete mode 100644 js/apps/admin-ui/public/locales/it/roles.json delete mode 100644 js/apps/admin-ui/public/locales/it/sessions.json rename js/apps/admin-ui/public/locales/{ca/authentication-help.json => it/translation.json} (100%) delete mode 100644 js/apps/admin-ui/public/locales/it/user-federation-help.json delete mode 100644 js/apps/admin-ui/public/locales/it/user-federation.json delete mode 100644 js/apps/admin-ui/public/locales/it/users-help.json delete mode 100644 js/apps/admin-ui/public/locales/it/users.json create mode 100644 js/apps/admin-ui/public/locales/ja/translation.json create mode 100644 js/apps/admin-ui/public/locales/lt/translation.json rename js/apps/admin-ui/public/locales/{ca/common-help.json => lv/translation.json} (100%) rename js/apps/admin-ui/public/locales/{ca/dashboard.json => nl/translation.json} (100%) create mode 100644 js/apps/admin-ui/public/locales/no/translation.json rename js/apps/admin-ui/public/locales/{ca/users-help.json => pl/translation.json} (100%) create mode 100644 js/apps/admin-ui/public/locales/pt-BR/translation.json create mode 100644 js/apps/admin-ui/public/locales/ru/translation.json create mode 100644 js/apps/admin-ui/public/locales/zh-CN/translation.json diff --git a/js/apps/admin-ui/cypress/e2e/clients_test.spec.ts b/js/apps/admin-ui/cypress/e2e/clients_test.spec.ts index 97d4040f4a..ae72c328be 100644 --- a/js/apps/admin-ui/cypress/e2e/clients_test.spec.ts +++ b/js/apps/admin-ui/cypress/e2e/clients_test.spec.ts @@ -149,9 +149,7 @@ describe("Clients test", () => { .checkModalTitle("Add client scopes to " + clientId); commonPage.tableUtils().selectRowItemCheckbox(itemName); commonPage.modalUtils().confirmModalWithItem(assignedType); - commonPage - .masthead() - .checkNotificationMessage("Scope mapping successfully updated"); + commonPage.masthead().checkNotificationMessage("Scope mapping updated"); commonPage.tableToolbarUtils().searchItem(itemName, false); commonPage .tableUtils() diff --git a/js/apps/admin-ui/cypress/e2e/i18n_test.spec.ts b/js/apps/admin-ui/cypress/e2e/i18n_test.spec.ts index b364963555..0443fc23e7 100644 --- a/js/apps/admin-ui/cypress/e2e/i18n_test.spec.ts +++ b/js/apps/admin-ui/cypress/e2e/i18n_test.spec.ts @@ -141,7 +141,7 @@ describe("i18n tests", () => { it("should apply plurals and interpolation for REALM localization", () => { addLocalization( "en", - "user-federation:addProvider_other", + "addProvider_other", "addProvider_other en: {{provider}}", ); updateUserLocale("en"); @@ -169,7 +169,7 @@ describe("i18n tests", () => { locale: string, value: string, ) { - addLocalization(locale, "common:realmSettings", value); + addLocalization(locale, "realmSettings", value); } function addLocalization(locale: string, key: string, value: string) { diff --git a/js/apps/admin-ui/cypress/support/pages/admin-ui/manage/clients/CreateClientPage.ts b/js/apps/admin-ui/cypress/support/pages/admin-ui/manage/clients/CreateClientPage.ts index 56a3a652be..ebc6b3755d 100644 --- a/js/apps/admin-ui/cypress/support/pages/admin-ui/manage/clients/CreateClientPage.ts +++ b/js/apps/admin-ui/cypress/support/pages/admin-ui/manage/clients/CreateClientPage.ts @@ -115,7 +115,7 @@ export default class CreateClientPage extends CommonPage { checkGeneralSettingsStepActive() { cy.get(".pf-c-wizard__nav-link") - .contains("General Settings") + .contains("General settings") .should("have.class", "pf-m-current"); return this; diff --git a/js/apps/admin-ui/cypress/support/pages/admin-ui/manage/clients/client_details/tabs/AdvancedTab.ts b/js/apps/admin-ui/cypress/support/pages/admin-ui/manage/clients/client_details/tabs/AdvancedTab.ts index 2246460886..a987513567 100644 --- a/js/apps/admin-ui/cypress/support/pages/admin-ui/manage/clients/client_details/tabs/AdvancedTab.ts +++ b/js/apps/admin-ui/cypress/support/pages/admin-ui/manage/clients/client_details/tabs/AdvancedTab.ts @@ -12,9 +12,9 @@ export default class AdvancedTab extends PageObject { private emptyClusterElement = "empty-state"; private registerNodeManuallyBtn = "no-nodes-registered-empty-action"; private deleteClusterNodeDrpDwn = - '[aria-label="registeredClusterNodes"] [aria-label="Actions"]'; + '[aria-label="Registered cluster nodes"] [aria-label="Actions"]'; private deleteClusterNodeBtn = - '[aria-label="registeredClusterNodes"] [role="menu"] button'; + '[aria-label="Registered cluster nodes"] [role="menu"] button'; private nodeHostInput = "#nodeHost"; private addNodeConfirmBtn = "#add-node-confirm"; diff --git a/js/apps/admin-ui/cypress/support/pages/admin-ui/manage/groups/GroupPage.ts b/js/apps/admin-ui/cypress/support/pages/admin-ui/manage/groups/GroupPage.ts index 5af8356ac7..9a351ec94a 100644 --- a/js/apps/admin-ui/cypress/support/pages/admin-ui/manage/groups/GroupPage.ts +++ b/js/apps/admin-ui/cypress/support/pages/admin-ui/manage/groups/GroupPage.ts @@ -110,7 +110,7 @@ export default class GroupPage extends PageObject { listingPage.clickDetailMenu("Move to"); moveGroupModal .assertModalVisible(true) - .assertModalTitleEqual(`Move ${groupName} to root`); + .assertModalTitleEqual(`Move ${groupName} to Root`); if (!destinationGroupName.includes("root")) { for (const destination of destinationGroupName) { moveGroupModal diff --git a/js/apps/admin-ui/cypress/support/pages/admin-ui/manage/groups/group_details/tabs/MembersTab.ts b/js/apps/admin-ui/cypress/support/pages/admin-ui/manage/groups/group_details/tabs/MembersTab.ts index 6e23b454c4..2b99a1b394 100644 --- a/js/apps/admin-ui/cypress/support/pages/admin-ui/manage/groups/group_details/tabs/MembersTab.ts +++ b/js/apps/admin-ui/cypress/support/pages/admin-ui/manage/groups/group_details/tabs/MembersTab.ts @@ -44,13 +44,13 @@ export default class MembersTab extends GroupDetailPage { } public leaveGroupSelectedUsers() { - this.clickToolbarAction("Leave group"); + this.clickToolbarAction("Leave"); return this; } public leaveGroupUserItem(username: string) { listingPage.clickRowDetails(username); - listingPage.clickDetailMenu("Leave group"); + listingPage.clickDetailMenu("Leave"); return this; } diff --git a/js/apps/admin-ui/public/locales/ca/authentication.json b/js/apps/admin-ui/public/locales/ca/authentication.json deleted file mode 100644 index 404a49165c..0000000000 --- a/js/apps/admin-ui/public/locales/ca/authentication.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "attestationPreference": { - "none": "cap" - }, - "edit": "Edita", - "alias": "Àlies" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/ca/client-scopes-help.json b/js/apps/admin-ui/public/locales/ca/client-scopes-help.json deleted file mode 100644 index ba33c3907e..0000000000 --- a/js/apps/admin-ui/public/locales/ca/client-scopes-help.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "multiValued": "Indica si l''atribut suporta múltiples valors. Si està habilitat, la llista de tots els valors d''aquest atribut es fixarà com a reclamació. Si està deshabilitat, només el primer valor serà fixat com a reclamació.", - "tokenClaimName": "Nom del reclam a inserir en el testimoni. Pot ser un nom complet com ''address.street''. En aquest cas, es crearà un objecte JSON niat.", - "claimJsonType": "El tipus de JSON que hauria de fer-se servir per omplir la petició de JSON en el token. long, int, boolean i String són valors vàlids", - "protocolMapper": "Protocol." -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/ca/client-scopes.json b/js/apps/admin-ui/public/locales/ca/client-scopes.json deleted file mode 100644 index 91fc78dbde..0000000000 --- a/js/apps/admin-ui/public/locales/ca/client-scopes.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "protocol": "Protocol", - "type": "Tipus", - "realmRoles": "Rols de domini", - "clients": "Clients" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/ca/clients-help.json b/js/apps/admin-ui/public/locales/ca/clients-help.json deleted file mode 100644 index 79be8e8ab9..0000000000 --- a/js/apps/admin-ui/public/locales/ca/clients-help.json +++ /dev/null @@ -1,41 +0,0 @@ -{ - "clientType": "''OpenID connect'' permet als clients verificar la identitat de l''usuari final basat en l''autenticació realitzada per un servidor d''autorització. ''SAML'' habilita l''autenticació i autorització d''escenaris basats en web incloent cross-domain i single sign-on (SSO) i utilitza tokens de seguretat que contenen afirmacions per passar informació.", - "serviceAccount": "Permetre autenticar aquest client contra Keycloak i rebre un token d''accés dedicat per a aquest client.", - "rootURL": "URL arrel afegida a les URL relatives", - "validRedirectURIs": "Patró d''URI vàlida per a la qual un navegador pot sol·licitar la redirecció després d''un inici o tancament de sessió completat. Es permeten comodins simples p.ex. ''http://example.com/*''. També es poden indicar rutes relatives p.ex. ''/my/relative/path/*''. Les rutes relatives generaran un URI de redirecció fent servir el host i port de la petició. Per SAML, s''han de fixar patrons d''URI vàlids si vols confiar en l''URL del servei del consumidor indicada en la petició d''inici de sessió.", - "nameIdFormat": "El format de NameID que es farà servir per al títol", - "forceNameIdFormat": "Ignorar la petició de subjecte NameID i fer servir la configurada a la consola d''administració.", - "forcePostBinding": "Fer servir sempre POST per a les respostes", - "includeAuthnStatement": "Hauria d''incloure''s una declaració especificant el mètode i la marca de temps en la resposta d''inici de sessió?", - "signDocuments": "Hauria el domini de signar els documents SAML?", - "signAssertions": "Haurien de signar-se les assercions en documents SAML? Aquest ajust no és necessari si el document ja s''està signant.", - "signatureAlgorithm": "L''algorisme de signatura usat per signar els documents.", - "canonicalization": "Mètode de canonicalització per a les signatures XML", - "webOrigins": "Orígens CORS permesos. Per permetre tots els orígens d''URIs de redirecció vàlides afegeix ''+''. Per permetre tots els orígens afegeix ''*''.", - "homeURL": "URL per defecte per utilitzar quan el servidor d''autorització necessita redirigir o enviar de tornada al client.", - "adminURL": "URL a la interfície d''administració del client. Fixa aquest valor si el client suporta l''adaptador de REST. Aquesta API REST permet al servidor d''autenticació enviar al client polítiques de revocació i altres tasques administratives. Normalment es fixa a l''URL base del client.", - "clientId": "Indica l''identificador (ID) referenciat en URIs i tokens. Per exemple ''my-client''", - "clientName": "Indica el nom visible del client. Per exemple ''My Client''. També suporta claus per valors localitzats. Per exemple: ${my_client}", - "description": "Indica la descripció del client. Per exemple ''My Client for TimeSheets''. També suporta claus per a valors localitzats. Per exemple: ${my_client_description}", - "loginTheme": "Selecciona el tema per a les pàgines d''inici de sessió, OTP, permisos, registre i recordatori de contrasenya.", - "encryptAssertions": "Haurien de xifrar-se les afirmacions SAML amb la clau pública del client fent servir AES?", - "clientSignature": "Signarà el client les seves peticions i respostes SAML? I haurien de ser validades?", - "client-authenticator-type": "Client autenticador usat per autenticar aquest client contra el servidor Keycloak", - "nodeReRegistrationTimeout": "Indica el màxim interval de temps perquè els nodes del clúster registrats es tornin a registrar. Si el node del clúster no envia una petició de re-registre a Keycloak dins d''aquest interval, serà desregistrat de Keycloak", - "idpInitiatedSsoUrlName": "Nom del fragment de l''URL per referenciar al client quan vols un SSO iniciat per l''IDP. Deixant això buit desactiva els SSO iniciats per l''IDP. L''URL referenciada des del navegador serà: {server-root}/realms/{realm}/protocol/saml/clients/{client-url-name}", - "idpInitiatedSsoRelayState": "Estat de retransmissió que vols enviar amb una petició SAML quan s''inicia un SSO iniciat per l''IDP", - "masterSamlProcessingUrl": "Si està configurada, aquesta URL es fara servir per a cada enllaç al proveïdor del servei del consumidor d''assercions i serveis de desconnexió únics. Pot ser sobreescrit de forma individual per a cada enllaç i servei en el punt final de configuració fina de SAML.", - "accessTokenLifespan": "Temps màxim abans que un token d''accés expiri. Es recomana que aquest valor sigui curt en relació al temps màxim de SSO", - "assertionConsumerServicePostBindingURL": "SAML POST Binding URL for the client''s assertion consumer service (login responses). You can leave this blank if you do not have a URL for this binding.", - "assertionConsumerServiceRedirectBindingURL": "Assertion Consumer Service Redirect Binding URL", - "logoutServicePostBindingURL": "URL d''enllaç SAML POST per a la desconnexió única del client. Pots deixar-ho en blanc si estàs fent servir un enllaç diferent.", - "logoutServiceRedirectBindingURL": "URL d''enllaç SAML de redirecció per a la desconnexió única del client. Pots deixar-ho en blanc si estàs fent servir un enllaç diferent.", - "frontchannelLogout": "Quan està activat, la desconnexió requereix una redirecció del navegador cap al client. Quan no està activat, el servidor realitza una invovación de desconnexió en segon pla.", - "certificate": "Certificat de client per validar els JWT emesos per aquest client i signats amb la clau privada del client del teu magatzem de claus.", - "archiveFormat": "Format d''arxiu Java keystore o PKCS12", - "keyAlias": "Àlies de l''arxiu de la teva clau privada i certificat.", - "keyPassword": "Contrasenya per accedir a la clau privada continguda en l''arxiu", - "storePassword": "Contrasenya per accedir a l''arxiu", - "consentRequired": "Si està habilitat, els usuaris han de consentir l''accés del client.", - "fullScopeAllowed": "Permet deshabilitar totes les restriccions." -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/ca/clients.json b/js/apps/admin-ui/public/locales/ca/clients.json deleted file mode 100644 index 8d5874afc2..0000000000 --- a/js/apps/admin-ui/public/locales/ca/clients.json +++ /dev/null @@ -1,65 +0,0 @@ -{ - "protocol": "Protocol", - "importClient": "Importar Client", - "webOrigins": "Orígens web", - "adminURL": "URL d''administració", - "formatOption": "Format", - "encryptAssertions": "Xifrar afirmacions", - "clientSignature": "Signatura de Client requerida", - "credentials": "Credencials", - "roles": "Rols", - "fullScopeAllowed": "Permet tots els àmbits", - "kc": { - "realm": { - "name": "Domini" - } - }, - "password": "Contrasenya", - "settings": "Ajustos", - "type": "Tipus", - "user": "Usuari", - "clientList": "Clients", - "realmRoles": "Rols de domini", - "frontchannelLogout": "Desconnexió en primer pla (Front Channel)", - "rootUrl": "URL arrel", - "validRedirectUri": "URIs de redirecció vàlides", - "idpInitiatedSsoRelayState": "Estat de retransmissió d''un SSO iniciat per l''IDP", - "masterSamlProcessingUrl": "URL principal de processament SAML", - "nameIdFormat": "Format de NameID", - "forceNameIdFormat": "Forçar format NameID", - "forcePostBinding": "Forçar enllaços POST", - "includeAuthnStatement": "Incloure AuthnStatement", - "signDocuments": "Signar documents", - "signAssertions": "Signar assercions", - "canonicalization": "Mètode de canonicalització", - "loginTheme": "Tema d''inici de sessió", - "clientAuthenticator": "Client autenticador", - "clientSecret": "Secret de Client", - "revocation": "Revocació", - "clustering": "Clustering", - "notBefore": "No abans de", - "setToNow": "Fixar a ara", - "addNode": "Afegir Node", - "push": "Push", - "clear": "Neteja", - "nodeReRegistrationTimeout": "Temps d''espera de re-registre de node", - "registeredClusterNodes": "Registrar nodes de clúster", - "nodeHost": "Host del node", - "lastRegistration": "Últim registre", - "testClusterAvailability": "Provar disponibilitat del clúster", - "registerNodeManually": "Registrar node manualment", - "fineGrainSamlEndpointConfig": "Fine Grain SAML Endpoint Configuration", - "assertionConsumerServicePostBindingURL": "Assertion Consumer Service POST Binding URL", - "assertionConsumerServiceRedirectBindingURL": "Assertion Consumer Service Redirect Binding URL", - "logoutServicePostBindingURL": "URL d''enllaç SAML POST per a la desconnexió", - "logoutServiceRedirectBindingURL": "URL d''enllaç SAML de redirecció per a la desconnexió", - "accessTokenLifespan": "Durada del token d''accés", - "certificate": "Certificat", - "generateNewKeys": "Generar noves claus", - "archiveFormat": "Format d''Arxiu", - "keyAlias": "Àlies de clau", - "keyPassword": "Contrasenya de la clau", - "storePassword": "Contrasenya del magatzem", - "importFile": "Arxiu d''Importació", - "mappers": "Assignadors" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/ca/common.json b/js/apps/admin-ui/public/locales/ca/common.json deleted file mode 100644 index 732483b0c0..0000000000 --- a/js/apps/admin-ui/public/locales/ca/common.json +++ /dev/null @@ -1,33 +0,0 @@ -{ - "create": "Crea", - "save": "Desar", - "key": "Clau", - "export": "Exporta", - "download": "Descarrega", - "clear": "Neteja", - "on": "Activat", - "edit": "Edita", - "enabled": "Habilitat", - "none": "cap", - "description": "Descripció", - "type": "Tipus", - "category": "Categoria", - "clients": "Clients", - "realmRoles": "Rols de domini", - "sessions": "Sessions", - "mappers": "Assignadors", - "identityProviders": "Proveïdors d''identitat", - "settings": "Ajustos", - "times": { - "seconds": "Segons", - "minutes": "Minuts", - "hours": "Hores", - "days": "Dies" - }, - "credentials": "Credencials", - "clientId": "ID Client", - "clientName": "Nom", - "id": "ID", - "mapperType": "Tipus d''assignador", - "password": "Contrasenya" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/ca/dynamic.json b/js/apps/admin-ui/public/locales/ca/dynamic.json deleted file mode 100644 index 9546190b53..0000000000 --- a/js/apps/admin-ui/public/locales/ca/dynamic.json +++ /dev/null @@ -1,47 +0,0 @@ -{ - "usermodel": { - "prop": { - "label": "Propietat", - "tooltip": "Nom del mètode de propietat en la interfície UserModel. Per exemple, un valor de ''email'' faria referència al mètode UserModel.getEmail()." - }, - "attr": { - "label": "Atribut d''usuari", - "tooltip": "Nom de l''atribut d''usuari emmagatzemat que és el nom de l''atribut dins el map UserModel.attribute." - }, - "clientRoleMapping": { - "clientId": { - "label": "ID Client" - } - } - }, - "userSession": { - "modelNote": { - "label": "Nota sessió usuari", - "tooltip": "Nom de la nota emmagatzemada en la sessió d''usuari dins del mapa UserSessionModel.note" - } - }, - "multivalued": { - "label": "Valors múltiples", - "tooltip": "Indica si l''atribut suporta múltiples valors. Si està habilitat, la llista de tots els valors d''aquest atribut es fixarà com a reclamació. Si està deshabilitat, només el primer valor serà fixat com a reclamació." - }, - "selectRole": { - "label": "Selecciona rol", - "tooltip": "Introdueix el rol a la caixa de text de l''esquerra, o fes clic a aquest botó per navegar i buscar el rol que vols." - }, - "tokenClaimName": { - "label": "Nom de reclam del token", - "tooltip": "Nom del reclam a inserir en el testimoni. Pot ser un nom complet com ''address.street''. En aquest cas, es crearà un objecte JSON niat." - }, - "jsonType": { - "label": "Tipus JSON de reclamació", - "tooltip": "El tipus de JSON que hauria de fer-se servir per omplir la petició de JSON en el token. long, int, boolean i String són valors vàlids" - }, - "includeInIdToken": { - "label": "Afegir al token d''ID" - }, - "includeInAccessToken": { - "label": "Afegir al token d''accés", - "tooltip": "S''hauria d'afegir la identitat reclamada al token d''accés?" - }, - "name-id-format": "Format de NameID" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/ca/events.json b/js/apps/admin-ui/public/locales/ca/events.json deleted file mode 100644 index 06ddb65e76..0000000000 --- a/js/apps/admin-ui/public/locales/ca/events.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "user": "Usuari", - "realm": "Domini" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/ca/groups.json b/js/apps/admin-ui/public/locales/ca/groups.json deleted file mode 100644 index 1b6a79e574..0000000000 --- a/js/apps/admin-ui/public/locales/ca/groups.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "create": "Crea" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/ca/identity-providers-help.json b/js/apps/admin-ui/public/locales/ca/identity-providers-help.json deleted file mode 100644 index 9bd3014ecd..0000000000 --- a/js/apps/admin-ui/public/locales/ca/identity-providers-help.json +++ /dev/null @@ -1,28 +0,0 @@ -{ - "redirectURI": "L''URI de redirecció usada per configurar el proveïdor d''identitat.", - "alias": "L''àlies que identifica de forma única un proveïdor d''identitat, es far servir també per construir la URI de redirecció.", - "clientId": "L''identificador del client registrat amb el proveïdor d''identitat.", - "clientSecret": "El secret del client registrat amb el proveïdor d''identitat.", - "discoveryEndpoint": "Importa metadades des d''un descriptor d''un proveïdor d''identitat (IDP) remot.", - "importConfig": "Importa metadades des d''un descriptor d''un proveïdor d''identitat (IDP) descarregat.", - "logoutUrl": "Punt de tancament de sessió per utilitzar en la desconnexió d''usuaris des d''un proveïdor d''identitat (IDP) extern.", - "backchannelLogout": "Does the external IDP support backchannel logout?", - "userInfoUrl": "L''URL d''informació d''usuari. Opcional.", - "issuer": "L''identificador de l''emissor per a l''emissor de la resposta. Si no s''indica, no es realitzarà cap validació.", - "scopes": "Els àmbits que s''enviaran quan es sol·liciti autorització. Pot ser una llista d''àmbits separats per espais. El valor per defecte és ''openid''.", - "validateSignature": "Habilitar/deshabilitar la validació de signatures de proveïdors d''identitat (IDP) externs", - "storeTokens": "Habilitar/deshabilitar si els tokens han de ser emmagatzemats després d''autenticar als usuaris.", - "storedTokensReadable": "Habilitar/deshabilitar si els nous usuaris poden llegir els tokens emmagatzemats. Això assigna el rol ''broker.read-token''.", - "trustEmail": "Si està habilitat, l''email rebut d''aquest proveïdor no es verificarà encara que la verificació estigui habilitada per al domini.", - "useEntityDescriptor": "Importar metadades des d''un descriptor d'entitat remot d''un IDP de SAML", - "samlEntityDescriptor": "Et permet carregar metadades d''un proveïdor d''identitat (IDP) extern d''un arxiu de coniguración o descarregar des d''una URL.", - "ssoServiceUrl": "L''URL que s''ha de fer servir per enviar peticions d''autenticació (SAML AuthnRequest).", - "singleLogoutServiceUrl": "L''URL que ha de fer-se servir per enviar peticions de desconnexió.", - "httpPostBindingAuthnRequest": "Indica si AuthnRequest ha de ser enviat usant HTTP-POST. Si no està activat es fa HTTP-REDIRECT.", - "wantAuthnRequestsSigned": "Indica si el proveïdor d''identitat espera rebre signades les AuthnRequest.", - "signatureAlgorithm": "L''algorisme de signatura usat per signar els documents.", - "forceAuthentication": "Indica si el proveïdor d''identitat ha d'autenticar en presentar directament les credencials en lloc de dependre d''un context de seguretat previ.", - "validateSignatures": "Habilitar/deshabilitar la validació de signatura en respostes SAML.", - "validatingX509Certs": "El certificat en format PEM que ha de fer-se servir per comprovar les signatures.", - "addIdpMapperName": "Nom de l''assignador." -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/ca/identity-providers.json b/js/apps/admin-ui/public/locales/ca/identity-providers.json deleted file mode 100644 index 75343c26d3..0000000000 --- a/js/apps/admin-ui/public/locales/ca/identity-providers.json +++ /dev/null @@ -1,35 +0,0 @@ -{ - "addIdPMapper": "Afegeix assignador de proveïdor d''identitat", - "redirectURI": "URI de redirecció", - "clientId": "ID Client", - "clientSecret": "Secret de Client", - "alias": "Àlies", - "ssoServiceUrl": "URL de servei de connexió únic (SSO)", - "singleLogoutServiceUrl": "URL de servei de desconnexió únic", - "nameIdPolicyFormat": "Format de política NameID", - "unspecified": "no especificat", - "httpPostBindingResponse": "HTTP-POST enllaç de resposta", - "httpPostBindingAuthnRequest": "HTTP-POST per AuthnRequest", - "wantAuthnRequestsSigned": "Signar AuthnRequests", - "forceAuthentication": "Forçar autenticació", - "validatingX509Certs": "Validant certificat X509", - "authorizationUrl": "URL d''autorització", - "tokenUrl": "Token URL", - "logoutUrl": "URL de desconnexió", - "backchannelLogout": "Backchannel Logout", - "userInfoUrl": "URL d''informació d''usuari", - "issuer": "Emissor", - "prompt": "Prompt", - "prompts": { - "none": "cap", - "consent": "consentiment", - "login": "login" - }, - "validateSignature": "Validar signatures", - "storeTokens": "Emmagatzemar tokens", - "storedTokensReadable": "Tokens emmagatzemats llegibles", - "trustEmail": "Confiar en l''email", - "mapperType": "Tipus d''assignador", - "selectRole": "Selecciona rol", - "userAttribute": "Atribut d''usuari" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/ca/realm-settings-help.json b/js/apps/admin-ui/public/locales/ca/realm-settings-help.json deleted file mode 100644 index 0c56000ffa..0000000000 --- a/js/apps/admin-ui/public/locales/ca/realm-settings-help.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "requireSsl": "És HTTP obligatori? ''cap'' significa que HTTPS no és obligatori per cap direcicón IP de client, ''peticions externes'' indica que localhost i les adreces IP privades poden accedir sense HTTPS, ''totes les peticions'' vol dir que HTTPS és obligatori per a totes les adreces IP.", - "accountTheme": "Selecciona el tema per a les pàgines de gestió del compte d''usuari.", - "adminTheme": "Selecciona el tema per a la consola d''administració.", - "emailTheme": "Selecciona el tema per als correus electrònics que són enviats pel servidor.", - "failureFactor": "Indica quants errors es permeten abans que es dispari una espera.", - "waitIncrementSeconds": "Quan s''ha arribat al llindar d''error, quant de temps ha d''estar un usuari bloquejat?", - "maxFailureWaitSeconds": "Temps màxim que un usuari queda bloquejat.", - "maxDeltaTimeSeconds": "Quan s''ha de reiniciar el comptador d''errors?", - "quickLoginCheckMilliSeconds": "Si ocorren errors de forma concurrent i molt ràpida, bloquejar a l''usuari.", - "minimumQuickLoginWaitSeconds": "Quant de temps s''ha d''esperar després d''un error en un intent ràpid d''identificació", - "ssoSessionIdle": "Temps màxim que una sessió pot estar inactiva abans que expiri. Els tokens i sessions de navegador són invalidades quan la sessió expira.", - "ssoSessionMax": "Temps màxim abans que una sessió expiri. Els tokens i sessions de navegador són invalidats quan una sessió expira.", - "offlineSessionIdle": "Temps màxim inactiu d''una sessió sense connexió abans que expiri. Necessites fer servi un token sense connexió per refrescar almenys una vegada dins d'aquest període, en un altre cas la sessió sense connexió expirarà.", - "revokeRefreshToken": "Si està activat els tokens d''actualització només poden usar-se una vegada. En un altre cas els tokens d''actualització no es revoquen quan s''utilitzen i poden ser usat múltiples vegades.", - "clientLoginTimeout": "Temps màxim que un client té per finalitzar el protocol d''obtenció del token d''accés. Hauria de ser normalment de l''ordre d''1 minut.", - "editUsername": "Si està habilitat, el nom d''usuari és editable, altrament és de només lectura." -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/ca/realm-settings.json b/js/apps/admin-ui/public/locales/ca/realm-settings.json deleted file mode 100644 index a472b7ed10..0000000000 --- a/js/apps/admin-ui/public/locales/ca/realm-settings.json +++ /dev/null @@ -1,63 +0,0 @@ -{ - "general": "General", - "login": "login", - "themes": "Temes", - "from": "Des de", - "host": "Host", - "port": "Port", - "enableSSL": "Habilitar SSL", - "enableStartTLS": "Habilitar StartTLS", - "username": "Usuari", - "password": "Contrasenya", - "keyAlias": "Àlies de clau", - "keyPassword": "Contrasenya de la clau", - "type": "Tipus", - "providerId": "ID", - "provider": "Proveïdor", - "certificate": "Certificat", - "userRegistration": "Registre d''usuari", - "userRegistrationHelpText": "Habilitar/deshabilitar la pàgina de registre. Un enllaç per al registre es mostrarà també a la pàgina d''inici de sessió.", - "rememberMe": "Mantenir connectat", - "rememberMeHelpText": "Mostra la casella de selecció en la pàgina d''inici de sessió per a permetre a l''usuari estar connectat entre reinicis del navegador fins que la sessió expiri.", - "registrationEmailAsUsername": "Email com a nom d''usuari", - "verifyEmail": "Verificar email", - "editUsername": "Edita el nom d''usuari", - "requireSsl": "Sol·licitar SSL", - "sslType": { - "all": "totes les peticions", - "external": "peticions externes", - "none": "cap" - }, - "loginTheme": "Tema d''inici de sessió", - "accountTheme": "Tema de compte", - "adminTheme": "Tema de consola d''administració", - "emailTheme": "Tema d''email", - "sessions": "Sessions", - "SSOSessionIdle": "Sessions SSO inactives", - "SSOSessionMax": "Temps màxim sessió SSO", - "offlineSessionIdle": "Inactivitat de sessió sense connexió", - "loginTimeout": "Temps màxim de desconnexió", - "loginActionTimeout": "Temps màxim d''acció en l''inici de sessió", - "revokeRefreshToken": "Revocar el token d''actualització", - "accessTokenLifespan": "Durada del token d''accés", - "clientLoginTimeout": "Temps màxim d''autenticació", - "clientProfileDescription": "Descripció", - "save": "Desar", - "tokens": "Tokens", - "supportedLocales": "Idiomes suportats", - "defaultLocale": "Idioma per defecte", - "user": "Usuari", - "validatorDialogColNames": { - "colName": "Nom de rol" - }, - "securityDefences": "Defenses de seguretat", - "headers": "Capçaleres", - "bruteForceDetection": "Detecció d''atacs per força bruta", - "xFrameOptions": "X-Frame-Options", - "contentSecurityPolicy": "Content-Security-Policy", - "failureFactor": "Nombre màxim d''errors d''inici de sessió", - "waitIncrementSeconds": "Increment d''espera", - "maxFailureWaitSeconds": "Espera màxima", - "maxDeltaTimeSeconds": "Reinici del comptador d''errors", - "minimumQuickLoginWaitSeconds": "Temps mínim entre errors de connexió ràpids" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/ca/realm.json b/js/apps/admin-ui/public/locales/ca/realm.json deleted file mode 100644 index 8802950057..0000000000 --- a/js/apps/admin-ui/public/locales/ca/realm.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "enabled": "Habilitat" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/ca/roles.json b/js/apps/admin-ui/public/locales/ca/roles.json deleted file mode 100644 index b0c6faa3d9..0000000000 --- a/js/apps/admin-ui/public/locales/ca/roles.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "associatedRolesText": "Rols Associats", - "title": "Rols de domini", - "addRole": "Afegir rol", - "roleName": "Nom de rol", - "composite": "Compost", - "userName": "Usuari" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/ca/sessions.json b/js/apps/admin-ui/public/locales/ca/sessions.json deleted file mode 100644 index 0a1a833ffc..0000000000 --- a/js/apps/admin-ui/public/locales/ca/sessions.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Sessions", - "lastAccess": "Últim Accés", - "revocation": "Revocació", - "notBefore": "No abans de", - "setToNow": "Fixar a ara", - "clear": "Neteja", - "push": "Push", - "none": "cap" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/ca/translation.json b/js/apps/admin-ui/public/locales/ca/translation.json new file mode 100644 index 0000000000..370c335baf --- /dev/null +++ b/js/apps/admin-ui/public/locales/ca/translation.json @@ -0,0 +1,313 @@ +{ + "create": "Crea", + "save": "Desar", + "key": "Clau", + "export": "Exporta", + "download": "Descarrega", + "clear": "Neteja", + "on": "Activat", + "edit": "Edita", + "enabled": "Habilitat", + "none": "cap", + "description": "Descripció", + "type": "Tipus", + "category": "Categoria", + "clients": "Clients", + "realmRoles": "Rols de domini", + "sessions": "Sessions", + "mappers": "Assignadors", + "identityProviders": "Proveïdors d''identitat", + "settings": "Ajustos", + "times": { + "seconds": "Segons", + "minutes": "Minuts", + "hours": "Hores", + "days": "Dies" + }, + "credentials": "Credencials", + "clientId": "ID Client", + "clientName": "Nom", + "id": "ID", + "mapperType": "Tipus d''assignador", + "password": "Contrasenya", + "protocol": "Protocol", + "importClient": "Importar Client", + "webOrigins": "Orígens web", + "adminURL": "URL d''administració", + "formatOption": "Format", + "encryptAssertions": "Xifrar afirmacions", + "clientSignature": "Signatura de Client requerida", + "roles": "Rols", + "fullScopeAllowed": "Permet tots els àmbits", + "kc": { + "realm": { + "name": "Domini" + } + }, + "user": "Usuari", + "clientList": "Clients", + "frontchannelLogout": "Desconnexió en primer pla (Front Channel)", + "rootUrl": "URL arrel", + "validRedirectUri": "URIs de redirecció vàlides", + "idpInitiatedSsoRelayState": "Estat de retransmissió d''un SSO iniciat per l''IDP", + "masterSamlProcessingUrl": "URL principal de processament SAML", + "nameIdFormat": "Format de NameID", + "forceNameIdFormat": "Forçar format NameID", + "forcePostBinding": "Forçar enllaços POST", + "includeAuthnStatement": "Incloure AuthnStatement", + "signDocuments": "Signar documents", + "signAssertions": "Signar assercions", + "canonicalization": "Mètode de canonicalització", + "loginTheme": "Tema d''inici de sessió", + "clientAuthenticator": "Client autenticador", + "clientSecret": "Secret de Client", + "revocation": "Revocació", + "clustering": "Clustering", + "notBefore": "No abans de", + "setToNow": "Fixar a ara", + "addNode": "Afegir Node", + "push": "Push", + "nodeReRegistrationTimeout": "Temps d''espera de re-registre de node", + "registeredClusterNodes": "Registrar nodes de clúster", + "nodeHost": "Host del node", + "lastRegistration": "Últim registre", + "testClusterAvailability": "Provar disponibilitat del clúster", + "registerNodeManually": "Registrar node manualment", + "fineGrainSamlEndpointConfig": "Fine Grain SAML Endpoint Configuration", + "assertionConsumerServicePostBindingURL": "Assertion Consumer Service POST Binding URL", + "assertionConsumerServiceRedirectBindingURL": "Assertion Consumer Service Redirect Binding URL", + "logoutServicePostBindingURL": "URL d''enllaç SAML POST per a la desconnexió", + "logoutServiceRedirectBindingURL": "URL d''enllaç SAML de redirecció per a la desconnexió", + "accessTokenLifespan": "Durada del token d''accés", + "certificate": "Certificat", + "generateNewKeys": "Generar noves claus", + "archiveFormat": "Format d''Arxiu", + "keyAlias": "Àlies de clau", + "keyPassword": "Contrasenya de la clau", + "storePassword": "Contrasenya del magatzem", + "importFile": "Arxiu d''Importació", + "clientType": "''OpenID connect'' permet als clients verificar la identitat de l''usuari final basat en l''autenticació realitzada per un servidor d''autorització. ''SAML'' habilita l''autenticació i autorització d''escenaris basats en web incloent cross-domain i single sign-on (SSO) i utilitza tokens de seguretat que contenen afirmacions per passar informació.", + "serviceAccount": "Permetre autenticar aquest client contra Keycloak i rebre un token d''accés dedicat per a aquest client.", + "rootURL": "URL arrel afegida a les URL relatives", + "validRedirectURIs": "Patró d''URI vàlida per a la qual un navegador pot sol·licitar la redirecció després d''un inici o tancament de sessió completat. Es permeten comodins simples p.ex. ''http://example.com/*''. També es poden indicar rutes relatives p.ex. ''/my/relative/path/*''. Les rutes relatives generaran un URI de redirecció fent servir el host i port de la petició. Per SAML, s''han de fixar patrons d''URI vàlids si vols confiar en l''URL del servei del consumidor indicada en la petició d''inici de sessió.", + "nameIdFormatHelp": "El format de NameID que es farà servir per al títol", + "forceNameIdFormatHelp": "Ignorar la petició de subjecte NameID i fer servir la configurada a la consola d''administració.", + "forcePostBindingHelp": "Fer servir sempre POST per a les respostes", + "includeAuthnStatementHelp": "Hauria d''incloure''s una declaració especificant el mètode i la marca de temps en la resposta d''inici de sessió?", + "signDocumentsHelp": "Hauria el domini de signar els documents SAML?", + "signAssertionsHelp": "Haurien de signar-se les assercions en documents SAML? Aquest ajust no és necessari si el document ja s''està signant.", + "signatureAlgorithm": "L''algorisme de signatura usat per signar els documents.", + "canonicalizationHelp": "Mètode de canonicalització per a les signatures XML", + "webOriginsHelp": "Orígens CORS permesos. Per permetre tots els orígens d''URIs de redirecció vàlides afegeix ''+''. Per permetre tots els orígens afegeix ''*''.", + "homeURL": "URL per defecte per utilitzar quan el servidor d''autorització necessita redirigir o enviar de tornada al client.", + "adminURLHelp": "URL a la interfície d''administració del client. Fixa aquest valor si el client suporta l''adaptador de REST. Aquesta API REST permet al servidor d''autenticació enviar al client polítiques de revocació i altres tasques administratives. Normalment es fixa a l''URL base del client.", + "clientIdHelp": "L''identificador del client registrat amb el proveïdor d''identitat.", + "clientNameHelp": "Indica el nom visible del client. Per exemple ''My Client''. També suporta claus per valors localitzats. Per exemple: ${my_client}", + "descriptionHelp": "Indica la descripció del client. Per exemple ''My Client for TimeSheets''. També suporta claus per a valors localitzats. Per exemple: ${my_client_description}", + "loginThemeHelp": "Selecciona el tema per a les pàgines d''inici de sessió, OTP, permisos, registre i recordatori de contrasenya.", + "encryptAssertionsHelp": "Haurien de xifrar-se les afirmacions SAML amb la clau pública del client fent servir AES?", + "clientSignatureHelp": "Signarà el client les seves peticions i respostes SAML? I haurien de ser validades?", + "client-authenticator-type": "Client autenticador usat per autenticar aquest client contra el servidor Keycloak", + "nodeReRegistrationTimeoutHelp": "Indica el màxim interval de temps perquè els nodes del clúster registrats es tornin a registrar. Si el node del clúster no envia una petició de re-registre a Keycloak dins d''aquest interval, serà desregistrat de Keycloak", + "idpInitiatedSsoUrlName": "Nom del fragment de l''URL per referenciar al client quan vols un SSO iniciat per l''IDP. Deixant això buit desactiva els SSO iniciats per l''IDP. L''URL referenciada des del navegador serà: {server-root}/realms/{realm}/protocol/saml/clients/{client-url-name}", + "idpInitiatedSsoRelayStateHelp": "Estat de retransmissió que vols enviar amb una petició SAML quan s''inicia un SSO iniciat per l''IDP", + "masterSamlProcessingUrlHelp": "Si està configurada, aquesta URL es fara servir per a cada enllaç al proveïdor del servei del consumidor d''assercions i serveis de desconnexió únics. Pot ser sobreescrit de forma individual per a cada enllaç i servei en el punt final de configuració fina de SAML.", + "accessTokenLifespanHelp": "Temps màxim abans que un token d''accés expiri. Es recomana que aquest valor sigui curt en relació al temps màxim de SSO", + "assertionConsumerServicePostBindingURLHelp": "SAML POST Binding URL for the client''s assertion consumer service (login responses). You can leave this blank if you do not have a URL for this binding.", + "logoutServicePostBindingURLHelp": "URL d''enllaç SAML POST per a la desconnexió única del client. Pots deixar-ho en blanc si estàs fent servir un enllaç diferent.", + "logoutServiceRedirectBindingURLHelp": "URL d''enllaç SAML de redirecció per a la desconnexió única del client. Pots deixar-ho en blanc si estàs fent servir un enllaç diferent.", + "frontchannelLogoutHelp": "Quan està activat, la desconnexió requereix una redirecció del navegador cap al client. Quan no està activat, el servidor realitza una invovación de desconnexió en segon pla.", + "certificateHelp": "Certificat de client per validar els JWT emesos per aquest client i signats amb la clau privada del client del teu magatzem de claus.", + "archiveFormatHelp": "Format d''arxiu Java keystore o PKCS12", + "keyAliasHelp": "Àlies de l''arxiu de la teva clau privada i certificat.", + "keyPasswordHelp": "Contrasenya per accedir a la clau privada continguda en l''arxiu", + "storePasswordHelp": "Contrasenya per accedir a l''arxiu", + "consentRequired": "Si està habilitat, els usuaris han de consentir l''accés del client.", + "fullScopeAllowedHelp": "Permet deshabilitar totes les restriccions.", + "multiValued": "Indica si l''atribut suporta múltiples valors. Si està habilitat, la llista de tots els valors d''aquest atribut es fixarà com a reclamació. Si està deshabilitat, només el primer valor serà fixat com a reclamació.", + "tokenClaimName": { + "label": "Nom de reclam del token", + "tooltip": "Nom del reclam a inserir en el testimoni. Pot ser un nom complet com ''address.street''. En aquest cas, es crearà un objecte JSON niat." + }, + "claimJsonType": "El tipus de JSON que hauria de fer-se servir per omplir la petició de JSON en el token. long, int, boolean i String són valors vàlids", + "protocolMapper": "Protocol.", + "associatedRolesText": "Rols Associats", + "title": "Sessions", + "addRole": "Afegir rol", + "roleName": "Nom de rol", + "composite": "Compost", + "userName": "Usuari", + "username": "Usuari", + "verifyEmail": "Verificar email", + "credentialType": "Tipus", + "hours": "Hores", + "minutes": "Minuts", + "seconds": "Segons", + "lastAccess": "Últim Accés", + "realm": "Domini", + "general": "General", + "login": "login", + "themes": "Temes", + "from": "Des de", + "host": "Host", + "port": "Port", + "enableSSL": "Habilitar SSL", + "enableStartTLS": "Habilitar StartTLS", + "providerId": "ID", + "provider": "Proveïdor", + "userRegistration": "Registre d''usuari", + "userRegistrationHelpText": "Habilitar/deshabilitar la pàgina de registre. Un enllaç per al registre es mostrarà també a la pàgina d''inici de sessió.", + "rememberMe": "Mantenir connectat", + "rememberMeHelpText": "Mostra la casella de selecció en la pàgina d''inici de sessió per a permetre a l''usuari estar connectat entre reinicis del navegador fins que la sessió expiri.", + "registrationEmailAsUsername": "Email com a nom d''usuari", + "editUsername": "Edita el nom d''usuari", + "requireSsl": "Sol·licitar SSL", + "sslType": { + "all": "totes les peticions", + "external": "peticions externes", + "none": "cap" + }, + "accountTheme": "Tema de compte", + "adminTheme": "Tema de consola d''administració", + "emailTheme": "Tema d''email", + "SSOSessionIdle": "Sessions SSO inactives", + "SSOSessionMax": "Temps màxim sessió SSO", + "offlineSessionIdle": "Inactivitat de sessió sense connexió", + "loginTimeout": "Temps màxim de desconnexió", + "loginActionTimeout": "Temps màxim d''acció en l''inici de sessió", + "revokeRefreshToken": "Revocar el token d''actualització", + "clientLoginTimeout": "Temps màxim d''autenticació", + "clientProfileDescription": "Descripció", + "tokens": "Tokens", + "supportedLocales": "Idiomes suportats", + "defaultLocale": "Idioma per defecte", + "validatorDialogColNames": { + "colName": "Nom de rol" + }, + "securityDefences": "Defenses de seguretat", + "headers": "Capçaleres", + "bruteForceDetection": "Detecció d''atacs per força bruta", + "xFrameOptions": "X-Frame-Options", + "contentSecurityPolicy": "Content-Security-Policy", + "failureFactor": "Nombre màxim d''errors d''inici de sessió", + "waitIncrementSeconds": "Increment d''espera", + "maxFailureWaitSeconds": "Espera màxima", + "maxDeltaTimeSeconds": "Reinici del comptador d''errors", + "minimumQuickLoginWaitSeconds": "Temps mínim entre errors de connexió ràpids", + "requireSslHelp": "És HTTP obligatori? ''cap'' significa que HTTPS no és obligatori per cap direcicón IP de client, ''peticions externes'' indica que localhost i les adreces IP privades poden accedir sense HTTPS, ''totes les peticions'' vol dir que HTTPS és obligatori per a totes les adreces IP.", + "accountThemeHelp": "Selecciona el tema per a les pàgines de gestió del compte d''usuari.", + "adminThemeHelp": "Selecciona el tema per a la consola d''administració.", + "emailThemeHelp": "Selecciona el tema per als correus electrònics que són enviats pel servidor.", + "failureFactorHelp": "Indica quants errors es permeten abans que es dispari una espera.", + "waitIncrementSecondsHelp": "Quan s''ha arribat al llindar d''error, quant de temps ha d''estar un usuari bloquejat?", + "maxFailureWaitSecondsHelp": "Temps màxim que un usuari queda bloquejat.", + "maxDeltaTimeSecondsHelp": "Quan s''ha de reiniciar el comptador d''errors?", + "quickLoginCheckMilliSeconds": "Si ocorren errors de forma concurrent i molt ràpida, bloquejar a l''usuari.", + "minimumQuickLoginWaitSecondsHelp": "Quant de temps s''ha d''esperar després d''un error en un intent ràpid d''identificació", + "ssoSessionIdle": "Temps màxim que una sessió pot estar inactiva abans que expiri. Els tokens i sessions de navegador són invalidades quan la sessió expira.", + "ssoSessionMax": "Temps màxim abans que una sessió expiri. Els tokens i sessions de navegador són invalidats quan una sessió expira.", + "offlineSessionIdleHelp": "Temps màxim inactiu d''una sessió sense connexió abans que expiri. Necessites fer servi un token sense connexió per refrescar almenys una vegada dins d'aquest període, en un altre cas la sessió sense connexió expirarà.", + "revokeRefreshTokenHelp": "Si està activat els tokens d''actualització només poden usar-se una vegada. En un altre cas els tokens d''actualització no es revoquen quan s''utilitzen i poden ser usat múltiples vegades.", + "clientLoginTimeoutHelp": "Temps màxim que un client té per finalitzar el protocol d''obtenció del token d''accés. Hauria de ser normalment de l''ordre d''1 minut.", + "editUsernameHelp": "Si està habilitat, el nom d''usuari és editable, altrament és de només lectura.", + "attestationPreference": { + "none": "cap" + }, + "alias": "Àlies", + "enableStartTls": "Habilitar StartTLS", + "trustEmail": "Confiar en l''email", + "selectRole": { + "label": "Selecciona rol", + "tooltip": "Introdueix el rol a la caixa de text de l''esquerra, o fes clic a aquest botó per navegar i buscar el rol que vols." + }, + "trustEmailHelp": "Si està habilitat, l''email rebut d''aquest proveïdor no es verificarà encara que la verificació estigui habilitada per al domini.", + "addIdPMapper": "Afegeix assignador de proveïdor d''identitat", + "redirectURI": "URI de redirecció", + "ssoServiceUrl": "URL de servei de connexió únic (SSO)", + "singleLogoutServiceUrl": "URL de servei de desconnexió únic", + "nameIdPolicyFormat": "Format de política NameID", + "unspecified": "no especificat", + "httpPostBindingResponse": "HTTP-POST enllaç de resposta", + "httpPostBindingAuthnRequest": "HTTP-POST per AuthnRequest", + "wantAuthnRequestsSigned": "Signar AuthnRequests", + "forceAuthentication": "Forçar autenticació", + "validatingX509Certs": "Validant certificat X509", + "authorizationUrl": "URL d''autorització", + "tokenUrl": "Token URL", + "logoutUrl": "URL de desconnexió", + "backchannelLogout": "Backchannel Logout", + "userInfoUrl": "URL d''informació d''usuari", + "issuer": "Emissor", + "prompt": "Prompt", + "prompts": { + "none": "cap", + "consent": "consentiment", + "login": "login" + }, + "validateSignature": "Validar signatures", + "storeTokens": "Emmagatzemar tokens", + "storedTokensReadable": "Tokens emmagatzemats llegibles", + "userAttribute": "Atribut d''usuari", + "redirectURIHelp": "L''URI de redirecció usada per configurar el proveïdor d''identitat.", + "aliasHelp": "L''àlies que identifica de forma única un proveïdor d''identitat, es far servir també per construir la URI de redirecció.", + "clientSecretHelp": "El secret del client registrat amb el proveïdor d''identitat.", + "discoveryEndpoint": "Importa metadades des d''un descriptor d''un proveïdor d''identitat (IDP) remot.", + "importConfig": "Importa metadades des d''un descriptor d''un proveïdor d''identitat (IDP) descarregat.", + "logoutUrlHelp": "Punt de tancament de sessió per utilitzar en la desconnexió d''usuaris des d''un proveïdor d''identitat (IDP) extern.", + "backchannelLogoutHelp": "Does the external IDP support backchannel logout?", + "userInfoUrlHelp": "L''URL d''informació d''usuari. Opcional.", + "issuerHelp": "L''identificador de l''emissor per a l''emissor de la resposta. Si no s''indica, no es realitzarà cap validació.", + "scopes": "Els àmbits que s''enviaran quan es sol·liciti autorització. Pot ser una llista d''àmbits separats per espais. El valor per defecte és ''openid''.", + "validateSignatureHelp": "Habilitar/deshabilitar la validació de signatures de proveïdors d''identitat (IDP) externs", + "storeTokensHelp": "Habilitar/deshabilitar si els tokens han de ser emmagatzemats després d''autenticar als usuaris.", + "storedTokensReadableHelp": "Habilitar/deshabilitar si els nous usuaris poden llegir els tokens emmagatzemats. Això assigna el rol ''broker.read-token''.", + "useEntityDescriptor": "Importar metadades des d''un descriptor d'entitat remot d''un IDP de SAML", + "samlEntityDescriptor": "Et permet carregar metadades d''un proveïdor d''identitat (IDP) extern d''un arxiu de coniguración o descarregar des d''una URL.", + "ssoServiceUrlHelp": "L''URL que s''ha de fer servir per enviar peticions d''autenticació (SAML AuthnRequest).", + "singleLogoutServiceUrlHelp": "L''URL que ha de fer-se servir per enviar peticions de desconnexió.", + "httpPostBindingAuthnRequestHelp": "Indica si AuthnRequest ha de ser enviat usant HTTP-POST. Si no està activat es fa HTTP-REDIRECT.", + "wantAuthnRequestsSignedHelp": "Indica si el proveïdor d''identitat espera rebre signades les AuthnRequest.", + "forceAuthenticationHelp": "Indica si el proveïdor d''identitat ha d'autenticar en presentar directament les credencials en lloc de dependre d''un context de seguretat previ.", + "validateSignatures": "Habilitar/deshabilitar la validació de signatura en respostes SAML.", + "validatingX509CertsHelp": "El certificat en format PEM que ha de fer-se servir per comprovar les signatures.", + "addIdpMapperName": "Nom de l''assignador.", + "usermodel": { + "prop": { + "label": "Propietat", + "tooltip": "Nom del mètode de propietat en la interfície UserModel. Per exemple, un valor de ''email'' faria referència al mètode UserModel.getEmail()." + }, + "attr": { + "label": "Atribut d''usuari", + "tooltip": "Nom de l''atribut d''usuari emmagatzemat que és el nom de l''atribut dins el map UserModel.attribute." + }, + "clientRoleMapping": { + "clientId": { + "label": "ID Client" + } + } + }, + "userSession": { + "modelNote": { + "label": "Nota sessió usuari", + "tooltip": "Nom de la nota emmagatzemada en la sessió d''usuari dins del mapa UserSessionModel.note" + } + }, + "multivalued": { + "label": "Valors múltiples", + "tooltip": "Indica si l''atribut suporta múltiples valors. Si està habilitat, la llista de tots els valors d''aquest atribut es fixarà com a reclamació. Si està deshabilitat, només el primer valor serà fixat com a reclamació." + }, + "jsonType": { + "label": "Tipus JSON de reclamació", + "tooltip": "El tipus de JSON que hauria de fer-se servir per omplir la petició de JSON en el token. long, int, boolean i String són valors vàlids" + }, + "includeInIdToken": { + "label": "Afegir al token d''ID" + }, + "includeInAccessToken": { + "label": "Afegir al token d''accés", + "tooltip": "S''hauria d'afegir la identitat reclamada al token d''accés?" + }, + "name-id-format": "Format de NameID", + "titleRoles": "Rols de domini", + "titleSessions": "Sessions" +} diff --git a/js/apps/admin-ui/public/locales/ca/user-federation-help.json b/js/apps/admin-ui/public/locales/ca/user-federation-help.json deleted file mode 100644 index 0eb01bea25..0000000000 --- a/js/apps/admin-ui/public/locales/ca/user-federation-help.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "trustEmailHelp": "Si està habilitat, l''email rebut d''aquest proveïdor no es verificarà encara que la verificació estigui habilitada per al domini." -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/ca/user-federation.json b/js/apps/admin-ui/public/locales/ca/user-federation.json deleted file mode 100644 index 6f573b8245..0000000000 --- a/js/apps/admin-ui/public/locales/ca/user-federation.json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "enableStartTls": "Habilitar StartTLS", - "trustEmail": "Confiar en l''email", - "selectRole": "Selecciona rol" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/ca/users.json b/js/apps/admin-ui/public/locales/ca/users.json deleted file mode 100644 index 69746fb044..0000000000 --- a/js/apps/admin-ui/public/locales/ca/users.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "username": "Usuari", - "verifyEmail": "Verificar email", - "save": "Desar", - "credentialType": "Tipus", - "password": "Contrasenya", - "hours": "Hores", - "minutes": "Minuts", - "seconds": "Segons" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/de/authentication-help.json b/js/apps/admin-ui/public/locales/de/authentication-help.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/de/authentication-help.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/de/authentication.json b/js/apps/admin-ui/public/locales/de/authentication.json deleted file mode 100644 index 2dbee03084..0000000000 --- a/js/apps/admin-ui/public/locales/de/authentication.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "title": "Authentifizierung", - "edit": "Bearbeiten" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/de/client-scopes-help.json b/js/apps/admin-ui/public/locales/de/client-scopes-help.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/de/client-scopes-help.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/de/client-scopes.json b/js/apps/admin-ui/public/locales/de/client-scopes.json deleted file mode 100644 index 527a96c09e..0000000000 --- a/js/apps/admin-ui/public/locales/de/client-scopes.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "grantedClientScopes": "Gewährte Client-Scopes", - "type": "Typ", - "realmRoles": "Realm-Rollen", - "clients": "Clients" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/de/clients-help.json b/js/apps/admin-ui/public/locales/de/clients-help.json deleted file mode 100644 index a7b1e39894..0000000000 --- a/js/apps/admin-ui/public/locales/de/clients-help.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "validRedirectURIs": "Gültiges URI-Muster, zu dem ein Browser nach einer erfolgreichen An- oder Abmeldung umleiten kann. Einfache Platzhalter sind zulässig, z. B. \"http://example.com/*\". Es kann auch ein relativer Pfad angegeben werden, z. B. /my/relative/path/*. Relative Pfade beziehen sich auf die Root URL des Clients, oder wenn keine angegeben ist, wird die Stamm-URL des Autorisierungsservers verwendet. Für SAML muss man gültige URI-Muster festlegen, wenn man sich auf die in die Anmeldeanforderung eingebettete URL des Verbraucherdienstes verlässt.", - "webOrigins": "Erlaubte CORS Origins. Um alle Origins der Valid Redirect URIs zu erlauben, fügen Sie ein '+' hinzu. Dabei wird der '*' Platzhalter nicht mit übernommen. Um alle Origins zu erlauben, geben Sie explizit einen Eintrag mit '*' an.", - "clientId": "Legt die Id fest, auf die in URI und Token verwiesen wird. Zum Beispiel 'my-client'. Bei SAML ist dies auch der erwartete Issuer-Wert von authn-Anfragen", - "clientName": "Legt den Anzeigenamen des Clients fest. Zum Beispiel 'My Client'. Unterstützt auch Keys für lokalisierte Werte. Zum Beispiel: ${my_client}", - "resetActions": "Liste von Aktionen, die der Benutzer ausführen soll, wenn er eine E-Mail zum Zurücksetzen des Passworts erhält. 'Verify email' sendet bem Benutzer eine E-Mail um seine E-Mail-Adresse zu verifizieren. 'Update profile' verlangt vom Benutzer, dass er seine Profil-Informationen eingibt. 'Update password' verlangt vom Benutzer, dass er ein neues Passwort definiert. 'Configure OTP' verlangt vom Benutzer, dass er einen mobilen Passwort-Generator aufsetzt.", - "lifespan": "Maximale Zeit in der die Aktion zugelassen ist.", - "permissionsEnabled": "Legt fest, ob feingranulare Berechtigungen für diese Rolle aktiv sein sollen. Wird diese Option deaktiviert, werden alle aktuell aufgesetzten Berechtigungen gelöscht." -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/de/clients.json b/js/apps/admin-ui/public/locales/de/clients.json deleted file mode 100644 index 1188be2f40..0000000000 --- a/js/apps/admin-ui/public/locales/de/clients.json +++ /dev/null @@ -1,25 +0,0 @@ -{ - "copy": "Kopieren", - "webOrigins": "Web Origins", - "keys": "Keys", - "credentials": "Passwörter", - "roles": "Rollen", - "password": "Passwort", - "settings": "Einstellungen", - "type": "Typ", - "users": "Benutzer", - "user": "Benutzer", - "clientList": "Clients", - "created": "Erstellt", - "lastUpdated": "Zuletzt aktualisiert", - "authentication": "Authentifizierung", - "realmRoles": "Realm-Rollen", - "selectMethodType": { - "import": "Importieren" - }, - "clear": "Zurücksetzen", - "certificate": "Zertifikat", - "tokenLifespan": { - "expires": "Läuft ab in" - } -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/de/common-help.json b/js/apps/admin-ui/public/locales/de/common-help.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/de/common-help.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/de/common.json b/js/apps/admin-ui/public/locales/de/common.json deleted file mode 100644 index bd40965be6..0000000000 --- a/js/apps/admin-ui/public/locales/de/common.json +++ /dev/null @@ -1,65 +0,0 @@ -{ - "add": "Hinzufügen", - "create": "Erstellen", - "save": "Speichern", - "cancel": "Abbrechen", - "delete": "Löschen", - "reset": "Zurücksetzen", - "remove": "Entfernen", - "search": "Suche", - "key": "Schlüssel", - "value": "Wert", - "action": "Aktion", - "clear": "Zurücksetzen", - "edit": "Bearbeiten", - "enabled": "Aktiv", - "disable": "Deaktivieren", - "signOut": "Abmelden", - "manageAccount": "Konto verwalten", - "serverInfo": "Server-Info", - "learnMore": "Mehr erfahren", - "description": "Beschreibung", - "type": "Typ", - "category": "Kategorie", - "manage": "Verwalten", - "clients": "Clients", - "realmRoles": "Realm-Rollen", - "users": "Benutzer", - "groups": "Gruppen", - "sessions": "Sessions", - "events": "Ereignisse", - "permissions": "Berechtigungen", - "usersPermissionsHint": "Feingranulare Berechtigungen für alle Benutzer in diesem Realm. Es können verschiedene Einstellungen definiert werden, wer in diesem Realm berechtigt ist, Benutzer zu verwalten.", - "permissionsEnabled": "Berechtigungen aktiv", - "configure": "Konfigurieren", - "realmSettings": "Realm-Einstellungen", - "authentication": "Authentifizierung", - "settings": "Einstellungen", - "details": "Details", - "Sunday": "Sonntag", - "Monday": "Montag", - "Tuesday": "Dienstag", - "Wednesday": "Mittwoch", - "Thursday": "Donnerstag", - "Friday": "Freitag", - "Saturday": "Samstag", - "times": { - "seconds": "Sekunden", - "minutes": "Minuten", - "hours": "Stunden", - "days": "Tage" - }, - "attributes": "Attribute", - "addAttribute": "Attribut hinzufügen", - "removeAttribute": "Attribut entfernen", - "keyPlaceholder": "Schlüssel eingeben", - "valuePlaceholder": "Wert eingeben", - "credentials": "Passwörter", - "clientId": "Client-ID", - "clientName": "Name", - "leave": "Verlassen", - "password": "Passwort", - "passwordConfirmation": "Passwort bestätigen", - "temporaryPassword": "Temporär", - "temporaryPasswordHelpText": "Wenn eingeschaltet, ist der Benutzer beim nächsten Login aufgefordert, dass Passwort zu ändern." -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/de/dashboard.json b/js/apps/admin-ui/public/locales/de/dashboard.json deleted file mode 100644 index a68a9bede0..0000000000 --- a/js/apps/admin-ui/public/locales/de/dashboard.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "serverInfo": "Server-Info" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/de/dynamic.json b/js/apps/admin-ui/public/locales/de/dynamic.json deleted file mode 100644 index 92a36306ad..0000000000 --- a/js/apps/admin-ui/public/locales/de/dynamic.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "usermodel": { - "clientRoleMapping": { - "client": { - "label": "Client-ID" - } - } - } -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/de/events.json b/js/apps/admin-ui/public/locales/de/events.json deleted file mode 100644 index 186aa9aa01..0000000000 --- a/js/apps/admin-ui/public/locales/de/events.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "title": "Ereignisse", - "time": "Zeit", - "user": "Benutzer", - "email": "Email", - "ipAddress": "IP-Adresse", - "value": "Wert" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/de/groups.json b/js/apps/admin-ui/public/locales/de/groups.json deleted file mode 100644 index 185f8074cb..0000000000 --- a/js/apps/admin-ui/public/locales/de/groups.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "groups": "Gruppen", - "createGroup": "Gruppe erstellen", - "groupName": "Gruppenname", - "searchForGroups": "Gruppen suchen", - "deleteGroup": "Gruppe löschen", - "members": "Mitglieder", - "create": "Erstellen", - "email": "E-Mail", - "lastName": "Nachname", - "firstName": "Vorname", - "attributes": "Attribute", - "groupsDescription": "Eine Gruppe ist eine Sammlung von Attributen und Rollenzuordnungen, die auf einen Benutzer angewendet werden können. Du kannst Gruppen erstellen, bearbeiten und löschen sowie deren Hierarchie von Kind- und Elterngruppen verwalten." -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/de/identity-providers-help.json b/js/apps/admin-ui/public/locales/de/identity-providers-help.json deleted file mode 100644 index d0b417a7e8..0000000000 --- a/js/apps/admin-ui/public/locales/de/identity-providers-help.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "syncMode": "Standardsyncmodus für alle Mapper. Mögliche Werte sind: 'Legacy' um das alte Verhalten beizubehalten, 'Importieren' um den Nutzer einmalig zu importieren, 'Erzwingen' um den Nutzer immer zu importieren.", - "syncModeOverride": "Überschreibt den normalen Synchronisationsmodus des IDP für diesen Mapper. Were sind 'Legacy' um das alte Verhalten beizubehalten, 'Importieren' um den Nutzer einmalig zu importieren, 'Erzwingen' um den Nutzer immer zu updaten." -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/de/identity-providers.json b/js/apps/admin-ui/public/locales/de/identity-providers.json deleted file mode 100644 index e6a2f2562f..0000000000 --- a/js/apps/admin-ui/public/locales/de/identity-providers.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "clientId": "Client-ID", - "endpoints": "Endpoints", - "email": "Email", - "logoutUrl": "Logout-URL", - "syncMode": "Synchronisationsmodus", - "syncModes": { - "inherit": "Standard erben", - "import": "Importieren", - "legacy": "Legacy", - "force": "Erzwingen" - }, - "syncModeOverride": "Überschriebene Synchronisation" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/de/realm-settings-help.json b/js/apps/admin-ui/public/locales/de/realm-settings-help.json deleted file mode 100644 index 228f3e60ff..0000000000 --- a/js/apps/admin-ui/public/locales/de/realm-settings-help.json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "requireSsl": "Ist HTTPS erforderlich? 'None' bedeutet, dass HTTPS für keine Client-IP-Adresse erforderlich ist. 'External requests' bedeutet, dass Localhost und private IP-Adressen ohne HTTPS zugreifen können. 'All requests' bedeutet, dass HTTPS für alle IP-Adressen erforderlich ist.", - "userManagedAccess": "Wenn aktiviert, können Benutzer ihre Ressourcen und Berechtigungen über die Account Management UI verwalten.", - "editUsername": "Wenn aktiv, kann der Benutzername editiert werden." -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/de/realm-settings.json b/js/apps/admin-ui/public/locales/de/realm-settings.json deleted file mode 100644 index e04e50cbce..0000000000 --- a/js/apps/admin-ui/public/locales/de/realm-settings.json +++ /dev/null @@ -1,51 +0,0 @@ -{ - "events": "Ereignisse", - "email": "Email", - "from": "Von", - "host": "Host", - "port": "Port", - "authentication": "Authentifizierung", - "enableSSL": "SSL aktivieren", - "username": "Benutzername", - "password": "Passwort", - "keys": "Keys", - "active": "Aktiv", - "type": "Typ", - "certificate": "Zertifikat", - "userRegistration": "Benutzerregistrierung", - "userRegistrationHelpText": "Aktiviere/deaktiviere die Seite zur Benutzerregistrierung. Auf der Loginseite wird ein entsprechender Link angezeigt.", - "rememberMe": "Angemeldet bleiben", - "rememberMeHelpText": "Zeigt eine Auswahlbox auf der Loginseite, die es dem Benutzer erlaubt, zwischen Browser-Neustarts eingeloggt zu bleiben, bis die Session abläuft.", - "registrationEmailAsUsername": "E-Mail-Adresse als Benutzername", - "loginWithEmail": "Anmeldung mit E-Mail", - "loginWithEmailHelpText": "Erlaubt Benutzern, sich mit ihrer E-Mail-Adresse anzumelden.", - "verifyEmail": "E-Mail verifizieren", - "editUsername": "Benutzername editierbar", - "htmlDisplayName": "HTML-Anzeigename", - "endpoints": "Endpoints", - "localization": "Internationalisierung", - "sessions": "Sessions", - "clientProfileDescription": "Beschreibung", - "delete": "Löschen", - "save": "Speichern", - "attributes": "Attribute", - "status": "Status", - "supportedLocales": "Unterstützte Sprachen", - "user": "Benutzer", - "validatorDialogColNames": { - "colName": "Rollenname" - }, - "eventTypes": { - "LOGOUT": { - "name": "Ausloggen" - }, - "REGISTER": { - "name": "Registrieren" - }, - "RESET_PASSWORD": { - "name": "Passwort zurücksetzen" - } - }, - "defaultRoles": "Standardrollen", - "defaultGroups": "Standardgruppen" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/de/realm.json b/js/apps/admin-ui/public/locales/de/realm.json deleted file mode 100644 index d02d657905..0000000000 --- a/js/apps/admin-ui/public/locales/de/realm.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "enabled": "Aktiv" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/de/roles.json b/js/apps/admin-ui/public/locales/de/roles.json deleted file mode 100644 index 968abe2b03..0000000000 --- a/js/apps/admin-ui/public/locales/de/roles.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "title": "Realm-Rollen", - "addRole": "Rolle hinzufügen", - "roleName": "Rollenname", - "addUser": "Benutzer hinzufügen", - "users": "Benutzer", - "userName": "Benutzername", - "email": "Email", - "lastName": "Nachname", - "firstName": "Vorname" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/de/sessions.json b/js/apps/admin-ui/public/locales/de/sessions.json deleted file mode 100644 index aa41d9bfae..0000000000 --- a/js/apps/admin-ui/public/locales/de/sessions.json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "title": "Sessions", - "lastAccess": "Letzter Zugriff", - "clear": "Zurücksetzen" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/de/translation.json b/js/apps/admin-ui/public/locales/de/translation.json new file mode 100644 index 0000000000..6e20d266b2 --- /dev/null +++ b/js/apps/admin-ui/public/locales/de/translation.json @@ -0,0 +1,205 @@ +{ + "add": "Hinzufügen", + "create": "Erstellen", + "save": "Speichern", + "cancel": "Abbrechen", + "delete": "Löschen", + "reset": "Zurücksetzen", + "remove": "Entfernen", + "search": "Suche", + "key": "Schlüssel", + "value": "Wert", + "action": "Aktion", + "clear": "Zurücksetzen", + "edit": "Bearbeiten", + "enabled": "Aktiv", + "disable": "Deaktivieren", + "signOut": "Abmelden", + "manageAccount": "Konto verwalten", + "serverInfo": "Server-Info", + "learnMore": "Mehr erfahren", + "description": "Beschreibung", + "type": "Typ", + "category": "Kategorie", + "manage": "Verwalten", + "clients": "Clients", + "realmRoles": "Realm-Rollen", + "users": "Benutzer", + "groups": "Gruppen", + "sessions": "Sessions", + "events": "Ereignisse", + "permissions": "Berechtigungen", + "usersPermissionsHint": "Feingranulare Berechtigungen für alle Benutzer in diesem Realm. Es können verschiedene Einstellungen definiert werden, wer in diesem Realm berechtigt ist, Benutzer zu verwalten.", + "permissionsEnabled": "Berechtigungen aktiv", + "configure": "Konfigurieren", + "realmSettings": "Realm-Einstellungen", + "authentication": "Authentifizierung", + "settings": "Einstellungen", + "details": "Details", + "Sunday": "Sonntag", + "Monday": "Montag", + "Tuesday": "Dienstag", + "Wednesday": "Mittwoch", + "Thursday": "Donnerstag", + "Friday": "Freitag", + "Saturday": "Samstag", + "times": { + "seconds": "Sekunden", + "minutes": "Minuten", + "hours": "Stunden", + "days": "Tage" + }, + "attributes": "Attribute", + "addAttribute": "Attribut hinzufügen", + "removeAttribute": "Attribut entfernen", + "keyPlaceholder": "Schlüssel eingeben", + "valuePlaceholder": "Wert eingeben", + "credentials": "Passwörter", + "clientId": "Client-ID", + "clientName": "Name", + "leave": "Verlassen", + "password": "Passwort", + "passwordConfirmation": "Passwort bestätigen", + "temporaryPassword": "Temporär", + "temporaryPasswordHelpText": "Wenn eingeschaltet, ist der Benutzer beim nächsten Login aufgefordert, dass Passwort zu ändern.", + "copy": "Kopieren", + "webOrigins": "Web Origins", + "keys": "Keys", + "roles": "Rollen", + "user": "Benutzer", + "clientList": "Clients", + "created": "Erstellt", + "lastUpdated": "Zuletzt aktualisiert", + "selectMethodType": { + "import": "Importieren" + }, + "certificate": "Zertifikat", + "tokenLifespan": { + "expires": "Läuft ab in" + }, + "validRedirectURIs": "Gültiges URI-Muster, zu dem ein Browser nach einer erfolgreichen An- oder Abmeldung umleiten kann. Einfache Platzhalter sind zulässig, z. B. \"http://example.com/*\". Es kann auch ein relativer Pfad angegeben werden, z. B. /my/relative/path/*. Relative Pfade beziehen sich auf die Root URL des Clients, oder wenn keine angegeben ist, wird die Stamm-URL des Autorisierungsservers verwendet. Für SAML muss man gültige URI-Muster festlegen, wenn man sich auf die in die Anmeldeanforderung eingebettete URL des Verbraucherdienstes verlässt.", + "webOriginsHelp": "Erlaubte CORS Origins. Um alle Origins der Valid Redirect URIs zu erlauben, fügen Sie ein '+' hinzu. Dabei wird der '*' Platzhalter nicht mit übernommen. Um alle Origins zu erlauben, geben Sie explizit einen Eintrag mit '*' an.", + "clientIdHelp": "Legt die Id fest, auf die in URI und Token verwiesen wird. Zum Beispiel 'my-client'. Bei SAML ist dies auch der erwartete Issuer-Wert von authn-Anfragen", + "clientNameHelp": "Legt den Anzeigenamen des Clients fest. Zum Beispiel 'My Client'. Unterstützt auch Keys für lokalisierte Werte. Zum Beispiel: ${my_client}", + "resetActions": "Zurücksetz-Aktionen", + "lifespan": "Läuft ab in", + "permissionsEnabledHelp": "Legt fest, ob feingranulare Berechtigungen für diese Rolle aktiv sein sollen. Wird diese Option deaktiviert, werden alle aktuell aufgesetzten Berechtigungen gelöscht.", + "grantedClientScopes": "Gewährte Client-Scopes", + "createGroup": "Gruppe erstellen", + "groupName": "Gruppenname", + "searchForGroups": "Gruppen suchen", + "deleteGroup": "Gruppe löschen", + "members": "Mitglieder", + "email": "Email", + "lastName": "Nachname", + "firstName": "Vorname", + "groupsDescription": "Eine Gruppe ist eine Sammlung von Attributen und Rollenzuordnungen, die auf einen Benutzer angewendet werden können. Du kannst Gruppen erstellen, bearbeiten und löschen sowie deren Hierarchie von Kind- und Elterngruppen verwalten.", + "title": "Authentifizierung", + "addRole": "Rolle hinzufügen", + "roleName": "Rollenname", + "addUser": "Benutzer hinzufügen", + "userName": "Benutzername", + "usersExplain": "Benutzer in diesem Realm.", + "userList": "Benutzerliste", + "searchForUser": "Benutzer suchen", + "searchType.default": "Standartsuche", + "searchType.attribute": "Attributsuche", + "selectAttribute": "Wähle Attribut", + "selectAttributes": "Wähle Attribute", + "searchUserByAttributeMissingKeyError": "Attributschlüssel angeben", + "searchUserByAttributeKeyAlreadyInUseError": "Attributschlüssel bereits in Verwendung", + "searchUserByAttributeMissingValueError": "Attributwert angeben", + "searchUserByAttributeDescription": "Es unterstützt die Einstellung mehrerer Attribute als Suchfilter, indem verschiedene Schlüssel oder Werte festgelegt werden. Für einen Schlüssel kann nur ein Wert eingegeben werden.", + "join": "Beitreten", + "groupMembership": "Gruppen-Mitglied", + "addedGroupMembership": "Zur Gruppe hinzugefügt.", + "removedGroupMembership": "Aus Gruppe entfernt.", + "createdAt": "Erstellt am", + "username": "Benutzername", + "emailVerified": "E-Mail verifiziert", + "status": "Status", + "requiredUserActions": "Verlangte Benutzeraktionen", + "deleteUser": "Benutzer löschen", + "verifyEmail": "E-Mail verifizieren", + "consents": "Einwilligungen", + "revoke": "Widerrufen", + "confirmPasswordDoesNotMatch": "Die Passwörter stimmen nicht überein.", + "credentialType": "Typ", + "deleteCredentialsConfirm": "Sind Sie sicher, dass Sie die Zugangsdaten löschen möchten?", + "deleteBtn": "Löschen", + "resetPassword": "Passwort zurücksetzen", + "resetPasswordBtn": "Passwort zurücksetzen", + "showPasswordDataValue": "Wert", + "credentialResetBtn": "Zugang zurücksetzen", + "hours": "Stunden", + "minutes": "Minuten", + "seconds": "Sekunden", + "credentialResetConfirm": "E-Mail senden", + "temporaryLocked": "Der Benutzer wurde vorübergehend wegen zuvieler ungültiger Loginversuche gesperrt.", + "emailVerifiedHelp": "Wurde die E-Mail des Benutzers verifiziert?", + "requiredUserActionsHelp": "Verlangt eine Aktion wenn sich der Benutzer einloggt. 'E-Mail Verifizieren' sendet eine E-Mail an den Benutzer, um die Gültigkeit seiner E-Mailadresse zu prüfen. 'Profil aktualisieren' verlangt, dass Benutzer ihre persönlichen Angaben eingeben. 'Passwort aktualisieren' zwingt Benutzer ein neues Passwort zu setzen. 'OTP konfigurieren' zwingt Benutzer einen mobilen Passwort-Generator einzurichten (i.e. Google Authenticator)", + "lastAccess": "Letzter Zugriff", + "time": "Zeit", + "ipAddress": "IP-Adresse", + "from": "Von", + "host": "Host", + "port": "Port", + "enableSSL": "SSL aktivieren", + "active": "Aktiv", + "userRegistration": "Benutzerregistrierung", + "userRegistrationHelpText": "Aktiviere/deaktiviere die Seite zur Benutzerregistrierung. Auf der Loginseite wird ein entsprechender Link angezeigt.", + "rememberMe": "Angemeldet bleiben", + "rememberMeHelpText": "Zeigt eine Auswahlbox auf der Loginseite, die es dem Benutzer erlaubt, zwischen Browser-Neustarts eingeloggt zu bleiben, bis die Session abläuft.", + "registrationEmailAsUsername": "E-Mail-Adresse als Benutzername", + "loginWithEmail": "Anmeldung mit E-Mail", + "loginWithEmailHelpText": "Erlaubt Benutzern, sich mit ihrer E-Mail-Adresse anzumelden.", + "editUsername": "Benutzername editierbar", + "htmlDisplayName": "HTML-Anzeigename", + "endpoints": "Endpoints", + "localization": "Internationalisierung", + "clientProfileDescription": "Beschreibung", + "supportedLocales": "Unterstützte Sprachen", + "validatorDialogColNames": { + "colName": "Rollenname" + }, + "eventTypes": { + "LOGOUT": { + "name": "Ausloggen" + }, + "REGISTER": { + "name": "Registrieren" + }, + "RESET_PASSWORD": { + "name": "Passwort zurücksetzen" + } + }, + "defaultRoles": "Standardrollen", + "defaultGroups": "Standardgruppen", + "requireSsl": "Ist HTTPS erforderlich? 'None' bedeutet, dass HTTPS für keine Client-IP-Adresse erforderlich ist. 'External requests' bedeutet, dass Localhost und private IP-Adressen ohne HTTPS zugreifen können. 'All requests' bedeutet, dass HTTPS für alle IP-Adressen erforderlich ist.", + "userManagedAccess": "Wenn aktiviert, können Benutzer ihre Ressourcen und Berechtigungen über die Account Management UI verwalten.", + "editUsernameHelp": "Wenn aktiv, kann der Benutzername editiert werden.", + "unlinkUsers": "Benutzer entsperren", + "logoutUrl": "Logout-URL", + "syncMode": "Synchronisationsmodus", + "syncModes": { + "inherit": "Standard erben", + "import": "Importieren", + "legacy": "Legacy", + "force": "Erzwingen" + }, + "syncModeOverride": "Überschriebene Synchronisation", + "syncModeHelp": "Standardsyncmodus für alle Mapper. Mögliche Werte sind: 'Legacy' um das alte Verhalten beizubehalten, 'Importieren' um den Nutzer einmalig zu importieren, 'Erzwingen' um den Nutzer immer zu importieren.", + "syncModeOverrideHelp": "Überschreibt den normalen Synchronisationsmodus des IDP für diesen Mapper. Were sind 'Legacy' um das alte Verhalten beizubehalten, 'Importieren' um den Nutzer einmalig zu importieren, 'Erzwingen' um den Nutzer immer zu updaten.", + "usermodel": { + "clientRoleMapping": { + "client": { + "label": "Client-ID" + } + } + }, + "titleAuthentication": "Authentifizierung", + "titleEvents": "Ereignisse", + "titleRoles": "Realm-Rollen", + "titleUsers": "Benutzer", + "titleSessions": "Sessions" +} diff --git a/js/apps/admin-ui/public/locales/de/user-federation-help.json b/js/apps/admin-ui/public/locales/de/user-federation-help.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/de/user-federation-help.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/de/user-federation.json b/js/apps/admin-ui/public/locales/de/user-federation.json deleted file mode 100644 index 4431d57120..0000000000 --- a/js/apps/admin-ui/public/locales/de/user-federation.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "unlinkUsers": "Benutzer entsperren" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/de/users-help.json b/js/apps/admin-ui/public/locales/de/users-help.json deleted file mode 100644 index 43793be195..0000000000 --- a/js/apps/admin-ui/public/locales/de/users-help.json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "temporaryLocked": "Der Benutzer wurde vorübergehend wegen zuvieler ungültiger Loginversuche gesperrt.", - "emailVerified": "Wurde die E-Mail des Benutzers verifiziert?", - "requiredUserActions": "Verlangt eine Aktion wenn sich der Benutzer einloggt. 'E-Mail Verifizieren' sendet eine E-Mail an den Benutzer, um die Gültigkeit seiner E-Mailadresse zu prüfen. 'Profil aktualisieren' verlangt, dass Benutzer ihre persönlichen Angaben eingeben. 'Passwort aktualisieren' zwingt Benutzer ein neues Passwort zu setzen. 'OTP konfigurieren' zwingt Benutzer einen mobilen Passwort-Generator einzurichten (i.e. Google Authenticator)" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/de/users.json b/js/apps/admin-ui/public/locales/de/users.json deleted file mode 100644 index e5e7ef2007..0000000000 --- a/js/apps/admin-ui/public/locales/de/users.json +++ /dev/null @@ -1,50 +0,0 @@ -{ - "title": "Benutzer", - "usersExplain": "Benutzer in diesem Realm.", - "userList": "Benutzerliste", - "searchForUser": "Benutzer suchen", - "searchType.default": "Standartsuche", - "searchType.attribute": "Attributsuche", - "selectAttribute": "Wähle Attribut", - "selectAttributes": "Wähle Attribute", - "searchUserByAttributeMissingKeyError": "Attributschlüssel angeben", - "searchUserByAttributeKeyAlreadyInUseError": "Attributschlüssel bereits in Verwendung", - "searchUserByAttributeMissingValueError": "Attributwert angeben", - "searchUserByAttributeDescription": "Es unterstützt die Einstellung mehrerer Attribute als Suchfilter, indem verschiedene Schlüssel oder Werte festgelegt werden. Für einen Schlüssel kann nur ein Wert eingegeben werden.", - "join": "Beitreten", - "leave": "Verlassen", - "groupMembership": "Gruppen-Mitglied", - "addedGroupMembership": "Zur Gruppe hinzugefügt.", - "removedGroupMembership": "Aus Gruppe entfernt.", - "createdAt": "Erstellt am", - "username": "Benutzername", - "email": "E-Mail", - "emailVerified": "E-Mail verifiziert", - "lastName": "Nachname", - "firstName": "Vorname", - "status": "Status", - "requiredUserActions": "Verlangte Benutzeraktionen", - "addUser": "Benutzer hinzufügen", - "deleteUser": "Benutzer löschen", - "verifyEmail": "E-Mail verifizieren", - "consents": "Einwilligungen", - "revoke": "Widerrufen", - "save": "Speichern", - "cancel": "Abbrechen", - "confirmPasswordDoesNotMatch": "Die Passwörter stimmen nicht überein.", - "credentialType": "Typ", - "password": "Passwort", - "passwordConfirmation": "Passwort bestätigen", - "deleteCredentialsConfirm": "Sind Sie sicher, dass Sie die Zugangsdaten löschen möchten?", - "deleteBtn": "Löschen", - "resetPassword": "Passwort zurücksetzen", - "resetPasswordBtn": "Passwort zurücksetzen", - "showPasswordDataValue": "Wert", - "credentialResetBtn": "Zugang zurücksetzen", - "resetActions": "Zurücksetz-Aktionen", - "lifespan": "Läuft ab in", - "hours": "Stunden", - "minutes": "Minuten", - "seconds": "Sekunden", - "credentialResetConfirm": "E-Mail senden" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/en/authentication-help.json b/js/apps/admin-ui/public/locales/en/authentication-help.json deleted file mode 100644 index 0da5ca5a59..0000000000 --- a/js/apps/admin-ui/public/locales/en/authentication-help.json +++ /dev/null @@ -1,51 +0,0 @@ -{ - "name": "Help text for the name of the new flow", - "description": "Help text for the description of the new flow", - "createFlow": "You can create a top level flow within this from", - "flowType": "What kind of form is it", - "topLevelFlowType": "What kind of top level flow is it? Type 'client' is used for authentication of clients (applications) when generic is for users and everything else", - "addExecution": "Execution can have a wide range of actions, from sending a reset email to validating an OTP", - "addSubFlow": "Sub-Flows can be either generic or form. The form type is used to construct a sub-flow that generates a single flow for the user. Sub-flows are a special type of execution that evaluate as successful depending on how the executions they contain evaluate.", - "alias": "Name of the configuration", - "authDefaultActionTooltip": "If enabled, any new user will have this required action assigned to it.", - "otpType": "totp is Time-Based One Time Password. 'hotp' is a counter base one time password in which the server keeps a counter to hash against.", - "webAuthnPolicyRpEntityName": "Human-readable server name as WebAuthn Relying Party", - "otpHashAlgorithm": "What hashing algorithm should be used to generate the OTP.", - "otpPolicyDigits": "How many digits should the OTP have?", - "lookAround": "How far around should the server look just in case the token generator and server are out of time sync or counter sync?", - "otpPolicyPeriod": "How many seconds should an OTP token be valid? Defaults to 30 seconds.", - "otpPolicyCodeReusable": "Possibility to use the same OTP code again after successful authentication.", - "supportedApplications": "Applications that are known to work with the current OTP policy", - "webauthnIntro": "What is this form used for?", - "webAuthnPolicyFormHelp": "Policy for WebAuthn authentication. This one will be used by 'WebAuthn Register' required action and 'WebAuthn Authenticator' authenticator. Typical usage is, when WebAuthn will be used for the two-factor authentication.", - "webAuthnPolicyPasswordlessFormHelp": "Policy for passwordless WebAuthn authentication. This one will be used by 'Webauthn Register Passwordless' required action and 'WebAuthn Passwordless Authenticator' authenticator. Typical usage is, when WebAuthn will be used as first-factor authentication. Having both 'WebAuthn Policy' and 'WebAuthn Passwordless Policy' allows to use WebAuthn as both first factor and second factor authenticator in the same realm.", - "webAuthnPolicySignatureAlgorithms": "What signature algorithms should be used for Authentication Assertion.", - "webAuthnPolicyRpId": "This is ID as WebAuthn Relying Party. It must be origin's effective domain.", - "webAuthnPolicyAttestationConveyancePreference": "Communicates to an authenticator the preference of how to generate an attestation statement.", - "webAuthnPolicyAuthenticatorAttachment": "Communicates to an authenticator an acceptable attachment pattern.", - "webAuthnPolicyRequireResidentKey": "It tells an authenticator create a public key credential as Resident Key or not.", - "webAuthnPolicyUserVerificationRequirement": "Communicates to an authenticator to confirm actually verifying a user.", - "webAuthnPolicyCreateTimeout": "Timeout value for creating user's public key credential in seconds. if set to 0, this timeout option is not adapted.", - "webAuthnPolicyAvoidSameAuthenticatorRegister": "Avoid registering the authenticator that has already been registered.", - "webAuthnPolicyAcceptableAaguids": "The list of AAGUID of which an authenticator can be registered.", - "passwordPolicies": { - "forceExpiredPasswordChange": "The number of days the password is valid before a new password is required.", - "hashIterations": "The number of times a password is hashed before storage or verification. Default: 27,500.", - "passwordHistory": "Prevents a recently used password from being reused.", - "passwordBlacklist": "Prevents the use of a password that is in a blacklist file.", - "regexPattern": "Requires that the password matches one or more defined Java regular expression patterns.", - "length": "The minimum number of characters required for the password.", - "notUsername": "The password cannot match the username.", - "notEmail": "The password cannot match the email address of the user.", - "specialChars": "The number of special characters required in the password string.", - "upperCase": "The number of uppercase letters required in the password string.", - "lowerCase": "The number of lowercase letters required in the password string.", - "digits": "The number of numerical digits required in the password string.", - "hashAlgorithm": "Applies a hashing algorithm to passwords, so they are not stored in clear text.", - "maxLength": "The maximum number of characters allowed in the password." - }, - "cibaBackchannelTokenDeliveryMode": "Specifies how the CD (Consumption Device) gets the authentication result and related tokens. This mode will be used by default for the CIBA clients, which do not have other mode explicitly set.", - "cibaExpiresIn": "The expiration time of the \"auth_req_id\" in seconds since the authentication request was received.", - "cibaInterval": "The minimum amount of time in seconds that the CD (Consumption Device) must wait between polling requests to the token endpoint. If set to 0, the CD must use 5 as the default value according to the CIBA specification.", - "cibaAuthRequestedUserHint": "The way of identifying the end-user for whom authentication is being requested. Currently only \"login_hint\" is supported." -} diff --git a/js/apps/admin-ui/public/locales/en/authentication.json b/js/apps/admin-ui/public/locales/en/authentication.json deleted file mode 100644 index 0950c65f49..0000000000 --- a/js/apps/admin-ui/public/locales/en/authentication.json +++ /dev/null @@ -1,166 +0,0 @@ -{ - "title": "Authentication", - "authenticationExplain": "Authentication is the area where you can configure and manage different credential types.", - "flows": "Flows", - "requiredActions": "Required actions", - "policies": "Policies", - "passwordPolicy": "Password policy", - "otpPolicy": "OTP Policy", - "webauthnPolicy": "Webauthn Policy", - "webauthnPasswordlessPolicy": "Webauthn Passwordless Policy", - "noPasswordPolicies": "No password policies", - "noPasswordPoliciesInstructions": "You haven't added any password policies to this realm. Add a policy to get started.", - "updatePasswordPolicySuccess": "Password policies successfully updated", - "updatePasswordPolicyError": "Could not update the password policies: '{{error}}'", - "webAuthnPolicyRpEntityName": "Relying party entity name", - "addPolicy": "Add policy", - "otpType": "OTP type", - "policyType": { - "totp": "Time based", - "hotp": "Counter based" - }, - "otpHashAlgorithm": "OTP hash algorithm", - "otpPolicyDigits": "Number of digits", - "lookAround": "Look around window", - "otpPolicyPeriod": "OTP Token period", - "otpPolicyPeriodErrorHint": "Value needs to be between 1 second and 2 minutes", - "otpPolicyCodeReusable": "Reusable token", - "initialCounter": "Initial counter", - "initialCounterErrorHint": "Value needs to be between 1 and 120", - "supportedApplications": "Supported applications", - "otpSupportedApplications": { - "totpAppFreeOTPName": "FreeOTP", - "totpAppGoogleName": "Google Authenticator", - "totpAppMicrosoftAuthenticatorName": "Microsoft Authenticator" - }, - "updateOtpSuccess": "OTP policy successfully updated", - "updateOtpError": "Could not update OTP policy: {{error}}", - "cibaPolicy": "CIBA Policy", - "cibaBackchannelTokenDeliveryMode": "Backchannel Token Delivery Mode", - "cibaBackhannelTokenDeliveryModes": { - "poll": "Poll", - "ping": "Ping" - }, - "cibaExpiresIn": "Expires In", - "cibaInterval": "Interval", - "cibaAuthRequestedUserHint": "Authentication Requested User Hint", - "updateCibaSuccess": "CIBA policy successfully updated", - "updateCibaError": "Could not update CIBA policy: {{error}}", - "webAuthnPolicySignatureAlgorithms": "Signature algorithms", - "webAuthnPolicyRpId": "Relying party ID", - "webAuthnPolicyAttestationConveyancePreference": "Attestation conveyance preference", - "attestationPreference": { - "not specified": "Not specified", - "none": "None", - "indirect": "Indirect", - "direct": "Direct" - }, - "webAuthnPolicyAuthenticatorAttachment": "Authenticator Attachment", - "authenticatorAttachment": { - "not specified": "Not specified", - "platform": "Platform", - "cross-platform": "Cross platform" - }, - "webAuthnPolicyRequireResidentKey": "Require resident key", - "residentKey": { - "not specified": "Not specified", - "Yes": "Yes", - "No": "No" - }, - "webAuthnPolicyUserVerificationRequirement": "User verification requirement", - "userVerify": { - "not specified": "Not specified", - "required": "Required", - "preferred": "Preferred", - "discouraged": "Discouraged" - }, - "webAuthnPolicyCreateTimeout": "Timeout", - "webAuthnPolicyCreateTimeoutHint": "Timeout needs to be between 0 seconds and 8 hours", - "webAuthnPolicyAvoidSameAuthenticatorRegister": "Avoid same authenticator registration", - "webAuthnPolicyAcceptableAaguids": "Acceptable AAGUIDs", - "addAaguids": "Add AAGUID", - "webAuthnUpdateSuccess": "Updated webauthn policies successfully", - "webAuthnUpdateError": "Could not update webauthn policies due to {{error}}", - "flowName": "Flow name", - "searchForFlow": "Search for flow", - "usedBy": "Used by", - "flowUsedBy": "Use of this flow", - "flowUsedByDescription": "This flow is used by the following {{value}}", - "buildIn": "Built-in", - "appliedByProviders": "Applied by the following providers", - "appliedByClients": "Applied by the following clients", - "used": { - "SPECIFIC_PROVIDERS": "Specific providers", - "SPECIFIC_CLIENTS": "Specific clients", - "DEFAULT": "Default", - "notInUse": "Not in use" - }, - "duplicate": "Duplicate", - "bindFlow": "Bind flow", - "chooseBindingType": "Choose binding type", - "flow": { - "browser": "Browser flow", - "registration": "Registration flow", - "direct grant": "Direct grant flow", - "reset credentials": "Reset credentials flow", - "clients": "Client authentication flow", - "docker auth": "Docker authentication flow" - }, - "editInfo": "Edit info", - "editFlow": "Edit flow", - "edit": "Edit", - "deleteConfirmFlow": "Delete flow?", - "deleteConfirmFlowMessage": "Are you sure you want to permanently delete the flow \"<1>{{flow}}\".", - "deleteFlowSuccess": "Flow successfully deleted", - "deleteFlowError": "Could not delete flow: {{error}}", - "duplicateFlow": "Duplicate flow", - "deleteConfirmExecution": "Delete execution?", - "deleteConfirmExecutionMessage": "Are you sure you want to permanently delete the execution \"<1>{{name}}\".", - "deleteExecutionSuccess": "Execution successfully deleted", - "deleteExecutionError": "Could not delete execution: {{error}}", - "updateFlowSuccess": "Flow successfully updated", - "updateFlowError": "Could not update flow: {{error}}", - "copyOf": "Copy of {{name}}", - "copyFlowSuccess": "Flow successfully duplicated", - "copyFlowError": "Could not duplicate flow: {{error}}", - "createFlow": "Create flow", - "flowType": "Flow type", - "flow-type": { - "basic-flow": "Generic", - "form-flow": "Form" - }, - "top-level-flow-type": { - "basic-flow": "Basic flow", - "client-flow": "Client flow" - }, - "flowCreatedSuccess": "Flow created", - "flowCreateError": "Could not create flow: {{error}}", - "flowDetails": "Flow details", - "tableView": "Table view", - "diagramView": "Diagram view", - "emptyExecution": "No steps", - "emptyExecutionInstructions": "You can start defining this flow by adding a sub-flow or an execution", - "addExecutionTitle": "Add an execution", - "addExecution": "Add execution", - "addSubFlowTitle": "Add a sub-flow", - "addSubFlow": "Add sub-flow", - "addCondition": "Add condition", - "addStep": "Add step", - "addStepTo": "Add step to {{name}}", - "steps": "Steps", - "requirement": "Requirement", - "requirements": { - "REQUIRED": "Required", - "ALTERNATIVE": "Alternative", - "DISABLED": "Disabled", - "CONDITIONAL": "Conditional" - }, - "executionConfig": "{{name}} config", - "alias": "Alias", - "configSaveSuccess": "Successfully saved the execution config", - "configSaveError": "Could not save the execution config: {{error}}", - "setAsDefaultAction": "Set as default action", - "disabledOff": "Disabled off", - "updatedRequiredActionSuccess": "Updated required action successfully", - "updatedRequiredActionError": "Could not update required action: {{error}}" -} diff --git a/js/apps/admin-ui/public/locales/en/client-scopes-help.json b/js/apps/admin-ui/public/locales/en/client-scopes-help.json deleted file mode 100644 index 333798abc3..0000000000 --- a/js/apps/admin-ui/public/locales/en/client-scopes-help.json +++ /dev/null @@ -1,21 +0,0 @@ -{ - "name": "Name of the client scope. Must be unique in the realm. Name should not contain space characters as it is used as value of scope parameter", - "dynamicScope": "If on, this scope will be considered a Dynamic Scope, which will be comprised of a static and a variable portion.", - "dynamicScopeFormat": "This is the regular expression that the system will use to extract the scope name and variable.", - "description": "Description of the client scope", - "protocol": "Which SSO protocol configuration is being supplied by this client scope", - "type": "Client scopes, which will be added as default scopes to each created client", - "displayOnConsentScreen": "If on, and this client scope is added to some client with consent required, the text specified by 'Consent Screen Text' will be displayed on consent screen. If off, this client scope will not be displayed on the consent screen", - "consentScreenText": "Text that will be shown on the consent screen when this client scope is added to some client with consent required. Defaults to name of client scope if it is not filled", - "includeInTokenScope": "If on, the name of this client scope will be added to the access token property 'scope' as well as to the Token Introspection Endpoint response. If off, this client scope will be omitted from the token and from the Token Introspection Endpoint response.", - "guiOrder": "Specify order of the provider in GUI (such as in Consent page) as integer", - "prefix": "A prefix for each Realm Role (optional).", - "multiValued": "Indicates if attribute supports multiple values. If true, the list of all values of this attribute will be set as claim. If false, just first value will be set as claim", - "tokenClaimName": "Name of the claim to insert into the token. This can be a fully qualified name like 'address.street'. In this case, a nested json object will be created. To prevent nesting and use dot literally, escape the dot with backslash (\\.).", - "claimJsonType": "JSON type that should be used to populate the json claim in the token. long, int, boolean, String and JSON are valid values.", - "protocolMapper": "Protocol...", - "mapperName": "Name of the mapper", - "role": "Role name you want changed. Click 'Select Role' button to browse roles, or just type it in the textbox. To reference an application role the syntax is appname.approle, i.e. myapp.myrole", - "newRoleName": "The new role name. The new name format corresponds to where in the access token the role will be mapped to. So, a new name of 'myapp.newname' will map the role to that position in the access token. A new name of 'newname' will map the role to the realm roles in the token.", - "rolesScope": "If there is no role scope mapping defined, each user is permitted to use this client scope. If there are role scope mappings defined, the user must be a member of at least one of the roles." -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/en/client-scopes.json b/js/apps/admin-ui/public/locales/en/client-scopes.json deleted file mode 100644 index a1af839af8..0000000000 --- a/js/apps/admin-ui/public/locales/en/client-scopes.json +++ /dev/null @@ -1,59 +0,0 @@ -{ - "createClientScope": "Create client scope", - "clientScopeList": "Client scopes", - "grantedClientScopes": "Granted client scopes", - "clientScopeDetails": "Client scope details", - "clientScopeExplain": "Client scopes are a common set of protocol mappers and roles that are shared between multiple clients.", - "searchFor": "Search for client scope", - "dynamicScope": "Dynamic scope", - "dynamicScopeFormat": "Dynamic scope format", - "protocol": "Protocol", - "assignedType": "Assigned type", - "displayOrder": "Display order", - "type": "Type", - "deleteClientScope_one": "Delete client scope {{name}}", - "deleteClientScope_other": "Delete {{count}} client scopes", - "deleteConfirm": "Are you sure you want to delete this client scope", - "changeTypeTo": "Change type to", - "changeTypeIntro": "{{count}} selected client scopes will be changed to", - "clientScopeSuccess": "Scope mapping updated", - "clientScopeError": "Could not update scope mapping {{error}}", - "deletedSuccess": "The client scope has been deleted", - "deleteError": "Could not delete client scope: {{error}}", - "includeInTokenScope": "Include in token scope", - "realmRolePrefix": "Realm role prefix", - "userInfo": "User info", - "createSuccess": "Client scope created", - "createError": "Could not create client scope: '{{error}}'", - "updateSuccess": "Client scope updated", - "updateError": "Could not update client scope: '{{error}}'", - "addMapperExplain": "If you want more fine-grain control, you can create protocol mapper on this client", - "realmRoles": "Realm roles", - "newRoleName": "New role name", - "searchClientByName": "Search client by name", - "clients": "Clients", - "mapperCreateSuccess": "New mapping has been added", - "mapperCreateError": "Could not create mapping: {{error}}", - "fromPredefinedMapper": "From predefined mappers", - "byConfiguration": "By configuration", - "emptyBuiltInMappersInstructions": "All built in mappers were added to this client", - "emptySecondaryAction": "Configure a new mapper", - "displayOnConsentScreen": "Display on consent screen", - "consentScreenText": "Consent screen text", - "guiOrder": "Display Order", - "shouldBeANumber": "Should be a number", - "chooseAMapperType": "Choose a mapper type", - "addPredefinedMappers": "Add predefined mappers", - "predefinedMappingDescription": "Choose any of the predefined mappings from this table", - "configureMappingDescription": "Choose any of the mappings from this table", - "mappingTable": "Table with predefined mapping", - "scope": "Scope", - "roleMappingUpdatedSuccess": "Role mapping updated", - "roleMappingUpdatedError": "Could not update role mapping {{error}}", - "protocolTypes": { - "all": "All", - "saml": "SAML", - "openid-connect": "OpenID Connect" - }, - "headerName": "header name" -} diff --git a/js/apps/admin-ui/public/locales/en/clientScopes.json b/js/apps/admin-ui/public/locales/en/clientScopes.json deleted file mode 100644 index cf1f0ed3fc..0000000000 --- a/js/apps/admin-ui/public/locales/en/clientScopes.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "noRoles": "No roles for this client scope", - "noRolesInstructions": "You haven't created any roles for this client scope. Create a role to get started." -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/en/clients-help.json b/js/apps/admin-ui/public/locales/en/clients-help.json deleted file mode 100644 index 8ad8903a57..0000000000 --- a/js/apps/admin-ui/public/locales/en/clients-help.json +++ /dev/null @@ -1,190 +0,0 @@ -{ - "enableDisable": "Disabled clients cannot initiate a login or have obtained access tokens.", - "clientType": "'OpenID Connect' allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server.'SAML' enables web-based authentication and authorization scenarios including cross-domain single sign-on (SSO) and uses security tokens containing assertions to pass information.", - "serviceAccount": "Allows you to authenticate this client to Keycloak and retrieve access token dedicated to this client. In terms of OAuth2 specification, this enables support of 'Client Credentials Grant' for this client.", - "manageServiceAccountUser": "To manage detail and group mappings, click on the username <1>{{link}}", - "authentication": "This defines the type of the OIDC client. When it's ON, the OIDC type is set to confidential access type. When it's OFF, it is set to public access type", - "authorization": "Enable/Disable fine-grained authorization support for a client", - "authDetails": "Export and download all resource settings for this resource server.", - "directAccess": "This enables support for Direct Access Grants, which means that client has access to username/password of user and exchange it directly with Keycloak server for access token. In terms of OAuth2 specification, this enables support of 'Resource Owner Password Credentials Grant' for this client.", - "standardFlow": "This enables standard OpenID Connect redirect based authentication with authorization code. In terms of OpenID Connect or OAuth2 specifications, this enables support of 'Authorization Code Flow' for this client.", - "implicitFlow": "This enables support for OpenID Connect redirect based authentication without authorization code. In terms of OpenID Connect or OAuth2 specifications, this enables support of 'Implicit Flow' for this client.", - "oauthDeviceAuthorizationGrant": "This enables support for OAuth 2.0 Device Authorization Grant, which means that client is an application on device that has limited input capabilities or lack a suitable browser.", - "oidcCibaGrant": "This enables support for OIDC CIBA Grant, which means that the user is authenticated via some external authentication device instead of the user's browser.", - "rootURL": "Root URL appended to relative URLs", - "validRedirectURIs": "Valid URI pattern a browser can redirect to after a successful login. Simple wildcards are allowed such as 'http://example.com/*'. Relative path can be specified too such as /my/relative/path/*. Relative paths are relative to the client root URL, or if none is specified the auth server root URL is used. For SAML, you must set valid URI patterns if you are relying on the consumer service URL embedded with the login request.", - "validPostLogoutRedirectURIs": "Valid URI pattern a browser can redirect to after a successful logout. A value of '+' or an empty field will use the list of valid redirect uris. A value of '-' will not allow any post logout redirect uris. Simple wildcards are allowed such as 'http://example.com/*'. Relative path can be specified too such as /my/relative/path/*. Relative paths are relative to the client root URL, or if none is specified the auth server root URL is used.", - "nameIdFormat": "The name ID format to use for the subject.", - "alwaysDisplayInUI": "Always list this client in the Account UI, even if the user does not have an active session.", - "forceNameIdFormat": "Ignore requested NameID subject format and use Admin UI configured one.", - "forcePostBinding": "Always use POST binding for responses.", - "forceArtifactBinding": "Should response messages be returned to the client through the SAML ARTIFACT binding system?", - "includeAuthnStatement": "Should a statement specifying the method and timestamp be included in login responses?", - "includeOneTimeUseCondition": "Should a OneTimeUse Condition be included in login responses?", - "optimizeLookup": "When signing SAML documents in REDIRECT binding for SP that is secured by Keycloak adapter, should the ID of the signing key be included in SAML protocol message in element? This optimizes validation of the signature as the validating party uses a single key instead of trying every known key for validation.", - "allowEcpFlow": "This client is allowed to use ECP flow for authenticating users.", - "signDocuments": "Should SAML documents be signed by the realm?", - "signAssertions": "Should assertions inside SAML documents be signed? This setting is not needed if document is already being signed.", - "signatureAlgorithm": "The signature algorithm to use to sign documents. Note that 'SHA1' based algorithms are deprecated and can be removed in the future. It is recommended to stick to some more secure algorithm instead of '*_SHA1'", - "signatureKeyName": "Signed SAML documents contain identification of signing key in KeyName element. For Keycloak / RH-SSO counterparty, use KEY_ID, for MS AD FS use CERT_SUBJECT, for others check and use NONE if no other option works.", - "canonicalization": "Canonicalization Method for XML signatures.", - "webOrigins": "Allowed CORS origins. To permit all origins of Valid Redirect URIs, add '+'. This does not include the '*' wildcard though. To permit all origins, explicitly add '*'.", - "homeURL": "Default URL to use when the auth server needs to redirect or link back to the client.", - "adminURL": "URL to the admin interface of the client. Set this if the client supports the adapter REST API. This REST API allows the auth server to push revocation policies and other administrative tasks. Usually this is set to the base URL of the client.", - "client": "Select the client making this authorization request. If not provided, authorization requests would be done based on the client you are in.", - "clientId": "Specifies ID referenced in URI and tokens. For example 'my-client'. For SAML this is also the expected issuer value from authn requests", - "selectUser": "Select a user whose identity is going to be used to query permissions from the server.", - "roles": "Select the roles you want to associate with the selected user.", - "contextualAttributes": "Any attribute provided by a running environment or execution context.", - "resourceType": "Specifies that this permission must be applied to all resource instances of a given type.", - "applyToResourceType": "Specifies if this permission should be applied to all resources with a given type. In this case, this permission will be evaluated for all instances of a given resource type.", - "resources": "Specifies that this permission must be applied to a specific resource instance.", - "scopesSelect": "Specifies that this permission must be applied to one or more scopes.", - "clientName": "Specifies display name of the client. For example 'My Client'. Supports keys for localized values as well. For example: ${my_client}", - "description": "Specifies description of the client. For example 'My Client for TimeSheets'. Supports keys for localized values as well. For example: ${my_client_description}", - "loginTheme": "Select theme for login, OTP, grant, registration, and forgot password pages.", - "encryptAssertions": "Should SAML assertions be encrypted with client's public key using AES?", - "clientSignature": "Will the client sign their saml requests and responses? And should they be validated?", - "downloadType": "this is information about the download type", - "details": "this is information about the details", - "clientPolicyName": "Display name of the policy", - "createToken": "An initial access token can only be used to create clients", - "expiration": "Specifies how long the token should be valid", - "count": "Specifies how many clients can be created using the token", - "client-authenticator-type": "Client Authenticator used for authentication of this client against Keycloak server", - "registration-access-token": "The registration access token provides access for clients to the client registration service.", - "signature-algorithm": "JWA algorithm, which the client needs to use when signing a JWT for authentication. If left blank, the client is allowed to use any appropriate algorithm for the particular client authenticator.", - "anonymousAccessPolicies": "Those Policies are used when the Client Registration Service is invoked by unauthenticated request. This means that the request does not contain Initial Access Token nor Bearer Token.", - "authenticatedAccessPolicies": "Those Policies are used when Client Registration Service is invoked by authenticated request. This means that the request contains Initial Access Token or Bearer Token.", - "allowRegexComparison": "If OFF, then the Subject DN from given client certificate must exactly match the given DN from the 'Subject DN' property as described in the RFC8705 specification. The Subject DN can be in the RFC2553 or RFC1779 format. If ON, then the Subject DN from given client certificate should match regex specified by 'Subject DN' property.", - "subject": "A regular expression for validating Subject DN in the Client Certificate. Use \"(.*?)(?:$)\" to match all kind of expressions.", - "evaluateExplain": "This page allows you to see all protocol mappers and role scope mappings", - "effectiveProtocolMappers": "Contains all default client scopes and selected optional scopes. All protocol mappers and role scope mappings of all those client scopes will be used when generating access token issued for your client", - "effectiveRoleScopeMappings": "Selected Optional Client Scopes, which will be used when issuing access token for this client. You can see above what value of OAuth Scope Parameter needs to be used when you want to have these optional client scopes applied when the initial OpenID Connect Authentication request will be sent from your client adapter", - "generatedAccessToken": "See the example access token, which will be generated and sent to the client when selected user is authenticated. You can see claims and roles that the token will contain based on the effective protocol mappers and role scope mappings and also based on the claims/roles assigned to user himself", - "generatedIdToken": "See the example ID Token, which will be generated and sent to the client when selected user is authenticated. You can see claims and roles that the token will contain based on the effective protocol mappers and role scope mappings and also based on the claims/roles assigned to user himself", - "generatedUserInfo": "See the example User Info, which will be provided by the User Info Endpoint", - "scopeParameter": "You can copy/paste this value of scope parameter and use it in initial OpenID Connect Authentication Request sent from this client adapter. Default client scopes and selected optional client scopes will be used when generating token issued for this client", - "user": "Optionally select user, for whom the example access token will be generated. If you do not select a user, example access token will not be generated during evaluation", - "notBefore": "Revoke any tokens issued before this time for this client. To push the policy, you should set an effective admin URL in the Settings tab first.", - "notBeforeIntro": "In order to successfully push a revocation policy to the client, you need to set an Admin URL under the <1>Settings tab for this client first", - "notBeforeTooltip": "The admin URL should be set in the Settings tab first.", - "nodeReRegistrationTimeout": "Interval to specify max time for registered clients cluster nodes to re-register. If cluster node will not send re-registration request to Keycloak within this time, it will be unregistered from Keycloak", - "fineGrainOpenIdConnectConfiguration": "This section is used to configure advanced settings of this client related to OpenID Connect protocol.", - "fineGrainSamlEndpointConfig": "This section to configure exact URLs for Assertion Consumer and Single Logout Service.", - "logoUrl": "URL that references a logo for the Client application", - "policyUrl": "URL that the Relying Party Client provides to the End-User to read about the how the profile data will be used", - "policyUsers": "Specifies which user(s) are allowed by this policy.", - "termsOfServiceUrl": "URL that the Relying Party Client provides to the End-User to read about the Relying Party's terms of service", - "accessTokenSignatureAlgorithm": "JWA algorithm used for signing access tokens.", - "idTokenSignatureAlgorithm": "JWA algorithm used for signing ID tokens.", - "idTokenEncryptionKeyManagementAlgorithm": "JWA Algorithm used for key management in encrypting ID tokens. This option is needed if you want encrypted ID tokens. If left empty, ID Tokens are just signed, but not encrypted.", - "idTokenEncryptionContentEncryptionAlgorithm": "JWA Algorithm used for content encryption in encrypting ID tokens. This option is needed just if you want encrypted ID tokens. If left empty, ID Tokens are just signed, but not encrypted.", - "userInfoSignedResponseAlgorithm": "JWA algorithm used for signed User Info Endpoint response. If set to 'unsigned', User Info Response won't be signed and will be returned in application/json format.", - "userInfoResponseEncryptionKeyManagementAlgorithm": "JWA Algorithm used for key management in encrypting User Info Endpoint responses. This option is needed if you want encrypted User Info Endpoint responses. If left empty, User Info Endpoint responses are not encrypted.", - "userInfoResponseEncryptionContentEncryptionAlgorithm": "JWA Algorithm used for content encryption in encrypting User Info Endpoint responses. If User Info response encryption key management algorithm is specified, the default for this value is A128CBC-HS256.", - "requestObjectSignatureAlgorithm": "JWA algorithm, which client needs to use when sending OIDC request object specified by 'request' or 'request_uri' parameters. If set to 'any', Request object can be signed by any algorithm (including 'none' ).", - "requestObjectRequired": "Specifies if the client needs to provide a request object with their authorization requests, and what method they can use for this. If set to \"not required\", providing a request object is optional. In all other cases, providing a request object is mandatory. If set to \"request\", the request object must be provided by value. If set to \"request_uri\", the request object must be provided by reference. If set to \"request or request_uri\", either method can be used.", - "requestObjectEncryption": "JWE algorithm, which client needs to use when sending OIDC request object specified by 'request' or 'request_uri' parameters. If set to 'any', encryption is optional and any algorithm is allowed.", - "requestObjectEncoding": "JWE algorithm, which client needs to use when encrypting the content of the OIDC request object specified by 'request' or 'request_uri' parameters. If set to 'any', any algorithm is allowed.", - "validRequestURIs": "List of valid URIs, which can be used as values of 'request_uri' parameter during OpenID Connect authentication request. There is support for the same capabilities like for Valid Redirect URIs. For example wildcards or relative paths.", - "idpInitiatedSsoUrlName": "URL fragment name to reference client when you want to do IDP Initiated SSO. Leaving this empty will disable IDP Initiated SSO. The URL you will reference from your browser will be: {server-root}/realms/{realm}/protocol/saml/clients/{client-url-name}", - "idpInitiatedSsoRelayState": "Relay state you want to send with SAML request when you want to do IDP Initiated SSO.", - "masterSamlProcessingUrl": "If configured, this URL will be used for every binding to both the SP's Assertion Consumer and Single Logout Services. This can be individually overridden for each binding and service in the Fine Grain SAML Endpoint Configuration.", - "authorizationSignedResponseAlg": "JWA algorithm used for signing authorization response tokens when the response mode is jwt.", - "authorizationEncryptedResponseAlg": "JWA Algorithm used for key management in encrypting the authorization response when the response mode is jwt. This option is needed if you want encrypted authorization response. If left empty, the authorization response is just signed, but not encrypted.", - "authorizationEncryptedResponseEnc": "JWA Algorithm used for content encryption in encrypting the authorization response when the response mode is jwt. This option is needed if you want encrypted authorization response. If left empty, the authorization response is just signed, but not encrypted.", - "openIdConnectCompatibilityModes": "This section is used to configure settings for backward compatibility with older OpenID Connect / OAuth 2 adaptors. It's useful especially if your client uses older version of Keycloak / RH-SSO adapter.", - "excludeSessionStateFromAuthenticationResponse": "If this is on, the parameter 'session_state' will not be included in OpenID Connect Authentication Response. It is useful if your client uses older OIDC / OAuth2 adapter, which does not support 'session_state' parameter.", - "excludeIssuerFromAuthenticationResponse": "If this is on, the parameter 'iss' will not be included in OpenID Connect Authentication Response. It is useful if your client uses older OIDC / OAuth2 adapter, which does not support 'session_state' parameter.", - "useRefreshTokens": "If this is on, a refresh_token will be created and added to the token response. If this is off then no refresh_token will be generated.", - "useRefreshTokenForClientCredentialsGrant": "If this is on, a refresh_token will be created and added to the token response if the client_credentials grant is used. The OAuth 2.0 RFC6749 Section 4.4.3 states that a refresh_token should not be generated when client_credentials grant is used. If this is off then no refresh_token will be generated and the associated user session will be removed.", - "useLowerCaseBearerType": "If this is on, token responses will be set the with the type \"bearer\" in lower-case. By default, the server sets the type as \"Bearer\" as defined by RFC6750.", - "advancedSettingsOpenid-connect": "This section is used to configure advanced settings of this client related to OpenID Connect protocol", - "advancedSettingsSaml": "This section is used to configure advanced settings of this client", - "assertionLifespan": "Lifespan set in the SAML assertion conditions. After that time the assertion will be invalid. The \"SessionNotOnOrAfter\" attribute is not modified and continue using the \"SSO Session Max\" time defined at realm level.", - "accessTokenLifespan": "Max time before an access token is expired. This value is recommended to be short relative to the SSO timeout.", - "clientSessionIdle": "Time a client session is allowed to be idle before it expires. Tokens are invalidated when a client session is expired. The option does not affect the global user SSO session. If not set, it uses the standard SSO Session Idle value.", - "clientSessionMax": "Max time before a client session is expired. Tokens are invalidated when a client session is expired. The option does not affect the global user SSO session. If not set, it uses the realm Client Session Max or SSO Session Max value.", - "clientOfflineSessionIdle": "Time a client offline session is allowed to be idle before it expires. Offline tokens are invalidated when a client offline session is expired. The option does not affect the global user SSO session. If not set, it uses the realm Offline Session Idle value.", - "clientOfflineSessionMax": "Max time before a client offline session is expired. If Offline Session Max Limited is enabled at realm level, offline tokens are invalidated when a client offline session is expired. The option does not affect the global user SSO session. If not set, it uses the realm Offline Session Max value.", - "oAuthMutual": "This enables support for OAuth 2.0 Mutual TLS Certificate Bound Access Tokens, which means that keycloak bind an access token and a refresh token with a X.509 certificate of a token requesting client exchanged in mutual TLS between keycloak's Token Endpoint and this client. These tokens can be treated as Holder-of-Key tokens instead of bearer tokens.", - "oAuthDPoP": "This enables support for Demonstrating Proof-of-Possession (DPoP) bound tokens. The access and refresh tokens are bound to the key stored on the user agent. In order to prove the possession of the key, the user agent must send a signed proof alongside the token.", - "keyForCodeExchange": "Choose which code challenge method for PKCE is used. If not specified, keycloak does not applies PKCE to a client unless the client sends an authorization request with appropriate code challenge and code exchange method.", - "pushedAuthorizationRequestRequired": "Boolean parameter indicating whether the authorization server accepts authorization request data only via the pushed authorization request method.", - "acrToLoAMapping": "Define which ACR (Authentication Context Class Reference) value is mapped to which LoA (Level of Authentication). The ACR can be any value, whereas the LoA must be numeric.", - "defaultACRValues": "Default values to be used as voluntary ACR in case that there is no explicit ACR requested by 'claims' or 'acr_values' parameter in the OIDC request.", - "assertionConsumerServicePostBindingURL": "SAML POST Binding URL for the client's assertion consumer service (login responses). You can leave this blank if you do not have a URL for this binding.", - "assertionConsumerServiceRedirectBindingURL": "SAML Redirect Binding URL for the client's assertion consumer service (login responses). You can leave this blank if you do not have a URL for this binding.", - "logoutServicePostBindingURL": "SAML POST Binding URL for the client's single logout service. You can leave this blank if you are using a different binding", - "logoutServiceRedirectBindingURL": "SAML Redirect Binding URL for the client's single logout service. You can leave this blank if you are using a different binding.", - "logoutServiceSoapBindingUrl": "SAML SOAP Binding URL for the client's single logout service. You can leave this blank if you are using a different binding.", - "logoutServiceArtifactBindingUrl": "SAML ARTIFACT Binding URL for the client's single logout service. You can leave this blank if you are using a different binding.", - "artifactBindingUrl": "URL to send the HTTP ARTIFACT messages to. You can leave this blank if you are using a different binding. This value should be set when forcing ARTIFACT binding together with IdP initiated login.", - "frontchannelLogout": "When true, logout requires a browser redirect to client. When false, server performs a background invocation for logout.", - "frontchannelLogoutUrl": "URL that will cause the client to log itself out when a logout request is sent to this realm (via end_session_endpoint). If not provided, it defaults to the base url.", - "backchannelLogoutUrl": "URL that will cause the client to log itself out when a logout request is sent to this realm (via end_session_endpoint). If omitted, no logout request will be sent to the client is this case.", - "backchannelLogoutSessionRequired": "Specifying whether a sid (session ID) Claim is included in the Logout Token when the Backchannel Logout URL is used.", - "backchannelLogoutRevokeOfflineSessions": "Specifying whether a \"revoke_offline_access\" event is included in the Logout Token when the Backchannel Logout URL is used. Keycloak will revoke offline sessions when receiving a Logout Token with this event.", - "artifactResolutionService": "SAML Artifact resolution service for the client. This is the endpoint to which Keycloak will send a SOAP ArtifactResolve message. You can leave this blank if you do not have a URL for this binding.", - "authenticationOverrides": "Override realm authentication flow bindings.", - "browserFlow": "Select the flow you want to use for browser authentication.", - "directGrant": "Select the flow you want to use for direct grant authentication.", - "useJwksUrl": "If the switch is on, client public keys will be downloaded from given JWKS URL. This allows great flexibility because new keys will be always re-downloaded again when client generates new keypair. If the switch is off, public key (or certificate) from the Keycloak DB is used, so when client keypair changes, you always need to import new key (or certificate) to the Keycloak DB as well.", - "certificate": "Client Certificate for validate JWT issued by client and signed by Client private key from your keystore.", - "jwksUrl": "URL where client keys in JWK format are stored. See JWK specification for more details. If you use Keycloak client adapter with \"jwt\" credential, you can use URL of your app with '/k_jwks' suffix. For example 'http://www.myhost.com/myapp/k_jwks' .", - "generateKeysDescription": "If you generate new keys, you can download the keystore with the private key automatically and save it on your client's side. Keycloak server will save just the certificate and public key, but not the private key.", - "archiveFormat": "Java keystore or PKCS12 archive format.", - "keyAlias": "Archive alias for your private key and certificate.", - "keyPassword": "Password to access the private key in the archive", - "realmCertificateAlias": "Realm certificate is stored in archive too. This is the alias to it.", - "storePassword": "Password to access the archive itself", - "consentRequired": "If enabled, users have to consent to client access.", - "displayOnClient": "Applicable only if 'Consent Required' is on for this client. If this switch is off, the consent screen will contain just the consents corresponding to configured client scopes. If on, there will be also one item on the consent screen about this client itself.", - "consentScreenText": "Applicable only if 'Display Client On Consent Screen' is on for this client. Contains the text which will be on the consent screen about permissions specific just for this client.", - "import": "Import a JSON file containing authorization settings for this resource server.", - "policyEnforcementMode": "The policy enforcement mode dictates how policies are enforced when evaluating authorization requests. 'Enforcing' means requests are denied by default even when there is no policy associated with a given resource. 'Permissive' means requests are allowed even when there is no policy associated with a given resource. 'Disabled' completely disables the evaluation of policies and allows access to any resource.", - "decisionStrategy": "The decision strategy dictates how permissions are evaluated and how a final decision is obtained. 'Affirmative' means that at least one permission must evaluate to a positive decision in order to grant access to a resource and its scopes. 'Unanimous' means that all permissions must evaluate to a positive decision in order for the final decision to be also positive.", - "allowRemoteResourceManagement": "Should resources be managed remotely by the resource server? If false, resources can be managed only from this Admin UI.", - "resourceName": "A unique name for this resource. The name can be used to uniquely identify a resource, useful when querying for a specific resource.", - "displayName": "A user-friendly name for the resource, mainly used when rendering user-facing forms. It supports internationalization so that values can be loaded from message bundles.", - "type": "The type of this resource. It can be used to group different resource instances with the same type.", - "uris": "Set of URIs which are protected by resource.", - "scopes": "The scopes associated with this resource.", - "dedicatedScopeExplain": "This is a client scope which includes the dedicated mappers and scope", - "fullScopeAllowed": "Allows you to disable all restrictions.", - "iconUri": "A URI pointing to an icon.", - "ownerManagedAccess": "If enabled, the access to this resource can be managed by the resource owner.", - "resourceAttribute": "The attributes associated wth the resource.", - "resetActions": "Set of actions to execute when sending the user a Reset Actions Email. 'Verify email' sends an email to the user to verify their email address. 'Update profile' requires user to enter in new personal information. 'Update password' requires user to enter in a new password. 'Configure OTP' requires setup of a mobile password generator.", - "lifespan": "Maximum time before the action permit expires.", - "scopeName": "A unique name for this scope. The name can be used to uniquely identify a scope, useful when querying for a specific scope.", - "scopeDisplayName": "A unique name for this scope. The name can be used to uniquely identify a scope, useful when querying for a specific scope.", - "policy-name": "The name of this policy.", - "policy-description": "A description for this policy.", - "policyDecisionStagey": "The decision strategy dictates how the policies associated with a given permission are evaluated and how a final decision is obtained. 'Affirmative' means that at least one policy must evaluate to a positive decision in order for the final decision to be also positive. 'Unanimous' means that all policies must evaluate to a positive decision in order for the final decision to be also positive. 'Consensus' means that the number of positive decisions must be greater than the number of negative decisions. If the number of positive and negative is the same, the final decision will be negative.", - "applyPolicy": "Specifies all the policies that must be applied to the scopes defined by this policy or permission.", - "policyClient": "Specifies which client(s) are allowed by this policy.", - "groupsClaim": "If defined, the policy will fetch user's groups from the given claim within an access token or ID token representing the identity asking permissions. If not defined, user's groups are obtained from your realm configuration.", - "policyGroups": "Specifies which user(s) are allowed by this policy.", - "targetClaim": "Specifies the target claim which the policy will fetch.", - "regexPattern": "Specifies the regex pattern.", - "policyRoles": "Specifies the client roles allowed by this policy.", - "startTime": "Defines the time before which the policy MUST NOT be granted. Only granted if current date/time is after or equal to this value.", - "expireTime": "Defines the time after which the policy MUST NOT be granted. Only granted if current date/time is before or equal to this value.", - "month": "Defines the month which the policy MUST be granted. You can also provide a range by filling the second field. In this case, permission is granted only if current month is between or equal to the two values you provided.", - "dayMonth": "Defines the day of month when the policy MUST be granted. You can also provide a range by filling the second field. In this case, permission is granted only if current day of month is between or equal to the two values you provided.", - "hour": "Defines the hour when the policy MUST be granted. You can also provide a range by filling the second field. In this case, permission is granted only if current hour is between or equal to the two values you provided.", - "minute": "Defines the minute when the policy MUST be granted. You can also provide a range by filling the second field. In this case, permission is granted only if current minute is between or equal to the two values you provided.", - "policyCode": "The JavaScript code providing the conditions for this policy.", - "logic": "The logic dictates how the policy decision should be made. If 'Positive', the resulting effect (permit or deny) obtained during the evaluation of this policy will be used to perform a decision. If 'Negative', the resulting effect will be negated, in other words, a permit becomes a deny and vice-versa.", - "permissionName": "The name of this permission.", - "permissionDescription": "A description for this permission.", - "applyToResourceTypeFlag": "Specifies if this permission should be applied to all resources with a given type. In this case, this permission will be evaluated for all instances of a given resource type.", - "permissionResources": "Specifies that this permission must be applied to a specific resource instance.", - "permissionScopes": "Specifies that this permission must be applied to one or more scopes.", - "permissionPolicies": "Specifies all the policies that must be applied to the scopes defined by this policy or permission.", - "permissionType": "Specifies that this permission must be applied to all resources instances of a given type.", - "permissionDecisionStrategy": "The decision strategy dictates how the policies associated with a given permission are evaluated and how a final decision is obtained. 'Affirmative' means that at least one policy must evaluate to a positive decision in order for the final decision to be also positive. 'Unanimous' means that all policies must evaluate to a positive decision in order for the final decision to be also positive. 'Consensus' means that the number of positive decisions must be greater than the number of negative decisions. If the number of positive and negative is the same, the final decision will be negative.", - "permissionsEnabled": "Determines if fine grained permissions are enabled for managing this role. Disabling will delete all current permissions that have been set up." -} diff --git a/js/apps/admin-ui/public/locales/en/clients.json b/js/apps/admin-ui/public/locales/en/clients.json deleted file mode 100644 index ebb68aecf7..0000000000 --- a/js/apps/admin-ui/public/locales/en/clients.json +++ /dev/null @@ -1,552 +0,0 @@ -{ - "protocolTypes": { - "openIdConnect": "OpenID Connect", - "saml": "SAML", - "all": "All" - }, - "protocol": "Protocol", - "copy": "Copy", - "copied": "Authorization details copied.", - "copyError": "Error copying authorization details: {{error}}", - "exportAuthDetailsSuccess": "Successfully exported authorization details.", - "exportAuthDetailsError": "Error exporting authorization details: {{error}}", - "clientType": "Client type", - "clientAuthorization": "Authorization", - "implicitFlow": "Implicit flow", - "createClient": "Create client", - "importClient": "Import client", - "homeURL": "Home URL", - "webOrigins": "Web origins", - "addWebOrigins": "Add web origins", - "adminURL": "Admin URL", - "formatOption": "Format option", - "encryptAssertions": "Encrypt assertions", - "clientSignature": "Client signature required", - "downloadAdaptorTitle": "Download adaptor configs", - "privateKeyMask": "PRIVATE KEY NOT SET UP OR KNOWN", - "keys": "Keys", - "credentials": "Credentials", - "roles": "Roles", - "createRole": "Create role", - "noRoles": "No roles for this client", - "noRolesInstructions": "You haven't created any roles for this client. Create a role to get started.", - "clientScopes": "Client scopes", - "addClientScope": "Add client scope", - "dedicatedScopeName": "{{clientName}}-dedicated", - "dedicatedScopeDescription": "Dedicated scope and mappers for this client", - "dedicatedScopes": "Dedicated scopes", - "fullScopeAllowed": "Full scope allowed", - "addClientScopesTo": "Add client scopes to {{clientName}}", - "clientScopeRemoveSuccess": "Scope mapping successfully removed", - "clientScopeRemoveError": "Could not remove the scope mapping {{error}}", - "clientScopeSuccess": "Scope mapping successfully updated", - "clientScopeError": "Could not update the scope mapping {{error}}", - "searchByName": "Search by name", - "setup": "Setup", - "selectAUser": "Select a user", - "selectARole": "Select a role", - "client": "Client", - "evaluateError": "Could not evaluate due to: {{error}}", - "evaluate": "Evaluate", - "reevaluate": "Re-evaluate", - "showAuthData": "Show authorization data", - "authData": "Authorization data", - "authDataDescription": "Represents a token carrying authorization data as a result of the processing of an authorization request. This representation is basically what Keycloak issues to clients asking for permission. Check the `authorization` claim for the permissions that where granted based on the current authorization request. ", - "results": "Results", - "allResults": "All results", - "resultPermit": "Result-Permit", - "resultDeny": "Result-Deny", - "permit": "Permit", - "deny": "Deny", - "unanimous": "Unanimous", - "affirmative": "Affirmative", - "consensus": "Consensus", - "votedToStatus": " voted to {{status}}", - "overallResults": "Overall Results", - "grantedScopes": "Granted scopes", - "deniedScopes": "Denied scopes", - "permission": "Permission", - "lastEvaluation": "Last Evaluation", - "resourcesAndScopes": "Resources and Scopes", - "authScopes": "Authorization scopes", - "authDetails": "Authorization details", - "anyResource": "Any resource", - "anyScope": "Any scope", - "selectScope": "Select a scope", - "applyToResourceType": "Apply to Resource Type", - "contextualInfo": "Contextual Information", - "contextualAttributes": "Contextual Attributes", - "selectOrTypeAKey": "Select or type a key", - "custom": "Custom Attribute...", - "kc": { - "identity": { - "authc": { - "method": "Authentication Method" - } - }, - "realm": { - "name": "Realm" - }, - "time": { - "date_time": "Date/Time (MM/dd/yyyy hh:mm:ss)" - }, - "client": { - "network": { - "ip_address": "Client IPv4 Address", - "host": "Client Host" - }, - "user_agent": "Client/User Agent" - } - }, - "password": "Password", - "oneTimePassword": "One-Time Password", - "kerberos": "Kerberos", - "removeMappingTitle": "Remove role?", - "removeMappingConfirm_one": "Are you sure you want to remove this role?", - "removeMappingConfirm_other": "Are you sure you want to remove {{count}} roles", - "clientScopeSearch": { - "name": "Name", - "type": "Assigned type", - "protocol": "Protocol" - }, - "authorization": "Authorization", - "settings": "Settings", - "policyEnforcementMode": "Policy enforcement mode", - "policyEnforcementModes": { - "ENFORCING": "Enforcing", - "PERMISSIVE": "Permissive", - "DISABLED": "Disabled" - }, - "decisionStrategy": "Decision strategy", - "decisionStrategies": { - "UNANIMOUS": "Unanimous", - "AFFIRMATIVE": "Affirmative", - "CONSENSUS": "Consensus" - }, - "importResources": "The following settings and data will be imported:", - "importWarning": "The data and settings imported above may overwrite the data and settings that already exist.", - "importResourceSuccess": "The resource was successfully imported", - "importResourceError": "Could not import the resource due to {{error}}", - "createResource": "Create resource", - "resourceDetails": "Resource details", - "emptyPermissions": "No permissions", - "emptyPermissionInstructions": "If you want to create a permission, please click the button below to create a resource-based or scope-based permission.", - "noScopeCreateHint": "You'll need to create an authorization scope first.", - "noResourceCreateHint": "There are no resources you can't create resource-based permission", - "createResourceBasedPermission": "Create resource-based permission", - "createScopeBasedPermission": "Create scope-based permission", - "displayName": "Display name", - "type": "Type", - "addUri": "Add URI", - "authorizationScopes": "Authorization scopes", - "iconUri": "Icon URI", - "ownerManagedAccess": "User-Managed access enabled", - "resourceAttribute": "Resource attribute", - "createResourceSuccess": "Resource created successfully", - "updateResourceSuccess": "Resource successfully updated", - "resourceSaveError": "Could not persist resource due to {{error}}", - "associatedPermissions": "Associated permission", - "allowRemoteResourceManagement": "Remote resource management", - "resources": "Resources", - "resource": "Resource", - "emptyResources": "No resources", - "emptyResourcesInstructions": "If you want to create a resource, please click the button below.", - "allTypes": "All types", - "scope": "Scope", - "owner": "Owner", - "uris": "URIs", - "scopes": "Scopes", - "policies": "Policies", - "createPermission": "Create permission", - "permissionDetails": "Permission details", - "deleteResource": "Permanently delete resource?", - "deleteResourceConfirm": "If you delete this resource, some permissions will be affected.", - "deleteResourceWarning": "The permissions below will be removed when they are no longer used by other resources:", - "resourceDeletedSuccess": "The resource successfully deleted", - "resourceDeletedError": "Could not remove the resource {{error}}", - "identityInformation": "Identity Information", - "searchForPermission": "Search for permission", - "deleteScope": "Permanently delete authorization scope?", - "deleteScopeConfirm": "If you delete this authorization scope, some permissions will be affected.", - "deleteScopeWarning": "The permissions below will be removed when they are no longer used by other authorization scopes:", - "resourceScopeSuccess": "The authorization scope successfully deleted", - "resourceScopeError": "Could not remove the authorization scope due to {{error}}", - "associatedPolicy": "Associated policy", - "deletePermission": "Permanently delete permission?", - "deletePermissionConfirm": "Are you sure you want to delete the permission {{permission}}", - "permissionDeletedSuccess": "Successfully deleted permission", - "permissionDeletedError": "Could not delete permission due to {{error}}", - "applyToResourceTypeFlag": "Apply to resource type", - "resourceType": "Resource type", - "createPermissionSuccess": "Successfully created the permission", - "updatePermissionSuccess": "Successfully updated the permission", - "permissionSaveError": "Could not update the permission due to {{error}}", - "createAuthorizationScope": "Create authorization scope", - "authorizationScopeDetails": "Authorization scope details", - "emptyAuthorizationScopes": "No authorization scopes", - "emptyAuthorizationInstructions": "If you want to create authorization scopes, please click the button below to create the authorization scope", - "createScopeSuccess": "Authorization scope created successfully", - "updateScopeSuccess": "Authorization scope successfully updated", - "scopeSaveError": "Could not persist authorization scope due to {{error}}", - "createPolicy": "Create policy", - "policyDetails": "Policy details", - "createPolicyOfType": "Create {{policyType}} policy", - "dependentPermission": "Dependent permission", - "deletePolicy": "Permanently delete policy?", - "deletePolicyConfirm": "If you delete this policy, some permissions or aggregated policies will be affected.", - "deletePolicyWarning": "The aggregated polices below will be removed automatically:", - "policyDeletedSuccess": "The Policy successfully deleted", - "policyDeletedError": "Could not remove the resource {{error}}", - "emptyPolicies": "No policies", - "emptyPoliciesInstructions": "If you want to create a policy, please click the button below to create the policy.", - "chooseAPolicyType": "Choose a policy type", - "chooseAPolicyTypeInstructions": "Choose one policy type from the list below and then you can configure a new policy for authorization. There are some types and description.", - "policyProvider": { - "regex": "Define regex conditions for your permissions.", - "role": "Define conditions for your permissions where a set of one or more roles is permitted to access an object.", - "js": "Define conditions for your permissions using JavaScript. It is one of the rule-based policy types supported by Keycloak, and provides flexibility to write any policy based on the Evaluation API.", - "client": "Define conditions for your permissions where a set of one or more clients is permitted to access an object.", - "time": "Define time conditions for your permissions.", - "user": "Define conditions for your permissions where a set of one or more users is permitted to access an object.", - "client-scope": "Define conditions for your permissions where a set of one or more client scopes is permitted to access an object.", - "aggregate": "Reuse existing policies to build more complex ones and keep your permissions even more decoupled from the policies that are evaluated during the processing of authorization requests.", - "group": "Define conditions for your permissions where a set of one or more groups (and their hierarchies) is permitted to access an object." - }, - "applyPolicy": "Apply policy", - "addClientScopes": "Add client scopes", - "emptyAddClientScopes": "No client scopes", - "emptyAddClientScopesInstructions": "There are no client scopes left to add", - "clientScope": "Client scope", - "groupsClaim": "Groups claim", - "addGroups": "Add groups", - "groups": "Groups", - "users": "Users", - "requiredClient": "Please add at least one client.", - "requiredClientScope": "Please add at least one client scope.", - "requiredGroups": "Please add at least one group.", - "requiredRoles": "Please add at least one role.", - "addGroupsToGroupPolicy": "Add groups to group policy", - "extendToChildren": "Extend to children", - "targetClaim": "Target claim", - "regexPattern": "Regex pattern", - "addRoles": "Add roles", - "required": "Required", - "startTime": "Start time", - "repeat": "Repeat", - "notRepeat": "Not repeat", - "month": "Month", - "dayMonth": "Day", - "hour": "Hour", - "minute": "Minute", - "code": "Code", - "expireTime": "Expire time", - "logic": "Logic", - "logicType": { - "positive": "Positive", - "negative": "Negative" - }, - "createPolicySuccess": "Successfully created the policy", - "updatePolicySuccess": "Successfully updated the policy", - "policySaveError": "Could not update the policy due to {{error}}", - "assignedClientScope": "Assigned client scope", - "assignedType": "Assigned type", - "emptyClientScopes": "This client doesn't have any added client scopes", - "emptyClientScopesInstructions": "There are currently no client scopes linked to this client. You can add existing client scopes to this client to share protocol mappers and roles.", - "emptyClientScopesPrimaryAction": "Add client scopes", - "scopeParameter": "Scope parameter", - "scopeParameterPlaceholder": "Select scope parameters", - "effectiveProtocolMappers": "Effective protocol mappers", - "effectiveRoleScopeMappings": "Effective role scope mappings", - "generatedAccessToken": "Generated access token", - "generatedIdToken": "Generated ID token", - "generatedIdTokenNo": "No generated id token", - "generatedIdTokenIsDisabled": "Generated id token is disabled when no user is selected", - "generatedUserInfo": "Generated user info", - "generatedUserInfoNo": "No generated user info", - "generatedUserInfoIsDisabled": "Generated user info is disabled when no user is selected", - "searchForProtocol": "Search protocol mapper", - "parentClientScope": "Parent client scope", - "searchForRole": "Search role", - "origin": "Origin", - "user": "User", - "generatedAccessTokenNo": "No generated access token", - "generatedAccessTokenIsDisabled": "Generated access token is disabled when no user is selected", - "clientList": "Clients", - "clientsList": "Clients list", - "initialAccessToken": "Initial access token", - "expirationValueNotValid": "Value should should be greater or equal to 1", - "clientSettings": "Client details", - "selectEncryptionType": "Select Encryption type", - "generalSettings": "General Settings", - "alwaysDisplayInUI": "Always display in UI", - "capabilityConfig": "Capability config", - "clientsExplain": "Clients are applications and services that can request authentication of a user.", - "explainBearerOnly": "This is a special OIDC type. This client only allows bearer token requests and cannot participate in browser logins.", - "createSuccess": "Client created successfully", - "createError": "Could not create client: '{{error}}'", - "clientImportError": "Could not import client: {{error}}", - "clientSaveSuccess": "Client successfully updated", - "clientSaveError": "Client could not be updated: {{error}}", - "clientImportSuccess": "Client imported successfully", - "clientDelete": "Delete {{clientId}} ?", - "clientDeletedSuccess": "The client has been deleted", - "clientDeleteError": "Could not delete client: {{error}}", - "clientDeleteConfirmTitle": "Delete client?", - "disableConfirmTitle": "Disable client?", - "downloadAdapterConfig": "Download adapter config", - "disableConfirm": "If you disable this client, you cannot initiate a login or obtain access tokens.", - "clientDeleteConfirm": "If you delete this client, all associated data will be removed.", - "searchInitialAccessToken": "Search token", - "createToken": "Create initial access token", - "tokenDeleteConfirm": "Are you sure you want to permanently delete the initial access token {{id}}", - "tokenDeleteConfirmTitle": "Delete initial access token?", - "tokenDeleteSuccess": "Initial access token deleted successfully", - "tokenDeleteError": "Could not delete initial access token: '{{error}}'", - "timestamp": "Created date", - "created": "Created", - "lastUpdated": "Last updated", - "expires": "Expires", - "count": "Count", - "remainingCount": "Remaining count", - "expiration": "Expiration", - "noTokens": "No initial access tokens", - "noTokensInstructions": "You haven't created any initial access tokens. Create an initial access token by clicking \"Create\".", - "tokenSaveSuccess": "New initial access token has been created", - "tokenSaveError": "Could not create initial access token {{error}}", - "initialAccessTokenDetails": "Initial access token details", - "copyInitialAccessToken": "Please copy and paste the initial access token before closing as it can not be retrieved later.", - "copySuccess": "Successfully copied to clipboard!", - "clipboardCopyError": "Error copying to clipboard.", - "clipboardCopyDenied": "Your browser is blocking access to the clipboard.", - "copyToClipboard": "Copy to clipboard", - "clientRegistration": "Client registration", - "anonymousAccessPolicies": "Anonymous access polices", - "authenticatedAccessPolicies": "Authenticated access polices", - "provider": "Provider", - "providerId": "Provider ID", - "providerCreateSuccess": "New client policy created successfully", - "providerCreateError": "Could not create client policy due to {{error}}", - "providerUpdatedSuccess": "Client policy updated successfully", - "providerUpdatedError": "Could not update client policy due to {{error}}", - "clientRegisterPolicyDeleteConfirmTitle": "Delete client registration policy?", - "clientRegisterPolicyDeleteConfirm": "Are you sure you want to permanently delete the client registration policy {{name}}", - "clientRegisterPolicyDeleteSuccess": "Client registration policy deleted successfully", - "clientRegisterPolicyDeleteError": "Could not delete client registration policy: '{{error}}'", - "chooseAPolicyProvider": "Choose a policy provider", - "clientAuthentication": "Client authentication", - "authentication": "Authentication", - "authenticationFlow": "Authentication flow", - "standardFlow": "Standard flow", - "directAccess": "Direct access grants", - "serviceAccount": "Service accounts roles", - "oauthDeviceAuthorizationGrant": "OAuth 2.0 Device Authorization Grant", - "oidcCibaGrant": "OIDC CIBA Grant", - "enableServiceAccount": "Enable service account roles", - "searchByRoleName": "Search by role name", - "realmRoles": "Realm roles", - "clients": "Clients", - "assign": "Assign", - "roleMappingUpdatedSuccess": "Role mapping updated", - "roleMappingUpdatedError": "Could not update role mapping {{error}}", - "displayOnClient": "Display client on screen", - "consentScreenText": "Client consent screen text", - "loginSettings": "Login settings", - "logoutSettings": "Logout settings", - "backchannelLogoutUrl": "Backchannel logout URL", - "backchannelUrlInvalid": "Backchannel logout URL is not a valid URL", - "backchannelLogoutSessionRequired": "Backchannel logout session required", - "backchannelLogoutRevokeOfflineSessions": "Backchannel logout revoke offline sessions", - "frontchannelLogout": "Front channel logout", - "frontchannelLogoutUrl": "Front-channel logout URL", - "frontchannelUrlInvalid": "Front-channel logout URL is not a valid URL", - "accessSettings": "Access settings", - "rootUrl": "Root URL", - "validRedirectUri": "Valid redirect URIs", - "validPostLogoutRedirectUri": "Valid post logout redirect URIs", - "idpInitiatedSsoUrlName": "IDP-Initiated SSO URL name", - "idpInitiatedSsoUrlNameHelp": "Target IDP initiated SSO URL: {{url}}", - "idpInitiatedSsoRelayState": "IDP Initiated SSO Relay State", - "masterSamlProcessingUrl": "Master SAML Processing URL", - "samlCapabilityConfig": "SAML capabilities", - "signatureAndEncryption": "Signature and Encryption", - "nameIdFormat": "Name ID format", - "forceNameIdFormat": "Force name ID format", - "forcePostBinding": "Force POST binding", - "forceArtifactBinding": "Force artifact binding", - "includeAuthnStatement": "Include AuthnStatement", - "includeOneTimeUseCondition": "Include OneTimeUse Condition", - "optimizeLookup": "Optimize REDIRECT signing key lookup", - "allowEcpFlow": "Allow ECP flow", - "signDocuments": "Sign documents", - "signAssertions": "Sign assertions", - "signatureKeyName": "SAML signature key name", - "canonicalization": "Canonicalization method", - "addRedirectUri": "Add valid redirect URIs", - "addPostLogoutRedirectUri": "Add valid post logout redirect URIs", - "loginTheme": "Login theme", - "consentRequired": "Consent required", - "clientAuthenticator": "Client Authenticator", - "changeAuthenticatorConfirmTitle": "Change to {{clientAuthenticatorType}}?", - "changeAuthenticatorConfirm": "If you change authenticator to {{clientAuthenticatorType}}, the Keycloak database will be updated and you may need to download a new adapter configuration for this client.", - "signedJWTConfirm": "Generate a private key and certificate for the client from the Keys tab.", - "anyAlgorithm": "Any algorithm", - "clientSecret": "Client secret", - "regenerate": "Regenerate", - "secretExpiresOn": "Secret expires on {{time}}", - "secretRotated": "Secret rotated", - "invalidateSecret": "Invalidate", - "secretHasExpired": "Secret has expired, please generate a new one by clicking the \"Regenerate\" button above", - "invalidateRotatedSecret": "Invalidate rotated secret?", - "invalidateRotatedSecretExplain": "After invalidating rotated secret, the rotated secret will be removed automatically ", - "invalidateRotatedSuccess": "Rotated secret successfully removed", - "invalidateRotatedError": "Could not remove rotated secret: {{error}}", - "confirmClientSecretTitle": "Regenerate secret for this client?", - "confirmClientSecretBody": "If you regenerate secret, the Keycloak database will be updated and you will need to download a new adapter for this client.", - "confirmAccessTokenTitle": "Regenerate registration access token?", - "confirmAccessTokenBody": "If you regenerate registration access token, the access data regarding the client registration service will be updated.", - "clientSecretSuccess": "Client secret regenerated", - "clientSecretError": "Could not regenerate client secret due to: {{error}}", - "signingKeysConfig": "Signing keys config", - "signingKeysConfigExplain": "If you enable the \"Client signature required\" below, you must configure the signing keys by generating or importing keys, and the client will sign their saml requests and responses. The signature will be validated.", - "encryptionKeysConfig": "Encryption keys config", - "encryptionKeysConfigExplain": "If you enable the \"Encryption assertions\" below, you must configure the encryption keys by generating or importing keys, and the SAML assertions will be encrypted with the client's public key using AES.", - "enableClientSignatureRequired": "Enable \"Client signature required\"?", - "enableClientSignatureRequiredExplain": "If you enable \"Client signature required\", the adapter of this client will be updated. You may need to download a new adapter for this client. You need to generate or import keys for this client otherwise the authentication will not work.", - "selectMethod": "Select method", - "selectMethodType": { - "generate": "Generate", - "import": "Import" - }, - "realmCertificateAlias": "Realm certificate alias", - "exportSamlKeyTitle": "Export SAML Keys", - "samlKeysExportSuccess": "Successfully exported keys", - "samlKeysExportError": "Could not export keys due to: {{error}}", - "confirm": "Confirm", - "browse": "Browse", - "importKey": "Import key", - "disableSigning": "Disable \"{{key}}\"", - "disableSigningExplain": "If you disable \"{{key}}\", the Keycloak database will be updated and you may need to download a new adapter for this client.", - "reGenerateSigning": "Regenerate signing key for this client", - "reGenerateSigningExplain": "If you regenerate signing key for client, the Keycloak database will be updated and you may need to download a new adapter for this client.", - "registrationAccessToken": "Registration access token", - "accessTokenSuccess": "Access token regenerated", - "accessTokenError": "Could not regenerate access token due to: {{error}}", - "signatureAlgorithm": "Signature algorithm", - "allowRegexComparison": "Allow regex pattern comparison", - "subject": "Subject DN", - "searchForClient": "Search for client", - "advanced": "Advanced", - "revocation": "Revocation", - "clustering": "Clustering", - "notBefore": "Not before", - "setToNow": "Set to now", - "noAdminUrlSet": "No push sent. No admin URI configured or no registered cluster nodes available", - "notBeforeSetToNow": "Not Before set for client", - "notBeforeNowClear": "Not Before cleared for client", - "notBeforePushFail": "Failed to push \"not before\" to: {{failedNodes}}", - "notBeforePushSuccess": "Successfully push \"not before\" to: {{successNodes}}", - "testClusterFail": "Failed verified availability for: {{failedNodes}}. Fix or unregister failed cluster nodes and try again", - "testClusterSuccess": "Successfully verified availability for: {{successNodes}}", - "deleteNode": "Delete node?", - "deleteNodeBody": "Are you sure you want to permanently delete the node \"{{node}}\"", - "deleteNodeSuccess": "Node successfully removed", - "deleteNodeFail": "Could not delete node: '{{error}}'", - "addedNodeSuccess": "Node successfully added", - "addedNodeFail": "Could not add node: '{{error}}'", - "addNode": "Add node", - "push": "Push", - "clear": "Clear", - "nodeReRegistrationTimeout": "Node Re-registration timeout", - "registeredClusterNodes": "Registered cluster nodes", - "nodeHost": "Node host", - "noNodes": "No nodes registered", - "noNodesInstructions": "There are no nodes registered, you can add one manually.", - "lastRegistration": "Last registration", - "testClusterAvailability": "Test cluster availability", - "registerNodeManually": "Register node manually", - "fineGrainOpenIdConnectConfiguration": "Fine grain OpenID Connect configuration", - "fineGrainSamlEndpointConfig": "Fine Grain SAML Endpoint Configuration", - "logoUrl": "Logo URL", - "policyUrl": "Policy URL", - "termsOfServiceUrl": "Terms of service URL", - "accessTokenSignatureAlgorithm": "Access token signature algorithm", - "idTokenSignatureAlgorithm": "ID token signature algorithm", - "idTokenEncryptionKeyManagementAlgorithm": "ID token encryption key management algorithm", - "userInfoResponseEncryptionKeyManagementAlgorithm": "User info response encryption key management algorithm", - "userInfoResponseEncryptionContentEncryptionAlgorithm": "User info response encryption content encryption algorithm", - "idTokenEncryptionContentEncryptionAlgorithm": "ID token encryption content encryption algorithm", - "userInfoSignedResponseAlgorithm": "User info signed response algorithm", - "requestObjectSignatureAlgorithm": "Request object signature algorithm", - "requestObjectRequired": "Request object required", - "requestObject": { - "not required": "Not required", - "request or request_uri": "Request or Request URI", - "request only": "Request only", - "request_uri only": "Request URI only" - }, - "requestObjectEncryption": "Request object encryption algorithm", - "requestObjectEncoding": "Request object content encryption algorithm", - "validRequestURIs": "Valid request URIs", - "addRequestUri": "Add valid request URIs", - "authorizationSignedResponseAlg": "Authorization response signature algorithm", - "authorizationEncryptedResponseAlg": "Authorization response encryption key management algorithm", - "authorizationEncryptedResponseEnc": "Authorization response encryption content encryption algorithm", - "openIdConnectCompatibilityModes": "Open ID Connect Compatibility Modes", - "excludeSessionStateFromAuthenticationResponse": "Exclude Session State From Authentication Response", - "excludeIssuerFromAuthenticationResponse": "Exclude Issuer From Authentication Response", - "useRefreshTokens": "Use refresh tokens", - "useRefreshTokenForClientCredentialsGrant": "Use refresh tokens for client credentials grant", - "useLowerCaseBearerType": "Use lower-case bearer type in token responses", - "assertionConsumerServicePostBindingURL": "Assertion Consumer Service POST Binding URL", - "assertionConsumerServiceRedirectBindingURL": "Assertion Consumer Service Redirect Binding URL", - "logoutServicePostBindingURL": "Logout Service POST Binding URL", - "logoutServiceRedirectBindingURL": "Logout Service Redirect Binding URL", - "logoutServiceSoapBindingUrl": "Logout Service SOAP Binding URL", - "logoutServiceArtifactBindingUrl": "Logout Service ARTIFACT Binding URL", - "artifactBindingUrl": "Artifact Binding URL", - "artifactResolutionService": "Artifact Resolution Service", - "advancedSettings": "Advanced Settings", - "assertionLifespan": "Assertion Lifespan", - "accessTokenLifespan": "Access Token Lifespan", - "clientSessionIdle": "Client Session Idle", - "clientSessionMax": "Client Session Max", - "clientOfflineSessionIdle": "Client Offline Session Idle", - "clientOfflineSessionMax": "Client Offline Session Max", - "oAuthMutual": "OAuth 2.0 Mutual TLS Certificate Bound Access Tokens Enabled", - "oAuthDPoP": "OAuth 2.0 DPoP Bound Access Tokens Enabled", - "keyForCodeExchange": "Proof Key for Code Exchange Code Challenge Method", - "pushedAuthorizationRequestRequired": "Pushed authorization request required", - "acrToLoAMapping": "ACR to LoA Mapping", - "defaultACRValues": "Default ACR Values", - "authenticationOverrides": "Authentication flow overrides", - "browserFlow": "Browser Flow", - "directGrant": "Direct Grant Flow", - "jwksUrlConfig": "JWKS URL configs", - "keysIntro": "If \"Use JWKS URL switch\" is on, you need to fill a valid JWKS URL. After saving, admin can download keys from the JWKS URL or keys will be downloaded automatically by Keycloak server when an unknown KID is seen during client authentication.", - "useJwksUrl": "Use JWKS URL", - "certificate": "Certificate", - "jwksUrl": "JWKS URL", - "generateNewKeys": "Generate new keys", - "generateKeys": "Generate keys?", - "generate": "Generate", - "archiveFormat": "Archive format", - "keyAlias": "Key alias", - "keyPassword": "Key password", - "storePassword": "Store password", - "generateSuccess": "New key pair and certificate generated successfully", - "generateError": "Could not generate new key pair and certificate {{error}}", - "import": "Import", - "importFile": "Import file", - "importSuccess": "New certificate imported", - "importError": "Could not import certificate {{error}}", - "importParseError": "Could not parse the file {{error}}", - "tokenLifespan": { - "inherited": "Inherits from realm settings", - "expires": "Expires in", - "never": "Never expires" - }, - "mappers": "Mappers", - "sessions": "Sessions", - "unsavedChangesTitle": "Unsaved changes", - "unsavedChangesConfirm": "You have unsaved changes. Do you really want to leave the page?" -} diff --git a/js/apps/admin-ui/public/locales/en/common-help.json b/js/apps/admin-ui/public/locales/en/common-help.json deleted file mode 100644 index 9b86e174e7..0000000000 --- a/js/apps/admin-ui/public/locales/en/common-help.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "helpToggleInfo": "This toggle will enable / disable part of the help info in the UI. Includes any help text, links and popovers.", - "showPassword": "Show password field in clear text", - "helpFileUpload": "Upload a JSON file", - "helpFileUploadClient": "Upload a JSON or XML file", - "dragHelp": "Press space or enter to begin dragging, and use the arrow keys to navigate up or down. Press enter to confirm the drag, or any other key to cancel the drag operation." -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/en/common.json b/js/apps/admin-ui/public/locales/en/common.json deleted file mode 100644 index 71b4ae9800..0000000000 --- a/js/apps/admin-ui/public/locales/en/common.json +++ /dev/null @@ -1,219 +0,0 @@ -{ - "fullName": "{{givenName}} {{familyName}}", - "unknownUser": "Anonymous", - "add": "Add", - "yes": "Yes", - "no": "No", - "create": "Create", - "save": "Save", - "revert": "Revert", - "cancel": "Cancel", - "reload": "Reload", - "continue": "Continue", - "close": "Close", - "delete": "Delete", - "reset": "Reset", - "remove": "Remove", - "revoke": "Revoke", - "search": "Search", - "key": "Key", - "value": "Value", - "noSearchResults": "No search results", - "noSearchResultsInstructions": "Click on the search bar above to search", - "clearAllFilters": "Clear all filters", - "next": "Next", - "back": "Back", - "finish": "Finish", - "skipCustomizationAndFinish": "Skip customization and finish", - "export": "Export", - "action": "Action", - "download": "Download", - "resourceFile": "Resource file", - "clear": "Clear", - "clearFile": "Clear this file", - "clearFileExplain": "Are you sure you want to clear this file?", - "on": "On", - "off": "Off", - "edit": "Edit", - "enabled": "Enabled", - "disabled": "Disabled", - "disable": "Disable", - "selectOne": "Select an option", - "select": "Select", - "choose": "Choose...", - "any": "Any", - "none": "None", - "signOut": "Sign out", - "manageAccount": "Manage account", - "serverInfo": "Server info", - "realmInfo": "Realm info", - "help": "Help", - "helpLabel": "More help for '{{label}}'", - "helpEnabled": "Help on", - "helpDisabled": "Help off", - "documentation": "Documentation", - "enableHelpMode": "Enable help mode", - "enableHelp": "Help is enabled", - "learnMore": "Learn more", - "show": "Show", - "hide": "Hide", - "showRemaining": "Show ${remaining}", - "more": "{{count}} more", - "test": "Test", - "testConnection": "Test connection", - "name": "Name", - "role": "Role", - "description": "Description", - "type": "Type", - "category": "Category", - "priority": "Priority", - "unexpectedError": "An unexpected error occurred: '{{error}}'", - "retry": "Press here to refresh and continue", - "plus": "Plus", - "minus": "Minus", - "confirm": "Confirm", - "clientScope": { - "default": "Default", - "optional": "Optional", - "none": "None" - }, - "allTypes": "All types", - "home": "Home", - "manage": "Manage", - "clients": "Clients", - "clientScopes": "Client scopes", - "realmRoles": "Realm roles", - "clientRoles": "Client roles", - "users": "Users", - "groups": "Groups", - "sessions": "Sessions", - "events": "Events", - "mappers": "Mappers", - "permissions": "Permissions", - "permissionsList": "Permission list", - "permissionsListIntro": "Edit the permission list by clicking the scope-name. It then redirects to the permission details page of the client named <1>{{realm}}", - "usersPermissionsHint": "Fine grained permissions for managing all users in realm. You can define different policies for who is allowed to manage users in the realm.", - "clientsPermissionsHint": "Fine grained permissions for administrators that want to manage this client or apply roles defined by this client.", - "groupsPermissionsHint": "Determines if fine grained permissions are enabled for managing this role. Disabling will delete all current permissions that have been set up.", - "rolesPermissionsHint": "Determines if fine grained permissions are enabled for managing this role. Disabling will delete all current permissions that have been set up.", - "identityProvidersPermissionsHint": "Determines if fine grained permissions are enabled for managing this role. Disabling will delete all current permissions that have been set up.", - "permissionsScopeName": "Scope-name", - "permissionsEnabled": "Permissions enabled", - "permissionsDisable": "Disable permissions?", - "permissionsDisableConfirm": "If you disable the permissions, all the permissions in the list below will be delete automatically. In addition, the resources and scopes that are related will be removed", - "scopePermissions": { - "clients": { - "manage-description": "Policies that decide if an administrator can manage this client", - "configure-description": "Reduced management permissions for administrator. Cannot set scope, template, or protocol mappers.", - "view-description": "Policies that decide if an administrator can view this client", - "map-roles-description": "Policies that decide if an administrator can map roles defined by this client", - "map-roles-client-scope-description": "Policies that decide if an administrator can apply roles defined by this client to the client scope of another client", - "map-roles-composite-description": "Policies that decide if an administrator can apply roles defined by this client as a composite to another role", - "token-exchange-description": "Policies that decide which clients are allowed exchange tokens for a token that is targeted to this client." - }, - "users": { - "view-description": "Policies that decide if an administrator can view all users in realm", - "manage-description": "Policies that decide if an administrator can manage all users in the realm", - "map-roles-description": "Policies that decide if administrator can map roles for all users", - "manage-group-membership-description": "Policies that decide if an administrator can manage group membership for all users in the realm. This is used in conjunction with specific group policy", - "impersonate-description": "Policies that decide if administrator can impersonate other users", - "user-impersonated-description": "Policies that decide which users can be impersonated. These policies are applied to the user being impersonated." - }, - "groups": { - "view-description": "Policies that decide if an administrator can view this group", - "manage-description": "Policies that decide if an administrator can manage this group", - "view-members-description": "Policies that decide if an administrator can view the members of this group", - "manage-members-description": "Policies that decide if an administrator can manage the members of this group", - "manage-membership-description": "Policies that decide if an administrator can add or remove users from this group" - }, - "roles": { - "map-role-description": "Policies that decide if an administrator can map this role to a user or group", - "map-role-client-scope-description": "Policies that decide if an administrator can apply this role to the client scope of a client", - "map-role-composite-description": "Policies that decide if an administrator can apply this role as a composite to another role" - }, - "identityProviders": { - "token-exchange-description": "Policies that decide which clients are allowed exchange tokens for an external token minted by this identity provider." - } - }, - "configure": "Configure", - "realmSettings": "Realm settings", - "authentication": "Authentication", - "identityProviders": "Identity providers", - "userFederation": "User federation", - "settings": "Settings", - "details": "Details", - "required": "Required field", - "maxLength": "Max length {{length}}", - "lessThan": "Must be less than {{value}}", - "greaterThan": "Must be greater than {{value}}", - "createRealm": "Create Realm", - "recent": "Recent", - "jumpToSection": "Jump to section", - "Sunday": "Sunday", - "Monday": "Monday", - "Tuesday": "Tuesday", - "Wednesday": "Wednesday", - "Thursday": "Thursday", - "Friday": "Friday", - "Saturday": "Saturday", - "filterByRoles": "Filter by realm roles", - "filterByClients": "Filter by clients", - "assignRole": "Assign role", - "assign": "Assign", - "unAssignRole": "Unassign", - "hideInheritedRoles": "Hide inherited roles", - "assignRolesTo": "Assign roles to {{client}}", - "inherent": "Inherited", - "unitLabel": "Select a time unit", - "times": { - "seconds": "Seconds", - "minutes": "Minutes", - "hours": "Hours", - "days": "Days", - "years": "Years" - }, - "attributes": "Attributes", - "missingAttributes": "No attributes have been defined yet. Click the below button to add attributes, key and value are required for a key pair.", - "addAttribute": "Add an attribute", - "removeAttribute": "Remove attribute", - "keyPlaceholder": "Type a key", - "valuePlaceholder": "Type a value", - "keyError": "A key must be provided.", - "valueError": "A value must be provided.", - "credentials": "Credentials", - "clientId": "Client ID", - "clientName": "Name", - "id": "ID", - "addMapper": "Add mapper", - "createNewMapper": "Create new mapper", - "searchForMapper": "Search for mapper", - "mapperType": "Mapper type", - "mappingDeletedSuccess": "Mapping successfully deleted", - "mappingDeletedError": "Could not delete mapping: '{{error}}'", - "mappingDetails": "Mapper details", - "mappingUpdatedSuccess": "Mapping successfully updated", - "mappingUpdatedError": "Could not update mapping: '{{error}}'", - "mappingCreatedSuccess": "Mapping successfully created", - "mappingCreatedError": "Could not create mapping: '{{error}}'", - "deleteMappingTitle": "Delete mapping?", - "deleteMappingConfirm": "Are you sure you want to delete this mapping?", - "emptyMappers": "No mappers", - "emptyMappersInstructions": "If you want to add mappers, please click the button below to add some predefined mappers or to configure a new mapper.", - "emptyPrimaryAction": "Add predefined mapper", - "leave": "Leave", - "reorder": "Reorder", - "onDragStart": "Dragging started for item {{item}}", - "onDragMove": "Dragging item {{item}}", - "onDragCancel": "Dragging cancelled. List is unchanged.", - "onDragFinish": "Dragging finished {{list}}", - "notFound": "Could not find the resource that you are looking for", - "password": "Password", - "passwordConfirmation": "Password confirmation", - "temporaryPassword": "Temporary", - "temporaryPasswordHelpText": "If enabled, the user must change the password on next login", - "forbidden_one": "Forbidden, permission needed:", - "forbidden_other": "Forbidden, permissions needed:", - "noRealmRolesToAssign": "There are no realm roles to assign", - "loadingRealms": "Loading realms…", - "customAttribute": "Custom Attribute…" -} diff --git a/js/apps/admin-ui/public/locales/en/dashboard.json b/js/apps/admin-ui/public/locales/en/dashboard.json deleted file mode 100644 index 1f85e0534e..0000000000 --- a/js/apps/admin-ui/public/locales/en/dashboard.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "realmName": "{{name}} realm", - "welcome": "Welcome to", - "introduction": "If you want to leave this page and manage this realm, please click the corresponding menu items in the left navigation bar.", - "serverInfo": "Server info", - "version": "Version", - "product": "Product", - "profile": "Profile", - "enabledFeatures": "Enabled features", - "experimental": "Experimental", - "preview": "Preview", - "supported": "Supported", - "infoEnabledFeatures": "Shows enabled preview and experimental features.", - "infoDisabledFeatures": "Shows all disabled features.", - "disabledFeatures": "Disabled features", - "providerInfo": "Provider info", - "providers": "Providers", - "realmInfo": "Realm info", - "spi": "SPI", - "showMore": "Show more", - "showLess": "Show less", - "memory": "Memory", - "totalMemory": "Total memory", - "freeMemory": "Free memory", - "usedMemory": "Used memory" -} diff --git a/js/apps/admin-ui/public/locales/en/dynamic.json b/js/apps/admin-ui/public/locales/en/dynamic.json deleted file mode 100644 index 98c852f33c..0000000000 --- a/js/apps/admin-ui/public/locales/en/dynamic.json +++ /dev/null @@ -1,188 +0,0 @@ -{ - "addMultivaluedLabel": "Add {{fieldLabel}}", - "selectARole": "Select a role", - "selectGroup": "Select group", - "usermodel": { - "prop": { - "label": "Property", - "tooltip": "Name of the property method in the UserModel interface. For example, a value of 'email' would reference the UserModel.getEmail() method." - }, - "attr": { - "label": "User Attribute", - "tooltip": "Name of stored user attribute which is the name of an attribute within the UserModel.attribute map." - }, - "clientRoleMapping": { - "clientId": { - "label": "Client ID", - "tooltip": "Client ID for role mappings. Just client roles of this client will be added to the token. If this is unset, client roles of all clients will be added to the token." - }, - "rolePrefix": { - "label": "Client Role prefix", - "tooltip": "A prefix for each client role (optional)." - }, - "tokenClaimName": { - "tooltip": "Name of the claim to insert into the token. This can be a fully qualified name like 'address.street'. In this case, a nested json object will be created. To prevent nesting and use dot literally, escape the dot with backslash (\\.). The special token ${client_id} can be used and this will be replaced by the actual client ID. Example usage is 'resource_access.${client_id}.roles'. This is useful especially when you are adding roles from all the clients (Hence 'Client ID' switch is unset) and you want client roles of each client stored separately." - } - }, - "realmRoleMapping": { - "rolePrefix": { - "label": "Realm Role prefix", - "tooltip": "A prefix for each Realm Role (optional)." - } - } - }, - "userSession": { - "modelNote": { - "label": "User Session Note", - "tooltip": "Name of stored user session note within the UserSessionModel.note map." - } - }, - "multivalued": { - "label": "Multivalued", - "tooltip": "Indicates if attribute supports multiple values. If true, the list of all values of this attribute will be set as claim. If false, just first value will be set as claim" - }, - "aggregate": { - "attrs": { - "label": "Aggregate attribute values", - "tooltip": "Indicates if attribute values should be aggregated with the group attributes. If using OpenID Connect mapper the multivalued option needs to be enabled too in order to get all the values. Duplicated values are discarded and the order of values is not guaranteed with this option." - } - }, - "selectRole": { - "label": "Select Role", - "tooltip": "Enter role in the textbox to the left, or click this button to browse and select the role you want." - }, - "tokenClaimName": { - "label": "Token Claim Name", - "tooltip": "Name of the claim to insert into the token. This can be a fully qualified name like 'address.street'. In this case, a nested json object will be created. To prevent nesting and use dot literally, escape the dot with backslash (\\.)." - }, - "jsonType": { - "label": "Claim JSON Type", - "tooltip": "JSON type that should be used to populate the json claim in the token. long, int, boolean, String and JSON are valid values." - }, - "includeInIdToken": { - "label": "Add to ID token", - "tooltip": "Should the claim be added to the ID token?" - }, - "includeInAccessToken": { - "label": "Add to access token", - "tooltip": "Should the claim be added to the access token?" - }, - "includeInAccessTokenResponse": { - "label": "Add to access token response", - "tooltip": "Should the claim be added to the access token response? Should only be used for informative and non-sensitive data" - }, - "includeInUserInfo": { - "label": "Add to userinfo", - "tooltip": "Should the claim be added to the userinfo?" - }, - "sectorIdentifierUri": { - "label": "Sector Identifier URI", - "tooltip": "Providers that use pairwise sub values and support Dynamic Client Registration SHOULD use the sector_identifier_uri parameter. It provides a way for a group of websites under common administrative control to have consistent pairwise sub values independent of the individual domain names. It also provides a way for Clients to change redirect_uri domains without having to reregister all their users." - }, - "pairwiseSubAlgorithmSalt": { - "label": "Salt", - "tooltip": "Salt used when calculating the pairwise subject identifier. If left blank, a salt will be generated." - }, - "addressClaim": { - "street": { - "label": "User Attribute Name for Street", - "tooltip": "Name of User Attribute, which will be used to map to 'street_address' subclaim inside 'address' token claim. Defaults to 'street' ." - }, - "locality": { - "label": "User Attribute Name for Locality", - "tooltip": "Name of User Attribute, which will be used to map to 'locality' subclaim inside 'address' token claim. Defaults to 'locality' ." - }, - "region": { - "label": "User Attribute Name for Region", - "tooltip": "Name of User Attribute, which will be used to map to 'region' subclaim inside 'address' token claim. Defaults to 'region' ." - }, - "postal_code": { - "label": "User Attribute Name for Postal Code", - "tooltip": "Name of User Attribute, which will be used to map to 'postal_code' subclaim inside 'address' token claim. Defaults to 'postal_code' ." - }, - "country": { - "label": "User Attribute Name for Country", - "tooltip": "Name of User Attribute, which will be used to map to 'country' subclaim inside 'address' token claim. Defaults to 'country' ." - }, - "formatted": { - "label": "User Attribute Name for Formatted Address", - "tooltip": "Name of User Attribute, which will be used to map to 'formatted' subclaim inside 'address' token claim. Defaults to 'formatted' ." - } - }, - "included": { - "client": { - "audience": { - "label": "Included Client Audience", - "tooltip": "The Client ID of the specified audience client will be included in audience (aud) field of the token. If there are existing audiences in the token, the specified value is just added to them. It won't override existing audiences." - } - }, - "custom": { - "audience": { - "label": "Included Custom Audience", - "tooltip": "This is used just if 'Included Client Audience' is not filled. The specified value will be included in audience (aud) field of the token. If there are existing audiences in the token, the specified value is just added to them. It won't override existing audiences." - } - } - }, - "name-id-format": "Name ID Format", - "mapper": { - "nameid": { - "format": { - "tooltip": "Name ID Format using Mapper" - } - } - }, - "client-scopes-condition": { - "label": "Expected Scopes", - "tooltip": "The list of expected client scopes. Condition evaluates to true if specified client request matches some of the client scopes. It depends also whether it should be default or optional client scope based on the 'Scope Type' configured." - }, - "client-accesstype": { - "label": "Client Access Type", - "tooltip": "Access Type of the client, for which the condition will be applied." - }, - "client-roles": { - "label": "Client Roles" - }, - "client-roles-condition": { - "tooltip": "Client roles, which will be checked during this condition evaluation. Condition evaluates to true if client has at least one client role with the name as the client roles specified in the configuration." - }, - "client-updater-source-groups": { - "label": "Groups", - "tooltip": "Name of groups to check. Condition evaluates to true if the entity, who creates/updates client is member of some of the specified groups. Configured groups are specified by their simple name, which must match to the name of the Keycloak group. No support for group hierarchy is used here." - }, - "client-updater-trusted-hosts": { - "label": "Trusted hosts", - "tooltip": "List of Hosts, which are trusted. In case that client registration/update request comes from the host/domain specified in this configuration, condition evaluates to true. You can use hostnames or IP addresses. If you use star at the beginning (for example '*.example.com' ) then whole domain example.com will be trusted." - }, - "client-updater-source-roles": { - "label": "Updating entity role", - "tooltip": "The condition is checked during client registration/update requests and it evaluates to true if the entity (usually user), who is creating/updating client is member of the specified role. For reference the realm role, you can use the realm role name like 'my_realm_role' . For reference client role, you can use the client_id.role_name for example 'my_client.my_client_role' will refer to client role 'my_client_role' of client 'my_client'." - }, - "allowed-client-scopes": { - "label": "Allowed Client Scopes", - "tooltip": "Whitelist of the client scopes, which can be used on a newly registered client. Attempt to register client with some client scope, which is not whitelisted, will be rejected. By default, the whitelist is either empty or contains just realm default client scopes (based on 'Allow Default Scopes' configuration property)" - }, - "allow-default-scopes": { - "label": "Allow Default Scopes", - "tooltip": "If on, newly registered clients will be allowed to have client scopes mentioned in realm default client scopes or realm optional client scopes" - }, - "allowed-protocol-mappers": { - "label": "Allowed Protocol Mappers", - "tooltip": "Whitelist of allowed protocol mapper providers. If there is an attempt to register client, which contains some protocol mappers, which were not whitelisted, registration request will be rejected." - }, - "max-clients": { - "label": "Max Clients Per Realm", - "tooltip": "It will not be allowed to register a new client if count of existing clients in realm is same or bigger than the configured limit." - }, - "trusted-hosts": { - "label": "Trusted Hosts", - "tooltip": "List of Hosts, which are trusted and are allowed to invoke Client Registration Service and/or be used as values of Client URIs. You can use hostnames or IP addresses. If you use star at the beginning (for example '*.example.com' ) then whole domain example.com will be trusted." - }, - "host-sending-registration-request-must-match": { - "label": "Host Sending Client Registration Request Must Match", - "tooltip": "If on, any request to Client Registration Service is allowed just if it was sent from some trusted host or domain." - }, - "client-uris-must-match": { - "label": "Client URIs Must Match", - "tooltip": "If on, all Client URIs (Redirect URIs and others) are allowed just if they match some trusted host or domain." - } -} diff --git a/js/apps/admin-ui/public/locales/en/events.json b/js/apps/admin-ui/public/locales/en/events.json deleted file mode 100644 index cf28fd2b98..0000000000 --- a/js/apps/admin-ui/public/locales/en/events.json +++ /dev/null @@ -1,36 +0,0 @@ -{ - "title": "Events", - "eventExplain": "Events are records of user and admin events in this realm. To configure the tracking of these events, go to <1>Event configs.", - "eventConfigs": "Event configs", - "userEvents": "User events", - "adminEvents": "Admin events", - "searchForUserEvent": "Search user event", - "searchForAdminEvent": "Search admin event", - "refresh": "Refresh", - "emptyEvents": "No events logged", - "emptyEventsInstructions": "Configure event logging in the realm settings", - "time": "Time", - "user": "User", - "userId": "User ID", - "username": "User name", - "email": "Email", - "eventType": "Event type", - "ipAddress": "IP address", - "client": "Client", - "dateFrom": "Date(from)", - "dateTo": "Date(to)", - "searchUserEventsBtn": "Search events", - "searchAdminEventsBtn": "Search admin events", - "realm": "Realm", - "resourcePath": "Resource path", - "resourceType": "Resource type", - "resourceTypes": "Resource types", - "operationType": "Operation type", - "operationTypes": "Operation types", - "auth": "Auth", - "attribute": "Attribute", - "value": "Value", - "representation": "Representation", - "noUserDetails": "No user details", - "resetBtn": "Reset" -} diff --git a/js/apps/admin-ui/public/locales/en/groups.json b/js/apps/admin-ui/public/locales/en/groups.json deleted file mode 100644 index ada2fdddb2..0000000000 --- a/js/apps/admin-ui/public/locales/en/groups.json +++ /dev/null @@ -1,71 +0,0 @@ -{ - "groups": "Groups", - "groupDetails": "Group details", - "childGroups": "Child groups", - "createGroup": "Create group", - "createChildGroup": "Create child group", - "groupName": "Group name", - "searchForGroups": "Search for groups", - "searchFor": "Search for:", - "global": "Global", - "local": "Local", - "searchGroups": "Search groups", - "filterGroups": "Filter groups", - "searchGroup": "Search group", - "renameGroup": "Rename group", - "deleteGroup": "Delete group", - "leave": "Leave group", - "usersLeft_one": "{{count}} user left the group", - "usersLeft_other": "{{count}} users left the group", - "usersLeftError": "Could not remove users from the group: {{error}}", - "usersAdded_one": "{{count}} user added to the group", - "usersAdded_other": "{{count}} users added to the group", - "usersAddedError": "Could not add users to the group: {{error}}", - "search": "Search", - "exactSearch": "Exact search", - "members": "Members", - "searchMembers": "Search members", - "addMember": "Add member", - "includeSubGroups": "Include sub-group users", - "path": "Path", - "moveTo": "Move to", - "moveToGroup": "Move {{group1}} to {{group2}}", - "root": "Root", - "moveHere": "Move here", - "moveGroupEmpty": "No sub groups", - "moveGroupEmptyInstructions": "There are no sub groups, select 'Move here' to move the selected group as a subgroup of this group", - "moveGroupSuccess": "Group moved", - "moveGroupError": "Could not move group {{error}}", - "tableOfGroups": "Table of groups", - "groupsDescription": "A group is a set of attributes and role mappings that can be applied to a user. You can create, edit, and delete groups and manage their child-parent organization.", - "groupCreated": "Group created", - "couldNotCreateGroup": "Could not create group {{error}}", - "createAGroup": "Create a group", - "renameAGroup": "Rename group", - "create": "Create", - "rename": "Rename", - "email": "Email", - "lastName": "Last name", - "firstName": "First name", - "membership": "Membership", - "noSearchResults": "No search results", - "noSearchResultsInstructions": "Click on the search bar above to search for groups", - "noGroupsInThisRealm": "No groups in this realm", - "noGroupsInThisRealmInstructions": "You haven't created any groups in this realm. Create a group to get started.", - "noGroupsInThisSubGroup": "No groups in this sub group", - "noGroupsInThisSubGroupInstructions": "You haven't created any groups in this sub group.", - "deleteConfirmTitle_one": "Delete group?", - "deleteConfirmTitle_other": "Delete groups?", - "deleteConfirm_one": "Are you sure you want to delete this group '{{groupName}}'.", - "deleteConfirm_other": "Are you sure you want to delete these groups.", - "groupDeleted_one": "Group deleted", - "groupDeleted_other": "Groups deleted", - "groupDeleteError": "Error deleting group {{error}}", - "attributes": "Attributes", - "groupUpdated": "Group updated", - "groupUpdateError": "Error updating group {{error}}", - "roleMapping": "Role mapping", - "noRoles": "No roles for this group", - "noRolesInstructions": "You haven't created any roles for this group. Create a role to get started.", - "noViewRights": "You do not have rights to view this group." -} diff --git a/js/apps/admin-ui/public/locales/en/identity-providers-help.json b/js/apps/admin-ui/public/locales/en/identity-providers-help.json deleted file mode 100644 index 1ab8608f6c..0000000000 --- a/js/apps/admin-ui/public/locales/en/identity-providers-help.json +++ /dev/null @@ -1,104 +0,0 @@ -{ - "redirectURI": "The redirect uri to use when configuring the identity provider.", - "alias": "The alias uniquely identifies an identity provider and it is also used to build the redirect uri.", - "displayName": "Friendly name for Identity Providers.", - "clientId": "The client identifier registered with the identity provider.", - "clientSecret": "The client secret registered with the identity provider. This field is able to obtain its value from vault, use ${vault.ID} format.", - "displayOrder": "Number defining the order of the providers in GUI (for example, on the Login page). The lowest number will be applied first.", - "endpoints": "Shows the configuration of the Service Provider endpoint", - "useDiscoveryEndpoint": "If this setting is enabled, the discovery endpoint will be used to fetch the provider config. Keycloak can load the config from the endpoint and automatically update the config if the source has any updates", - "discoveryEndpoint": "Import metadata from a remote IDP discovery descriptor.", - "importConfig": "Import metadata from a downloaded IDP discovery descriptor.", - "passLoginHint": "Pass login_hint to identity provider.", - "passMaxAge": "Pass max_age to identity provider.", - "passCurrentLocale": "Pass the current locale to the identity provider as a ui_locales parameter.", - "logoutUrl": "End session endpoint to use to logout user from external IDP.", - "backchannelLogout": "Does the external IDP support backchannel logout?", - "disableNonce": "Do not send the nonce parameter in the authentication request. The nonce parameter is sent and verified by default.", - "disableUserInfo": "Disable usage of User Info service to obtain additional user information? Default is to use this OIDC service.", - "isAccessTokenJWT": "The Access Token received from the Identity Provider is a JWT and its claims will be accessible for mappers.", - "userInfoUrl": "The User Info Url. This is optional.", - "issuer": "The issuer identifier for the issuer of the response. If not provided, no validation will be performed.", - "scopes": "The scopes to be sent when asking for authorization. It can be a space-separated list of scopes. Defaults to 'openid'.", - "prompt": "Specifies whether the Authorization Server prompts the End-User for re-authentication and consent.", - "acceptsPromptNone": "This is just used together with Identity Provider Authenticator or when kc_idp_hint points to this identity provider. In case that client sends a request with prompt=none and user is not yet authenticated, the error will not be directly returned to client, but the request with prompt=none will be forwarded to this identity provider.", - "validateSignature": "Enable/disable signature validation of external IDP signatures.", - "useJwksUrl": "If the switch is on, identity provider public keys will be downloaded from given JWKS URL. This allows great flexibility because new keys will be always re-downloaded again when identity provider generates new keypair. If the switch is off, public key (or certificate) from the Keycloak DB is used, so when the identity provider keypair changes, you always need to import the new key to the Keycloak DB as well.", - "validatingPublicKey": "The public key in PEM format that must be used to verify external IDP signatures.", - "validatingPublicKeyId": "Explicit ID of the validating public key given above if the key ID. Leave blank if the key above should be used always, regardless of key ID specified by external IDP; set it if the key should only be used for verifying if the key ID from external IDP matches.", - "jwksUrl": "URL where identity provider keys in JWK format are stored. See JWK specification for more details. If you use external Keycloak identity provider, you can use URL like 'http://broker-keycloak:8180/realms/test/protocol/openid-connect/certs' assuming your brokered Keycloak is running on 'http://broker-keycloak:8180' and its realm is 'test' .", - "pkceEnabled": "Use PKCE (Proof of Key-code exchange) for IdP Brokering", - "pkceMethod": "PKCE Method to use", - "allowedClockSkew": "Clock skew in seconds that is tolerated when validating identity provider tokens. Default value is zero.", - "attributeConsumingServiceIndex": "Index of the Attribute Consuming Service profile to request during authentication.", - "attributeConsumingServiceName": "Name of the Attribute Consuming Service profile to advertise in the SP metadata.", - "forwardParameters": "Non OpenID Connect/OAuth standard query parameters to be forwarded to external IDP from the initial application request to Authorization Endpoint. Multiple parameters can be entered, separated by comma (,).", - "clientAuthentication": "The client authentication method (cfr. https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication). In case of JWT signed with private key, the realm private key is used.", - "clientAssertionSigningAlg": "Signature algorithm to create JWT assertion as client authentication. In the case of JWT signed with private key or Client secret as jwt, it is required. If no algorithm is specified, the following algorithm is adapted. RS256 is adapted in the case of JWT signed with private key. HS256 is adapted in the case of Client secret as jwt.", - "storeTokens": "Enable/disable if tokens must be stored after authenticating users.", - "storedTokensReadable": "Enable/disable if new users can read any stored tokens. This assigns the broker.read-token role.", - "trustEmail": "If enabled, email provided by this provider is not verified even if verification is enabled for the realm.", - "accountLinkingOnly": "If true, users cannot log in through this provider. They can only link to this provider. This is useful if you don't want to allow login from the provider, but want to integrate with a provider", - "hideOnLoginPage": "If hidden, login with this provider is possible only if requested explicitly, for example using the 'kc_idp_hint' parameter.", - "filteredByClaim": "If true, ID tokens issued by the identity provider must have a specific claim. Otherwise, the user can not authenticate through this broker.", - "claimFilterName": "Name of the essential claim", - "claimFilterValue": "Value of the essential claim (with regex support)", - "firstBrokerLoginFlowAlias": "Alias of authentication flow, which is triggered after first login with this identity provider. Term 'First Login' means that no Keycloak account is currently linked to the authenticated identity provider account.", - "postBrokerLoginFlowAlias": "Alias of authentication flow, which is triggered after each login with this identity provider. Useful if you want additional verification of each user authenticated with this identity provider (for example OTP). Leave this to \"None\" if you need no any additional authenticators to be triggered after login with this identity provider. Also note that authenticator implementations must assume that user is already set in ClientSession as identity provider already set it.", - "syncMode": "Default sync mode for all mappers. The sync mode determines when user data will be synced using the mappers. Possible values are: 'legacy' to keep the behaviour before this option was introduced, 'import' to only import the user once during first login of the user with this identity provider, 'force' to always update the user during every login with this identity provider.", - "serviceProviderEntityId": "The Entity ID that will be used to uniquely identify this SAML Service Provider.", - "identityProviderEntityId": "The Entity ID used to validate the Issuer for received SAML assertions. If empty, no Issuer validation is performed.", - "useEntityDescriptor": "Import metadata from a remote IDP SAML entity descriptor.", - "samlEntityDescriptor": "Allows you to load external IDP metadata from a config file or to download it from a URL.", - "ssoServiceUrl": "The Url that must be used to send authentication requests (SAML AuthnRequest).", - "singleLogoutServiceUrl": "The Url that must be used to send logout requests.", - "nameIdPolicyFormat": "Specifies the URI reference corresponding to a name identifier format.", - "principalType": "Way to identify and track external users from the assertion. Default is using Subject NameID, alternatively you can set up identifying attribute.", - "principalAttribute": "Name or Friendly Name of the attribute used to identify external users.", - "allowCreate": "Allow the external identity provider to create a new identifier to represent the principal.", - "httpPostBindingResponse": "Indicates whether to respond to requests using HTTP-POST binding. If false, HTTP-REDIRECT binding will be used.", - "httpPostBindingAuthnRequest": "Indicates whether the AuthnRequest must be sent using HTTP-POST binding. If false, HTTP-REDIRECT binding will be used.", - "httpPostBindingLogout": "Indicates whether to respond to requests using HTTP-POST binding. If false, HTTP-REDIRECT binding will be used.", - "wantAuthnRequestsSigned": "Indicates whether the identity provider expects a signed AuthnRequest.", - "signatureAlgorithm": "The signature algorithm to use to sign documents. Note that 'SHA1' based algorithms are deprecated and can be removed in the future. It is recommended to stick to some more secure algorithm instead of '*_SHA1'", - "encryptionAlgorithm": "Encryption algorithm, which is used by SAML IDP for encryption of SAML documents, assertions or IDs. The corresponding decryption key for decrypt SAML document parts will be chosen based on this configured algorithm and should be available in realm keys for the encryption (ENC) usage. If algorithm is not configured, then any supported algorithm is allowed and decryption key will be chosen based on the algorithm configured in SAML document itself.", - "samlSignatureKeyName": "Signed SAML documents contain identification of signing key in KeyName element. For Keycloak / RH-SSO counter-party, use KEY_ID, for MS AD FS use CERT_SUBJECT, for others check and use NONE if no other option works.", - "wantAssertionsSigned": "Indicates whether this service provider expects a signed Assertion.", - "wantAssertionsEncrypted": "Indicates whether this service provider expects an encrypted Assertion.", - "forceAuthentication": "Indicates whether the identity provider must authenticate the presenter directly rather than rely on a previous security context.", - "validateSignatures": "Enable/disable signature validation of SAML responses.", - "validatingX509Certs": "The certificate in PEM format that must be used to check for signatures. Multiple certificates can be entered, separated by comma (,).", - "signServiceProviderMetadata": "Enable/disable signature of the provider SAML metadata.", - "passSubject": "During login phase, forward an optional login_hint query parameter to SAML AuthnRequest's Subject.", - "comparison": "Specifies the comparison method used to evaluate the requested context classes or statements. The default is \"Exact\".", - "authnContextClassRefs": "Ordered list of requested AuthnContext ClassRefs.", - "authnContextDeclRefs": "Ordered list of requested AuthnContext DeclRefs.", - "addIdpMapperName": "Name of the mapper.", - "syncModeOverride": "Overrides the default sync mode of the IDP for this mapper. Values are: 'legacy' to keep the behaviour before this option was introduced, 'import' to only import the user once during first login of the user with this identity provider, 'force' to always update the user during every login with this identity provider and 'inherit' to use the sync mode defined in the identity provider for this mapper.", - "advancedAttributeToRole": "If the set of attributes exists and can be matched, grant the user the specified realm or client role.", - "usernameTemplateImporter": "Format the username to import.", - "hardcodedUserSessionAttribute": "When a user is imported from a provider, hardcode a value to a specific user session attribute.", - "externalRoleToRole": "Looks for an external role in a keycloak access token. If external role exists, grant the user the specified realm or client role.", - "advancedClaimToRole": "If all claims exist, grant the user the specified realm or client role.", - "claimToRole": "If a claim exists, grant the user the specified realm or client role.", - "oidcAttributeImporter": "Import declared claim if it exists in ID, access token, or the claim set returned by the user profile endpoint into the specified user property or attribute.", - "attributeImporter": "Import declared SAML attribute if it exists in assertion into the specified user property or attribute.", - "hardcodedRole": "When user is imported from provider, hardcode a role mapping for it.", - "hardcodedAttribute": "When user is imported from provider, hardcode a value to a specific user attribute.", - "samlAttributeToRole": "If an attribute exists, grant the user the specified realm or client role.", - "template": "Template to use to format the username to import. Substitutions are enclosed in ${}. For example: '${ALIAS}.${CLAIM.sub}'. ALIAS is the provider alias. CLAIM. references an ID or Access token claim. The substitution can be converted to upper or lower case by appending |uppercase or |lowercase to the substituted value, e.g. '${CLAIM.sub | lowercase}", - "target": "Destination field for the mapper. LOCAL (default) means that the changes are applied to the username stored in local database upon user import. BROKER_ID and BROKER_USERNAME means that the changes are stored into the ID or username used for federation user lookup, respectively.", - "userSessionAttribute": "Name of user session attribute you want to hardcode", - "userAttribute": "Name of user attribute you want to hardcode", - "claim": "Name of claim to search for in token. You can reference nested claims by using a '.', i.e. 'address.locality'. To use dot (.) literally, escape it with backslash. (\\.)", - "socialProfileJSONFieldPath": "Path of field in Social Provider User Profile JSON data to get value from. You can use dot notation for nesting and square brackets for array index. E.g. 'contact.address[0].country'.", - "userAttributeValue": "Value you want to hardcode", - "attributeName": "Name of attribute to search for in assertion. You can leave this blank and specify a friendly name instead.", - "friendlyName": "Friendly name of attribute to search for in assertion. You can leave this blank and specify a name instead.", - "userAttributeName": "User attribute name to store SAML attribute. Use email, lastName, and firstName to map to those predefined user properties.", - "socialUserAttributeName": "User attribute name to store information.", - "attributeValue": "Value the attribute must have. If the attribute is a list, then the value must be contained in the list.", - "attributes": "Name and (regex) value of the attributes to search for in token. The configured name of an attribute is searched in SAML attribute name and attribute friendly name fields. Every given attribute description must be met to set the role. If the attribute is an array, then the value must be contained in the array. If an attribute can be found several times, then one match is sufficient.", - "regexAttributeValues": "If enabled attribute values are interpreted as regular expressions.", - "role": "Role to grant to user if all attributes are present. Click 'Select Role' button to browse roles, or just type it in the textbox. To reference a client role the syntax is clientname.clientrole, i.e. myclient.myrole" -} diff --git a/js/apps/admin-ui/public/locales/en/identity-providers.json b/js/apps/admin-ui/public/locales/en/identity-providers.json deleted file mode 100644 index 86be9a1161..0000000000 --- a/js/apps/admin-ui/public/locales/en/identity-providers.json +++ /dev/null @@ -1,187 +0,0 @@ -{ - "listExplain": "Identity providers are social networks or identity brokers that allow users to authenticate to Keycloak.", - "searchForProvider": "Search for provider", - "providerDetails": "Provider details", - "addProvider": "Add provider", - "addMapper": "Add mapper", - "addIdPMapper": "Add Identity Provider Mapper", - "editIdPMapper": "Edit Identity Provider Mapper", - "mappersList": "Mappers list", - "noMappers": "No Mappers", - "noMappersInstructions": "There are currently no mappers for this identity provider.", - "searchForMapper": "Search for mapper", - "addKeycloakOpenIdProvider": "Add Keycloak OpenID Connect provider", - "addOpenIdProvider": "Add OpenID Connect provider", - "addSamlProvider": "Add SAML provider", - "manageDisplayOrder": "Manage display order", - "deleteProvider": "Delete provider?", - "deleteProviderMapper": "Delete mapper?", - "deleteConfirm": "Are you sure you want to permanently delete the provider '{{provider}}'?", - "deleteMapperConfirm": "Are you sure you want to permanently delete the mapper {{mapper}}?", - "deleteMapperSuccess": "Mapper successfully deleted.", - "deletedSuccess": "Provider successfully deleted.", - "deleteError": "Could not delete the provider {{error}}", - "disableProvider": "Disable provider?", - "disableConfirm": "Are you sure you want to disable the provider '{{provider}}'", - "disableSuccess": "Provider successfully disabled", - "disableError": "Could not disable the provider {{error}}", - "updateSuccess": "Provider successfully updated", - "updateError": "Could not update the provider {{error}}", - "getStarted": "To get started, select a provider from the list below.", - "addIdentityProvider": "Add {{provider}} provider", - "redirectURI": "Redirect URI", - "clientId": "Client ID", - "clientSecret": "Client Secret", - "displayOrder": "Display order", - "endpoints": "Endpoints", - "samlEndpointsLabel": "SAML 2.0 Service Provider Metadata", - "createSuccess": "Identity provider successfully created", - "createError": "Could not create the identity provider: {{error}}", - "orderDialogIntro": "The order that the providers are listed in the login page or the Account UI. You can drag the row handles to change the order.", - "manageOrderTableAria": "List of identity providers in the order listed on the login page", - "orderChangeSuccess": "Successfully changed display order of identity providers", - "orderChangeError": "Could not change display order of identity providers {{error}}", - "alias": "Alias", - "displayName": "Display name", - "useDiscoveryEndpoint": "Use discovery endpoint", - "discoveryEndpoint": "Discovery endpoint", - "useEntityDescriptor": "Use entity descriptor", - "samlEntityDescriptor": "SAML entity descriptor", - "ssoServiceUrl": "Single Sign-On service URL", - "singleLogoutServiceUrl": "Single logout service URL", - "nameIdPolicyFormat": "NameID policy format", - "persistent": "Persistent", - "transient": "Transient", - "email": "Email", - "kerberos": "Kerberos", - "x509": "X.509 Subject Name", - "windowsDomainQN": "Windows Domain Qualified Name", - "unspecified": "Unspecified", - "principalType": "Principal type", - "principalAttribute": "Principal attribute", - "allowCreate": "Allow create", - "subjectNameId": "Subject NameID", - "attributeName": "Attribute [Name]", - "attributeFriendlyName": "Attribute [Friendly Name]", - "claim": "Claim", - "claimValue": "Claim Value", - "claims": "Claims", - "socialProfileJSONFieldPath": "Social Profile JSON Field Path", - "mapperAttributeName": "Attribute Name", - "mapperUserAttributeName": "User Attribute Name", - "mapperAttributeFriendlyName": "Friendly name", - "httpPostBindingResponse": "HTTP-POST binding response", - "httpPostBindingAuthnRequest": "HTTP-POST binding for AuthnRequest", - "httpPostBindingLogout": "HTTP-POST binding logout", - "wantAuthnRequestsSigned": "Want AuthnRequests signed", - "signatureAlgorithm": "Signature algorithm", - "encryptionAlgorithm": "Encryption Algorithm", - "samlSignatureKeyName": "SAML signature key name", - "wantAssertionsSigned": "Want Assertions signed", - "wantAssertionsEncrypted": "Want Assertions encrypted", - "forceAuthentication": "Force authentication", - "validatingX509Certs": "Validating X509 certificates", - "signServiceProviderMetadata": "Sign service provider metadata", - "passSubject": "Pass subject", - "serviceProviderEntityId": "Service provider entity ID", - "identityProviderEntityId": "Identity provider entity ID", - "importConfig": "Import config from file", - "showMetaData": "Show metadata", - "hideMetaData": "Hide metadata", - "noValidMetaDataFound": "No valid metadata was found at this URL: '{{error}}'", - "advanced": "Advanced", - "metadataOfDiscoveryEndpoint": "Metadata of the discovery endpoint", - "authorizationUrl": "Authorization URL", - "passLoginHint": "Pass login_hint", - "passMaxAge": "Pass max_age", - "passCurrentLocale": "Pass current locale", - "tokenUrl": "Token URL", - "logoutUrl": "Logout URL", - "backchannelLogout": "Backchannel logout", - "disableNonce": "Disable nonce", - "disableUserInfo": "Disable user info", - "isAccessTokenJWT": "Access Token is JWT", - "userInfoUrl": "User Info URL", - "issuer": "Issuer", - "scopes": "Scopes", - "prompt": "Prompt", - "prompts": { - "unspecified": "Unspecified", - "none": "None", - "consent": "Consent", - "login": "Login", - "select_account": "Select account" - }, - "clientAuthentication": "Client authentication", - "clientAuthentications": { - "client_secret_post": "Client secret sent as post", - "client_secret_basic": "Client secret sent as basic auth", - "client_secret_jwt": "Client secret as jwt", - "private_key_jwt": "JWT signed with private key" - }, - "clientAssertionSigningAlg": "Client asserion signature algorithm", - "algorithmNotSpecified": "Algorithm not specified", - "acceptsPromptNone": "Accepts prompt=none forward from client", - "validateSignature": "Validate Signatures", - "useJwksUrl": "Use JWKS URL", - "validatingPublicKey": "Validating public key", - "validatingPublicKeyId": "Validating public key id", - "jwksUrl": "JWKS URL", - "pkceEnabled": "Use PKCE", - "pkceMethod": "PKCE Method", - "allowedClockSkew": "Allowed clock skew", - "attributeConsumingServiceIndex": "Attribute Consuming Service Index", - "attributeConsumingServiceName": "Attribute Consuming Service Name", - "forwardParameters": "Forwarded query parameters", - "generalSettings": "General settings", - "oidcSettings": "OpenID Connect settings", - "samlSettings": "SAML settings", - "advancedSettings": "Advanced settings", - "reqAuthnConstraints": "Requested AuthnContext Constraints", - "keyID": "KEY_ID", - "NONE": "NONE", - "certSubject": "CERT_SUBJECT", - "storeTokens": "Store tokens", - "storedTokensReadable": "Stored tokens readable", - "comparison": "Comparison", - "authnContextClassRefs": "AuthnContext ClassRefs", - "addAuthnContextClassRef": "Add AuthnContext ClassRef", - "authnContextDeclRefs": "AuthnContext DeclRefs", - "addAuthnContextDeclRef": "Add AuthnContext DeclRef", - "trustEmail": "Trust Email", - "accountLinkingOnly": "Account linking only", - "hideOnLoginPage": "Hide on login page", - "filteredByClaim": "Verify essential claim", - "claimFilterName": "Essential claim", - "claimFilterValue": "Essential claim value", - "firstBrokerLoginFlowAlias": "First login flow", - "postBrokerLoginFlowAlias": "Post login flow", - "syncMode": "Sync mode", - "syncModes": { - "inherit": "Inherit", - "import": "Import", - "legacy": "Legacy", - "force": "Force" - }, - "syncModeOverride": "Sync mode override", - "mapperType": "Mapper type", - "regexAttributeValues": "Regex Attribute Values", - "regexClaimValues": "Regex Claim Values", - "selectRole": "Select role", - "mapperCreateSuccess": "Mapper created successfully.", - "mapperCreateError": "Error creating mapper.", - "mapperSaveSuccess": "Mapper saved successfully.", - "mapperSaveError": "Error saving mapper: {{error}}", - "userAttribute": "User Attribute", - "attributeValue": "Attribute Value", - "userAttributeValue": "User Attribute Value", - "userSessionAttribute": "User Session Attribute", - "userSessionAttributeValue": "User Session Attribute Value", - "template": "Template", - "target": "Target", - "targetOptions": { - "local": "LOCAL", - "brokerId": "BROKER_ID", - "brokerUsername": "BROKER_USERNAME" - } -} diff --git a/js/apps/admin-ui/public/locales/en/realm-settings-help.json b/js/apps/admin-ui/public/locales/en/realm-settings-help.json deleted file mode 100644 index f4a43ec9f0..0000000000 --- a/js/apps/admin-ui/public/locales/en/realm-settings-help.json +++ /dev/null @@ -1,102 +0,0 @@ -{ - "fromDisplayName": "A user-friendly name for the 'From' address (optional).", - "replyToDisplayName": "A user-friendly name for the 'Reply-To' address (optional).", - "envelopeFrom": "An email address used for bounces (optional).", - "password": "SMTP password. This field is able to obtain its value from vault, use ${vault.ID} format.", - "frontendUrl": "Set the frontend URL for the realm. Use in combination with the default hostname provider to override the base URL for frontend requests for a specific realm.", - "requireSsl": "Is HTTPS required? 'None' means HTTPS is not required for any client IP address. 'External requests' means localhost and private IP addresses can access without HTTPS. 'All requests' means HTTPS is required for all IP addresses.", - "userManagedAccess": "If enabled, users are allowed to manage their resources and permissions using the Account Management UI.", - "userProfileEnabled": "If enabled, allows managing user profiles.", - "endpoints": "Shows the configuration of the protocol endpoints", - "loginTheme": "Select theme for login, OTP, grant, registration and forgot password pages.", - "accountTheme": "Select a theme for the user account management console.", - "adminTheme": "Select a theme for administration console.", - "emailTheme": "Select a theme for emails that are sent by the server.", - "displayName": "Display name of provider when linked in Admin UI", - "priority": "Priority of the provider", - "enabled": "Set if the keys are enabled", - "active": "Set if the keys can be used for signing", - "AESKeySize": "Size in bytes for the generated AES key. Size 16 is for AES-128, Size 24 for AES-192, and Size 32 for AES-256. WARN: Bigger keys than 128 are not allowed on some JDK implementations.", - "save-user-events": "If enabled, user events are saved to the database, which makes events available to the admin and account management UIs.", - "save-admin-events": "If enabled, admin events are saved to the database, which makes events available to the Admin UI.", - "expiration": "Sets the expiration for events. Expired events are periodically deleted from the database.", - "admin-clearEvents": "Deletes all admin events in the database.", - "includeRepresentation": "Include JSON representation for create and update requests.", - "user-clearEvents": "Deletes all user events in the database.", - "ellipticCurve": "Elliptic curve used in ECDSA", - "secretSize": "Size in bytes for the generated secret", - "keySize": "Size for the generated keys", - "algorithm": "Intended algorithm for the key", - "keystore": "Path to keys file", - "keystorePassword": "Password for the keys", - "keyAlias": "Alias for the private key", - "keyPassword": "Password for the private key", - "privateRSAKey": "Private RSA Key encoded in PEM format", - "x509Certificate": "X509 Certificate encoded in PEM format", - "xFrameOptions": "Default value prevents pages from being included by non-origin iframes <1>Learn more", - "contentSecurityPolicy": "Default value prevents pages from being included by non-origin iframes <1>Learn more", - "contentSecurityPolicyReportOnly": "For testing Content Security Policies <1>Learn more", - "xContentTypeOptions": "Default value prevents Internet Explorer and Google Chrome from MIME-sniffing a response away from the declared content-type <1>Learn more", - "xRobotsTag": "Prevent pages from appearing in search engines <1>Learn more", - "xXSSProtection": "This header configures the Cross-site scripting (XSS) filter in your browser. Using the default behaviour, the browser will prevent rendering of the page when a XSS attack is detected. <1>Learn more", - "strictTransportSecurity": "The Strict-Transport-Security HTTP header tells browsers to always use HTTPS. Once a browser sees this header, it will only visit the site over HTTPS for the time specified (1 year) at max-age, including the subdomains. <1>Learn more", - "failureFactor": "How many failures before wait is triggered.", - "permanentLockout": "Lock the user permanently when the user exceeds the maximum login failures.", - "waitIncrementSeconds": "When failure threshold has been met, how much time should the user be locked out?", - "maxFailureWaitSeconds": "Max time a user will be locked out.", - "maxDeltaTimeSeconds": "When will failure count be reset?", - "quickLoginCheckMilliSeconds": "If a failure happens concurrently too quickly, lock out the user.", - "minimumQuickLoginWaitSeconds": "How long to wait after a quick login failure.", - "ssoSessionIdle": "Time a session is allowed to be idle before it expires. Tokens and browser sessions are invalidated when a session is expired.", - "ssoSessionMax": "Max time before a session is expired. Tokens and browser sessions are invalidated when a session is expired.", - "ssoSessionIdleRememberMe": "Time a remember me session is allowed to be idle before it expires. Tokens and browser sessions are invalidated when a session is expired. If not set it uses the standard SSO Session Idle value.", - "ssoSessionMaxRememberMe": "Max time before a session is expired when a user has set the remember me option. Tokens and browser sessions are invalidated when a session is expired. If not set it uses the standard SSO Session Max value.", - "clientSessionIdle": "Time a client session is allowed to be idle before it expires. Tokens are invalidated when a client session is expired. The option does not affect the global user SSO session. If not set, it uses the standard SSO Session Idle value.", - "clientSessionMax": "Max time before a client session is expired. Tokens are invalidated when a session is expired. The option does not affect the global user SSO session. If not set, it uses the standard SSO Session Max value.", - "offlineSessionIdle": "Time an offline session is allowed to be idle before it expires. You need to use offline token to refresh at least once within this period; otherwise offline session will expire.", - "offlineSessionMaxLimited": "Enable offline session max", - "offlineSessionMax": "Max time before an offline session is expired regardless of activity.", - "loginTimeout": "Max time a user has to complete a login. This is recommended to be relatively long, such as 30 minutes or more", - "loginActionTimeout": "Max time a user has to complete login related actions like update password or configure totp. This is recommended to be relatively long, such as 5 minutes or more", - "defaultSigAlg": "Default algorithm used to sign tokens for the realm", - "revokeRefreshToken": "If enabled a refresh token can only be used up to 'Refresh Token Max Reuse' and is revoked when a different token is used. Otherwise refresh tokens are not revoked when used and can be used multiple times.", - "refreshTokenMaxReuse": "Maximum number of times a refresh token can be reused. When a different token is used, revocation is immediate.", - "accessTokenLifespan": "Max time before an access token is expired. This value is recommended to be short relative to the SSO timeout", - "accessTokenLifespanImplicitFlow": "Max time before an access token issued during OpenID Connect Implicit Flow is expired. This value is recommended to be shorter than the SSO timeout. There is no possibility to refresh token during implicit flow, that's why there is a separate timeout different to 'Access Token Lifespan'", - "clientLoginTimeout": "Max time a client has to finish the access token protocol. This should normally be 1 minute.", - "userInitiatedActionLifespan": "Maximum time before an action permit sent by a user (such as a forgot password e-mail) is expired. This value is recommended to be short because it's expected that the user would react to self-created action quickly.", - "defaultAdminInitiatedActionLifespan": "Maximum time before an action permit sent to a user by administrator is expired. This value is recommended to be long to allow administrators to send e-mails for users that are currently offline. The default timeout can be overridden immediately before issuing the token.", - "oAuthDeviceCodeLifespan": "Max time before the device code and user code are expired. This value needs to be a long enough lifetime to be usable (allowing the user to retrieve their secondary device, navigate to the verification URI, login, etc.), but should be sufficiently short to limit the usability of a code obtained for phishing.", - "oAuthDevicePollingInterval": "The minimum amount of time in seconds that the client should wait between polling requests to the token endpoint.", - "shortVerificationUriTooltip": "If set, this value will be return as verification_uri in Device Authorization flow. This uri need to redirect to {server-root}/realms/{realm}/device", - "overrideActionTokens": "Override default settings of maximum time before an action permit sent by a user (such as a forgot password e-mail) is expired for specific action. This value is recommended to be short because it's expected that the user would react to self-created action quickly.", - "internationalization": "If enabled, you can choose which locales you support for this realm and which locale is the default.", - "supportedLocales": "The locales to support for this realm. The user chooses one of these locales on the login screen.", - "defaultLocale": "The initial locale to use. It is used on the login screen and other screens in the Admin UI and Account UI.", - "conditions": "Conditions, which will be evaluated to determine if client policy should be applied during particular action or not.", - "clientProfiles": "Client profiles applied on this policy.", - "anyClient": "The condition is satisfied by any client on any event.", - "clientAccessType": "It uses the client's access type (confidential, public, bearer-only) to determine whether the policy is applied. Condition is checked during most of OpenID Connect requests (Authorization requests, token requests, introspection endpoint request, etc.)", - "clientAccesstypeTooltip": "Access Type of the client, for which the condition will be applied.", - "clientRoles": "The condition checks whether one of the specified client roles exists on the client to determine whether the policy is applied. This effectively allows client administrator to create client role of specified name on the client to make sure that particular client policy will be applied on requests of this client. Condition is checked during most of OpenID Connect requests (Authorization requests, token requests, introspection endpoint request, etc.)", - "clientRolesConditionTooltip": "Client roles, which will be checked during this condition evaluation. Condition evaluates to true if client has at least one client role with the name as the client roles specified in the configuration.", - "clientScopes": "It uses the scopes requested or assigned in advance to the client to determine whether the policy is applied to this client. Condition is evaluated during OpenID Connect authorization request and/or token request.", - "clientScopesConditionTooltip": "The list of expected client scopes. Condition evaluates to true if specified client request matches some of the client scopes. It depends also whether it should be default or optional client scope based on the 'Scope Type' configured.", - "clientUpdaterContext": "The condition checks the context how is client created/updated to determine whether the policy is applied. For example it checks if client is created with admin REST API or OIDC dynamic client registration. And for the letter case if it is ANONYMOUS client registration or AUTHENTICATED client registration with Initial access token or Registration access token and so on.", - "clientUpdaterSourceGroups": "The condition checks the group of the entity who tries to create/update the client to determine whether the policy is applied.", - "clientUpdaterSourceGroupsTooltip": "Name of groups to check. Condition evaluates to true if the entity, who creates/updates client is member of some of the specified groups. Configured groups are specified by their simple name, which must match to the name of the Keycloak group. No support for group hierarchy is used here.", - "clientUpdaterSourceHost": "The condition checks the host/domain of the entity who tries to create/update the client to determine whether the policy is applied.", - "clientUpdaterTrustedHostsTooltip": "List of Hosts, which are trusted. In case that client registration/update request comes from the host/domain specified in this configuration, condition evaluates to true. You can use hostnames or IP addresses. If you use star at the beginning (for example '*.example.com' ) then whole domain example.com will be trusted.", - "clientUpdaterSourceRoles": "The condition checks the role of the entity who tries to create/update the client to determine whether the policy is applied.", - "clientUpdaterSourceRolesTooltip": "The condition is checked during client registration/update requests and it evaluates to true if the entity (usually user), who is creating/updating client is member of the specified role. For reference the realm role, you can use the realm role name like 'my_realm_role' . For reference client role, you can use the client_id.role_name for example 'my_client.my_client_role' will refer to client role 'my_client_role' of client 'my_client'. ", - "defaultGroups": "Default groups allow you to automatically assign groups membership whenever any new user is created or imported through <1>identity brokering.", - "attributeGeneralSettingsDescription": "This section contains a few basic settings common to all attributes.", - "attributeNameHelp": "The name of the attribute.", - "attributeDisplayNameHelp": "Display name for the attribute. Supports keys for localized values as well. For example: ${profile.attribute.phoneNumber}.", - "attributeGroupHelp": "user.profile.attribute.group.tooltip", - "requiredHelp": "Set the attribute as required. If enabled, the attribute must be set by users and administrators. Otherwise, the attribute is optional.", - "attributePermissionDescription": "This section contains permissions for who can edit and who can view the attribute.", - "whoCanEditHelp": "If enabled, users or administrators can view and edit the attribute. Otherwise, users or administrators don't have access to write to the attribute.", - "whoCanViewHelp": "If enabled, users or administrators can view the attribute. Otherwise, users or administrators don't have access to the attribute.", - "editUsername": "If enabled, the username field is editable, readonly otherwise." -} diff --git a/js/apps/admin-ui/public/locales/en/realm-settings.json b/js/apps/admin-ui/public/locales/en/realm-settings.json deleted file mode 100644 index eaa9fe78e7..0000000000 --- a/js/apps/admin-ui/public/locales/en/realm-settings.json +++ /dev/null @@ -1,918 +0,0 @@ -{ - "createGroupText": "Create attributes group", - "editGroupText": "Edit attributes group", - "tableTitle": "Attributes groups", - "columnName": "Name", - "columnDisplayName": "Display name", - "columnDisplayDescription": "Display description", - "emptyStateMessage": "No attributes groups", - "emptyStateInstructions": "If you want to add an attributes group click the button below.", - "deleteDialogTitle": "Delete attribute group?", - "deleteDialogDescription": "Are you sure you want to permanently delete the attributes group <1>{{group}}?", - "deleteSuccess": "Attributes group deleted.", - "deleteAttributeGroupError": "Could not delete user attributes group: {{error}}", - "nameField": "Name", - "nameHint": "A unique name for the group. This name will be used to reference the group when binding an attribute to a group.", - "displayHeaderField": "Display name", - "displayHeaderHint": "A user-friendly name for the group that should be used when rendering a group of attributes in user-facing forms. Supports keys for localized values as well. For example: ${profile.attribute.group.address}.", - "displayDescriptionField": "Display description", - "displayDescriptionHint": "A text that should be used as a tooltip when rendering user-facing forms.", - "annotationsText": "Annotations", - "inputType": "Input type", - "inputHelperTextBefore": "Helper text (above) the input field", - "inputHelperTextAfter": "Helper text (under) the input field", - "inputOptionLabelsI18nPrefix": "Internationalization key prefix", - "inputTypePlaceholder": "Input placeholder", - "inputTypeSize": "Input size", - "inputTypeCols": "Input cols", - "inputTypeRows": "Input rows", - "inputTypeStep": "Input step size", - "removeAnnotationText": "Remove annotation", - "keyPlaceholder": "Type a key", - "keyLabel": "Key", - "valuePlaceholder": "Type a value", - "valueLabel": "Value", - "realmSettingsExplain": "Realm settings are settings that control the options for users, applications, roles, and groups in the current realm.", - "partialImport": "Partial import", - "partialExport": "Partial export", - "deleteRealm": "Delete realm", - "deleteConfirmTitle": "Delete realm?", - "dragInstruction": "Click and drag to change priority", - "deleteConfirm": "If you delete this realm, all associated data will be removed.", - "deleteProviderTitle": "Delete key provider?", - "deleteProviderConfirm": "Are you sure you want to permanently delete the key provider {{provider}}?", - "deleteProviderSuccess": "Success. The provider has been deleted.", - "deleteProviderError": "Error deleting the provider", - "deletedSuccess": "The realm has been deleted", - "deleteError": "Could not delete realm: {{error}}", - "deleteConditionSuccess": "The condition has been deleted", - "disableConfirmTitle": "Disable realm?", - "disableConfirm": "User and clients can't access the realm if it's disabled. Are you sure you want to continue?", - "disablePolicyConfirmTitle": "Disable policy?", - "disablePolicyConfirm": "Users and clients can't access the policy if it's disabled. Are you sure you want to continue?", - "editProvider": "Edit provider", - "editableRowsTable": "Editable rows table", - "saveSuccess": "Realm successfully updated", - "saveProviderSuccess": "The provider has been saved successfully.", - "saveProviderListSuccess": "The priority of the provider has been updated successfully.", - "saveProviderError": "Error saving provider: {{error}}", - "saveError": "Realm could not be updated: {{error}}", - "general": "General", - "login": "Login", - "themes": "Themes", - "events": "Events", - "eventListeners": "Event listeners", - "eventListenersHelpText": "Configure what listeners receive events for the realm.", - "saveEventListeners": "Save Event Listeners", - "saveEventListenersSuccess": "Event listener has been updated.", - "saveEventListenersError": "Error saving event listener: {{error}}", - "userEventsSettings": "User events settings", - "adminEventsSettings": "Admin events settings", - "saveEvents": "Save events", - "expiration": "Expiration", - "clearUserEvents": "Clear user events", - "clearAdminEvents": "Clear admin events", - "includeRepresentation": "Include representation", - "email": "Email", - "template": "Template", - "connectionAndAuthentication": "Connection & Authentication", - "from": "From", - "fromDisplayName": "From display name", - "replyTo": "Reply to", - "replyToDisplayName": "Reply to display name", - "envelopeFrom": "Envelope from", - "host": "Host", - "port": "Port", - "encryption": "Encryption", - "authentication": "Authentication", - "enableSSL": "Enable SSL", - "enableStartTLS": "Enable StartTLS", - "username": "Username", - "password": "Password", - "keys": "Keys", - "keysList": "Keys list", - "searchKey": "Search key", - "keystore": "Keystore", - "keystorePassword": "Keystore password", - "keyAlias": "Key alias", - "keyPassword": "Key password", - "providers": "Providers", - "algorithm": "Algorithm", - "use": "Use", - "aesGenerated": "aes-generated", - "ecdsaGenerated": "ecdsca-generated", - "hmacGenerated": "hmac-generated", - "javaKeystore": "java-keystore", - "rsa": "rsa", - "rsaGenerated": "rsa-generated", - "uiDisplayName": "UI Display Name", - "AESKeySize": "AES Key Size", - "active": "Active", - "privateRSAKey": "Private RSA Key", - "filenamePlaceholder": "Upload a PEM file or paste key below", - "x509Certificate": "X509 Certificate", - "ellipticCurve": "Elliptic Curve", - "secretSize": "Secret size", - "keySize": "Key size", - "type": "Type", - "name": "Name", - "providerId": "ID", - "kid": "Kid", - "provider": "Provider", - "providerDescription": "Provider description", - "addProvider": "Add provider", - "publicKeys": "Public keys", - "keysFilter": { - "ACTIVE": "Active keys", - "PASSIVE": "Passive keys", - "DISABLED": "Disabled keys" - }, - "noKeys": "No keys", - "noKeysDescription": "You haven't created any active keys", - "certificate": "Certificate", - "userRegistration": "User registration", - "loginScreenCustomization": "Login screen customization", - "registrationAllowed": "User registration", - "userRegistrationHelpText": "Enable/disable the registration page. A link for registration will show on login page too.", - "resetPasswordAllowed": "Forgot password", - "forgotPassword": "Forgot password", - "forgotPasswordHelpText": "Show a link on login page for user to click when they have forgotten their credentials.", - "rememberMe": "Remember me", - "rememberMeHelpText": "Show checkbox on login page to allow user to remain logged in between browser restarts until session expires.", - "emailSettings": "Email settings", - "registrationEmailAsUsername": "Email as username", - "emailAsUsernameHelpText": "Allow users to set email as username.", - "loginWithEmailAllowed": "Login with email", - "loginWithEmailHelpText": "Allow users to log in with their email address.", - "duplicateEmailsAllowed": "Duplicate emails", - "duplicateEmailsHelpText": "Allow multiple users to have the same email address. Changing this setting will also clear the user's cache. It is recommended to manually update email constraints of existing users in the database after switching off support for duplicate email addresses.", - "verifyEmail": "Verify email", - "verifyEmailHelpText": "Require user to verify their email address after initial login or after address changes are submitted.", - "userInfoSettings": "User info settings", - "editUsernameAllowed": "Edit username", - "enableSwitchSuccess": "{{switch}} changed successfully", - "enableSwitchError": "Could not enable / disable due to {{error}}", - "testingConnection": "Testing connection", - "testConnectionHint": { - "withEmail": "When testing the connection an e-mail will be sent to the current user ({{email}}).", - "withoutEmail": "To test the connection you must first configure an e-mail address for the current user ({{userName}}).", - "withoutEmailAction": "Configure e-mail address" - }, - "testConnectionSuccess": "Success! SMTP connection successful. E-mail was sent!", - "testConnectionError": "Error! {{error}}", - "realmId": "Realm ID", - "displayName": "Display name", - "htmlDisplayName": "HTML Display name", - "frontendUrl": "Frontend URL", - "requireSsl": "Require SSL", - "sslType": { - "all": "All requests", - "external": "External requests", - "none": "None" - }, - "selectATheme": "Select a theme", - "placeholderText": "Select one", - "userManagedAccess": "User-managed access", - "userProfileEnabled": "User Profile Enabled", - "endpoints": "Endpoints", - "openIDEndpointConfiguration": "OpenID Endpoint Configuration", - "samlIdentityProviderMetadata": "SAML 2.0 Identity Provider Metadata", - "loginTheme": "Login theme", - "accountTheme": "Account theme", - "adminTheme": "Admin theme", - "emailTheme": "Email theme", - "internationalization": "Internationalization", - "localization": "Localization", - "sessions": "Sessions", - "SSOSessionSettings": "SSO Session Settings", - "SSOSessionIdle": "SSO Session Idle", - "SSOSessionMax": "SSO Session Max", - "SSOSessionIdleRememberMe": "SSO Session Idle Remember Me", - "SSOSessionMaxRememberMe": "SSO Session Max Remember Me", - "clientSessionSettings": "Client session settings", - "clientSessionIdle": "Client Session Idle", - "clientSessionMax": "Client Session Max", - "offlineSessionSettings": "Offline session settings", - "offlineSessionIdle": "Offline Session Idle", - "offlineSessionMaxLimited": "Offline Session Max Limited", - "offlineSessionMax": "Offline Session Max", - "loginSettings": "Login settings", - "loginTimeout": "Login timeout", - "loginActionTimeout": "Login action timeout", - "refreshTokens": "Refresh tokens", - "accessTokens": "Access tokens", - "actionTokens": "Action tokens", - "overrideActionTokens": "Override Action Tokens", - "defaultSigAlg": "Default Signature Algorithm", - "revokeRefreshToken": "Revoke Refresh Token", - "refreshTokenMaxReuse": "Refresh Token Max Reuse", - "accessTokenLifespan": "Access Token Lifespan", - "accessTokenLifespanImplicitFlow": "Access Token Lifespan For Implicit Flow", - "clientLoginTimeout": "Client Login Timeout", - "userInitiatedActionLifespan": "User-Initiated Action Lifespan", - "defaultAdminInitiated": "Default Admin-Initiated Action Lifespan", - "oAuthDeviceCodeLifespan": "OAuth 2.0 Device Code Lifespan", - "oAuthDevicePollingInterval": "OAuth 2.0 Device Polling Interval", - "shortVerificationUri": "Short verification_uri in Device Authorization flow", - "emailVerification": "Email Verification", - "idpAccountEmailVerification": "IdP account email verification", - "executeActions": "Execute actions", - "clientPolicies": "Client policies", - "noClientPolicies": "No client policies", - "noClientPoliciesInstructions": "There are no client policies. Select 'Create client policy' to create a new client policy.", - "createPolicy": "Create client policy", - "createClientPolicy": "Create client policy", - "createClientPolicySuccess": "New policy created", - "updateClientPolicySuccess": "Client policy updated", - "createClientPolicyError": "Could not create policy due to: {{error}}", - "createClientConditionSuccess": "Condition created successfully.", - "createClientConditionError": "Error creating condition: {{error}}", - "updateClientConditionSuccess": "Condition updated successfully.", - "deleteClientConditionSuccess": "Condition deleted successfully.", - "deleteClientConditionError": "Error creating condition: {{error}}", - "clientPolicySearch": "Search client policy", - "policiesConfigType": "Configure via:", - "policiesConfigTypes": { - "formView": "Form view", - "jsonEditor": "JSON editor" - }, - "deleteClientPolicy": "Delete client policy", - "deleteClientPolicyConfirmTitle": "Delete policy?", - "deleteClientPolicyConfirm": "This action will permanently delete the policy {{policyName}}. This cannot be undone.", - "deleteClientPolicySuccess": "Client policy deleted", - "deleteClientPolicyError": "Could not delete policy: {{error}}", - "profiles": "Profiles", - "policies": "Policies", - "clientPoliciesProfilesHelpText": "Client Profile allows to setup set of executors, which are enforced for various actions done with the client. Actions can be admin actions like creating or updating client, or user actions like authentication to the client.", - "clientPoliciesProfiles": "Client Policies Profiles", - "clientPoliciesPoliciesHelpText": "Client Policy allows to bind client profiles with various conditions to specify when exactly is enforced behavior specified by executors of the particular client profile.", - "clientPoliciesPolicies": "Client Policies Policies", - "clientPoliciesTab": "Client policies tab", - "clientProfilesSubTab": "Client profiles subtab", - "clientPoliciesSubTab": "Client policies subtab", - "profilesConfigType": "Configure via:", - "profilesConfigTypes": { - "formView": "Form view", - "jsonEditor": "JSON editor" - }, - "clientProfileSearch": "Search", - "searchProfile": "Search profile", - "clientProfileName": "Client profile name", - "clientProfileDescription": "Description", - "emptyClientProfiles": "No profiles", - "emptyClientProfilesInstructions": "There are no profiles, select 'Create client profile' to create a new client profile", - "deleteClientProfileConfirmTitle": "Delete profile?", - "deleteClientProfileConfirm": "This action will permanently delete the profile {{profileName}}. This cannot be undone.", - "deleteClientSuccess": "Client profile deleted", - "deleteClientError": "Could not delete profile: {{error}}", - "deleteClientPolicyProfileConfirmTitle": "Delete profile?", - "deleteClientPolicyProfileConfirm": "This action will permanently delete {{profileName}} from the policy {{policyName}}. This cannot be undone.", - "deleteClientPolicyProfileSuccess": "Profile successfully removed from the policy.", - "deleteClientPolicyProfileError": "Could not delete profile from the policy: {{error}}", - "createClientProfile": "Create client profile", - "deleteClientProfile": "Delete this client profile", - "createClientProfileSuccess": "New client profile created", - "updateClientProfileSuccess": "Client profile updated successfully", - "createClientProfileError": "Could not create client profile: '{{error}}'", - "addClientProfileSuccess": "New client profile added", - "addClientProfileError": "Could not create client profile: '{{error}}'", - "createClientProfileNameHelperText": "The name must be unique within the realm", - "newClientProfile": "Create client profile", - "newClientProfileName": "Client profile name", - "clientProfile": "Client profile details", - "executorDetails": "Executor details", - "back": "Back", - "delete": "delete", - "save": "Save", - "reload": "Reload", - "global": "Global", - "description": "description", - "executors": "Executors", - "executorsHelpText": "Executors, which will be applied for this client profile", - "executorsHelpItem": "Executors help item", - "addExecutor": "Add executor", - "executorType": "Executor type", - "executorTypeSwitchHelpText": "Executor Type Switch Help Text", - "executorTypeSelectHelpText": "Executor Type Select Help Text", - "executorTypeSelectAlgorithm": "Executor Type Select Algorithm", - "executorTypeTextHelpText": "Executor Type Text Help Text", - "executorAuthenticatorMultiSelectHelpText": "Executor Authenticator MultiSelect Help Text", - "executorClientAuthenticator": "Executor Client Authenticator", - "executorsTable": "Executors table", - "executorName": "Name", - "emptyExecutors": "No executors configured", - "addExecutorSuccess": "Success! Executor created successfully", - "addExecutorError": "Executor not created", - "updateExecutorSuccess": "Executor updated successfully", - "updateExecutorError": "Executor not updated", - "deleteExecutorProfileConfirmTitle": "Delete executor?", - "deleteExecutorProfileConfirm": "The action will permanently delete {{executorName}}. This cannot be undone.", - "deleteExecutorSuccess": "Success! The executor was deleted.", - "deleteExecutorError": "Could not delete executor: {{error}}", - "updateClientProfilesSuccess": "The client profiles configuration was updated", - "updateClientProfilesError": "Provided JSON is incorrect: Unexpected token { in JSON", - "deleteClientPolicyConditionConfirmTitle": "Delete condition?", - "deleteClientPolicyConditionConfirm": "This action will permanently delete {{condition}}. This cannot be undone.", - "selectACondition": "Select a condition", - "conditions": "Conditions", - "conditionType": "Condition type", - "policyDetails": "Policy details", - "anyClient": "The condition is satisfied by any client on any event.", - "clientAccesstype": "Client Access Type", - "clientRoles": "Client Roles", - "clientScopesCondition": "Expected Scopes", - "updateClientContext": "Update Client Context", - "clientUpdaterSourceGroups": "Groups", - "clientUpdaterTrustedHosts": "Trusted Hosts", - "clientUpdaterSourceRoles": "Updating entity role", - "conditionsHelpItem": "Conditions help item", - "addCondition": "Add condition", - "editCondition": "Edit condition", - "emptyConditions": "No conditions configured", - "updateClientPoliciesSuccess": "The client policies configuration was updated", - "updateClientPoliciesError": "Provided JSON is incorrect: Unexpected token { in JSON", - "clientProfiles": "Client profiles", - "clientProfilesHelpItem": "Client profiles help item", - "addClientProfile": "Add client profile", - "emptyProfiles": "No client profiles configured", - "tokens": "Tokens", - "userProfile": "User profile", - "jsonEditor": "JSON editor", - "attributes": "Attributes", - "attributesGroup": "Attributes group", - "invalidJsonError": "Unable to save user profile, the provided information is not valid JSON.", - "userProfileSuccess": "User profile settings successfully updated.", - "userProfileError": "Could not update user profile settings: {{error}}", - "status": "Status", - "recommendedSsoTimeout": "It is recommended for this value to be shorter than the SSO session idle timeout: {{time}}", - "supportedLocales": "Supported locales", - "defaultLocale": "Default locale", - "selectLocales": "Select locales", - "searchForMessageBundle": "Search for message bundle", - "addMessageBundle": "Add message bundle", - "addMessageBundleSuccess": "Success! The message bundle has been added.", - "deleteMessageBundleSuccess": "Successfully removed the message from the bundle", - "deleteMessageBundleError": "Error removing the message from the bundle, {{error}}", - "rowEditBtnAriaLabel": "Edit {{messageBundle}}", - "rowSaveBtnAriaLabel": "Save edits for {{messageBundle}}", - "rowCancelBtnAriaLabel": "Cancel edits for {{messageBundle}}", - "updateMessageBundleSuccess": "Success! Message bundle updated.", - "updateMessageBundleError": "Error updating message bundle.", - "addMessageBundleError": "Error creating message bundle, {{error}}", - "allGroups": "All groups", - "attributeName": "Name", - "attributeDisplayName": "Display name", - "attributeGroup": "Attribute group", - "enabledWhen": "Enabled when", - "required": "Required", - "requiredFor": "Required for", - "requiredWhen": "Required when", - "requiredForLabel": { - "both": "Both users and admins", - "users": "Only users", - "admins": "Only admins" - }, - "whoCanEdit": "Who can edit?", - "whoCanView": "Who can view?", - "user": "User", - "admin": "Admin", - "addValidator": "Add validator", - "validatorType": "Validator type", - "addValidatorRole": "Add {{validatorName}} validator", - "validatorDialogColNames": { - "colName": "Role name", - "colDescription": "Description" - }, - "validatorColNames": { - "colName": "Validator name", - "colConfig": "Config" - }, - "deleteValidatorConfirmTitle": "Delete validator?", - "deleteValidatorConfirmMsg": "Are you sure you want to permanently delete the validator {{validatorName}}?", - "validatorDeletedSuccess": "Success! User Profile configuration has been saved.", - "validatorDeletedError": "Error saving User Profile: {{error}}", - "emptyValidators": "No validators.", - "updatedUserProfileSuccess": "User Profile configuration has been saved", - "updatedUserProfileError": "User Profile configuration hasn't been saved", - "createAttribute": "Create attribute", - "editAttribute": "Edit attribute", - "createAttributeSubTitle": "Create a new attribute", - "createAttributeSuccess": "Success! User Profile configuration has been saved.", - "createAttributeError": "Error! User Profile configuration has not been saved {{error}}.", - "attributesDropdown": "Attributes dropdown", - "deleteAttributeConfirmTitle": "Delete attribute?", - "deleteAttributeConfirm": "Are you sure you want to permanently delete the attribute {{attributeName}}?", - "deleteAttributeSuccess": "Attribute deleted", - "deleteAttributeError": "Attribute not deleted", - "always": "Always", - "scopesAsRequested": "Scopes are requested", - "generalSettings": "General settings", - "permission": "Permission", - "validations": "Validations", - "annotations": "Annotations", - "addAnnotationText": "Add annotation", - "validateName": "Attribute configuration without name is not allowed.", - "eventType": "Event saved type", - "searchEventType": "Search saved event type", - "addSavedTypes": "Add saved types", - "addTypes": "Add types", - "eventTypes": { - "SEND_RESET_PASSWORD": { - "name": "Send reset password", - "description": "Send reset password" - }, - "UPDATE_CONSENT_ERROR": { - "name": "Update consent error", - "description": "Update consent error" - }, - "GRANT_CONSENT": { - "name": "Grant consent", - "description": "Grant consent" - }, - "REMOVE_TOTP": { - "name": "Remove totp", - "description": "Remove totp" - }, - "REVOKE_GRANT": { - "name": "Revoke grant", - "description": "Revoke grant" - }, - "UPDATE_TOTP": { - "name": "Update totp", - "description": "Update totp" - }, - "LOGIN_ERROR": { - "name": "Login error", - "description": "Login error" - }, - "CLIENT_LOGIN": { - "name": "Client login", - "description": "Client login" - }, - "RESET_PASSWORD_ERROR": { - "name": "Reset password error", - "description": "Reset password error" - }, - "IMPERSONATE_ERROR": { - "name": "Impersonate error", - "description": "Impersonate error" - }, - "CODE_TO_TOKEN_ERROR": { - "name": "Code to token error", - "description": "Code to token error" - }, - "CUSTOM_REQUIRED_ACTION": { - "name": "Custom required action", - "description": "Custom required action" - }, - "RESTART_AUTHENTICATION": { - "name": "Restart authentication", - "description": "Restart authentication" - }, - "IMPERSONATE": { - "name": "Impersonate", - "description": "Impersonate" - }, - "UPDATE_PROFILE_ERROR": { - "name": "Update profile error", - "description": "Update profile error" - }, - "LOGIN": { - "name": "Login", - "description": "Login" - }, - "UPDATE_PASSWORD_ERROR": { - "name": "Update password error", - "description": "Update password error" - }, - "CLIENT_INITIATED_ACCOUNT_LINKING": { - "name": "Client initiated account linking", - "description": "Client initiated account linking" - }, - "TOKEN_EXCHANGE": { - "name": "Token exchange", - "description": "Token exchange" - }, - "LOGOUT": { - "name": "Logout", - "description": "Logout" - }, - "REGISTER": { - "name": "Register", - "description": "Register" - }, - "DELETE_ACCOUNT_ERROR": { - "name": "Delete account error", - "description": "Delete account error" - }, - "CLIENT_REGISTER": { - "name": "Client register", - "description": "Client register" - }, - "IDENTITY_PROVIDER_LINK_ACCOUNT": { - "name": "Identity provider link account", - "description": "Identity provider link account" - }, - "DELETE_ACCOUNT": { - "name": "Delete account", - "description": "Delete account" - }, - "UPDATE_PASSWORD": { - "name": "Update password", - "description": "Update password" - }, - "CLIENT_DELETE": { - "name": "Client delete", - "description": "Client delete" - }, - "FEDERATED_IDENTITY_LINK_ERROR": { - "name": "Federated identity link error", - "description": "Federated identity link error" - }, - "IDENTITY_PROVIDER_FIRST_LOGIN": { - "name": "Identity provider first login", - "description": "Identity provider first login" - }, - "CLIENT_DELETE_ERROR": { - "name": "Client delete error", - "description": "Client delete error" - }, - "VERIFY_EMAIL": { - "name": "Verify email", - "description": "Verify email" - }, - "CLIENT_LOGIN_ERROR": { - "name": "Client login error", - "description": "Client login error" - }, - "RESTART_AUTHENTICATION_ERROR": { - "name": "Restart authentication error", - "description": "Restart authentication error" - }, - "EXECUTE_ACTIONS": { - "name": "Execute actions", - "description": "Execute actions" - }, - "REMOVE_FEDERATED_IDENTITY_ERROR": { - "name": "Remove federated identity error", - "description": "Remove federated identity error" - }, - "TOKEN_EXCHANGE_ERROR": { - "name": "Token exchange error", - "description": "Token exchange error" - }, - "PERMISSION_TOKEN": { - "name": "Permission token", - "description": "Permission token" - }, - "SEND_IDENTITY_PROVIDER_LINK_ERROR": { - "name": "Send identity provider link error", - "description": "Send identity provider link error" - }, - "EXECUTE_ACTION_TOKEN_ERROR": { - "name": "Execute action token error", - "description": "Execute action token error" - }, - "SEND_VERIFY_EMAIL": { - "name": "Send verify email", - "description": "Send verify email" - }, - "EXECUTE_ACTIONS_ERROR": { - "name": "Execute actions error", - "description": "Execute actions error" - }, - "REMOVE_FEDERATED_IDENTITY": { - "name": "Remove federated identity", - "description": "Remove federated identity" - }, - "IDENTITY_PROVIDER_POST_LOGIN": { - "name": "Identity provider post login", - "description": "Identity provider post login" - }, - "IDENTITY_PROVIDER_LINK_ACCOUNT_ERROR": { - "name": "Identity provider link account error", - "description": "Identity provider link account error" - }, - "UPDATE_EMAIL": { - "name": "Update email", - "description": "Update email" - }, - "REGISTER_ERROR": { - "name": "Register error", - "description": "Register error" - }, - "REVOKE_GRANT_ERROR": { - "name": "Revoke grant error", - "description": "Revoke grant error" - }, - "EXECUTE_ACTION_TOKEN": { - "name": "Execute action token", - "description": "Execute action token" - }, - "LOGOUT_ERROR": { - "name": "Logout error", - "description": "Logout error" - }, - "UPDATE_EMAIL_ERROR": { - "name": "Update email error", - "description": "Update email error" - }, - "CLIENT_UPDATE_ERROR": { - "name": "Client update error", - "description": "Client update error" - }, - "UPDATE_PROFILE": { - "name": "Update profile", - "description": "Update profile" - }, - "CLIENT_REGISTER_ERROR": { - "name": "Client register error", - "description": "Client register error" - }, - "FEDERATED_IDENTITY_LINK": { - "name": "Federated identity link", - "description": "Federated identity link" - }, - "SEND_IDENTITY_PROVIDER_LINK": { - "name": "Send identity provider link", - "description": "Send identity provider link" - }, - "SEND_VERIFY_EMAIL_ERROR": { - "name": "Send verify email error", - "description": "Send verify email error" - }, - "RESET_PASSWORD": { - "name": "Reset password", - "description": "Reset password" - }, - "CLIENT_INITIATED_ACCOUNT_LINKING_ERROR": { - "name": "Client initiated account linking error", - "description": "Client initiated account linking error" - }, - "UPDATE_CONSENT": { - "name": "Update consent", - "description": "Update consent" - }, - "REMOVE_TOTP_ERROR": { - "name": "Remove totp error", - "description": "Remove totp error" - }, - "VERIFY_EMAIL_ERROR": { - "name": "Verify email error", - "description": "Verify email error" - }, - "SEND_RESET_PASSWORD_ERROR": { - "name": "Send reset password error", - "description": "Send reset password error" - }, - "CLIENT_UPDATE": { - "name": "Client update", - "description": "Client update" - }, - "CUSTOM_REQUIRED_ACTION_ERROR": { - "name": "Custom required action error", - "description": "Custom required action error" - }, - "IDENTITY_PROVIDER_POST_LOGIN_ERROR": { - "name": "Identity provider post login error", - "description": "Identity provider post login error" - }, - "UPDATE_TOTP_ERROR": { - "name": "Update totp error", - "description": "Update totp error" - }, - "CODE_TO_TOKEN": { - "name": "Code to token", - "description": "Code to token" - }, - "GRANT_CONSENT_ERROR": { - "name": "Grant consent error", - "description": "Grant consent error" - }, - "IDENTITY_PROVIDER_FIRST_LOGIN_ERROR": { - "name": "Identity provider first login error", - "description": "Identity provider first login error" - }, - "REGISTER_NODE_ERROR": { - "name": "Register node error", - "description": "Register node error" - }, - "PERMISSION_TOKEN_ERROR": { - "name": "Permission token error", - "description": "Permission token error" - }, - "IDENTITY_PROVIDER_RETRIEVE_TOKEN_ERROR": { - "name": "Identity provider retrieve token error", - "description": "Identity provider retrieve token error" - }, - "CLIENT_INFO": { - "name": "Client info", - "description": "Client info" - }, - "VALIDATE_ACCESS_TOKEN": { - "name": "Validate access token", - "description": "Validate access token" - }, - "IDENTITY_PROVIDER_LOGIN": { - "name": "Identity provider login", - "description": "Identity provider login" - }, - "CLIENT_INFO_ERROR": { - "name": "Client info error", - "description": "Client info error" - }, - "INTROSPECT_TOKEN_ERROR": { - "name": "Introspect token error", - "description": "Introspect token error" - }, - "INTROSPECT_TOKEN": { - "name": "Introspect token", - "description": "Introspect token" - }, - "UNREGISTER_NODE": { - "name": "Unregister node", - "description": "Unregister node" - }, - "REGISTER_NODE": { - "name": "Register node", - "description": "Register node" - }, - "INVALID_SIGNATURE": { - "name": "Invalid signature", - "description": "Invalid signature" - }, - "USER_INFO_REQUEST_ERROR": { - "name": "User info request error", - "description": "User info request error" - }, - "REFRESH_TOKEN": { - "name": "Refresh token", - "description": "Refresh token" - }, - "IDENTITY_PROVIDER_RESPONSE": { - "name": "Identity provider response", - "description": "Identity provider response" - }, - "IDENTITY_PROVIDER_RETRIEVE_TOKEN": { - "name": "Identity provider retrieve token", - "description": "Identity provider retrieve token" - }, - "UNREGISTER_NODE_ERROR": { - "name": "Unregister node error", - "description": "Unregister node error" - }, - "VALIDATE_ACCESS_TOKEN_ERROR": { - "name": "Validate access token error", - "description": "Validate access token error" - }, - "INVALID_SIGNATURE_ERROR": { - "name": "Invalid signature error", - "description": "Invalid signature error" - }, - "USER_INFO_REQUEST": { - "name": "User info request", - "description": "User info request" - }, - "IDENTITY_PROVIDER_RESPONSE_ERROR": { - "name": "Identity provider response error", - "description": "Identity provider response error" - }, - "IDENTITY_PROVIDER_LOGIN_ERROR": { - "name": "Identity provider login error", - "description": "Identity provider login error" - }, - "REFRESH_TOKEN_ERROR": { - "name": "Refresh token error", - "description": "Refresh token error" - }, - "VERIFY_PROFILE": { - "name": "Verify profile", - "description": "Verify profile" - }, - "VERIFY_PROFILE_ERROR": { - "name": "Verify profile error", - "description": "Verify profile error" - }, - "OAUTH2_DEVICE_CODE_TO_TOKEN": { - "name": "Oauth2 device code to token", - "description": "Oauth2 device code to token" - }, - "OAUTH2_DEVICE_CODE_TO_TOKEN_ERROR": { - "name": "Oauth2 device code to token error", - "description": "Oauth2 device code to token error" - }, - "OAUTH2_DEVICE_VERIFY_USER_CODE": { - "name": "Oauth2 device verify user code", - "description": "Oauth2 device verify user code" - }, - "OAUTH2_DEVICE_VERIFY_USER_CODE_ERROR": { - "name": "Oauth2 device verify user code error", - "description": "Oauth2 device verify user code error" - }, - "AUTHREQID_TO_TOKEN": { - "name": "Authreqid to token", - "description": "Authreqid to token" - }, - "AUTHREQID_TO_TOKEN_ERROR": { - "name": "Authreqid to token error", - "description": "Authreqid to token error" - }, - "OAUTH2_DEVICE_AUTH": { - "name": "Oauth2 device authentication", - "description": "Oauth2 device authentication" - }, - "OAUTH2_DEVICE_AUTH_ERROR": { - "name": "Oauth2 device authentication error", - "description": "Oauth2 device authentication error" - }, - "PUSHED_AUTHORIZATION_REQUEST": { - "name": "Pushed authorization request", - "description": "Pushed authorization request" - }, - "PUSHED_AUTHORIZATION_REQUEST_ERROR": { - "name": "Pushed authorization request error", - "description": "Pushed authorization request error" - } - }, - "emptyEvents": "Nothing to add", - "emptyEventsInstructions": "There are no more events types left to add", - "eventConfigSuccessfully": "Successfully saved configuration", - "eventConfigError": "Could not save event configuration {{error}}", - "deleteEvents": "Clear events", - "deleteEventsConfirm": "If you clear all events of this realm, all records will be permanently cleared in the database", - "admin-events-cleared": "The admin events have been cleared", - "admin-events-cleared-error": "Could not clear the admin events {{error}}", - "user-events-cleared": "The user events have been cleared", - "user-events-cleared-error": "Could not clear the user events {{error}}", - "events-disable-title": "Unsave events?", - "events-disable-confirm": "If \"Save events\" is disabled, subsequent events will not be displayed in the \"Events\" menu", - "confirm": "Confirm", - "noMessageBundles": "No message bundles", - "noMessageBundlesInstructions": "Add a message bundle to get started.", - "messageBundleDescription": "You can edit the supported locales. If you haven't selected supported locales yet, you can only edit the English locale.", - "defaultRoles": "Default roles", - "defaultGroups": "Default groups", - "whatIsDefaultGroups": "What is the function of default groups?", - "searchForGroups": "Search group", - "addDefaultGroups": "Add default groups", - "removeConfirmTitle_one": "Remove group?", - "removeConfirmTitle_other": "Remove groups?", - "removeConfirm_one": "Are you sure you want to remove this group", - "removeConfirm_other": "Are you sure you want to remove these groups.", - "groupRemove_one": "Group removed", - "groupRemove_other": "Groups removed", - "groupRemoveError": "Error removing group {error}", - "defaultGroupAdded_one": "New group added to the default groups", - "defaultGroupAdded_other": "Added {{count}} groups to the default groups", - "defaultGroupAddedError": "Error adding group(s) to the default group {error}", - "noDefaultGroups": "No default groups", - "noDefaultGroupsInstructions": "Default groups allow you to automatically assign group membership whenever any new user is created or imported throughout <1>identity brokering. Add default groups to get started", - "addGroups": "Add groups", - "securityDefences": "Security defenses", - "headers": "Headers", - "bruteForceDetection": "Brute force detection", - "xFrameOptions": "X-Frame-Options", - "contentSecurityPolicy": "Content-Security-Policy", - "contentSecurityPolicyReportOnly": "Content-Security-Policy-Report-Only", - "xContentTypeOptions": "X-Content-Type-Options", - "xRobotsTag": "X-Robots-Tag", - "xXSSProtection": "X-XSS-Protection", - "strictTransportSecurity": "HTTP Strict Transport Security (HSTS)", - "referrerPolicy": "Referrer Policy", - "failureFactor": "Max login failures", - "permanentLockout": "Permanent lockout", - "waitIncrementSeconds": "Wait increment", - "maxFailureWaitSeconds": "Max wait", - "maxDeltaTimeSeconds": "Failure reset time", - "quickLoginCheckMilliSeconds": "Quick login check milliseconds", - "minimumQuickLoginWaitSeconds": "Minimum quick login wait", - "partialExportHeaderText": "Partial export allows you to export realm configuration, and other associated resources into a json file.", - "includeGroupsAndRoles": "Include groups and roles", - "includeClients": "Include clients", - "exportWarningTitle": "Export with caution", - "exportWarningDescription": "If there is a great number of groups, roles or clients in your realm, the operation may make server unresponsive for a while.", - "exportSuccess": "Realm successfully exported.", - "exportFail": "Could not export realm: '{{error}}'", - "partialImportHeaderText": "Partial import allows you to import users, clients, and other resources from a previously exported json file.", - "selectRealm": "Select realm", - "chooseResources": "Choose the resources you want to import", - "selectIfResourceExists": "If a resource already exists, specify what should be done", - "import": "Import", - "resourcesToImport": "Resources to import", - "importFail": "Import failed: {{error}}", - "FAIL": "Fail import", - "SKIP": "Skip", - "OVERWRITE": "Overwrite", - "added": "Added", - "skipped": "Skipped", - "overwritten": "Overwritten", - "importAdded_zero": "No records added.", - "importAdded_one": "One record added.", - "importAdded_other": "{{count}} records added.", - "importOverwritten_zero": "No records overwritten.", - "importOverwritten_one": "One record overwritten.", - "importOverwritten_other": "{{count}} records overwritten.", - "importSkipped_zero": "No records skipped.", - "importSkipped_one": "One record skipped.", - "importSkipped_other": "{{count}} records skipped." -} diff --git a/js/apps/admin-ui/public/locales/en/realm.json b/js/apps/admin-ui/public/locales/en/realm.json deleted file mode 100644 index cd03883773..0000000000 --- a/js/apps/admin-ui/public/locales/en/realm.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "uploadFile": "Upload JSON file", - "realmName": "Realm name", - "invalidRealmName": "Realm name can't contain special characters", - "enabled": "Enabled", - "createRealm": "Create realm", - "realmExplain": "A realm manages a set of users, credentials, roles, and groups. A user belongs to and logs into a realm. Realms are isolated from one another and can only manage and authenticate the users that they control.", - "noRealmRoles": "No realm roles", - "emptyStateText": "There aren't any realm roles in this realm. Create a realm role to get started.", - "saveRealmSuccess": "Realm created successfully", - "saveRealmError": "Could not create realm {{error}}" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/en/roles.json b/js/apps/admin-ui/public/locales/en/roles.json deleted file mode 100644 index 3a47dbde1f..0000000000 --- a/js/apps/admin-ui/public/locales/en/roles.json +++ /dev/null @@ -1,70 +0,0 @@ -{ - "deleteAttributeText": "Delete an attribute", - "associatedRolesText": "Associated roles", - "addAssociatedRolesText": "Add associated roles", - "addAssociatedRolesSuccess": "Associated roles have been added", - "addAssociatedRolesError": "Could not associate roles {{error}}", - "associatedRolesModalTitle": "Add roles to {{name}}", - "title": "Realm roles", - "addRole": "Add role", - "createRole": "Create role", - "importRole": "Import role", - "roleID": "Role ID", - "homeURL": "Home URL", - "filterByClients": "Filter by clients", - "roleExplain": "Realm roles are the roles that you define for use in the current realm.", - "roleCreateExplain": "This is some description", - "roleName": "Role name", - "roleDetails": "Role details", - "composite": "Composite", - "deleteRole": "Delete this role", - "inheritedFrom": "Inherited from", - "roleList": "Role list", - "realmRolesList": "Realm roles", - "searchFor": "Search role by name", - "generalSettings": "General Settings", - "capabilityConfig": "Capability config", - "roleImportError": "Could not import role", - "roleCreated": "Role created", - "roleCreateError": "Could not create role: {{error}}", - "roleImportSuccess": "Role import successful", - "roleDeleteConfirm": "Delete role?", - "roleDeleteConfirmDialog": "This action will permanently delete the role \"{{selectedRoleName}}\" and cannot be undone.", - "roleDeletedSuccess": "The role has been deleted", - "roleDeleteError": "Could not delete role: {{error}}", - "defaultRole": "This role serves as a container for both realm and client default roles. It cannot be removed.", - "defaultRoleDeleteError": "You cannot delete a default role.", - "roleSaveSuccess": "The role has been saved", - "roleSaveError": "Could not save role: {{error}}", - "noRoles": "No roles in this realm", - "noRolesInstructions": "You haven't created any roles in this realm. Create a role to get started.", - "roleAuthentication": "Role authentication", - "removeAllAssociatedRoles": "Remove all associated roles", - "removeAssociatedRoles": "Remove associated roles", - "removeRoles": "Remove roles", - "removeAllAssociatedRolesConfirmDialog": "This action will remove the associated roles of {{name}}. Users who have permission to {{name}} will no longer have access to these roles.", - "roleRemoveAssociatedRoleConfirm": "Remove associated role?", - "roleRemoveAssociatedText": "This action will remove {{role}} from {{roleName}}. All the associated roles of {{role}} will also be removed.", - "compositeRoleOff": "Composite role turned off", - "associatedRolesRemoved": "Associated roles have been removed", - "compositesRemovedAlertDescription": "All the associated roles have been removed", - "whoWillAppearLinkText": "Who will appear in this user list?", - "whoWillAppearPopoverText": "This tab shows only the users who are assigned directly to this role. To see users who are assigned this role as an associated role or through a group, go to", - "whoWillAppearPopoverFooterText": "Users who have this role as an effective role cannot be added on this tab.", - "usersInRole": "Users in role", - "addUser": "Add user", - "removeUser": "Remove users", - "removeUserText": "Do you want to remove {{numSelected}} users?. These users will no longer have permissions of the role {{role}} and the associated roles of it.", - "noDirectUsers": "No direct users", - "noUsersEmptyStateDescription": "Only the users with this role directly assigned will appear under this tab. If you need to find users assigned to this role, go to", - "noUsersEmptyStateDescriptionContinued": "to find them. Users that already have this role as an effective role cannot be added here.", - "or": "or", - "users": "Users", - "userName": "Username", - "email": "Email", - "lastName": "Last name", - "firstName": "First name", - "clearAllFilters": "Clear all filters", - "noRolesAssociated": "No associated roles", - "noRolesAssociatedInstructions": "To add roles to this role press the 'Add role' button" -} diff --git a/js/apps/admin-ui/public/locales/en/sessions.json b/js/apps/admin-ui/public/locales/en/sessions.json deleted file mode 100644 index 9195bd4345..0000000000 --- a/js/apps/admin-ui/public/locales/en/sessions.json +++ /dev/null @@ -1,36 +0,0 @@ -{ - "title": "Sessions", - "sessionExplain": "Sessions are sessions of users in this realm and the clients that they access within the session.", - "searchForSession": "Search session", - "user": "User", - "lastAccess": "Last access", - "started": "Started", - "clients": "Clients", - "sessionsType": { - "allSessions": "All session types", - "regularSSO": "Regular SSO", - "offline": "Offline", - "directGrant": "Direct grant", - "serviceAccount": "Service account" - }, - "revocation": "Revocation", - "revocationDescription": "This is a way to revoke all active sessions and access tokens. Not before means you can revoke any tokens issued before the date.", - "notBefore": "Not before", - "notBeforeSuccess": "Success! \"Not before\" set for realm", - "notBeforeError": "Error clearing \"Not Before\" for realm: {{error}}", - "notBeforeClearedSuccess": "Success! \"Not Before\" cleared for realm.", - "signOutAllActiveSessions": "Sign out all active sessions", - "signOutAllActiveSessionsQuestion": "Sign out all active sessions?", - "setToNow": "Set to now", - "logoutAllSessions": "Logout all sessions", - "logoutAllDescription": "If you sign out all active sessions, active subjects in this realm will be signed out.", - "logoutAllSessionsError": "Error! Failed to log out of all sessions: {{error}}.", - "setToNowError": "Error! Failed to set notBefore to current date and time.", - "clear": "Clear", - "push": "Push", - "none": "None", - "noSessions": "No sessions", - "noSessionsDescription": "There are currently no active sessions in this realm.", - "noSessionsForUser": "There are currently no active sessions for this user.", - "noSessionsForClient": "There are currently no active sessions for this client." -} diff --git a/js/apps/admin-ui/public/locales/en/translation.json b/js/apps/admin-ui/public/locales/en/translation.json new file mode 100644 index 0000000000..e695e736bc --- /dev/null +++ b/js/apps/admin-ui/public/locales/en/translation.json @@ -0,0 +1,3269 @@ +{ + "fullName": "{{givenName}} {{familyName}}", + "unknownUser": "Anonymous", + "add": "Add", + "yes": "Yes", + "no": "No", + "create": "Create", + "save": "Save", + "revert": "Revert", + "cancel": "Cancel", + "reload": "Reload", + "continue": "Continue", + "close": "Close", + "delete": "Delete", + "reset": "Reset", + "remove": "Remove", + "revoke": "Revoke", + "search": "Search", + "key": "Key", + "value": "Value", + "noSearchResults": "No search results", + "noSearchResultsInstructions": "Click on the search bar above to search for groups", + "clearAllFilters": "Clear all filters", + "next": "Next", + "back": "Back", + "finish": "Finish", + "skipCustomizationAndFinish": "Skip customization and finish", + "export": "Export", + "action": "Action", + "download": "Download", + "resourceFile": "Resource file", + "clear": "Clear", + "clearFile": "Clear this file", + "clearFileExplain": "Are you sure you want to clear this file?", + "on": "On", + "off": "Off", + "edit": "Edit", + "enabled": "Enabled", + "disabled": "Disabled", + "disable": "Disable", + "selectOne": "Select an option", + "select": "Select", + "choose": "Choose...", + "any": "Any", + "none": "None", + "signOut": "Sign out", + "manageAccount": "Manage account", + "serverInfo": "Server info", + "realmInfo": "Realm info", + "help": "Help", + "helpLabel": "More help for '{{label}}'", + "helpEnabled": "Help on", + "helpDisabled": "Help off", + "documentation": "Documentation", + "enableHelpMode": "Enable help mode", + "enableHelp": "Help is enabled", + "learnMore": "Learn more", + "show": "Show", + "hide": "Hide", + "showRemaining": "Show ${remaining}", + "more": "{{count}} more", + "test": "Test", + "testConnection": "Test connection", + "name": "Name", + "role": "Role", + "description": "description", + "type": "Type", + "category": "Category", + "priority": "Priority", + "unexpectedError": "An unexpected error occurred: '{{error}}'", + "retry": "Press here to refresh and continue", + "plus": "Plus", + "minus": "Minus", + "confirm": "Confirm", + "clientScope": "Client scope", + "allTypes": "All types", + "home": "Home", + "manage": "Manage", + "clients": "Clients", + "clientScopes": "Client scopes", + "realmRoles": "Realm roles", + "clientRoles": "Client roles", + "users": "Users", + "groups": "Groups", + "sessions": "Sessions", + "events": "Events", + "mappers": "Mappers", + "permissions": "Permissions", + "permissionsList": "Permission list", + "permissionsListIntro": "Edit the permission list by clicking the scope-name. It then redirects to the permission details page of the client named <1>{{realm}}", + "usersPermissionsHint": "Fine grained permissions for managing all users in realm. You can define different policies for who is allowed to manage users in the realm.", + "clientsPermissionsHint": "Fine grained permissions for administrators that want to manage this client or apply roles defined by this client.", + "groupsPermissionsHint": "Determines if fine grained permissions are enabled for managing this role. Disabling will delete all current permissions that have been set up.", + "rolesPermissionsHint": "Determines if fine grained permissions are enabled for managing this role. Disabling will delete all current permissions that have been set up.", + "identityProvidersPermissionsHint": "Determines if fine grained permissions are enabled for managing this role. Disabling will delete all current permissions that have been set up.", + "permissionsScopeName": "Scope-name", + "permissionsEnabled": "Permissions enabled", + "permissionsDisable": "Disable permissions?", + "permissionsDisableConfirm": "If you disable the permissions, all the permissions in the list below will be delete automatically. In addition, the resources and scopes that are related will be removed", + "scopePermissions": { + "clients": { + "manage-description": "Policies that decide if an administrator can manage this client", + "configure-description": "Reduced management permissions for administrator. Cannot set scope, template, or protocol mappers.", + "view-description": "Policies that decide if an administrator can view this client", + "map-roles-description": "Policies that decide if an administrator can map roles defined by this client", + "map-roles-client-scope-description": "Policies that decide if an administrator can apply roles defined by this client to the client scope of another client", + "map-roles-composite-description": "Policies that decide if an administrator can apply roles defined by this client as a composite to another role", + "token-exchange-description": "Policies that decide which clients are allowed exchange tokens for a token that is targeted to this client." + }, + "users": { + "view-description": "Policies that decide if an administrator can view all users in realm", + "manage-description": "Policies that decide if an administrator can manage all users in the realm", + "map-roles-description": "Policies that decide if administrator can map roles for all users", + "manage-group-membership-description": "Policies that decide if an administrator can manage group membership for all users in the realm. This is used in conjunction with specific group policy", + "impersonate-description": "Policies that decide if administrator can impersonate other users", + "user-impersonated-description": "Policies that decide which users can be impersonated. These policies are applied to the user being impersonated." + }, + "groups": { + "view-description": "Policies that decide if an administrator can view this group", + "manage-description": "Policies that decide if an administrator can manage this group", + "view-members-description": "Policies that decide if an administrator can view the members of this group", + "manage-members-description": "Policies that decide if an administrator can manage the members of this group", + "manage-membership-description": "Policies that decide if an administrator can add or remove users from this group" + }, + "roles": { + "map-role-description": "Policies that decide if an administrator can map this role to a user or group", + "map-role-client-scope-description": "Policies that decide if an administrator can apply this role to the client scope of a client", + "map-role-composite-description": "Policies that decide if an administrator can apply this role as a composite to another role" + }, + "identityProviders": { + "token-exchange-description": "Policies that decide which clients are allowed exchange tokens for an external token minted by this identity provider." + } + }, + "configure": "Configure", + "realmSettings": "Realm settings", + "authentication": "Authentication", + "identityProviders": "Identity providers", + "userFederation": "User federation", + "settings": "Settings", + "details": "Details", + "required": "Required field", + "maxLength": "Max length {{length}}", + "lessThan": "Must be less than {{value}}", + "greaterThan": "Must be greater than {{value}}", + "createRealm": "Create realm", + "recent": "Recent", + "jumpToSection": "Jump to section", + "Sunday": "Sunday", + "Monday": "Monday", + "Tuesday": "Tuesday", + "Wednesday": "Wednesday", + "Thursday": "Thursday", + "Friday": "Friday", + "Saturday": "Saturday", + "filterByRoles": "Filter by realm roles", + "filterByClients": "Filter by clients", + "assignRole": "Assign role", + "assign": "Assign", + "unAssignRole": "Unassign", + "hideInheritedRoles": "Hide inherited roles", + "assignRolesTo": "Assign roles to {{client}}", + "inherent": "Inherited", + "unitLabel": "Select a time unit", + "times": { + "seconds": "Seconds", + "minutes": "Minutes", + "hours": "Hours", + "days": "Days", + "years": "Years" + }, + "attributes": "Attributes", + "missingAttributes": "No attributes have been defined yet. Click the below button to add attributes, key and value are required for a key pair.", + "addAttribute": "Add an attribute", + "removeAttribute": "Remove attribute", + "keyPlaceholder": "Type a key", + "valuePlaceholder": "Type a value", + "keyError": "A key must be provided.", + "valueError": "A value must be provided.", + "credentials": "Credentials", + "clientId": "Client ID", + "clientName": "Name", + "id": "ID", + "addMapper": "Add mapper", + "createNewMapper": "Create new mapper", + "searchForMapper": "Search for mapper", + "mapperType": "Mapper type", + "mappingDeletedSuccess": "Mapping successfully deleted", + "mappingDeletedError": "Could not delete mapping: '{{error}}'", + "mappingDetails": "Mapper details", + "mappingUpdatedSuccess": "Mapping successfully updated", + "mappingUpdatedError": "Could not update mapping: '{{error}}'", + "mappingCreatedSuccess": "Mapping successfully created", + "mappingCreatedError": "Could not create mapping: '{{error}}'", + "deleteMappingTitle": "Delete mapping?", + "deleteMappingConfirm": "Are you sure you want to delete this mapping?", + "emptyMappers": "No mappers", + "emptyMappersInstructions": "If you want to add mappers, please click the button below to add some predefined mappers or to configure a new mapper.", + "emptyPrimaryAction": "Add predefined mapper", + "leave": "Leave", + "reorder": "Reorder", + "onDragStart": "Dragging started for item {{item}}", + "onDragMove": "Dragging item {{item}}", + "onDragCancel": "Dragging cancelled. List is unchanged.", + "onDragFinish": "Dragging finished {{list}}", + "notFound": "Could not find the resource that you are looking for", + "password": "Password", + "passwordConfirmation": "Password confirmation", + "temporaryPassword": "Temporary", + "temporaryPasswordHelpText": "If enabled, the user must change the password on next login", + "forbidden_one": "Forbidden, permission needed:", + "forbidden_other": "Forbidden, permissions needed:", + "noRealmRolesToAssign": "There are no realm roles to assign", + "loadingRealms": "Loading realms…", + "customAttribute": "Custom Attribute…", + "helpToggleInfo": "This toggle will enable / disable part of the help info in the UI. Includes any help text, links and popovers.", + "showPassword": "Show password field in clear text", + "helpFileUpload": "Upload a JSON file", + "helpFileUploadClient": "Upload a JSON or XML file", + "dragHelp": "Press space or enter to begin dragging, and use the arrow keys to navigate up or down. Press enter to confirm the drag, or any other key to cancel the drag operation.", + "realmName": "Realm name", + "welcome": "Welcome to", + "introduction": "If you want to leave this page and manage this realm, please click the corresponding menu items in the left navigation bar.", + "version": "Version", + "product": "Product", + "profile": "Profile", + "enabledFeatures": "Enabled features", + "experimental": "Experimental", + "preview": "Preview", + "supported": "Supported", + "infoEnabledFeatures": "Shows enabled preview and experimental features.", + "infoDisabledFeatures": "Shows all disabled features.", + "disabledFeatures": "Disabled features", + "providerInfo": "Provider info", + "providers": "Add providers", + "spi": "SPI", + "showMore": "Show more", + "showLess": "Show less", + "memory": "Memory", + "totalMemory": "Total memory", + "freeMemory": "Free memory", + "usedMemory": "Used memory", + "protocolTypes": { + "all": "All", + "saml": "SAML", + "openid-connect": "OpenID Connect" + }, + "protocol": "Protocol", + "copy": "Copy", + "copied": "Authorization details copied.", + "copyError": "Error copying authorization details: {{error}}", + "exportAuthDetailsSuccess": "Successfully exported authorization details.", + "exportAuthDetailsError": "Error exporting authorization details: {{error}}", + "clientType": "Client type", + "clientAuthorization": "Authorization", + "implicitFlow": "Implicit flow", + "createClient": "Create client", + "importClient": "Import client", + "homeURL": "Home URL", + "webOrigins": "Web origins", + "addWebOrigins": "Add web origins", + "adminURL": "Admin URL", + "formatOption": "Format option", + "encryptAssertions": "Encrypt assertions", + "clientSignature": "Client signature required", + "downloadAdaptorTitle": "Download adaptor configs", + "privateKeyMask": "PRIVATE KEY NOT SET UP OR KNOWN", + "keys": "Keys", + "roles": "Roles", + "createRole": "Create role", + "noRoles": "No roles for this user", + "noRolesInstructions": "You haven't assigned any roles to this user. Assign a role to get started.", + "addClientScope": "Add client scope", + "dedicatedScopeName": "{{clientName}}-dedicated", + "dedicatedScopeDescription": "Dedicated scope and mappers for this client", + "dedicatedScopes": "Dedicated scopes", + "fullScopeAllowed": "Full scope allowed", + "addClientScopesTo": "Add client scopes to {{clientName}}", + "clientScopeRemoveSuccess": "Scope mapping successfully removed", + "clientScopeRemoveError": "Could not remove the scope mapping {{error}}", + "clientScopeSuccess": "Scope mapping updated", + "clientScopeError": "Could not update scope mapping {{error}}", + "searchByName": "Search by name", + "setup": "Setup", + "selectAUser": "Select a user", + "selectARole": "Select a role", + "client": "Client", + "evaluateError": "Could not evaluate due to: {{error}}", + "evaluate": "Evaluate", + "reevaluate": "Re-evaluate", + "showAuthData": "Show authorization data", + "authData": "Authorization data", + "authDataDescription": "Represents a token carrying authorization data as a result of the processing of an authorization request. This representation is basically what Keycloak issues to clients asking for permission. Check the `authorization` claim for the permissions that where granted based on the current authorization request. ", + "results": "Results", + "allResults": "All results", + "resultPermit": "Result-Permit", + "resultDeny": "Result-Deny", + "permit": "Permit", + "deny": "Deny", + "unanimous": "Unanimous", + "affirmative": "Affirmative", + "consensus": "Consensus", + "votedToStatus": " voted to {{status}}", + "overallResults": "Overall Results", + "grantedScopes": "Granted scopes", + "deniedScopes": "Denied scopes", + "permission": "Permission", + "lastEvaluation": "Last Evaluation", + "resourcesAndScopes": "Resources and Scopes", + "authScopes": "Authorization scopes", + "authDetails": "Authorization details", + "anyResource": "Any resource", + "anyScope": "Any scope", + "selectScope": "Select a scope", + "applyToResourceType": "Apply to Resource Type", + "contextualInfo": "Contextual Information", + "contextualAttributes": "Contextual Attributes", + "selectOrTypeAKey": "Select or type a key", + "custom": "Custom Attribute...", + "kc": { + "identity": { + "authc": { + "method": "Authentication Method" + } + }, + "realm": { + "name": "Realm" + }, + "time": { + "date_time": "Date/Time (MM/dd/yyyy hh:mm:ss)" + }, + "client": { + "network": { + "ip_address": "Client IPv4 Address", + "host": "Client Host" + }, + "user_agent": "Client/User Agent" + } + }, + "oneTimePassword": "One-Time Password", + "kerberos": "Kerberos", + "removeMappingTitle": "Remove role?", + "removeMappingConfirm_one": "Are you sure you want to remove this role?", + "removeMappingConfirm_other": "Are you sure you want to remove {{count}} roles", + "clientScopeSearch": { + "name": "Name", + "type": "Assigned type", + "protocol": "Protocol" + }, + "authorization": "Authorization", + "policyEnforcementMode": "Policy enforcement mode", + "policyEnforcementModes": { + "ENFORCING": "Enforcing", + "PERMISSIVE": "Permissive", + "DISABLED": "Disabled" + }, + "decisionStrategy": "Decision strategy", + "decisionStrategies": { + "UNANIMOUS": "Unanimous", + "AFFIRMATIVE": "Affirmative", + "CONSENSUS": "Consensus" + }, + "importResources": "The following settings and data will be imported:", + "importWarning": "The data and settings imported above may overwrite the data and settings that already exist.", + "importResourceSuccess": "The resource was successfully imported", + "importResourceError": "Could not import the resource due to {{error}}", + "createResource": "Create resource", + "resourceDetails": "Resource details", + "emptyPermissions": "No permissions", + "emptyPermissionInstructions": "If you want to create a permission, please click the button below to create a resource-based or scope-based permission.", + "noScopeCreateHint": "You'll need to create an authorization scope first.", + "noResourceCreateHint": "There are no resources you can't create resource-based permission", + "createResourceBasedPermission": "Create resource-based permission", + "createScopeBasedPermission": "Create scope-based permission", + "displayName": "Display name", + "addUri": "Add URI", + "authorizationScopes": "Authorization scopes", + "iconUri": "Icon URI", + "ownerManagedAccess": "User-Managed access enabled", + "resourceAttribute": "Resource attribute", + "createResourceSuccess": "Resource created successfully", + "updateResourceSuccess": "Resource successfully updated", + "resourceSaveError": "Could not persist resource due to {{error}}", + "associatedPermissions": "Associated permission", + "allowRemoteResourceManagement": "Remote resource management", + "resources": "Resources", + "resource": "Resource", + "emptyResources": "No resources", + "emptyResourcesInstructions": "If you want to create a resource, please click the button below.", + "scope": "Scope", + "owner": "Owner", + "uris": "URIs", + "scopes": "Scopes", + "policies": "Policies", + "createPermission": "Create permission", + "permissionDetails": "Permission details", + "deleteResource": "Permanently delete resource?", + "deleteResourceConfirm": "If you delete this resource, some permissions will be affected.", + "deleteResourceWarning": "The permissions below will be removed when they are no longer used by other resources:", + "resourceDeletedSuccess": "The resource successfully deleted", + "resourceDeletedError": "Could not remove the resource {{error}}", + "identityInformation": "Identity Information", + "searchForPermission": "Search for permission", + "deleteScope": "Permanently delete authorization scope?", + "deleteScopeConfirm": "If you delete this authorization scope, some permissions will be affected.", + "deleteScopeWarning": "The permissions below will be removed when they are no longer used by other authorization scopes:", + "resourceScopeSuccess": "The authorization scope successfully deleted", + "resourceScopeError": "Could not remove the authorization scope due to {{error}}", + "associatedPolicy": "Associated policy", + "deletePermission": "Permanently delete permission?", + "deletePermissionConfirm": "Are you sure you want to delete the permission {{permission}}", + "permissionDeletedSuccess": "Successfully deleted permission", + "permissionDeletedError": "Could not delete permission due to {{error}}", + "applyToResourceTypeFlag": "Apply to resource type", + "resourceType": "Resource type", + "createPermissionSuccess": "Successfully created the permission", + "updatePermissionSuccess": "Successfully updated the permission", + "permissionSaveError": "Could not update the permission due to {{error}}", + "createAuthorizationScope": "Create authorization scope", + "authorizationScopeDetails": "Authorization scope details", + "emptyAuthorizationScopes": "No authorization scopes", + "emptyAuthorizationInstructions": "If you want to create authorization scopes, please click the button below to create the authorization scope", + "createScopeSuccess": "Authorization scope created successfully", + "updateScopeSuccess": "Authorization scope successfully updated", + "scopeSaveError": "Could not persist authorization scope due to {{error}}", + "createPolicy": "Create client policy", + "policyDetails": "Policy details", + "createPolicyOfType": "Create {{policyType}} policy", + "dependentPermission": "Dependent permission", + "deletePolicy": "Permanently delete policy?", + "deletePolicyConfirm": "If you delete this policy, some permissions or aggregated policies will be affected.", + "deletePolicyWarning": "The aggregated polices below will be removed automatically:", + "policyDeletedSuccess": "The Policy successfully deleted", + "policyDeletedError": "Could not remove the resource {{error}}", + "emptyPolicies": "No policies", + "emptyPoliciesInstructions": "If you want to create a policy, please click the button below to create the policy.", + "chooseAPolicyType": "Choose a policy type", + "chooseAPolicyTypeInstructions": "Choose one policy type from the list below and then you can configure a new policy for authorization. There are some types and description.", + "policyProvider": { + "regex": "Define regex conditions for your permissions.", + "role": "Define conditions for your permissions where a set of one or more roles is permitted to access an object.", + "js": "Define conditions for your permissions using JavaScript. It is one of the rule-based policy types supported by Keycloak, and provides flexibility to write any policy based on the Evaluation API.", + "client": "Define conditions for your permissions where a set of one or more clients is permitted to access an object.", + "time": "Define time conditions for your permissions.", + "user": "Define conditions for your permissions where a set of one or more users is permitted to access an object.", + "client-scope": "Define conditions for your permissions where a set of one or more client scopes is permitted to access an object.", + "aggregate": "Reuse existing policies to build more complex ones and keep your permissions even more decoupled from the policies that are evaluated during the processing of authorization requests.", + "group": "Define conditions for your permissions where a set of one or more groups (and their hierarchies) is permitted to access an object." + }, + "applyPolicy": "Apply policy", + "addClientScopes": "Add client scopes", + "emptyAddClientScopes": "No client scopes", + "emptyAddClientScopesInstructions": "There are no client scopes left to add", + "groupsClaim": "Groups claim", + "addGroups": "Add groups", + "requiredClient": "Please add at least one client.", + "requiredClientScope": "Please add at least one client scope.", + "requiredGroups": "Please add at least one group.", + "requiredRoles": "Please add at least one role.", + "addGroupsToGroupPolicy": "Add groups to group policy", + "extendToChildren": "Extend to children", + "targetClaim": "Target claim", + "regexPattern": "Regex pattern", + "addRoles": "Add roles", + "startTime": "Start time", + "repeat": "Repeat", + "notRepeat": "Not repeat", + "month": "Month", + "dayMonth": "Day", + "hour": "Hour", + "minute": "Minute", + "code": "Code", + "expireTime": "Expire time", + "logic": "Logic", + "logicType": { + "positive": "Positive", + "negative": "Negative" + }, + "createPolicySuccess": "Successfully created the policy", + "updatePolicySuccess": "Successfully updated the policy", + "policySaveError": "Could not update the policy due to {{error}}", + "assignedClientScope": "Assigned client scope", + "assignedType": "Assigned type", + "emptyClientScopes": "This client doesn't have any added client scopes", + "emptyClientScopesInstructions": "There are currently no client scopes linked to this client. You can add existing client scopes to this client to share protocol mappers and roles.", + "emptyClientScopesPrimaryAction": "Add client scopes", + "scopeParameter": "Scope parameter", + "scopeParameterPlaceholder": "Select scope parameters", + "effectiveProtocolMappers": "Effective protocol mappers", + "effectiveRoleScopeMappings": "Effective role scope mappings", + "generatedAccessToken": "Generated access token", + "generatedIdToken": "Generated ID token", + "generatedIdTokenNo": "No generated id token", + "generatedIdTokenIsDisabled": "Generated id token is disabled when no user is selected", + "generatedUserInfo": "Generated user info", + "generatedUserInfoNo": "No generated user info", + "generatedUserInfoIsDisabled": "Generated user info is disabled when no user is selected", + "searchForProtocol": "Search protocol mapper", + "parentClientScope": "Parent client scope", + "searchForRole": "Search role", + "origin": "Origin", + "user": "User", + "generatedAccessTokenNo": "No generated access token", + "generatedAccessTokenIsDisabled": "Generated access token is disabled when no user is selected", + "clientList": "Clients", + "clientsList": "Clients list", + "initialAccessToken": "Initial access token", + "expirationValueNotValid": "Value should should be greater or equal to 1", + "clientSettings": "Client details", + "selectEncryptionType": "Select Encryption type", + "generalSettings": "General settings", + "alwaysDisplayInUI": "Always display in UI", + "capabilityConfig": "Capability config", + "clientsExplain": "Clients are applications and services that can request authentication of a user.", + "explainBearerOnly": "This is a special OIDC type. This client only allows bearer token requests and cannot participate in browser logins.", + "createSuccess": "Identity provider successfully created", + "createError": "Could not create the identity provider: {{error}}", + "clientImportError": "Could not import client: {{error}}", + "clientSaveSuccess": "Client successfully updated", + "clientSaveError": "Client could not be updated: {{error}}", + "clientImportSuccess": "Client imported successfully", + "clientDelete": "Delete {{clientId}} ?", + "clientDeletedSuccess": "The client has been deleted", + "clientDeleteError": "Could not delete client: {{error}}", + "clientDeleteConfirmTitle": "Delete client?", + "disableConfirmTitle": "Disable realm?", + "downloadAdapterConfig": "Download adapter config", + "disableConfirm": "Are you sure you want to disable the provider '{{provider}}'", + "clientDeleteConfirm": "If you delete this client, all associated data will be removed.", + "searchInitialAccessToken": "Search token", + "createToken": "Create initial access token", + "tokenDeleteConfirm": "Are you sure you want to permanently delete the initial access token {{id}}", + "tokenDeleteConfirmTitle": "Delete initial access token?", + "tokenDeleteSuccess": "Initial access token deleted successfully", + "tokenDeleteError": "Could not delete initial access token: '{{error}}'", + "timestamp": "Created date", + "created": "Created", + "lastUpdated": "Last updated", + "expires": "Expires", + "count": "Count", + "remainingCount": "Remaining count", + "expiration": "Expiration", + "noTokens": "No initial access tokens", + "noTokensInstructions": "You haven't created any initial access tokens. Create an initial access token by clicking \"Create\".", + "tokenSaveSuccess": "New initial access token has been created", + "tokenSaveError": "Could not create initial access token {{error}}", + "initialAccessTokenDetails": "Initial access token details", + "copyInitialAccessToken": "Please copy and paste the initial access token before closing as it can not be retrieved later.", + "copySuccess": "Successfully copied to clipboard!", + "clipboardCopyError": "Error copying to clipboard.", + "clipboardCopyDenied": "Your browser is blocking access to the clipboard.", + "copyToClipboard": "Copy to clipboard", + "clientRegistration": "Client registration", + "anonymousAccessPolicies": "Anonymous access polices", + "authenticatedAccessPolicies": "Authenticated access polices", + "provider": "Provider", + "providerId": "Provider ID", + "providerCreateSuccess": "New client policy created successfully", + "providerCreateError": "Could not create client policy due to {{error}}", + "providerUpdatedSuccess": "Client policy updated successfully", + "providerUpdatedError": "Could not update client policy due to {{error}}", + "clientRegisterPolicyDeleteConfirmTitle": "Delete client registration policy?", + "clientRegisterPolicyDeleteConfirm": "Are you sure you want to permanently delete the client registration policy {{name}}", + "clientRegisterPolicyDeleteSuccess": "Client registration policy deleted successfully", + "clientRegisterPolicyDeleteError": "Could not delete client registration policy: '{{error}}'", + "chooseAPolicyProvider": "Choose a policy provider", + "clientAuthentication": "Client authentication", + "authenticationFlow": "Authentication flow", + "standardFlow": "Standard flow", + "directAccess": "Direct access grants", + "serviceAccount": "Service accounts roles", + "oauthDeviceAuthorizationGrant": "OAuth 2.0 Device Authorization Grant", + "oidcCibaGrant": "OIDC CIBA Grant", + "enableServiceAccount": "Enable service account roles", + "searchByRoleName": "Search by role name", + "roleMappingUpdatedSuccess": "Role mapping updated", + "roleMappingUpdatedError": "Could not update role mapping {{error}}", + "displayOnClient": "Display client on screen", + "consentScreenText": "Consent screen text", + "loginSettings": "Login settings", + "logoutSettings": "Logout settings", + "backchannelLogoutUrl": "Backchannel logout URL", + "backchannelUrlInvalid": "Backchannel logout URL is not a valid URL", + "backchannelLogoutSessionRequired": "Backchannel logout session required", + "backchannelLogoutRevokeOfflineSessions": "Backchannel logout revoke offline sessions", + "frontchannelLogout": "Front channel logout", + "frontchannelLogoutUrl": "Front-channel logout URL", + "frontchannelUrlInvalid": "Front-channel logout URL is not a valid URL", + "accessSettings": "Access settings", + "rootUrl": "Root URL", + "validRedirectUri": "Valid redirect URIs", + "validPostLogoutRedirectUri": "Valid post logout redirect URIs", + "idpInitiatedSsoUrlName": "IDP-Initiated SSO URL name", + "idpInitiatedSsoUrlNameHelp": "URL fragment name to reference client when you want to do IDP Initiated SSO. Leaving this empty will disable IDP Initiated SSO. The URL you will reference from your browser will be: {server-root}/realms/{realm}/protocol/saml/clients/{client-url-name}", + "idpInitiatedSsoRelayState": "IDP Initiated SSO Relay State", + "masterSamlProcessingUrl": "Master SAML Processing URL", + "samlCapabilityConfig": "SAML capabilities", + "signatureAndEncryption": "Signature and Encryption", + "nameIdFormat": "Name ID format", + "forceNameIdFormat": "Force name ID format", + "forcePostBinding": "Force POST binding", + "forceArtifactBinding": "Force artifact binding", + "includeAuthnStatement": "Include AuthnStatement", + "includeOneTimeUseCondition": "Include OneTimeUse Condition", + "optimizeLookup": "Optimize REDIRECT signing key lookup", + "allowEcpFlow": "Allow ECP flow", + "signDocuments": "Sign documents", + "signAssertions": "Sign assertions", + "signatureKeyName": "SAML signature key name", + "canonicalization": "Canonicalization method", + "addRedirectUri": "Add valid redirect URIs", + "addPostLogoutRedirectUri": "Add valid post logout redirect URIs", + "loginTheme": "Login theme", + "consentRequired": "Consent required", + "clientAuthenticator": "Client Authenticator", + "changeAuthenticatorConfirmTitle": "Change to {{clientAuthenticatorType}}?", + "changeAuthenticatorConfirm": "If you change authenticator to {{clientAuthenticatorType}}, the Keycloak database will be updated and you may need to download a new adapter configuration for this client.", + "signedJWTConfirm": "Generate a private key and certificate for the client from the Keys tab.", + "anyAlgorithm": "Any algorithm", + "clientSecret": "Client Secret", + "regenerate": "Regenerate", + "secretExpiresOn": "Secret expires on {{time}}", + "secretRotated": "Secret rotated", + "invalidateSecret": "Invalidate", + "secretHasExpired": "Secret has expired, please generate a new one by clicking the \"Regenerate\" button above", + "invalidateRotatedSecret": "Invalidate rotated secret?", + "invalidateRotatedSecretExplain": "After invalidating rotated secret, the rotated secret will be removed automatically ", + "invalidateRotatedSuccess": "Rotated secret successfully removed", + "invalidateRotatedError": "Could not remove rotated secret: {{error}}", + "confirmClientSecretTitle": "Regenerate secret for this client?", + "confirmClientSecretBody": "If you regenerate secret, the Keycloak database will be updated and you will need to download a new adapter for this client.", + "confirmAccessTokenTitle": "Regenerate registration access token?", + "confirmAccessTokenBody": "If you regenerate registration access token, the access data regarding the client registration service will be updated.", + "clientSecretSuccess": "Client secret regenerated", + "clientSecretError": "Could not regenerate client secret due to: {{error}}", + "signingKeysConfig": "Signing keys config", + "signingKeysConfigExplain": "If you enable the \"Client signature required\" below, you must configure the signing keys by generating or importing keys, and the client will sign their saml requests and responses. The signature will be validated.", + "encryptionKeysConfig": "Encryption keys config", + "encryptionKeysConfigExplain": "If you enable the \"Encryption assertions\" below, you must configure the encryption keys by generating or importing keys, and the SAML assertions will be encrypted with the client's public key using AES.", + "enableClientSignatureRequired": "Enable \"Client signature required\"?", + "enableClientSignatureRequiredExplain": "If you enable \"Client signature required\", the adapter of this client will be updated. You may need to download a new adapter for this client. You need to generate or import keys for this client otherwise the authentication will not work.", + "selectMethod": "Select method", + "selectMethodType": { + "generate": "Generate", + "import": "Import" + }, + "realmCertificateAlias": "Realm certificate alias", + "exportSamlKeyTitle": "Export SAML Keys", + "samlKeysExportSuccess": "Successfully exported keys", + "samlKeysExportError": "Could not export keys due to: {{error}}", + "browse": "Browse", + "importKey": "Import key", + "disableSigning": "Disable \"{{key}}\"", + "disableSigningExplain": "If you disable \"{{key}}\", the Keycloak database will be updated and you may need to download a new adapter for this client.", + "reGenerateSigning": "Regenerate signing key for this client", + "reGenerateSigningExplain": "If you regenerate signing key for client, the Keycloak database will be updated and you may need to download a new adapter for this client.", + "registrationAccessToken": "Registration access token", + "accessTokenSuccess": "Access token regenerated", + "accessTokenError": "Could not regenerate access token due to: {{error}}", + "signatureAlgorithm": "Signature algorithm", + "allowRegexComparison": "Allow regex pattern comparison", + "subject": "Subject DN", + "searchForClient": "Search for client", + "advanced": "Advanced", + "revocation": "Revocation", + "clustering": "Clustering", + "notBefore": "Not before", + "setToNow": "Set to now", + "noAdminUrlSet": "No push sent. No admin URI configured or no registered cluster nodes available", + "notBeforeSetToNow": "Not Before set for client", + "notBeforeNowClear": "Not Before cleared for client", + "notBeforePushFail": "Failed to push \"not before\" to: {{failedNodes}}", + "notBeforePushSuccess": "Successfully push \"not before\" to: {{successNodes}}", + "testClusterFail": "Failed verified availability for: {{failedNodes}}. Fix or unregister failed cluster nodes and try again", + "testClusterSuccess": "Successfully verified availability for: {{successNodes}}", + "deleteNode": "Delete node?", + "deleteNodeBody": "Are you sure you want to permanently delete the node \"{{node}}\"", + "deleteNodeSuccess": "Node successfully removed", + "deleteNodeFail": "Could not delete node: '{{error}}'", + "addedNodeSuccess": "Node successfully added", + "addedNodeFail": "Could not add node: '{{error}}'", + "addNode": "Add node", + "push": "Push", + "nodeReRegistrationTimeout": "Node Re-registration timeout", + "registeredClusterNodes": "Registered cluster nodes", + "nodeHost": "Node host", + "noNodes": "No nodes registered", + "noNodesInstructions": "There are no nodes registered, you can add one manually.", + "lastRegistration": "Last registration", + "testClusterAvailability": "Test cluster availability", + "registerNodeManually": "Register node manually", + "fineGrainOpenIdConnectConfiguration": "Fine grain OpenID Connect configuration", + "fineGrainSamlEndpointConfig": "Fine Grain SAML Endpoint Configuration", + "logoUrl": "Logo URL", + "policyUrl": "Policy URL", + "termsOfServiceUrl": "Terms of service URL", + "accessTokenSignatureAlgorithm": "Access token signature algorithm", + "idTokenSignatureAlgorithm": "ID token signature algorithm", + "idTokenEncryptionKeyManagementAlgorithm": "ID token encryption key management algorithm", + "userInfoResponseEncryptionKeyManagementAlgorithm": "User info response encryption key management algorithm", + "userInfoResponseEncryptionContentEncryptionAlgorithm": "User info response encryption content encryption algorithm", + "idTokenEncryptionContentEncryptionAlgorithm": "ID token encryption content encryption algorithm", + "userInfoSignedResponseAlgorithm": "User info signed response algorithm", + "requestObjectSignatureAlgorithm": "Request object signature algorithm", + "requestObjectRequired": "Request object required", + "requestObject": { + "not required": "Not required", + "request or request_uri": "Request or Request URI", + "request only": "Request only", + "request_uri only": "Request URI only" + }, + "requestObjectEncryption": "Request object encryption algorithm", + "requestObjectEncoding": "Request object content encryption algorithm", + "validRequestURIs": "Valid request URIs", + "addRequestUri": "Add valid request URIs", + "authorizationSignedResponseAlg": "Authorization response signature algorithm", + "authorizationEncryptedResponseAlg": "Authorization response encryption key management algorithm", + "authorizationEncryptedResponseEnc": "Authorization response encryption content encryption algorithm", + "openIdConnectCompatibilityModes": "Open ID Connect Compatibility Modes", + "excludeSessionStateFromAuthenticationResponse": "Exclude Session State From Authentication Response", + "excludeIssuerFromAuthenticationResponse": "Exclude Issuer From Authentication Response", + "useRefreshTokens": "Use refresh tokens", + "useRefreshTokenForClientCredentialsGrant": "Use refresh tokens for client credentials grant", + "useLowerCaseBearerType": "Use lower-case bearer type in token responses", + "assertionConsumerServicePostBindingURL": "Assertion Consumer Service POST Binding URL", + "assertionConsumerServiceRedirectBindingURL": "Assertion Consumer Service Redirect Binding URL", + "logoutServicePostBindingURL": "Logout Service POST Binding URL", + "logoutServiceRedirectBindingURL": "Logout Service Redirect Binding URL", + "logoutServiceSoapBindingUrl": "Logout Service SOAP Binding URL", + "logoutServiceArtifactBindingUrl": "Logout Service ARTIFACT Binding URL", + "artifactBindingUrl": "Artifact Binding URL", + "artifactResolutionService": "Artifact Resolution Service", + "advancedSettings": "Advanced settings", + "assertionLifespan": "Assertion Lifespan", + "accessTokenLifespan": "Access Token Lifespan", + "clientSessionIdle": "Client Session Idle", + "clientSessionMax": "Client Session Max", + "clientOfflineSessionIdle": "Client Offline Session Idle", + "clientOfflineSessionMax": "Client Offline Session Max", + "oAuthMutual": "OAuth 2.0 Mutual TLS Certificate Bound Access Tokens Enabled", + "oAuthDPoP": "OAuth 2.0 DPoP Bound Access Tokens Enabled", + "keyForCodeExchange": "Proof Key for Code Exchange Code Challenge Method", + "pushedAuthorizationRequestRequired": "Pushed authorization request required", + "acrToLoAMapping": "ACR to LoA Mapping", + "defaultACRValues": "Default ACR Values", + "authenticationOverrides": "Authentication flow overrides", + "browserFlow": "Browser Flow", + "directGrant": "Direct Grant Flow", + "jwksUrlConfig": "JWKS URL configs", + "keysIntro": "If \"Use JWKS URL switch\" is on, you need to fill a valid JWKS URL. After saving, admin can download keys from the JWKS URL or keys will be downloaded automatically by Keycloak server when an unknown KID is seen during client authentication.", + "useJwksUrl": "Use JWKS URL", + "certificate": "Certificate", + "jwksUrl": "JWKS URL", + "generateNewKeys": "Generate new keys", + "generateKeys": "Generate keys?", + "generate": "Generate", + "archiveFormat": "Archive format", + "keyAlias": "Key alias", + "keyPassword": "Key password", + "storePassword": "Store password", + "generateSuccess": "New key pair and certificate generated successfully", + "generateError": "Could not generate new key pair and certificate {{error}}", + "import": "Import", + "importFile": "Import file", + "importSuccess": "New certificate imported", + "importError": "Could not import certificate {{error}}", + "importParseError": "Could not parse the file {{error}}", + "tokenLifespan": { + "inherited": "Inherits from realm settings", + "expires": "Expires in", + "never": "Never expires" + }, + "unsavedChangesTitle": "Unsaved changes", + "unsavedChangesConfirm": "You have unsaved changes. Do you really want to leave the page?", + "enableDisable": "Disabled clients cannot initiate a login or have obtained access tokens.", + "clientTypeHelp": "'OpenID Connect' allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server.'SAML' enables web-based authentication and authorization scenarios including cross-domain single sign-on (SSO) and uses security tokens containing assertions to pass information.", + "serviceAccountHelp": "Allows you to authenticate this client to Keycloak and retrieve access token dedicated to this client. In terms of OAuth2 specification, this enables support of 'Client Credentials Grant' for this client.", + "manageServiceAccountUser": "To manage detail and group mappings, click on the username <1>{{link}}", + "authenticationHelp": "This defines the type of the OIDC client. When it's ON, the OIDC type is set to confidential access type. When it's OFF, it is set to public access type", + "authorizationHelp": "Enable/Disable fine-grained authorization support for a client", + "authDetailsHelp": "Export and download all resource settings for this resource server.", + "directAccessHelp": "This enables support for Direct Access Grants, which means that client has access to username/password of user and exchange it directly with Keycloak server for access token. In terms of OAuth2 specification, this enables support of 'Resource Owner Password Credentials Grant' for this client.", + "standardFlowHelp": "This enables standard OpenID Connect redirect based authentication with authorization code. In terms of OpenID Connect or OAuth2 specifications, this enables support of 'Authorization Code Flow' for this client.", + "implicitFlowHelp": "This enables support for OpenID Connect redirect based authentication without authorization code. In terms of OpenID Connect or OAuth2 specifications, this enables support of 'Implicit Flow' for this client.", + "oauthDeviceAuthorizationGrantHelp": "This enables support for OAuth 2.0 Device Authorization Grant, which means that client is an application on device that has limited input capabilities or lack a suitable browser.", + "oidcCibaGrantHelp": "This enables support for OIDC CIBA Grant, which means that the user is authenticated via some external authentication device instead of the user's browser.", + "rootURL": "Root URL appended to relative URLs", + "validRedirectURIs": "Valid URI pattern a browser can redirect to after a successful login. Simple wildcards are allowed such as 'http://example.com/*'. Relative path can be specified too such as /my/relative/path/*. Relative paths are relative to the client root URL, or if none is specified the auth server root URL is used. For SAML, you must set valid URI patterns if you are relying on the consumer service URL embedded with the login request.", + "validPostLogoutRedirectURIs": "Valid URI pattern a browser can redirect to after a successful logout. A value of '+' or an empty field will use the list of valid redirect uris. A value of '-' will not allow any post logout redirect uris. Simple wildcards are allowed such as 'http://example.com/*'. Relative path can be specified too such as /my/relative/path/*. Relative paths are relative to the client root URL, or if none is specified the auth server root URL is used.", + "nameIdFormatHelp": "The name ID format to use for the subject.", + "alwaysDisplayInUIHelp": "Always list this client in the Account UI, even if the user does not have an active session.", + "forceNameIdFormatHelp": "Ignore requested NameID subject format and use Admin UI configured one.", + "forcePostBindingHelp": "Always use POST binding for responses.", + "forceArtifactBindingHelp": "Should response messages be returned to the client through the SAML ARTIFACT binding system?", + "includeAuthnStatementHelp": "Should a statement specifying the method and timestamp be included in login responses?", + "includeOneTimeUseConditionHelp": "Should a OneTimeUse Condition be included in login responses?", + "optimizeLookupHelp": "When signing SAML documents in REDIRECT binding for SP that is secured by Keycloak adapter, should the ID of the signing key be included in SAML protocol message in element? This optimizes validation of the signature as the validating party uses a single key instead of trying every known key for validation.", + "allowEcpFlowHelp": "This client is allowed to use ECP flow for authenticating users.", + "signDocumentsHelp": "Should SAML documents be signed by the realm?", + "signAssertionsHelp": "Should assertions inside SAML documents be signed? This setting is not needed if document is already being signed.", + "signatureAlgorithmHelp": "The signature algorithm to use to sign documents. Note that 'SHA1' based algorithms are deprecated and can be removed in the future. It is recommended to stick to some more secure algorithm instead of '*_SHA1'", + "signatureKeyNameHelp": "Signed SAML documents contain identification of signing key in KeyName element. For Keycloak / RH-SSO counterparty, use KEY_ID, for MS AD FS use CERT_SUBJECT, for others check and use NONE if no other option works.", + "canonicalizationHelp": "Canonicalization Method for XML signatures.", + "webOriginsHelp": "Allowed CORS origins. To permit all origins of Valid Redirect URIs, add '+'. This does not include the '*' wildcard though. To permit all origins, explicitly add '*'.", + "homeURLHelp": "Default URL to use when the auth server needs to redirect or link back to the client.", + "adminURLHelp": "URL to the admin interface of the client. Set this if the client supports the adapter REST API. This REST API allows the auth server to push revocation policies and other administrative tasks. Usually this is set to the base URL of the client.", + "clientHelp": "Select the client making this authorization request. If not provided, authorization requests would be done based on the client you are in.", + "clientIdHelp": "The client identifier registered with the identity provider.", + "selectUser": "Select a user whose identity is going to be used to query permissions from the server.", + "rolesHelp": "Select the roles you want to associate with the selected user.", + "contextualAttributesHelp": "Any attribute provided by a running environment or execution context.", + "resourceTypeHelp": "Specifies that this permission must be applied to all resource instances of a given type.", + "applyToResourceTypeHelp": "Specifies if this permission should be applied to all resources with a given type. In this case, this permission will be evaluated for all instances of a given resource type.", + "resourcesHelp": "Specifies that this permission must be applied to a specific resource instance.", + "scopesSelect": "Specifies that this permission must be applied to one or more scopes.", + "clientNameHelp": "Specifies display name of the client. For example 'My Client'. Supports keys for localized values as well. For example: ${my_client}", + "descriptionHelp": "Help text for the description of the new flow", + "loginThemeHelp": "Select theme for login, OTP, grant, registration and forgot password pages.", + "encryptAssertionsHelp": "Should SAML assertions be encrypted with client's public key using AES?", + "clientSignatureHelp": "Will the client sign their saml requests and responses? And should they be validated?", + "downloadType": "this is information about the download type", + "detailsHelp": "this is information about the details", + "clientPolicyName": "Display name of the policy", + "createTokenHelp": "An initial access token can only be used to create clients", + "expirationHelp": "Sets the expiration for events. Expired events are periodically deleted from the database.", + "countHelp": "Specifies how many clients can be created using the token", + "client-authenticator-type": "Client Authenticator used for authentication of this client against Keycloak server", + "registration-access-token": "The registration access token provides access for clients to the client registration service.", + "signature-algorithm": "JWA algorithm, which the client needs to use when signing a JWT for authentication. If left blank, the client is allowed to use any appropriate algorithm for the particular client authenticator.", + "anonymousAccessPoliciesHelp": "Those Policies are used when the Client Registration Service is invoked by unauthenticated request. This means that the request does not contain Initial Access Token nor Bearer Token.", + "authenticatedAccessPoliciesHelp": "Those Policies are used when Client Registration Service is invoked by authenticated request. This means that the request contains Initial Access Token or Bearer Token.", + "allowRegexComparisonHelp": "If OFF, then the Subject DN from given client certificate must exactly match the given DN from the 'Subject DN' property as described in the RFC8705 specification. The Subject DN can be in the RFC2553 or RFC1779 format. If ON, then the Subject DN from given client certificate should match regex specified by 'Subject DN' property.", + "subjectHelp": "A regular expression for validating Subject DN in the Client Certificate. Use \"(.*?)(?:$)\" to match all kind of expressions.", + "evaluateExplain": "This page allows you to see all protocol mappers and role scope mappings", + "effectiveProtocolMappersHelp": "Contains all default client scopes and selected optional scopes. All protocol mappers and role scope mappings of all those client scopes will be used when generating access token issued for your client", + "effectiveRoleScopeMappingsHelp": "Selected Optional Client Scopes, which will be used when issuing access token for this client. You can see above what value of OAuth Scope Parameter needs to be used when you want to have these optional client scopes applied when the initial OpenID Connect Authentication request will be sent from your client adapter", + "generatedAccessTokenHelp": "See the example access token, which will be generated and sent to the client when selected user is authenticated. You can see claims and roles that the token will contain based on the effective protocol mappers and role scope mappings and also based on the claims/roles assigned to user himself", + "generatedIdTokenHelp": "See the example ID Token, which will be generated and sent to the client when selected user is authenticated. You can see claims and roles that the token will contain based on the effective protocol mappers and role scope mappings and also based on the claims/roles assigned to user himself", + "generatedUserInfoHelp": "See the example User Info, which will be provided by the User Info Endpoint", + "scopeParameterHelp": "You can copy/paste this value of scope parameter and use it in initial OpenID Connect Authentication Request sent from this client adapter. Default client scopes and selected optional client scopes will be used when generating token issued for this client", + "userHelp": "Optionally select user, for whom the example access token will be generated. If you do not select a user, example access token will not be generated during evaluation", + "notBeforeHelp": "Revoke any tokens issued before this time for this client. To push the policy, you should set an effective admin URL in the Settings tab first.", + "notBeforeIntro": "In order to successfully push a revocation policy to the client, you need to set an Admin URL under the <1>Settings tab for this client first", + "notBeforeTooltip": "The admin URL should be set in the Settings tab first.", + "nodeReRegistrationTimeoutHelp": "Interval to specify max time for registered clients cluster nodes to re-register. If cluster node will not send re-registration request to Keycloak within this time, it will be unregistered from Keycloak", + "fineGrainOpenIdConnectConfigurationHelp": "This section is used to configure advanced settings of this client related to OpenID Connect protocol.", + "fineGrainSamlEndpointConfigHelp": "This section to configure exact URLs for Assertion Consumer and Single Logout Service.", + "logoUrlHelp": "URL that references a logo for the Client application", + "policyUrlHelp": "URL that the Relying Party Client provides to the End-User to read about the how the profile data will be used", + "policyUsers": "Specifies which user(s) are allowed by this policy.", + "termsOfServiceUrlHelp": "URL that the Relying Party Client provides to the End-User to read about the Relying Party's terms of service", + "accessTokenSignatureAlgorithmHelp": "JWA algorithm used for signing access tokens.", + "idTokenSignatureAlgorithmHelp": "JWA algorithm used for signing ID tokens.", + "idTokenEncryptionKeyManagementAlgorithmHelp": "JWA Algorithm used for key management in encrypting ID tokens. This option is needed if you want encrypted ID tokens. If left empty, ID Tokens are just signed, but not encrypted.", + "idTokenEncryptionContentEncryptionAlgorithmHelp": "JWA Algorithm used for content encryption in encrypting ID tokens. This option is needed just if you want encrypted ID tokens. If left empty, ID Tokens are just signed, but not encrypted.", + "userInfoSignedResponseAlgorithmHelp": "JWA algorithm used for signed User Info Endpoint response. If set to 'unsigned', User Info Response won't be signed and will be returned in application/json format.", + "userInfoResponseEncryptionKeyManagementAlgorithmHelp": "JWA Algorithm used for key management in encrypting User Info Endpoint responses. This option is needed if you want encrypted User Info Endpoint responses. If left empty, User Info Endpoint responses are not encrypted.", + "userInfoResponseEncryptionContentEncryptionAlgorithmHelp": "JWA Algorithm used for content encryption in encrypting User Info Endpoint responses. If User Info response encryption key management algorithm is specified, the default for this value is A128CBC-HS256.", + "requestObjectSignatureAlgorithmHelp": "JWA algorithm, which client needs to use when sending OIDC request object specified by 'request' or 'request_uri' parameters. If set to 'any', Request object can be signed by any algorithm (including 'none' ).", + "requestObjectRequiredHelp": "Specifies if the client needs to provide a request object with their authorization requests, and what method they can use for this. If set to \"not required\", providing a request object is optional. In all other cases, providing a request object is mandatory. If set to \"request\", the request object must be provided by value. If set to \"request_uri\", the request object must be provided by reference. If set to \"request or request_uri\", either method can be used.", + "requestObjectEncryptionHelp": "JWE algorithm, which client needs to use when sending OIDC request object specified by 'request' or 'request_uri' parameters. If set to 'any', encryption is optional and any algorithm is allowed.", + "requestObjectEncodingHelp": "JWE algorithm, which client needs to use when encrypting the content of the OIDC request object specified by 'request' or 'request_uri' parameters. If set to 'any', any algorithm is allowed.", + "validRequestURIsHelp": "List of valid URIs, which can be used as values of 'request_uri' parameter during OpenID Connect authentication request. There is support for the same capabilities like for Valid Redirect URIs. For example wildcards or relative paths.", + "idpInitiatedSsoRelayStateHelp": "Relay state you want to send with SAML request when you want to do IDP Initiated SSO.", + "masterSamlProcessingUrlHelp": "If configured, this URL will be used for every binding to both the SP's Assertion Consumer and Single Logout Services. This can be individually overridden for each binding and service in the Fine Grain SAML Endpoint Configuration.", + "authorizationSignedResponseAlgHelp": "JWA algorithm used for signing authorization response tokens when the response mode is jwt.", + "authorizationEncryptedResponseAlgHelp": "JWA Algorithm used for key management in encrypting the authorization response when the response mode is jwt. This option is needed if you want encrypted authorization response. If left empty, the authorization response is just signed, but not encrypted.", + "authorizationEncryptedResponseEncHelp": "JWA Algorithm used for content encryption in encrypting the authorization response when the response mode is jwt. This option is needed if you want encrypted authorization response. If left empty, the authorization response is just signed, but not encrypted.", + "openIdConnectCompatibilityModesHelp": "This section is used to configure settings for backward compatibility with older OpenID Connect / OAuth 2 adaptors. It's useful especially if your client uses older version of Keycloak / RH-SSO adapter.", + "excludeSessionStateFromAuthenticationResponseHelp": "If this is on, the parameter 'session_state' will not be included in OpenID Connect Authentication Response. It is useful if your client uses older OIDC / OAuth2 adapter, which does not support 'session_state' parameter.", + "excludeIssuerFromAuthenticationResponseHelp": "If this is on, the parameter 'iss' will not be included in OpenID Connect Authentication Response. It is useful if your client uses older OIDC / OAuth2 adapter, which does not support 'session_state' parameter.", + "useRefreshTokensHelp": "If this is on, a refresh_token will be created and added to the token response. If this is off then no refresh_token will be generated.", + "useRefreshTokenForClientCredentialsGrantHelp": "If this is on, a refresh_token will be created and added to the token response if the client_credentials grant is used. The OAuth 2.0 RFC6749 Section 4.4.3 states that a refresh_token should not be generated when client_credentials grant is used. If this is off then no refresh_token will be generated and the associated user session will be removed.", + "useLowerCaseBearerTypeHelp": "If this is on, token responses will be set the with the type \"bearer\" in lower-case. By default, the server sets the type as \"Bearer\" as defined by RFC6750.", + "advancedSettingsOpenid-connect": "This section is used to configure advanced settings of this client related to OpenID Connect protocol", + "advancedSettingsSaml": "This section is used to configure advanced settings of this client", + "assertionLifespanHelp": "Lifespan set in the SAML assertion conditions. After that time the assertion will be invalid. The \"SessionNotOnOrAfter\" attribute is not modified and continue using the \"SSO Session Max\" time defined at realm level.", + "accessTokenLifespanHelp": "Max time before an access token is expired. This value is recommended to be short relative to the SSO timeout", + "clientSessionIdleHelp": "Time a client session is allowed to be idle before it expires. Tokens are invalidated when a client session is expired. The option does not affect the global user SSO session. If not set, it uses the standard SSO Session Idle value.", + "clientSessionMaxHelp": "Max time before a client session is expired. Tokens are invalidated when a session is expired. The option does not affect the global user SSO session. If not set, it uses the standard SSO Session Max value.", + "clientOfflineSessionIdleHelp": "Time a client offline session is allowed to be idle before it expires. Offline tokens are invalidated when a client offline session is expired. The option does not affect the global user SSO session. If not set, it uses the realm Offline Session Idle value.", + "clientOfflineSessionMaxHelp": "Max time before a client offline session is expired. If Offline Session Max Limited is enabled at realm level, offline tokens are invalidated when a client offline session is expired. The option does not affect the global user SSO session. If not set, it uses the realm Offline Session Max value.", + "oAuthMutualHelp": "This enables support for OAuth 2.0 Mutual TLS Certificate Bound Access Tokens, which means that keycloak bind an access token and a refresh token with a X.509 certificate of a token requesting client exchanged in mutual TLS between keycloak's Token Endpoint and this client. These tokens can be treated as Holder-of-Key tokens instead of bearer tokens.", + "oAuthDPoPHelp": "This enables support for Demonstrating Proof-of-Possession (DPoP) bound tokens. The access and refresh tokens are bound to the key stored on the user agent. In order to prove the possession of the key, the user agent must send a signed proof alongside the token.", + "keyForCodeExchangeHelp": "Choose which code challenge method for PKCE is used. If not specified, keycloak does not applies PKCE to a client unless the client sends an authorization request with appropriate code challenge and code exchange method.", + "pushedAuthorizationRequestRequiredHelp": "Boolean parameter indicating whether the authorization server accepts authorization request data only via the pushed authorization request method.", + "acrToLoAMappingHelp": "Define which ACR (Authentication Context Class Reference) value is mapped to which LoA (Level of Authentication). The ACR can be any value, whereas the LoA must be numeric.", + "defaultACRValuesHelp": "Default values to be used as voluntary ACR in case that there is no explicit ACR requested by 'claims' or 'acr_values' parameter in the OIDC request.", + "assertionConsumerServicePostBindingURLHelp": "SAML POST Binding URL for the client's assertion consumer service (login responses). You can leave this blank if you do not have a URL for this binding.", + "assertionConsumerServiceRedirectBindingURLHelp": "SAML Redirect Binding URL for the client's assertion consumer service (login responses). You can leave this blank if you do not have a URL for this binding.", + "logoutServicePostBindingURLHelp": "SAML POST Binding URL for the client's single logout service. You can leave this blank if you are using a different binding", + "logoutServiceRedirectBindingURLHelp": "SAML Redirect Binding URL for the client's single logout service. You can leave this blank if you are using a different binding.", + "logoutServiceSoapBindingUrlHelp": "SAML SOAP Binding URL for the client's single logout service. You can leave this blank if you are using a different binding.", + "logoutServiceArtifactBindingUrlHelp": "SAML ARTIFACT Binding URL for the client's single logout service. You can leave this blank if you are using a different binding.", + "artifactBindingUrlHelp": "URL to send the HTTP ARTIFACT messages to. You can leave this blank if you are using a different binding. This value should be set when forcing ARTIFACT binding together with IdP initiated login.", + "frontchannelLogoutHelp": "When true, logout requires a browser redirect to client. When false, server performs a background invocation for logout.", + "frontchannelLogoutUrlHelp": "URL that will cause the client to log itself out when a logout request is sent to this realm (via end_session_endpoint). If not provided, it defaults to the base url.", + "backchannelLogoutUrlHelp": "URL that will cause the client to log itself out when a logout request is sent to this realm (via end_session_endpoint). If omitted, no logout request will be sent to the client is this case.", + "backchannelLogoutSessionRequiredHelp": "Specifying whether a sid (session ID) Claim is included in the Logout Token when the Backchannel Logout URL is used.", + "backchannelLogoutRevokeOfflineSessionsHelp": "Specifying whether a \"revoke_offline_access\" event is included in the Logout Token when the Backchannel Logout URL is used. Keycloak will revoke offline sessions when receiving a Logout Token with this event.", + "artifactResolutionServiceHelp": "SAML Artifact resolution service for the client. This is the endpoint to which Keycloak will send a SOAP ArtifactResolve message. You can leave this blank if you do not have a URL for this binding.", + "authenticationOverridesHelp": "Override realm authentication flow bindings.", + "browserFlowHelp": "Select the flow you want to use for browser authentication.", + "directGrantHelp": "Select the flow you want to use for direct grant authentication.", + "useJwksUrlHelp": "If the switch is on, identity provider public keys will be downloaded from given JWKS URL. This allows great flexibility because new keys will be always re-downloaded again when identity provider generates new keypair. If the switch is off, public key (or certificate) from the Keycloak DB is used, so when the identity provider keypair changes, you always need to import the new key to the Keycloak DB as well.", + "certificateHelp": "Client Certificate for validate JWT issued by client and signed by Client private key from your keystore.", + "jwksUrlHelp": "URL where identity provider keys in JWK format are stored. See JWK specification for more details. If you use external Keycloak identity provider, you can use URL like 'http://broker-keycloak:8180/realms/test/protocol/openid-connect/certs' assuming your brokered Keycloak is running on 'http://broker-keycloak:8180' and its realm is 'test' .", + "generateKeysDescription": "If you generate new keys, you can download the keystore with the private key automatically and save it on your client's side. Keycloak server will save just the certificate and public key, but not the private key.", + "archiveFormatHelp": "Java keystore or PKCS12 archive format.", + "keyAliasHelp": "Alias for the private key", + "keyPasswordHelp": "Password for the private key", + "realmCertificateAliasHelp": "Realm certificate is stored in archive too. This is the alias to it.", + "storePasswordHelp": "Password to access the archive itself", + "consentRequiredHelp": "If enabled, users have to consent to client access.", + "displayOnClientHelp": "Applicable only if 'Consent Required' is on for this client. If this switch is off, the consent screen will contain just the consents corresponding to configured client scopes. If on, there will be also one item on the consent screen about this client itself.", + "consentScreenTextHelp": "Text that will be shown on the consent screen when this client scope is added to some client with consent required. Defaults to name of client scope if it is not filled", + "importHelp": "Import a JSON file containing authorization settings for this resource server.", + "policyEnforcementModeHelp": "The policy enforcement mode dictates how policies are enforced when evaluating authorization requests. 'Enforcing' means requests are denied by default even when there is no policy associated with a given resource. 'Permissive' means requests are allowed even when there is no policy associated with a given resource. 'Disabled' completely disables the evaluation of policies and allows access to any resource.", + "decisionStrategyHelp": "The decision strategy dictates how permissions are evaluated and how a final decision is obtained. 'Affirmative' means that at least one permission must evaluate to a positive decision in order to grant access to a resource and its scopes. 'Unanimous' means that all permissions must evaluate to a positive decision in order for the final decision to be also positive.", + "allowRemoteResourceManagementHelp": "Should resources be managed remotely by the resource server? If false, resources can be managed only from this Admin UI.", + "resourceName": "A unique name for this resource. The name can be used to uniquely identify a resource, useful when querying for a specific resource.", + "displayNameHelp": "Friendly name for Identity Providers.", + "typeHelp": "Client scopes, which will be added as default scopes to each created client", + "urisHelp": "Set of URIs which are protected by resource.", + "scopesHelp": "The scopes to be sent when asking for authorization. It can be a space-separated list of scopes. Defaults to 'openid'.", + "dedicatedScopeExplain": "This is a client scope which includes the dedicated mappers and scope", + "fullScopeAllowedHelp": "Allows you to disable all restrictions.", + "iconUriHelp": "A URI pointing to an icon.", + "ownerManagedAccessHelp": "If enabled, the access to this resource can be managed by the resource owner.", + "resourceAttributeHelp": "The attributes associated wth the resource.", + "resetActions": "Reset Actions", + "lifespan": "Expires In", + "scopeName": "A unique name for this scope. The name can be used to uniquely identify a scope, useful when querying for a specific scope.", + "scopeDisplayName": "A unique name for this scope. The name can be used to uniquely identify a scope, useful when querying for a specific scope.", + "policy-name": "The name of this policy.", + "policy-description": "A description for this policy.", + "policyDecisionStagey": "The decision strategy dictates how the policies associated with a given permission are evaluated and how a final decision is obtained. 'Affirmative' means that at least one policy must evaluate to a positive decision in order for the final decision to be also positive. 'Unanimous' means that all policies must evaluate to a positive decision in order for the final decision to be also positive. 'Consensus' means that the number of positive decisions must be greater than the number of negative decisions. If the number of positive and negative is the same, the final decision will be negative.", + "applyPolicyHelp": "Specifies all the policies that must be applied to the scopes defined by this policy or permission.", + "policyClient": "Specifies which client(s) are allowed by this policy.", + "groupsClaimHelp": "If defined, the policy will fetch user's groups from the given claim within an access token or ID token representing the identity asking permissions. If not defined, user's groups are obtained from your realm configuration.", + "policyGroups": "Specifies which user(s) are allowed by this policy.", + "targetClaimHelp": "Specifies the target claim which the policy will fetch.", + "regexPatternHelp": "Specifies the regex pattern.", + "policyRoles": "Specifies the client roles allowed by this policy.", + "startTimeHelp": "Defines the time before which the policy MUST NOT be granted. Only granted if current date/time is after or equal to this value.", + "expireTimeHelp": "Defines the time after which the policy MUST NOT be granted. Only granted if current date/time is before or equal to this value.", + "monthHelp": "Defines the month which the policy MUST be granted. You can also provide a range by filling the second field. In this case, permission is granted only if current month is between or equal to the two values you provided.", + "dayMonthHelp": "Defines the day of month when the policy MUST be granted. You can also provide a range by filling the second field. In this case, permission is granted only if current day of month is between or equal to the two values you provided.", + "hourHelp": "Defines the hour when the policy MUST be granted. You can also provide a range by filling the second field. In this case, permission is granted only if current hour is between or equal to the two values you provided.", + "minuteHelp": "Defines the minute when the policy MUST be granted. You can also provide a range by filling the second field. In this case, permission is granted only if current minute is between or equal to the two values you provided.", + "policyCode": "The JavaScript code providing the conditions for this policy.", + "logicHelp": "The logic dictates how the policy decision should be made. If 'Positive', the resulting effect (permit or deny) obtained during the evaluation of this policy will be used to perform a decision. If 'Negative', the resulting effect will be negated, in other words, a permit becomes a deny and vice-versa.", + "permissionName": "The name of this permission.", + "permissionDescription": "A description for this permission.", + "applyToResourceTypeFlagHelp": "Specifies if this permission should be applied to all resources with a given type. In this case, this permission will be evaluated for all instances of a given resource type.", + "permissionResources": "Specifies that this permission must be applied to a specific resource instance.", + "permissionScopes": "Specifies that this permission must be applied to one or more scopes.", + "permissionPolicies": "Specifies all the policies that must be applied to the scopes defined by this policy or permission.", + "permissionType": "Specifies that this permission must be applied to all resources instances of a given type.", + "permissionDecisionStrategy": "The decision strategy dictates how the policies associated with a given permission are evaluated and how a final decision is obtained. 'Affirmative' means that at least one policy must evaluate to a positive decision in order for the final decision to be also positive. 'Unanimous' means that all policies must evaluate to a positive decision in order for the final decision to be also positive. 'Consensus' means that the number of positive decisions must be greater than the number of negative decisions. If the number of positive and negative is the same, the final decision will be negative.", + "permissionsEnabledHelp": "Determines if fine grained permissions are enabled for managing this role. Disabling will delete all current permissions that have been set up.", + "createClientScope": "Create client scope", + "clientScopeList": "Client scopes", + "grantedClientScopes": "Granted client scopes", + "clientScopeDetails": "Client scope details", + "clientScopeExplain": "Client scopes are a common set of protocol mappers and roles that are shared between multiple clients.", + "searchFor": "Search role by name", + "dynamicScope": "Dynamic scope", + "dynamicScopeFormat": "Dynamic scope format", + "displayOrder": "Display order", + "deleteClientScope_one": "Delete client scope {{name}}", + "deleteClientScope_other": "Delete {{count}} client scopes", + "deleteConfirm": "Are you sure you want to permanently delete the provider '{{provider}}'?", + "changeTypeTo": "Change type to", + "changeTypeIntro": "{{count}} selected client scopes will be changed to", + "deletedSuccess": "Provider successfully deleted.", + "deleteError": "Could not delete the provider {{error}}", + "includeInTokenScope": "Include in token scope", + "realmRolePrefix": "Realm role prefix", + "userInfo": "User info", + "updateSuccess": "Provider successfully updated", + "updateError": "Could not update the provider {{error}}", + "addMapperExplain": "If you want more fine-grain control, you can create protocol mapper on this client", + "newRoleName": "New role name", + "searchClientByName": "Search client by name", + "mapperCreateSuccess": "Mapper created successfully.", + "mapperCreateError": "Error creating mapper.", + "fromPredefinedMapper": "From predefined mappers", + "byConfiguration": "By configuration", + "emptyBuiltInMappersInstructions": "All built in mappers were added to this client", + "emptySecondaryAction": "Configure a new mapper", + "displayOnConsentScreen": "Display on consent screen", + "guiOrder": "Display Order", + "shouldBeANumber": "Should be a number", + "chooseAMapperType": "Choose a mapper type", + "addPredefinedMappers": "Add predefined mappers", + "predefinedMappingDescription": "Choose any of the predefined mappings from this table", + "configureMappingDescription": "Choose any of the mappings from this table", + "mappingTable": "Table with predefined mapping", + "headerName": "header name", + "nameHelp": "Help text for the name of the new flow", + "dynamicScopeHelp": "If on, this scope will be considered a Dynamic Scope, which will be comprised of a static and a variable portion.", + "dynamicScopeFormatHelp": "This is the regular expression that the system will use to extract the scope name and variable.", + "protocolHelp": "Which SSO protocol configuration is being supplied by this client scope", + "displayOnConsentScreenHelp": "If on, and this client scope is added to some client with consent required, the text specified by 'Consent Screen Text' will be displayed on consent screen. If off, this client scope will not be displayed on the consent screen", + "includeInTokenScopeHelp": "If on, the name of this client scope will be added to the access token property 'scope' as well as to the Token Introspection Endpoint response. If off, this client scope will be omitted from the token and from the Token Introspection Endpoint response.", + "guiOrderHelp": "Specify order of the provider in GUI (such as in Consent page) as integer", + "prefix": "A prefix for each Realm Role (optional).", + "multiValued": "Indicates if attribute supports multiple values. If true, the list of all values of this attribute will be set as claim. If false, just first value will be set as claim", + "tokenClaimName": { + "label": "Token Claim Name", + "tooltip": "Name of the claim to insert into the token. This can be a fully qualified name like 'address.street'. In this case, a nested json object will be created. To prevent nesting and use dot literally, escape the dot with backslash (\\.)." + }, + "claimJsonType": "JSON type that should be used to populate the json claim in the token. long, int, boolean, String and JSON are valid values.", + "protocolMapper": "Protocol...", + "mapperName": "Name of the mapper", + "roleHelp": "Role to grant to user if all attributes are present. Click 'Select Role' button to browse roles, or just type it in the textbox. To reference a client role the syntax is clientname.clientrole, i.e. myclient.myrole", + "newRoleNameHelp": "The new role name. The new name format corresponds to where in the access token the role will be mapped to. So, a new name of 'myapp.newname' will map the role to that position in the access token. A new name of 'newname' will map the role to the realm roles in the token.", + "rolesScope": "If there is no role scope mapping defined, each user is permitted to use this client scope. If there are role scope mappings defined, the user must be a member of at least one of the roles.", + "groupDetails": "Group details", + "childGroups": "Child groups", + "createGroup": "Create group", + "createChildGroup": "Create child group", + "groupName": "Group name", + "searchForGroups": "Search group", + "global": "Global", + "local": "Local", + "searchGroups": "Search groups", + "filterGroups": "Filter groups", + "searchGroup": "Search group", + "renameGroup": "Rename group", + "deleteGroup": "Delete group", + "usersLeft_one": "{{count}} user left the group", + "usersLeft_other": "{{count}} users left the group", + "usersLeftError": "Could not remove users from the group: {{error}}", + "usersAdded_one": "{{count}} user added to the group", + "usersAdded_other": "{{count}} users added to the group", + "usersAddedError": "Could not add users to the group: {{error}}", + "exactSearch": "Exact search", + "members": "Members", + "searchMembers": "Search members", + "addMember": "Add member", + "includeSubGroups": "Include sub-group users", + "path": "Path", + "moveTo": "Move to", + "moveToGroup": "Move {{group1}} to {{group2}}", + "root": "Root", + "moveHere": "Move here", + "moveGroupEmpty": "No sub groups", + "moveGroupEmptyInstructions": "There are no sub groups, select 'Move here' to move the selected group as a subgroup of this group", + "moveGroupSuccess": "Group moved", + "moveGroupError": "Could not move group {{error}}", + "tableOfGroups": "Table of groups", + "groupsDescription": "A group is a set of attributes and role mappings that can be applied to a user. You can create, edit, and delete groups and manage their child-parent organization.", + "groupCreated": "Group created", + "couldNotCreateGroup": "Could not create group {{error}}", + "createAGroup": "Create a group", + "renameAGroup": "Rename group", + "rename": "Rename", + "email": "Email", + "lastName": "Last name", + "firstName": "First name", + "membership": "Membership", + "noGroupsInThisRealm": "No groups in this realm", + "noGroupsInThisRealmInstructions": "You haven't created any groups in this realm. Create a group to get started.", + "noGroupsInThisSubGroup": "No groups in this sub group", + "noGroupsInThisSubGroupInstructions": "You haven't created any groups in this sub group.", + "deleteConfirmTitle_one": "Delete group?", + "deleteConfirmTitle_other": "Delete groups?", + "deleteConfirm_one": "Are you sure you want to delete this group '{{groupName}}'.", + "deleteConfirm_other": "Are you sure you want to delete these groups.", + "groupDeleted_one": "Group deleted", + "groupDeleted_other": "Groups deleted", + "groupDeleteError": "Error deleting group {{error}}", + "groupUpdated": "Group updated", + "groupUpdateError": "Error updating group {{error}}", + "roleMapping": "Role mapping", + "noViewRights": "You do not have rights to view this group.", + "uploadFile": "Upload JSON file", + "invalidRealmName": "Realm name can't contain special characters", + "realmExplain": "A realm manages a set of users, credentials, roles, and groups. A user belongs to and logs into a realm. Realms are isolated from one another and can only manage and authenticate the users that they control.", + "noRealmRoles": "No realm roles", + "emptyStateText": "There aren't any realm roles in this realm. Create a realm role to get started.", + "saveRealmSuccess": "Realm created successfully", + "saveRealmError": "Could not create realm {{error}}", + "deleteAttributeText": "Delete an attribute", + "associatedRolesText": "Associated roles", + "addAssociatedRolesText": "Add associated roles", + "addAssociatedRolesSuccess": "Associated roles have been added", + "addAssociatedRolesError": "Could not associate roles {{error}}", + "associatedRolesModalTitle": "Add roles to {{name}}", + "title": "Authentication", + "addRole": "Add role", + "importRole": "Import role", + "roleID": "Role ID", + "roleExplain": "Realm roles are the roles that you define for use in the current realm.", + "roleCreateExplain": "This is some description", + "roleName": "Role name", + "roleDetails": "Role details", + "composite": "Composite", + "deleteRole": "Delete this role", + "inheritedFrom": "Inherited from", + "roleList": "Role list", + "realmRolesList": "Realm roles", + "roleImportError": "Could not import role", + "roleCreated": "Role created", + "roleCreateError": "Could not create role: {{error}}", + "roleImportSuccess": "Role import successful", + "roleDeleteConfirm": "Delete role?", + "roleDeleteConfirmDialog": "This action will permanently delete the role \"{{selectedRoleName}}\" and cannot be undone.", + "roleDeletedSuccess": "The role has been deleted", + "roleDeleteError": "Could not delete role: {{error}}", + "defaultRole": "This role serves as a container for both realm and client default roles. It cannot be removed.", + "defaultRoleDeleteError": "You cannot delete a default role.", + "roleSaveSuccess": "The role has been saved", + "roleSaveError": "Could not save role: {{error}}", + "roleAuthentication": "Role authentication", + "removeAllAssociatedRoles": "Remove all associated roles", + "removeAssociatedRoles": "Remove associated roles", + "removeRoles": "Remove roles", + "removeAllAssociatedRolesConfirmDialog": "This action will remove the associated roles of {{name}}. Users who have permission to {{name}} will no longer have access to these roles.", + "roleRemoveAssociatedRoleConfirm": "Remove associated role?", + "roleRemoveAssociatedText": "This action will remove {{role}} from {{roleName}}. All the associated roles of {{role}} will also be removed.", + "compositeRoleOff": "Composite role turned off", + "associatedRolesRemoved": "Associated roles have been removed", + "compositesRemovedAlertDescription": "All the associated roles have been removed", + "whoWillAppearLinkText": "Who will appear in this group list?", + "whoWillAppearPopoverText": "Groups are hierarchical. When you select Direct Membership, you see only the child group that the user joined. Ancestor groups are not included.", + "whoWillAppearPopoverFooterText": "Users who have this role as an effective role cannot be added on this tab.", + "usersInRole": "Users in role", + "addUser": "Add user", + "removeUser": "Remove users", + "removeUserText": "Do you want to remove {{numSelected}} users?. These users will no longer have permissions of the role {{role}} and the associated roles of it.", + "noDirectUsers": "No direct users", + "noUsersEmptyStateDescription": "Only the users with this role directly assigned will appear under this tab. If you need to find users assigned to this role, go to", + "noUsersEmptyStateDescriptionContinued": "to find them. Users that already have this role as an effective role cannot be added here.", + "or": "or", + "userName": "Username", + "noRolesAssociated": "No associated roles", + "noRolesAssociatedInstructions": "To add roles to this role press the 'Add role' button", + "usersExplain": "Users are the users in the current realm.", + "userList": "User list", + "searchForUser": "Search user", + "searchType.default": "Default search", + "searchType.attribute": "Attribute search", + "selectAttribute": "Select attribute", + "selectAttributes": "Select attributes", + "searchUserByAttributeMissingKeyError": "Specify a attribute key", + "searchUserByAttributeKeyAlreadyInUseError": "Attribute key already in use", + "searchUserByAttributeMissingValueError": "Specify a attribute value", + "searchUserByAttributeDescription": "It supports setting multiple attributes as the search filter by setting different keys or values. Only one value can be typed for a key.", + "startBySearchingAUser": "Start by searching for users", + "searchForUserDescription": "This realm may have a federated provider. Viewing all users may cause the system to slow down, but it can be done by searching for \"*\". Please search for a user above.", + "createUser": "Create user", + "createNewUser": "Create new user", + "noUsersFound": "No users found", + "noUsersFoundError": "No users found due to {{error}}", + "noUsersFoundErrorStorage": "No users found, could be due to wrongly configured federated provider {{error}}", + "noGroups": "No groups", + "noGroupsText": "You haven't added this user to any groups. Join a group to get started.", + "joinGroup": "Join Group", + "joinGroups": "Join Groups", + "join": "Join", + "joinGroupsFor": "Join groups for user {{username}}", + "selectGroups": "Select groups to join", + "leaveGroup_one": "Leave group {{name}}?", + "leaveGroup_other": "Leave groups?", + "leaveGroupConfirmDialog_one": "Are you sure you want to remove {{username}} from the group {{groupname}}?", + "leaveGroupConfirmDialog_other": "Are you sure you want to remove {{username}} from the {{count}} selected groups?", + "directMembership": "Direct membership", + "groupMembership": "Group membership", + "addedGroupMembership": "Added group membership", + "addedGroupMembershipError": "Error adding group membership", + "removedGroupMembership": "Removed group membership", + "removedGroupMembershipError": "Error removing group membership", + "emptyInstructions": "Change your search criteria or add a user", + "createdAt": "Created at", + "username": "Username", + "emailVerified": "Email verified", + "status": "Status", + "temporaryLocked": "Temporarily locked", + "unlockSuccess": "User successfully unlocked", + "unlockError": "Could not unlock user due to {{error}}", + "emailInvalid": "You must enter a valid email.", + "notVerified": "Not verified", + "requiredUserActions": "Required user actions", + "requiredActionPlaceholder": "Select action", + "federationLink": "Federation link", + "impersonate": "Impersonate", + "impersonateConfirm": "Impersonate user?", + "impersonateConfirmDialog": "Are you sure you want to log in as this user? If this user is in the same realm with you, your current login session will be logged out before you log in as this user.", + "impersonateError": "Could not impersonate the user: {{error}}", + "deleteUser": "Delete user", + "deleteConfirmCurrentUser": "Are you sure you want to permanently delete this user", + "deleteConfirmDialog_one": "Are you sure you want to permanently delete {{count}} selected user", + "deleteConfirmDialog_other": "Are you sure you want to permanently delete {{count}} selected users", + "userID": "User ID", + "userCreated": "The user has been created", + "userSaved": "The user has been saved", + "userDetails": "User details", + "userCreateError": "Could not create user: {{error}}", + "userDeletedSuccess": "The user has been deleted", + "userDeletedError": "The user could not be deleted {{error}}", + "linkAccount": "Link account", + "unlink": "Unlink", + "unlinkAccount": "Unlink account", + "unlinkAccountTitle": "Unlink account from {{provider}}?", + "unlinkAccountConfirm": "Are you sure you want to permanently unlink this account from {{provider}}?", + "link": "Link", + "linkAccountTitle": "Link account to {{provider}}", + "idpLinkSuccess": "Identity provider has been linked", + "idpUnlinkSuccess": "The provider link has been removed", + "idpType": { + "social": "Social login", + "custom": "Custom" + }, + "couldNotLinkIdP": "Could not link identity provider {{error}}", + "verifyEmail": "Verify email", + "updateUserLocale": "Update User Locale", + "consents": "Consents", + "noConsents": "No consents", + "noConsentsText": "The consents will only be recorded when users try to access a client that is configured to require consent. In that case, users will get a consent page which asks them to grant access to the client.", + "identityProvider": "Identity provider", + "identityProviderLinks": "Identity provider links", + "noProvidersLinked": "No identity providers linked. Choose one from the list below.", + "noAvailableIdentityProviders": "No available identity providers.", + "linkedIdPs": "Linked identity providers", + "linkedIdPsText": "The identity providers which are already linked to this user account", + "availableIdPs": "Available identity providers", + "availableIdPsText": "All the configured identity providers in this realm are listed here. You can link the user account to any of the IdP accounts.", + "revokeClientScopesTitle": "Revoke all granted client scopes?", + "revokeClientScopes": "Are you sure you want to revoke all granted client scopes for {{clientId}}?", + "deleteGrantsSuccess": "Grants successfully revoked.", + "deleteGrantsError": "Error deleting grants.", + "unlockAllUsers": "Unlock all users", + "unlockUsersConfirm": "All the users that are temporarily locked will be unlocked.", + "unlock": "Unlock", + "unlockUsersSuccess": "Any temporarily locked users are now unlocked", + "unlockUsersError": "Could not unlock all users {{error}}", + "noCredentials": "No credentials", + "noCredentialsText": "This user does not have any credentials. You can set password for this user.", + "setPassword": "Set password", + "setPasswordFor": "Set password for {{username}}", + "defaultPasswordLabel": "My password", + "savePasswordSuccess": "The password has been set successfully.", + "savePasswordError": "Error saving password: {{error}}", + "confirmPasswordDoesNotMatch": "Password and confirmation does not match.", + "credentialType": "Type", + "credentialUserLabel": "User Label", + "credentialData": "Data", + "credentialsList": "Credentials List", + "setPasswordConfirm": "Set password?", + "setPasswordConfirmText": "Are you sure you want to set the password for the user {{username}}?", + "resetPasswordConfirmation": "New password confirmation", + "savePassword": "Save password", + "deleteCredentialsConfirmTitle": "Delete credentials?", + "deleteCredentialsConfirm": "Are you sure you want to delete these users credentials?", + "deleteCredentialsSuccess": "The credentials has been deleted successfully.", + "deleteCredentialsError": "Error deleting users credentials: {{error}}", + "deleteBtn": "Delete", + "updatedCredentialMoveSuccess": "User Credential configuration has been saved", + "updatedCredentialMoveError": "User Credential configuration hasn't been saved", + "resetPasswordFor": "Reset password for {{username}}", + "resetPasswordConfirm": "Reset password?", + "resetPasswordConfirmText": "Are you sure you want to reset the password for the user {{username}}?", + "resetPassword": "Reset password", + "resetCredentialsSuccess": "The password has been reset successfully.", + "resetCredentialsError": "Error resetting users credentials: {{error}}", + "resetPasswordError": "Error resetting password: {{error}}", + "resetPasswordBtn": "Reset password", + "showPasswordDataName": "Name", + "showPasswordDataValue": "Value", + "showDataBtn": "Show data", + "userCredentialsHelpText": "The top level handlers allow you to shift the priority of the credential for the user, the topmost credential having the highest priority. The handlers within one expandable panel allow you to change the visual order of the credentials, the topmost credential will show at the most left.", + "userCredentialsHelpTextLabel": "User Credentials Help Text", + "userLabel": "User label", + "data": "Data", + "providedBy": "Provided by", + "passwordDataTitle": "Password data", + "updateCredentialUserLabelSuccess": "The user label has been changed successfully.", + "updateCredentialUserLabelError": "Error changing user label: {{error}}", + "credentialReset": "Credentials Reset", + "credentialResetBtn": "Credential Reset", + "VERIFY_EMAIL": "Verify Email (VERIFY_EMAIL)", + "UPDATE_PASSWORD": "Update password (UPDATE_PASSWORD)", + "UPDATE_PROFILE": "Update Profile (UPDATE_PROFILE)", + "CONFIGURE_TOTP": "Configure OTP (CONFIGURE_TOTP)", + "TERMS_AND_CONDITIONS": "Terms and Conditions (TERMS_AND_CONDITIONS)", + "hours": "Hours", + "minutes": "Minutes", + "seconds": "Seconds", + "credentialResetConfirm": "Send Email", + "credentialResetConfirmText": "Are you sure you want to send email to user", + "credentialResetEmailSuccess": "Email sent to user.", + "credentialResetEmailError": "Failed: {{error}}", + "editUserLabel": "Edit User Label Button", + "temporaryLockedHelp": "The user may be locked due to multiple failed attempts to log in.", + "disabledHelp": "A disabled user cannot log in.", + "emailVerifiedHelp": "Has the user's email been verified?", + "requiredUserActionsHelp": "Require an action when the user logs in. 'Verify email' sends an email to the user to verify their email address. 'Update profile' requires user to enter in new personal information. 'Update password' requires user to enter in a new password. 'Configure OTP' requires setup of a mobile password generator.", + "groupsHelp": "Groups where the user has membership. To leave a group, select it and click Leave.", + "userIdHelperText": "Enter the unique ID of the user for this identity provider.", + "usernameHelperText": "Enter the username of the user for this identity provider.", + "federationLinkHelp": "UserStorageProvider this locally stored user was imported from.", + "sessionExplain": "Sessions are sessions of users in this realm and the clients that they access within the session.", + "searchForSession": "Search session", + "lastAccess": "Last access", + "started": "Started", + "sessionsType": { + "allSessions": "All session types", + "regularSSO": "Regular SSO", + "offline": "Offline", + "directGrant": "Direct grant", + "serviceAccount": "Service account" + }, + "revocationDescription": "This is a way to revoke all active sessions and access tokens. Not before means you can revoke any tokens issued before the date.", + "notBeforeSuccess": "Success! \"Not before\" set for realm", + "notBeforeError": "Error clearing \"Not Before\" for realm: {{error}}", + "notBeforeClearedSuccess": "Success! \"Not Before\" cleared for realm.", + "signOutAllActiveSessions": "Sign out all active sessions", + "signOutAllActiveSessionsQuestion": "Sign out all active sessions?", + "logoutAllSessions": "Logout all sessions", + "logoutAllDescription": "If you sign out all active sessions, active subjects in this realm will be signed out.", + "logoutAllSessionsError": "Error! Failed to log out of all sessions: {{error}}.", + "setToNowError": "Error! Failed to set notBefore to current date and time.", + "noSessions": "No sessions", + "noSessionsDescription": "There are currently no active sessions in this realm.", + "noSessionsForUser": "There are currently no active sessions for this user.", + "noSessionsForClient": "There are currently no active sessions for this client.", + "eventExplain": "Events are records of user and admin events in this realm. To configure the tracking of these events, go to <1>Event configs.", + "eventConfigs": "Event configs", + "userEvents": "User events", + "adminEvents": "Admin events", + "searchForUserEvent": "Search user event", + "searchForAdminEvent": "Search admin event", + "refresh": "Refresh", + "emptyEvents": "Nothing to add", + "emptyEventsInstructions": "There are no more events types left to add", + "time": "Time", + "userId": "User ID", + "eventType": "Event saved type", + "ipAddress": "IP address", + "dateFrom": "Date(from)", + "dateTo": "Date(to)", + "searchUserEventsBtn": "Search events", + "searchAdminEventsBtn": "Search admin events", + "realm": "Realm", + "resourcePath": "Resource path", + "resourceTypes": "Resource types", + "operationType": "Operation type", + "operationTypes": "Operation types", + "auth": "Auth", + "attribute": "Attribute", + "representation": "Representation", + "noUserDetails": "No user details", + "resetBtn": "Reset", + "createGroupText": "Create attributes group", + "editGroupText": "Edit attributes group", + "tableTitle": "Attributes groups", + "columnName": "Name", + "columnDisplayName": "Display name", + "columnDisplayDescription": "Display description", + "emptyStateMessage": "No attributes groups", + "emptyStateInstructions": "If you want to add an attributes group click the button below.", + "deleteDialogTitle": "Delete attribute group?", + "deleteDialogDescription": "Are you sure you want to permanently delete the attributes group <1>{{group}}?", + "deleteSuccess": "Attributes group deleted.", + "deleteAttributeGroupError": "Could not delete user attributes group: {{error}}", + "nameField": "Name", + "nameHint": "A unique name for the group. This name will be used to reference the group when binding an attribute to a group.", + "displayHeaderField": "Display name", + "displayHeaderHint": "A user-friendly name for the group that should be used when rendering a group of attributes in user-facing forms. Supports keys for localized values as well. For example: ${profile.attribute.group.address}.", + "displayDescriptionField": "Display description", + "displayDescriptionHint": "A text that should be used as a tooltip when rendering user-facing forms.", + "annotationsText": "Annotations", + "inputType": "Input type", + "inputHelperTextBefore": "Helper text (above) the input field", + "inputHelperTextAfter": "Helper text (under) the input field", + "inputOptionLabelsI18nPrefix": "Internationalization key prefix", + "inputTypePlaceholder": "Input placeholder", + "inputTypeSize": "Input size", + "inputTypeCols": "Input cols", + "inputTypeRows": "Input rows", + "inputTypeStep": "Input step size", + "removeAnnotationText": "Remove annotation", + "keyLabel": "Key", + "valueLabel": "Value", + "realmSettingsExplain": "Realm settings are settings that control the options for users, applications, roles, and groups in the current realm.", + "partialImport": "Partial import", + "partialExport": "Partial export", + "deleteRealm": "Delete realm", + "deleteConfirmTitle": "Delete realm?", + "dragInstruction": "Click and drag to change priority", + "deleteProviderTitle": "Delete key provider?", + "deleteProviderConfirm": "Are you sure you want to permanently delete the key provider {{provider}}?", + "deleteProviderSuccess": "Success. The provider has been deleted.", + "deleteProviderError": "Error deleting the provider", + "deleteConditionSuccess": "The condition has been deleted", + "disablePolicyConfirmTitle": "Disable policy?", + "disablePolicyConfirm": "Users and clients can't access the policy if it's disabled. Are you sure you want to continue?", + "editProvider": "Edit provider", + "editableRowsTable": "Editable rows table", + "saveSuccess": "User federation provider successfully saved", + "saveProviderSuccess": "The provider has been saved successfully.", + "saveProviderListSuccess": "The priority of the provider has been updated successfully.", + "saveProviderError": "Error saving provider: {{error}}", + "saveError": "User federation provider could not be saved: {{error}}", + "general": "General", + "login": "Login", + "themes": "Themes", + "eventListeners": "Event listeners", + "eventListenersHelpText": "Configure what listeners receive events for the realm.", + "saveEventListeners": "Save Event Listeners", + "saveEventListenersSuccess": "Event listener has been updated.", + "saveEventListenersError": "Error saving event listener: {{error}}", + "userEventsSettings": "User events settings", + "adminEventsSettings": "Admin events settings", + "saveEvents": "Save events", + "clearUserEvents": "Clear user events", + "clearAdminEvents": "Clear admin events", + "includeRepresentation": "Include representation", + "template": "Template", + "connectionAndAuthentication": "Connection & Authentication", + "from": "From", + "fromDisplayName": "From display name", + "replyTo": "Reply to", + "replyToDisplayName": "Reply to display name", + "envelopeFrom": "Envelope from", + "host": "Host", + "port": "Port", + "encryption": "Encryption", + "enableSSL": "Enable SSL", + "enableStartTLS": "Enable StartTLS", + "keysList": "Keys list", + "searchKey": "Search key", + "keystore": "Keystore", + "keystorePassword": "Keystore password", + "algorithm": "Algorithm", + "use": "Use", + "aesGenerated": "aes-generated", + "ecdsaGenerated": "ecdsca-generated", + "hmacGenerated": "hmac-generated", + "javaKeystore": "java-keystore", + "rsa": "rsa", + "rsaGenerated": "rsa-generated", + "uiDisplayName": "UI display name", + "AESKeySize": "AES Key Size", + "active": "Active", + "privateRSAKey": "Private RSA Key", + "filenamePlaceholder": "Upload a PEM file or paste key below", + "x509Certificate": "X509 Certificate", + "ellipticCurve": "Elliptic Curve", + "secretSize": "Secret size", + "keySize": "Key size", + "kid": "Kid", + "providerDescription": "Provider description", + "addProvider": "Add provider", + "publicKeys": "Public keys", + "keysFilter": { + "ACTIVE": "Active keys", + "PASSIVE": "Passive keys", + "DISABLED": "Disabled keys" + }, + "noKeys": "No keys", + "noKeysDescription": "You haven't created any active keys", + "userRegistration": "User registration", + "loginScreenCustomization": "Login screen customization", + "registrationAllowed": "User registration", + "userRegistrationHelpText": "Enable/disable the registration page. A link for registration will show on login page too.", + "resetPasswordAllowed": "Forgot password", + "forgotPassword": "Forgot password", + "forgotPasswordHelpText": "Show a link on login page for user to click when they have forgotten their credentials.", + "rememberMe": "Remember me", + "rememberMeHelpText": "Show checkbox on login page to allow user to remain logged in between browser restarts until session expires.", + "emailSettings": "Email settings", + "registrationEmailAsUsername": "Email as username", + "emailAsUsernameHelpText": "Allow users to set email as username.", + "loginWithEmailAllowed": "Login with email", + "loginWithEmailHelpText": "Allow users to log in with their email address.", + "duplicateEmailsAllowed": "Duplicate emails", + "duplicateEmailsHelpText": "Allow multiple users to have the same email address. Changing this setting will also clear the user's cache. It is recommended to manually update email constraints of existing users in the database after switching off support for duplicate email addresses.", + "verifyEmailHelpText": "Require user to verify their email address after initial login or after address changes are submitted.", + "userInfoSettings": "User info settings", + "editUsernameAllowed": "Edit username", + "enableSwitchSuccess": "{{switch}} changed successfully", + "enableSwitchError": "Could not enable / disable due to {{error}}", + "testingConnection": "Testing connection", + "testConnectionHint": { + "withEmail": "When testing the connection an e-mail will be sent to the current user ({{email}}).", + "withoutEmail": "To test the connection you must first configure an e-mail address for the current user ({{userName}}).", + "withoutEmailAction": "Configure e-mail address" + }, + "testConnectionSuccess": "Success! SMTP connection successful. E-mail was sent!", + "testConnectionError": "Error! {{error}}", + "realmId": "Realm ID", + "htmlDisplayName": "HTML Display name", + "frontendUrl": "Frontend URL", + "requireSsl": "Require SSL", + "sslType": { + "all": "All requests", + "external": "External requests", + "none": "None" + }, + "selectATheme": "Select a theme", + "placeholderText": "Select one", + "userManagedAccess": "User-managed access", + "userProfileEnabled": "User Profile Enabled", + "endpoints": "Endpoints", + "openIDEndpointConfiguration": "OpenID Endpoint Configuration", + "samlIdentityProviderMetadata": "SAML 2.0 Identity Provider Metadata", + "accountTheme": "Account theme", + "adminTheme": "Admin theme", + "emailTheme": "Email theme", + "internationalization": "Internationalization", + "localization": "Localization", + "SSOSessionSettings": "SSO Session Settings", + "SSOSessionIdle": "SSO Session Idle", + "SSOSessionMax": "SSO Session Max", + "SSOSessionIdleRememberMe": "SSO Session Idle Remember Me", + "SSOSessionMaxRememberMe": "SSO Session Max Remember Me", + "clientSessionSettings": "Client session settings", + "offlineSessionSettings": "Offline session settings", + "offlineSessionIdle": "Offline Session Idle", + "offlineSessionMaxLimited": "Offline Session Max Limited", + "offlineSessionMax": "Offline Session Max", + "loginTimeout": "Login timeout", + "loginActionTimeout": "Login action timeout", + "refreshTokens": "Refresh tokens", + "accessTokens": "Access tokens", + "actionTokens": "Action tokens", + "overrideActionTokens": "Override Action Tokens", + "defaultSigAlg": "Default Signature Algorithm", + "revokeRefreshToken": "Revoke Refresh Token", + "refreshTokenMaxReuse": "Refresh Token Max Reuse", + "accessTokenLifespanImplicitFlow": "Access Token Lifespan For Implicit Flow", + "clientLoginTimeout": "Client Login Timeout", + "userInitiatedActionLifespan": "User-Initiated Action Lifespan", + "defaultAdminInitiated": "Default Admin-Initiated Action Lifespan", + "oAuthDeviceCodeLifespan": "OAuth 2.0 Device Code Lifespan", + "oAuthDevicePollingInterval": "OAuth 2.0 Device Polling Interval", + "shortVerificationUri": "Short verification_uri in Device Authorization flow", + "emailVerification": "Email Verification", + "idpAccountEmailVerification": "IdP account email verification", + "executeActions": "Execute actions", + "clientPolicies": "Client policies", + "noClientPolicies": "No client policies", + "noClientPoliciesInstructions": "There are no client policies. Select 'Create client policy' to create a new client policy.", + "createClientPolicy": "Create client policy", + "createClientPolicySuccess": "New policy created", + "updateClientPolicySuccess": "Client policy updated", + "createClientPolicyError": "Could not create policy due to: {{error}}", + "createClientConditionSuccess": "Condition created successfully.", + "createClientConditionError": "Error creating condition: {{error}}", + "updateClientConditionSuccess": "Condition updated successfully.", + "deleteClientConditionSuccess": "Condition deleted successfully.", + "deleteClientConditionError": "Error creating condition: {{error}}", + "clientPolicySearch": "Search client policy", + "policiesConfigType": "Configure via:", + "policiesConfigTypes": { + "formView": "Form view", + "jsonEditor": "JSON editor" + }, + "deleteClientPolicy": "Delete client policy", + "deleteClientPolicyConfirmTitle": "Delete policy?", + "deleteClientPolicyConfirm": "This action will permanently delete the policy {{policyName}}. This cannot be undone.", + "deleteClientPolicySuccess": "Client policy deleted", + "deleteClientPolicyError": "Could not delete policy: {{error}}", + "profiles": "Profiles", + "clientPoliciesProfilesHelpText": "Client Profile allows to setup set of executors, which are enforced for various actions done with the client. Actions can be admin actions like creating or updating client, or user actions like authentication to the client.", + "clientPoliciesProfiles": "Client Policies Profiles", + "clientPoliciesPoliciesHelpText": "Client Policy allows to bind client profiles with various conditions to specify when exactly is enforced behavior specified by executors of the particular client profile.", + "clientPoliciesPolicies": "Client Policies Policies", + "clientPoliciesTab": "Client policies tab", + "clientProfilesSubTab": "Client profiles subtab", + "clientPoliciesSubTab": "Client policies subtab", + "profilesConfigType": "Configure via:", + "profilesConfigTypes": { + "formView": "Form view", + "jsonEditor": "JSON editor" + }, + "clientProfileSearch": "Search", + "searchProfile": "Search profile", + "clientProfileName": "Client profile name", + "clientProfileDescription": "Description", + "emptyClientProfiles": "No profiles", + "emptyClientProfilesInstructions": "There are no profiles, select 'Create client profile' to create a new client profile", + "deleteClientProfileConfirmTitle": "Delete profile?", + "deleteClientProfileConfirm": "This action will permanently delete the profile {{profileName}}. This cannot be undone.", + "deleteClientSuccess": "Client profile deleted", + "deleteClientError": "Could not delete profile: {{error}}", + "deleteClientPolicyProfileConfirmTitle": "Delete profile?", + "deleteClientPolicyProfileConfirm": "This action will permanently delete {{profileName}} from the policy {{policyName}}. This cannot be undone.", + "deleteClientPolicyProfileSuccess": "Profile successfully removed from the policy.", + "deleteClientPolicyProfileError": "Could not delete profile from the policy: {{error}}", + "createClientProfile": "Create client profile", + "deleteClientProfile": "Delete this client profile", + "createClientProfileSuccess": "New client profile created", + "updateClientProfileSuccess": "Client profile updated successfully", + "createClientProfileError": "Could not create client profile: '{{error}}'", + "addClientProfileSuccess": "New client profile added", + "addClientProfileError": "Could not create client profile: '{{error}}'", + "createClientProfileNameHelperText": "The name must be unique within the realm", + "newClientProfile": "Create client profile", + "newClientProfileName": "Client profile name", + "clientProfile": "Client profile details", + "executorDetails": "Executor details", + "executors": "Executors", + "executorsHelpText": "Executors, which will be applied for this client profile", + "executorsHelpItem": "Executors help item", + "addExecutor": "Add executor", + "executorType": "Executor type", + "executorTypeSwitchHelpText": "Executor Type Switch Help Text", + "executorTypeSelectHelpText": "Executor Type Select Help Text", + "executorTypeSelectAlgorithm": "Executor Type Select Algorithm", + "executorTypeTextHelpText": "Executor Type Text Help Text", + "executorAuthenticatorMultiSelectHelpText": "Executor Authenticator MultiSelect Help Text", + "executorClientAuthenticator": "Executor Client Authenticator", + "executorsTable": "Executors table", + "executorName": "Name", + "emptyExecutors": "No executors configured", + "addExecutorSuccess": "Success! Executor created successfully", + "addExecutorError": "Executor not created", + "updateExecutorSuccess": "Executor updated successfully", + "updateExecutorError": "Executor not updated", + "deleteExecutorProfileConfirmTitle": "Delete executor?", + "deleteExecutorProfileConfirm": "The action will permanently delete {{executorName}}. This cannot be undone.", + "deleteExecutorSuccess": "Success! The executor was deleted.", + "deleteExecutorError": "Could not delete executor: {{error}}", + "updateClientProfilesSuccess": "The client profiles configuration was updated", + "updateClientProfilesError": "Provided JSON is incorrect: Unexpected token { in JSON", + "deleteClientPolicyConditionConfirmTitle": "Delete condition?", + "deleteClientPolicyConditionConfirm": "This action will permanently delete {{condition}}. This cannot be undone.", + "selectACondition": "Select a condition", + "conditions": "Conditions", + "conditionType": "Condition type", + "anyClient": "The condition is satisfied by any client on any event.", + "clientAccesstype": "Client Access Type", + "clientScopesCondition": "Expected Scopes", + "updateClientContext": "Update Client Context", + "clientUpdaterSourceGroups": "Groups", + "clientUpdaterTrustedHosts": "Trusted Hosts", + "clientUpdaterSourceRoles": "Updating entity role", + "conditionsHelpItem": "Conditions help item", + "addCondition": "Add condition", + "editCondition": "Edit condition", + "emptyConditions": "No conditions configured", + "updateClientPoliciesSuccess": "The client policies configuration was updated", + "updateClientPoliciesError": "Provided JSON is incorrect: Unexpected token { in JSON", + "clientProfiles": "Client profiles", + "clientProfilesHelpItem": "Client profiles help item", + "addClientProfile": "Add client profile", + "emptyProfiles": "No client profiles configured", + "tokens": "Tokens", + "userProfile": "User profile", + "jsonEditor": "JSON editor", + "attributesGroup": "Attributes group", + "invalidJsonError": "Unable to save user profile, the provided information is not valid JSON.", + "userProfileSuccess": "User profile settings successfully updated.", + "userProfileError": "Could not update user profile settings: {{error}}", + "recommendedSsoTimeout": "It is recommended for this value to be shorter than the SSO session idle timeout: {{time}}", + "supportedLocales": "Supported locales", + "defaultLocale": "Default locale", + "selectLocales": "Select locales", + "searchForMessageBundle": "Search for message bundle", + "addMessageBundle": "Add message bundle", + "addMessageBundleSuccess": "Success! The message bundle has been added.", + "deleteMessageBundleSuccess": "Successfully removed the message from the bundle", + "deleteMessageBundleError": "Error removing the message from the bundle, {{error}}", + "rowEditBtnAriaLabel": "Edit {{messageBundle}}", + "rowSaveBtnAriaLabel": "Save edits for {{messageBundle}}", + "rowCancelBtnAriaLabel": "Cancel edits for {{messageBundle}}", + "updateMessageBundleSuccess": "Success! Message bundle updated.", + "updateMessageBundleError": "Error updating message bundle.", + "addMessageBundleError": "Error creating message bundle, {{error}}", + "allGroups": "All groups", + "attributeName": "Attribute [Name]", + "attributeDisplayName": "Display name", + "attributeGroup": "Attribute group", + "enabledWhen": "Enabled when", + "requiredFor": "Required for", + "requiredWhen": "Required when", + "requiredForLabel": { + "both": "Both users and admins", + "users": "Only users", + "admins": "Only admins" + }, + "whoCanEdit": "Who can edit?", + "whoCanView": "Who can view?", + "admin": "Admin", + "addValidator": "Add validator", + "validatorType": "Validator type", + "addValidatorRole": "Add {{validatorName}} validator", + "validatorDialogColNames": { + "colName": "Role name", + "colDescription": "Description" + }, + "validatorColNames": { + "colName": "Validator name", + "colConfig": "Config" + }, + "deleteValidatorConfirmTitle": "Delete validator?", + "deleteValidatorConfirmMsg": "Are you sure you want to permanently delete the validator {{validatorName}}?", + "validatorDeletedSuccess": "Success! User Profile configuration has been saved.", + "validatorDeletedError": "Error saving User Profile: {{error}}", + "emptyValidators": "No validators.", + "updatedUserProfileSuccess": "User Profile configuration has been saved", + "updatedUserProfileError": "User Profile configuration hasn't been saved", + "createAttribute": "Create attribute", + "editAttribute": "Edit attribute", + "createAttributeSubTitle": "Create a new attribute", + "createAttributeSuccess": "Success! User Profile configuration has been saved.", + "createAttributeError": "Error! User Profile configuration has not been saved {{error}}.", + "attributesDropdown": "Attributes dropdown", + "deleteAttributeConfirmTitle": "Delete attribute?", + "deleteAttributeConfirm": "Are you sure you want to permanently delete the attribute {{attributeName}}?", + "deleteAttributeSuccess": "Attribute deleted", + "deleteAttributeError": "Attribute not deleted", + "always": "Always", + "scopesAsRequested": "Scopes are requested", + "validations": "Validations", + "annotations": "Annotations", + "addAnnotationText": "Add annotation", + "validateName": "You must enter a name", + "searchEventType": "Search saved event type", + "addSavedTypes": "Add saved types", + "addTypes": "Add types", + "eventTypes": { + "SEND_RESET_PASSWORD": { + "name": "Send reset password", + "description": "Send reset password" + }, + "UPDATE_CONSENT_ERROR": { + "name": "Update consent error", + "description": "Update consent error" + }, + "GRANT_CONSENT": { + "name": "Grant consent", + "description": "Grant consent" + }, + "REMOVE_TOTP": { + "name": "Remove totp", + "description": "Remove totp" + }, + "REVOKE_GRANT": { + "name": "Revoke grant", + "description": "Revoke grant" + }, + "UPDATE_TOTP": { + "name": "Update totp", + "description": "Update totp" + }, + "LOGIN_ERROR": { + "name": "Login error", + "description": "Login error" + }, + "CLIENT_LOGIN": { + "name": "Client login", + "description": "Client login" + }, + "RESET_PASSWORD_ERROR": { + "name": "Reset password error", + "description": "Reset password error" + }, + "IMPERSONATE_ERROR": { + "name": "Impersonate error", + "description": "Impersonate error" + }, + "CODE_TO_TOKEN_ERROR": { + "name": "Code to token error", + "description": "Code to token error" + }, + "CUSTOM_REQUIRED_ACTION": { + "name": "Custom required action", + "description": "Custom required action" + }, + "RESTART_AUTHENTICATION": { + "name": "Restart authentication", + "description": "Restart authentication" + }, + "IMPERSONATE": { + "name": "Impersonate", + "description": "Impersonate" + }, + "UPDATE_PROFILE_ERROR": { + "name": "Update profile error", + "description": "Update profile error" + }, + "LOGIN": { + "name": "Login", + "description": "Login" + }, + "UPDATE_PASSWORD_ERROR": { + "name": "Update password error", + "description": "Update password error" + }, + "CLIENT_INITIATED_ACCOUNT_LINKING": { + "name": "Client initiated account linking", + "description": "Client initiated account linking" + }, + "TOKEN_EXCHANGE": { + "name": "Token exchange", + "description": "Token exchange" + }, + "LOGOUT": { + "name": "Logout", + "description": "Logout" + }, + "REGISTER": { + "name": "Register", + "description": "Register" + }, + "DELETE_ACCOUNT_ERROR": { + "name": "Delete account error", + "description": "Delete account error" + }, + "CLIENT_REGISTER": { + "name": "Client register", + "description": "Client register" + }, + "IDENTITY_PROVIDER_LINK_ACCOUNT": { + "name": "Identity provider link account", + "description": "Identity provider link account" + }, + "DELETE_ACCOUNT": { + "name": "Delete account", + "description": "Delete account" + }, + "UPDATE_PASSWORD": { + "name": "Update password", + "description": "Update password" + }, + "CLIENT_DELETE": { + "name": "Client delete", + "description": "Client delete" + }, + "FEDERATED_IDENTITY_LINK_ERROR": { + "name": "Federated identity link error", + "description": "Federated identity link error" + }, + "IDENTITY_PROVIDER_FIRST_LOGIN": { + "name": "Identity provider first login", + "description": "Identity provider first login" + }, + "CLIENT_DELETE_ERROR": { + "name": "Client delete error", + "description": "Client delete error" + }, + "VERIFY_EMAIL": { + "name": "Verify email", + "description": "Verify email" + }, + "CLIENT_LOGIN_ERROR": { + "name": "Client login error", + "description": "Client login error" + }, + "RESTART_AUTHENTICATION_ERROR": { + "name": "Restart authentication error", + "description": "Restart authentication error" + }, + "EXECUTE_ACTIONS": { + "name": "Execute actions", + "description": "Execute actions" + }, + "REMOVE_FEDERATED_IDENTITY_ERROR": { + "name": "Remove federated identity error", + "description": "Remove federated identity error" + }, + "TOKEN_EXCHANGE_ERROR": { + "name": "Token exchange error", + "description": "Token exchange error" + }, + "PERMISSION_TOKEN": { + "name": "Permission token", + "description": "Permission token" + }, + "SEND_IDENTITY_PROVIDER_LINK_ERROR": { + "name": "Send identity provider link error", + "description": "Send identity provider link error" + }, + "EXECUTE_ACTION_TOKEN_ERROR": { + "name": "Execute action token error", + "description": "Execute action token error" + }, + "SEND_VERIFY_EMAIL": { + "name": "Send verify email", + "description": "Send verify email" + }, + "EXECUTE_ACTIONS_ERROR": { + "name": "Execute actions error", + "description": "Execute actions error" + }, + "REMOVE_FEDERATED_IDENTITY": { + "name": "Remove federated identity", + "description": "Remove federated identity" + }, + "IDENTITY_PROVIDER_POST_LOGIN": { + "name": "Identity provider post login", + "description": "Identity provider post login" + }, + "IDENTITY_PROVIDER_LINK_ACCOUNT_ERROR": { + "name": "Identity provider link account error", + "description": "Identity provider link account error" + }, + "UPDATE_EMAIL": { + "name": "Update email", + "description": "Update email" + }, + "REGISTER_ERROR": { + "name": "Register error", + "description": "Register error" + }, + "REVOKE_GRANT_ERROR": { + "name": "Revoke grant error", + "description": "Revoke grant error" + }, + "EXECUTE_ACTION_TOKEN": { + "name": "Execute action token", + "description": "Execute action token" + }, + "LOGOUT_ERROR": { + "name": "Logout error", + "description": "Logout error" + }, + "UPDATE_EMAIL_ERROR": { + "name": "Update email error", + "description": "Update email error" + }, + "CLIENT_UPDATE_ERROR": { + "name": "Client update error", + "description": "Client update error" + }, + "UPDATE_PROFILE": { + "name": "Update profile", + "description": "Update profile" + }, + "CLIENT_REGISTER_ERROR": { + "name": "Client register error", + "description": "Client register error" + }, + "FEDERATED_IDENTITY_LINK": { + "name": "Federated identity link", + "description": "Federated identity link" + }, + "SEND_IDENTITY_PROVIDER_LINK": { + "name": "Send identity provider link", + "description": "Send identity provider link" + }, + "SEND_VERIFY_EMAIL_ERROR": { + "name": "Send verify email error", + "description": "Send verify email error" + }, + "RESET_PASSWORD": { + "name": "Reset password", + "description": "Reset password" + }, + "CLIENT_INITIATED_ACCOUNT_LINKING_ERROR": { + "name": "Client initiated account linking error", + "description": "Client initiated account linking error" + }, + "UPDATE_CONSENT": { + "name": "Update consent", + "description": "Update consent" + }, + "REMOVE_TOTP_ERROR": { + "name": "Remove totp error", + "description": "Remove totp error" + }, + "VERIFY_EMAIL_ERROR": { + "name": "Verify email error", + "description": "Verify email error" + }, + "SEND_RESET_PASSWORD_ERROR": { + "name": "Send reset password error", + "description": "Send reset password error" + }, + "CLIENT_UPDATE": { + "name": "Client update", + "description": "Client update" + }, + "CUSTOM_REQUIRED_ACTION_ERROR": { + "name": "Custom required action error", + "description": "Custom required action error" + }, + "IDENTITY_PROVIDER_POST_LOGIN_ERROR": { + "name": "Identity provider post login error", + "description": "Identity provider post login error" + }, + "UPDATE_TOTP_ERROR": { + "name": "Update totp error", + "description": "Update totp error" + }, + "CODE_TO_TOKEN": { + "name": "Code to token", + "description": "Code to token" + }, + "GRANT_CONSENT_ERROR": { + "name": "Grant consent error", + "description": "Grant consent error" + }, + "IDENTITY_PROVIDER_FIRST_LOGIN_ERROR": { + "name": "Identity provider first login error", + "description": "Identity provider first login error" + }, + "REGISTER_NODE_ERROR": { + "name": "Register node error", + "description": "Register node error" + }, + "PERMISSION_TOKEN_ERROR": { + "name": "Permission token error", + "description": "Permission token error" + }, + "IDENTITY_PROVIDER_RETRIEVE_TOKEN_ERROR": { + "name": "Identity provider retrieve token error", + "description": "Identity provider retrieve token error" + }, + "CLIENT_INFO": { + "name": "Client info", + "description": "Client info" + }, + "VALIDATE_ACCESS_TOKEN": { + "name": "Validate access token", + "description": "Validate access token" + }, + "IDENTITY_PROVIDER_LOGIN": { + "name": "Identity provider login", + "description": "Identity provider login" + }, + "CLIENT_INFO_ERROR": { + "name": "Client info error", + "description": "Client info error" + }, + "INTROSPECT_TOKEN_ERROR": { + "name": "Introspect token error", + "description": "Introspect token error" + }, + "INTROSPECT_TOKEN": { + "name": "Introspect token", + "description": "Introspect token" + }, + "UNREGISTER_NODE": { + "name": "Unregister node", + "description": "Unregister node" + }, + "REGISTER_NODE": { + "name": "Register node", + "description": "Register node" + }, + "INVALID_SIGNATURE": { + "name": "Invalid signature", + "description": "Invalid signature" + }, + "USER_INFO_REQUEST_ERROR": { + "name": "User info request error", + "description": "User info request error" + }, + "REFRESH_TOKEN": { + "name": "Refresh token", + "description": "Refresh token" + }, + "IDENTITY_PROVIDER_RESPONSE": { + "name": "Identity provider response", + "description": "Identity provider response" + }, + "IDENTITY_PROVIDER_RETRIEVE_TOKEN": { + "name": "Identity provider retrieve token", + "description": "Identity provider retrieve token" + }, + "UNREGISTER_NODE_ERROR": { + "name": "Unregister node error", + "description": "Unregister node error" + }, + "VALIDATE_ACCESS_TOKEN_ERROR": { + "name": "Validate access token error", + "description": "Validate access token error" + }, + "INVALID_SIGNATURE_ERROR": { + "name": "Invalid signature error", + "description": "Invalid signature error" + }, + "USER_INFO_REQUEST": { + "name": "User info request", + "description": "User info request" + }, + "IDENTITY_PROVIDER_RESPONSE_ERROR": { + "name": "Identity provider response error", + "description": "Identity provider response error" + }, + "IDENTITY_PROVIDER_LOGIN_ERROR": { + "name": "Identity provider login error", + "description": "Identity provider login error" + }, + "REFRESH_TOKEN_ERROR": { + "name": "Refresh token error", + "description": "Refresh token error" + }, + "VERIFY_PROFILE": { + "name": "Verify profile", + "description": "Verify profile" + }, + "VERIFY_PROFILE_ERROR": { + "name": "Verify profile error", + "description": "Verify profile error" + }, + "OAUTH2_DEVICE_CODE_TO_TOKEN": { + "name": "Oauth2 device code to token", + "description": "Oauth2 device code to token" + }, + "OAUTH2_DEVICE_CODE_TO_TOKEN_ERROR": { + "name": "Oauth2 device code to token error", + "description": "Oauth2 device code to token error" + }, + "OAUTH2_DEVICE_VERIFY_USER_CODE": { + "name": "Oauth2 device verify user code", + "description": "Oauth2 device verify user code" + }, + "OAUTH2_DEVICE_VERIFY_USER_CODE_ERROR": { + "name": "Oauth2 device verify user code error", + "description": "Oauth2 device verify user code error" + }, + "AUTHREQID_TO_TOKEN": { + "name": "Authreqid to token", + "description": "Authreqid to token" + }, + "AUTHREQID_TO_TOKEN_ERROR": { + "name": "Authreqid to token error", + "description": "Authreqid to token error" + }, + "OAUTH2_DEVICE_AUTH": { + "name": "Oauth2 device authentication", + "description": "Oauth2 device authentication" + }, + "OAUTH2_DEVICE_AUTH_ERROR": { + "name": "Oauth2 device authentication error", + "description": "Oauth2 device authentication error" + }, + "PUSHED_AUTHORIZATION_REQUEST": { + "name": "Pushed authorization request", + "description": "Pushed authorization request" + }, + "PUSHED_AUTHORIZATION_REQUEST_ERROR": { + "name": "Pushed authorization request error", + "description": "Pushed authorization request error" + } + }, + "eventConfigSuccessfully": "Successfully saved configuration", + "eventConfigError": "Could not save event configuration {{error}}", + "deleteEvents": "Clear events", + "deleteEventsConfirm": "If you clear all events of this realm, all records will be permanently cleared in the database", + "admin-events-cleared": "The admin events have been cleared", + "admin-events-cleared-error": "Could not clear the admin events {{error}}", + "user-events-cleared": "The user events have been cleared", + "user-events-cleared-error": "Could not clear the user events {{error}}", + "events-disable-title": "Unsave events?", + "events-disable-confirm": "If \"Save events\" is disabled, subsequent events will not be displayed in the \"Events\" menu", + "noMessageBundles": "No message bundles", + "noMessageBundlesInstructions": "Add a message bundle to get started.", + "messageBundleDescription": "You can edit the supported locales. If you haven't selected supported locales yet, you can only edit the English locale.", + "defaultRoles": "Default roles", + "defaultGroups": "Default groups", + "whatIsDefaultGroups": "What is the function of default groups?", + "addDefaultGroups": "Add default groups", + "removeConfirmTitle_one": "Remove group?", + "removeConfirmTitle_other": "Remove groups?", + "removeConfirm_one": "Are you sure you want to remove this group", + "removeConfirm_other": "Are you sure you want to remove these groups.", + "groupRemove_one": "Group removed", + "groupRemove_other": "Groups removed", + "groupRemoveError": "Error removing group {error}", + "defaultGroupAdded_one": "New group added to the default groups", + "defaultGroupAdded_other": "Added {{count}} groups to the default groups", + "defaultGroupAddedError": "Error adding group(s) to the default group {error}", + "noDefaultGroups": "No default groups", + "noDefaultGroupsInstructions": "Default groups allow you to automatically assign group membership whenever any new user is created or imported throughout <1>identity brokering. Add default groups to get started", + "securityDefences": "Security defenses", + "headers": "Headers", + "bruteForceDetection": "Brute force detection", + "xFrameOptions": "X-Frame-Options", + "contentSecurityPolicy": "Content-Security-Policy", + "contentSecurityPolicyReportOnly": "Content-Security-Policy-Report-Only", + "xContentTypeOptions": "X-Content-Type-Options", + "xRobotsTag": "X-Robots-Tag", + "xXSSProtection": "X-XSS-Protection", + "strictTransportSecurity": "HTTP Strict Transport Security (HSTS)", + "referrerPolicy": "Referrer Policy", + "failureFactor": "Max login failures", + "permanentLockout": "Permanent lockout", + "waitIncrementSeconds": "Wait increment", + "maxFailureWaitSeconds": "Max wait", + "maxDeltaTimeSeconds": "Failure reset time", + "quickLoginCheckMilliSeconds": "Quick login check milliseconds", + "minimumQuickLoginWaitSeconds": "Minimum quick login wait", + "partialExportHeaderText": "Partial export allows you to export realm configuration, and other associated resources into a json file.", + "includeGroupsAndRoles": "Include groups and roles", + "includeClients": "Include clients", + "exportWarningTitle": "Export with caution", + "exportWarningDescription": "If there is a great number of groups, roles or clients in your realm, the operation may make server unresponsive for a while.", + "exportSuccess": "Realm successfully exported.", + "exportFail": "Could not export realm: '{{error}}'", + "partialImportHeaderText": "Partial import allows you to import users, clients, and other resources from a previously exported json file.", + "selectRealm": "Select realm", + "chooseResources": "Choose the resources you want to import", + "selectIfResourceExists": "If a resource already exists, specify what should be done", + "resourcesToImport": "Resources to import", + "importFail": "Import failed: {{error}}", + "FAIL": "Fail import", + "SKIP": "Skip", + "OVERWRITE": "Overwrite", + "added": "Added", + "skipped": "Skipped", + "overwritten": "Overwritten", + "importAdded_zero": "No records added.", + "importAdded_one": "One record added.", + "importAdded_other": "{{count}} records added.", + "importOverwritten_zero": "No records overwritten.", + "importOverwritten_one": "One record overwritten.", + "importOverwritten_other": "{{count}} records overwritten.", + "importSkipped_zero": "No records skipped.", + "importSkipped_one": "One record skipped.", + "importSkipped_other": "{{count}} records skipped.", + "fromDisplayNameHelp": "A user-friendly name for the 'From' address (optional).", + "replyToDisplayNameHelp": "A user-friendly name for the 'Reply-To' address (optional).", + "envelopeFromHelp": "An email address used for bounces (optional).", + "passwordHelp": "SMTP password. This field is able to obtain its value from vault, use ${vault.ID} format.", + "frontendUrlHelp": "Set the frontend URL for the realm. Use in combination with the default hostname provider to override the base URL for frontend requests for a specific realm.", + "requireSslHelp": "Is HTTPS required? 'None' means HTTPS is not required for any client IP address. 'External requests' means localhost and private IP addresses can access without HTTPS. 'All requests' means HTTPS is required for all IP addresses.", + "userManagedAccessHelp": "If enabled, users are allowed to manage their resources and permissions using the Account Management UI.", + "userProfileEnabledHelp": "If enabled, allows managing user profiles.", + "endpointsHelp": "Shows the configuration of the Service Provider endpoint", + "accountThemeHelp": "Select a theme for the user account management console.", + "adminThemeHelp": "Select a theme for administration console.", + "emailThemeHelp": "Select a theme for emails that are sent by the server.", + "priorityHelp": "Priority of the provider", + "enabledHelp": "Set if the keys are enabled", + "activeHelp": "Set if the keys can be used for signing", + "AESKeySizeHelp": "Size in bytes for the generated AES key. Size 16 is for AES-128, Size 24 for AES-192, and Size 32 for AES-256. WARN: Bigger keys than 128 are not allowed on some JDK implementations.", + "save-user-events": "If enabled, user events are saved to the database, which makes events available to the admin and account management UIs.", + "save-admin-events": "If enabled, admin events are saved to the database, which makes events available to the Admin UI.", + "admin-clearEvents": "Deletes all admin events in the database.", + "includeRepresentationHelp": "Include JSON representation for create and update requests.", + "user-clearEvents": "Deletes all user events in the database.", + "ellipticCurveHelp": "Elliptic curve used in ECDSA", + "secretSizeHelp": "Size in bytes for the generated secret", + "keySizeHelp": "Size for the generated keys", + "algorithmHelp": "Intended algorithm for the key", + "keystoreHelp": "Path to keys file", + "keystorePasswordHelp": "Password for the keys", + "privateRSAKeyHelp": "Private RSA Key encoded in PEM format", + "x509CertificateHelp": "X509 Certificate encoded in PEM format", + "xFrameOptionsHelp": "Default value prevents pages from being included by non-origin iframes <1>Learn more", + "contentSecurityPolicyHelp": "Default value prevents pages from being included by non-origin iframes <1>Learn more", + "contentSecurityPolicyReportOnlyHelp": "For testing Content Security Policies <1>Learn more", + "xContentTypeOptionsHelp": "Default value prevents Internet Explorer and Google Chrome from MIME-sniffing a response away from the declared content-type <1>Learn more", + "xRobotsTagHelp": "Prevent pages from appearing in search engines <1>Learn more", + "xXSSProtectionHelp": "This header configures the Cross-site scripting (XSS) filter in your browser. Using the default behaviour, the browser will prevent rendering of the page when a XSS attack is detected. <1>Learn more", + "strictTransportSecurityHelp": "The Strict-Transport-Security HTTP header tells browsers to always use HTTPS. Once a browser sees this header, it will only visit the site over HTTPS for the time specified (1 year) at max-age, including the subdomains. <1>Learn more", + "failureFactorHelp": "How many failures before wait is triggered.", + "permanentLockoutHelp": "Lock the user permanently when the user exceeds the maximum login failures.", + "waitIncrementSecondsHelp": "When failure threshold has been met, how much time should the user be locked out?", + "maxFailureWaitSecondsHelp": "Max time a user will be locked out.", + "maxDeltaTimeSecondsHelp": "When will failure count be reset?", + "quickLoginCheckMilliSecondsHelp": "If a failure happens concurrently too quickly, lock out the user.", + "minimumQuickLoginWaitSecondsHelp": "How long to wait after a quick login failure.", + "ssoSessionIdle": "Time a session is allowed to be idle before it expires. Tokens and browser sessions are invalidated when a session is expired.", + "ssoSessionMax": "Max time before a session is expired. Tokens and browser sessions are invalidated when a session is expired.", + "ssoSessionIdleRememberMe": "Time a remember me session is allowed to be idle before it expires. Tokens and browser sessions are invalidated when a session is expired. If not set it uses the standard SSO Session Idle value.", + "ssoSessionMaxRememberMe": "Max time before a session is expired when a user has set the remember me option. Tokens and browser sessions are invalidated when a session is expired. If not set it uses the standard SSO Session Max value.", + "offlineSessionIdleHelp": "Time an offline session is allowed to be idle before it expires. You need to use offline token to refresh at least once within this period; otherwise offline session will expire.", + "offlineSessionMaxLimitedHelp": "Enable offline session max", + "offlineSessionMaxHelp": "Max time before an offline session is expired regardless of activity.", + "loginTimeoutHelp": "Max time a user has to complete a login. This is recommended to be relatively long, such as 30 minutes or more", + "loginActionTimeoutHelp": "Max time a user has to complete login related actions like update password or configure totp. This is recommended to be relatively long, such as 5 minutes or more", + "defaultSigAlgHelp": "Default algorithm used to sign tokens for the realm", + "revokeRefreshTokenHelp": "If enabled a refresh token can only be used up to 'Refresh Token Max Reuse' and is revoked when a different token is used. Otherwise refresh tokens are not revoked when used and can be used multiple times.", + "refreshTokenMaxReuseHelp": "Maximum number of times a refresh token can be reused. When a different token is used, revocation is immediate.", + "accessTokenLifespanImplicitFlowHelp": "Max time before an access token issued during OpenID Connect Implicit Flow is expired. This value is recommended to be shorter than the SSO timeout. There is no possibility to refresh token during implicit flow, that's why there is a separate timeout different to 'Access Token Lifespan'", + "clientLoginTimeoutHelp": "Max time a client has to finish the access token protocol. This should normally be 1 minute.", + "userInitiatedActionLifespanHelp": "Maximum time before an action permit sent by a user (such as a forgot password e-mail) is expired. This value is recommended to be short because it's expected that the user would react to self-created action quickly.", + "defaultAdminInitiatedActionLifespan": "Maximum time before an action permit sent to a user by administrator is expired. This value is recommended to be long to allow administrators to send e-mails for users that are currently offline. The default timeout can be overridden immediately before issuing the token.", + "oAuthDeviceCodeLifespanHelp": "Max time before the device code and user code are expired. This value needs to be a long enough lifetime to be usable (allowing the user to retrieve their secondary device, navigate to the verification URI, login, etc.), but should be sufficiently short to limit the usability of a code obtained for phishing.", + "oAuthDevicePollingIntervalHelp": "The minimum amount of time in seconds that the client should wait between polling requests to the token endpoint.", + "shortVerificationUriTooltip": "If set, this value will be return as verification_uri in Device Authorization flow. This uri need to redirect to {server-root}/realms/{realm}/device", + "overrideActionTokensHelp": "Override default settings of maximum time before an action permit sent by a user (such as a forgot password e-mail) is expired for specific action. This value is recommended to be short because it's expected that the user would react to self-created action quickly.", + "internationalizationHelp": "If enabled, you can choose which locales you support for this realm and which locale is the default.", + "supportedLocalesHelp": "The locales to support for this realm. The user chooses one of these locales on the login screen.", + "defaultLocaleHelp": "The initial locale to use. It is used on the login screen and other screens in the Admin UI and Account UI.", + "conditionsHelp": "Conditions, which will be evaluated to determine if client policy should be applied during particular action or not.", + "clientProfilesHelp": "Client profiles applied on this policy.", + "clientAccessType": "It uses the client's access type (confidential, public, bearer-only) to determine whether the policy is applied. Condition is checked during most of OpenID Connect requests (Authorization requests, token requests, introspection endpoint request, etc.)", + "clientAccesstypeTooltip": "Access Type of the client, for which the condition will be applied.", + "clientRolesHelp": "The condition checks whether one of the specified client roles exists on the client to determine whether the policy is applied. This effectively allows client administrator to create client role of specified name on the client to make sure that particular client policy will be applied on requests of this client. Condition is checked during most of OpenID Connect requests (Authorization requests, token requests, introspection endpoint request, etc.)", + "clientRolesConditionTooltip": "Client roles, which will be checked during this condition evaluation. Condition evaluates to true if client has at least one client role with the name as the client roles specified in the configuration.", + "clientScopesHelp": "It uses the scopes requested or assigned in advance to the client to determine whether the policy is applied to this client. Condition is evaluated during OpenID Connect authorization request and/or token request.", + "clientScopesConditionTooltip": "The list of expected client scopes. Condition evaluates to true if specified client request matches some of the client scopes. It depends also whether it should be default or optional client scope based on the 'Scope Type' configured.", + "clientUpdaterContext": "The condition checks the context how is client created/updated to determine whether the policy is applied. For example it checks if client is created with admin REST API or OIDC dynamic client registration. And for the letter case if it is ANONYMOUS client registration or AUTHENTICATED client registration with Initial access token or Registration access token and so on.", + "clientUpdaterSourceGroupsHelp": "The condition checks the group of the entity who tries to create/update the client to determine whether the policy is applied.", + "clientUpdaterSourceGroupsTooltip": "Name of groups to check. Condition evaluates to true if the entity, who creates/updates client is member of some of the specified groups. Configured groups are specified by their simple name, which must match to the name of the Keycloak group. No support for group hierarchy is used here.", + "clientUpdaterSourceHost": "The condition checks the host/domain of the entity who tries to create/update the client to determine whether the policy is applied.", + "clientUpdaterTrustedHostsTooltip": "List of Hosts, which are trusted. In case that client registration/update request comes from the host/domain specified in this configuration, condition evaluates to true. You can use hostnames or IP addresses. If you use star at the beginning (for example '*.example.com' ) then whole domain example.com will be trusted.", + "clientUpdaterSourceRolesHelp": "The condition checks the role of the entity who tries to create/update the client to determine whether the policy is applied.", + "clientUpdaterSourceRolesTooltip": "The condition is checked during client registration/update requests and it evaluates to true if the entity (usually user), who is creating/updating client is member of the specified role. For reference the realm role, you can use the realm role name like 'my_realm_role' . For reference client role, you can use the client_id.role_name for example 'my_client.my_client_role' will refer to client role 'my_client_role' of client 'my_client'. ", + "defaultGroupsHelp": "Default groups allow you to automatically assign groups membership whenever any new user is created or imported through <1>identity brokering.", + "attributeGeneralSettingsDescription": "This section contains a few basic settings common to all attributes.", + "attributeNameHelp": "Name of attribute to search for in assertion. You can leave this blank and specify a friendly name instead.", + "attributeDisplayNameHelp": "Display name for the attribute. Supports keys for localized values as well. For example: ${profile.attribute.phoneNumber}.", + "attributeGroupHelp": "user.profile.attribute.group.tooltip", + "requiredHelp": "Set the attribute as required. If enabled, the attribute must be set by users and administrators. Otherwise, the attribute is optional.", + "attributePermissionDescription": "This section contains permissions for who can edit and who can view the attribute.", + "whoCanEditHelp": "If enabled, users or administrators can view and edit the attribute. Otherwise, users or administrators don't have access to write to the attribute.", + "whoCanViewHelp": "If enabled, users or administrators can view the attribute. Otherwise, users or administrators don't have access to the attribute.", + "editUsername": "If enabled, the username field is editable, readonly otherwise.", + "authenticationExplain": "Authentication is the area where you can configure and manage different credential types.", + "flows": "Flows", + "requiredActions": "Required actions", + "passwordPolicy": "Password policy", + "otpPolicy": "OTP Policy", + "webauthnPolicy": "Webauthn Policy", + "webauthnPasswordlessPolicy": "Webauthn Passwordless Policy", + "noPasswordPolicies": "No password policies", + "noPasswordPoliciesInstructions": "You haven't added any password policies to this realm. Add a policy to get started.", + "updatePasswordPolicySuccess": "Password policies successfully updated", + "updatePasswordPolicyError": "Could not update the password policies: '{{error}}'", + "webAuthnPolicyRpEntityName": "Relying party entity name", + "addPolicy": "Add policy", + "otpType": "OTP type", + "policyType": { + "totp": "Time based", + "hotp": "Counter based" + }, + "otpHashAlgorithm": "OTP hash algorithm", + "otpPolicyDigits": "Number of digits", + "lookAround": "Look around window", + "otpPolicyPeriod": "OTP Token period", + "otpPolicyPeriodErrorHint": "Value needs to be between 1 second and 2 minutes", + "otpPolicyCodeReusable": "Reusable token", + "initialCounter": "Initial counter", + "initialCounterErrorHint": "Value needs to be between 1 and 120", + "supportedApplications": "Supported applications", + "otpSupportedApplications": { + "totpAppFreeOTPName": "FreeOTP", + "totpAppGoogleName": "Google Authenticator", + "totpAppMicrosoftAuthenticatorName": "Microsoft Authenticator" + }, + "updateOtpSuccess": "OTP policy successfully updated", + "updateOtpError": "Could not update OTP policy: {{error}}", + "cibaPolicy": "CIBA Policy", + "cibaBackchannelTokenDeliveryMode": "Backchannel Token Delivery Mode", + "cibaBackhannelTokenDeliveryModes": { + "poll": "Poll", + "ping": "Ping" + }, + "cibaExpiresIn": "Expires In", + "cibaInterval": "Interval", + "cibaAuthRequestedUserHint": "Authentication Requested User Hint", + "updateCibaSuccess": "CIBA policy successfully updated", + "updateCibaError": "Could not update CIBA policy: {{error}}", + "webAuthnPolicySignatureAlgorithms": "Signature algorithms", + "webAuthnPolicyRpId": "Relying party ID", + "webAuthnPolicyAttestationConveyancePreference": "Attestation conveyance preference", + "attestationPreference": { + "not specified": "Not specified", + "none": "None", + "indirect": "Indirect", + "direct": "Direct" + }, + "webAuthnPolicyAuthenticatorAttachment": "Authenticator Attachment", + "authenticatorAttachment": { + "not specified": "Not specified", + "platform": "Platform", + "cross-platform": "Cross platform" + }, + "webAuthnPolicyRequireResidentKey": "Require resident key", + "residentKey": { + "not specified": "Not specified", + "Yes": "Yes", + "No": "No" + }, + "webAuthnPolicyUserVerificationRequirement": "User verification requirement", + "userVerify": { + "not specified": "Not specified", + "required": "Required", + "preferred": "Preferred", + "discouraged": "Discouraged" + }, + "webAuthnPolicyCreateTimeout": "Timeout", + "webAuthnPolicyCreateTimeoutHint": "Timeout needs to be between 0 seconds and 8 hours", + "webAuthnPolicyAvoidSameAuthenticatorRegister": "Avoid same authenticator registration", + "webAuthnPolicyAcceptableAaguids": "Acceptable AAGUIDs", + "addAaguids": "Add AAGUID", + "webAuthnUpdateSuccess": "Updated webauthn policies successfully", + "webAuthnUpdateError": "Could not update webauthn policies due to {{error}}", + "flowName": "Flow name", + "searchForFlow": "Search for flow", + "usedBy": "Used by", + "flowUsedBy": "Use of this flow", + "flowUsedByDescription": "This flow is used by the following {{value}}", + "buildIn": "Built-in", + "appliedByProviders": "Applied by the following providers", + "appliedByClients": "Applied by the following clients", + "used": { + "SPECIFIC_PROVIDERS": "Specific providers", + "SPECIFIC_CLIENTS": "Specific clients", + "DEFAULT": "Default", + "notInUse": "Not in use" + }, + "duplicate": "Duplicate", + "bindFlow": "Bind flow", + "chooseBindingType": "Choose binding type", + "flow": { + "browser": "Browser flow", + "registration": "Registration flow", + "direct grant": "Direct grant flow", + "reset credentials": "Reset credentials flow", + "clients": "Client authentication flow", + "docker auth": "Docker authentication flow" + }, + "editInfo": "Edit info", + "editFlow": "Edit flow", + "deleteConfirmFlow": "Delete flow?", + "deleteConfirmFlowMessage": "Are you sure you want to permanently delete the flow \"<1>{{flow}}\".", + "deleteFlowSuccess": "Flow successfully deleted", + "deleteFlowError": "Could not delete flow: {{error}}", + "duplicateFlow": "Duplicate flow", + "deleteConfirmExecution": "Delete execution?", + "deleteConfirmExecutionMessage": "Are you sure you want to permanently delete the execution \"<1>{{name}}\".", + "deleteExecutionSuccess": "Execution successfully deleted", + "deleteExecutionError": "Could not delete execution: {{error}}", + "updateFlowSuccess": "Flow successfully updated", + "updateFlowError": "Could not update flow: {{error}}", + "copyOf": "Copy of {{name}}", + "copyFlowSuccess": "Flow successfully duplicated", + "copyFlowError": "Could not duplicate flow: {{error}}", + "createFlow": "Create flow", + "flowType": "Flow type", + "flow-type": { + "basic-flow": "Generic", + "form-flow": "Form" + }, + "top-level-flow-type": { + "basic-flow": "Basic flow", + "client-flow": "Client flow" + }, + "flowCreatedSuccess": "Flow created", + "flowCreateError": "Could not create flow: {{error}}", + "flowDetails": "Flow details", + "tableView": "Table view", + "diagramView": "Diagram view", + "emptyExecution": "No steps", + "emptyExecutionInstructions": "You can start defining this flow by adding a sub-flow or an execution", + "addExecutionTitle": "Add an execution", + "addExecution": "Add execution", + "addSubFlowTitle": "Add a sub-flow", + "addSubFlow": "Add sub-flow", + "addStep": "Add step", + "addStepTo": "Add step to {{name}}", + "steps": "Steps", + "requirement": "Requirement", + "requirements": { + "REQUIRED": "Required", + "ALTERNATIVE": "Alternative", + "DISABLED": "Disabled", + "CONDITIONAL": "Conditional" + }, + "executionConfig": "{{name}} config", + "alias": "Alias", + "configSaveSuccess": "Successfully saved the execution config", + "configSaveError": "Could not save the execution config: {{error}}", + "setAsDefaultAction": "Set as default action", + "disabledOff": "Disabled off", + "updatedRequiredActionSuccess": "Updated required action successfully", + "updatedRequiredActionError": "Could not update required action: {{error}}", + "createFlowHelp": "You can create a top level flow within this from", + "flowTypeHelp": "What kind of form is it", + "topLevelFlowType": "What kind of top level flow is it? Type 'client' is used for authentication of clients (applications) when generic is for users and everything else", + "addExecutionHelp": "Execution can have a wide range of actions, from sending a reset email to validating an OTP", + "addSubFlowHelp": "Sub-Flows can be either generic or form. The form type is used to construct a sub-flow that generates a single flow for the user. Sub-flows are a special type of execution that evaluate as successful depending on how the executions they contain evaluate.", + "aliasHelp": "The alias uniquely identifies an identity provider and it is also used to build the redirect uri.", + "authDefaultActionTooltip": "If enabled, any new user will have this required action assigned to it.", + "otpTypeHelp": "totp is Time-Based One Time Password. 'hotp' is a counter base one time password in which the server keeps a counter to hash against.", + "webAuthnPolicyRpEntityNameHelp": "Human-readable server name as WebAuthn Relying Party", + "otpHashAlgorithmHelp": "What hashing algorithm should be used to generate the OTP.", + "otpPolicyDigitsHelp": "How many digits should the OTP have?", + "lookAroundHelp": "How far around should the server look just in case the token generator and server are out of time sync or counter sync?", + "otpPolicyPeriodHelp": "How many seconds should an OTP token be valid? Defaults to 30 seconds.", + "otpPolicyCodeReusableHelp": "Possibility to use the same OTP code again after successful authentication.", + "supportedApplicationsHelp": "Applications that are known to work with the current OTP policy", + "webauthnIntro": "What is this form used for?", + "webAuthnPolicyFormHelp": "Policy for WebAuthn authentication. This one will be used by 'WebAuthn Register' required action and 'WebAuthn Authenticator' authenticator. Typical usage is, when WebAuthn will be used for the two-factor authentication.", + "webAuthnPolicyPasswordlessFormHelp": "Policy for passwordless WebAuthn authentication. This one will be used by 'Webauthn Register Passwordless' required action and 'WebAuthn Passwordless Authenticator' authenticator. Typical usage is, when WebAuthn will be used as first-factor authentication. Having both 'WebAuthn Policy' and 'WebAuthn Passwordless Policy' allows to use WebAuthn as both first factor and second factor authenticator in the same realm.", + "webAuthnPolicySignatureAlgorithmsHelp": "What signature algorithms should be used for Authentication Assertion.", + "webAuthnPolicyRpIdHelp": "This is ID as WebAuthn Relying Party. It must be origin's effective domain.", + "webAuthnPolicyAttestationConveyancePreferenceHelp": "Communicates to an authenticator the preference of how to generate an attestation statement.", + "webAuthnPolicyAuthenticatorAttachmentHelp": "Communicates to an authenticator an acceptable attachment pattern.", + "webAuthnPolicyRequireResidentKeyHelp": "It tells an authenticator create a public key credential as Resident Key or not.", + "webAuthnPolicyUserVerificationRequirementHelp": "Communicates to an authenticator to confirm actually verifying a user.", + "webAuthnPolicyCreateTimeoutHelp": "Timeout value for creating user's public key credential in seconds. if set to 0, this timeout option is not adapted.", + "webAuthnPolicyAvoidSameAuthenticatorRegisterHelp": "Avoid registering the authenticator that has already been registered.", + "webAuthnPolicyAcceptableAaguidsHelp": "The list of AAGUID of which an authenticator can be registered.", + "passwordPolicies": { + "forceExpiredPasswordChange": "The number of days the password is valid before a new password is required.", + "hashIterations": "The number of times a password is hashed before storage or verification. Default: 27,500.", + "passwordHistory": "Prevents a recently used password from being reused.", + "passwordBlacklist": "Prevents the use of a password that is in a blacklist file.", + "regexPattern": "Requires that the password matches one or more defined Java regular expression patterns.", + "length": "The minimum number of characters required for the password.", + "notUsername": "The password cannot match the username.", + "notEmail": "The password cannot match the email address of the user.", + "specialChars": "The number of special characters required in the password string.", + "upperCase": "The number of uppercase letters required in the password string.", + "lowerCase": "The number of lowercase letters required in the password string.", + "digits": "The number of numerical digits required in the password string.", + "hashAlgorithm": "Applies a hashing algorithm to passwords, so they are not stored in clear text.", + "maxLength": "The maximum number of characters allowed in the password." + }, + "cibaBackchannelTokenDeliveryModeHelp": "Specifies how the CD (Consumption Device) gets the authentication result and related tokens. This mode will be used by default for the CIBA clients, which do not have other mode explicitly set.", + "cibaExpiresInHelp": "The expiration time of the \"auth_req_id\" in seconds since the authentication request was received.", + "cibaIntervalHelp": "The minimum amount of time in seconds that the CD (Consumption Device) must wait between polling requests to the token endpoint. If set to 0, the CD must use 5 as the default value according to the CIBA specification.", + "cibaAuthRequestedUserHintHelp": "The way of identifying the end-user for whom authentication is being requested. Currently only \"login_hint\" is supported.", + "descriptionLanding": "This is the description for the user federation landing page", + "userFederationExplain": "User federation provides access to external databases and directories, such as LDAP and Active Directory.", + "getStarted": "To get started, select a provider from the list below.", + "addProvider_one": "Add {{provider}} provider", + "addProvider_other": "Add {{provider}} providers", + "addKerberosWizardTitle": "Add Kerberos user federation provider", + "addLdapWizardTitle": "Add LDAP user federation provider", + "syncChangedUsers": "Sync changed users", + "syncAllUsers": "Sync all users", + "syncLDAPGroupsSuccessful": "Data successfully synced {{result}}", + "syncLDAPGroupsError": "Data could not be synced due {{error}}", + "unlinkUsers": "Unlink users", + "removeImported": "Remove imported", + "deleteProvider": "Delete provider?", + "generalOptions": "General options", + "vendor": "Vendor", + "connectionAndAuthenticationSettings": "Connection and authentication settings", + "connectionURL": "Connection URL", + "enableStartTls": "Enable StartTLS", + "useTruststoreSpi": "Use Truststore SPI", + "connectionPooling": "Connection pooling", + "connectionTimeout": "Connection timeout", + "bindType": "Bind type", + "bindDn": "Bind DN", + "bindCredentials": "Bind credentials", + "ldapSearchingAndUpdatingSettings": "LDAP searching and updating", + "editMode": "Edit mode", + "usersDN": "Users DN", + "usernameLdapAttribute": "Username LDAP attribute", + "rdnLdapAttribute": "RDN LDAP attribute", + "uuidLdapAttribute": "UUID LDAP attribute", + "userObjectClasses": "User object classes", + "userLdapFilter": "User LDAP filter", + "searchScope": "Search scope", + "readTimeout": "Read timeout", + "pagination": "Pagination", + "synchronizationSettings": "Synchronization settings", + "syncRegistrations": "Sync Registrations", + "importUsers": "Import users", + "batchSize": "Batch size", + "periodicFullSync": "Periodic full sync", + "fullSyncPeriod": "Full sync period", + "periodicChangedUsersSync": "Periodic changed users sync", + "changedUsersSyncPeriod": "Changed users sync period", + "kerberosIntegration": "Kerberos integration", + "allowKerberosAuthentication": "Allow Kerberos authentication", + "useKerberosForPasswordAuthentication": "Use Kerberos for password authentication", + "cacheSettings": "Cache settings", + "cachePolicy": "Cache policy", + "evictionDay": "Eviction day", + "evictionHour": "Eviction hour", + "evictionMinute": "Eviction minute", + "maxLifespan": "Max lifespan", + "ms": "milliseconds", + "enableLdapv3Password": "Enable the LDAPv3 password modify extended operation", + "validatePasswordPolicy": "Validate password policy", + "trustEmail": "Trust Email", + "requiredSettings": "Required Settings", + "kerberosRealm": "Kerberos realm", + "serverPrincipal": "Server principal", + "keyTab": "Key tab", + "krbPrincipalAttribute": "Kerberos principal attribute", + "debug": "Debug", + "allowPasswordAuthentication": "Allow password authentication", + "updateFirstLogin": "Update first login", + "never": "Never", + "oneLevel": "One Level", + "subtree": "Subtree", + "queryExtensions": "Query Supported Extensions", + "testAuthentication": "Test authentication", + "testSuccess": "Successfully connected to LDAP", + "testError": "Error when trying to connect to LDAP: '{{error}}'", + "managePriorities": "Manage priorities", + "managePriorityOrder": "Manage priority order", + "managePriorityInfo": "Priority is the order of providers when doing a user lookup. You can drag the row handlers to change the priorities.", + "orderChangeSuccess": "Successfully changed display order of identity providers", + "orderChangeError": "Could not change display order of identity providers {{error}}", + "addNewProvider": "Add new provider", + "addCustomProvider": "Add custom provider", + "providerDetails": "Provider details", + "userFedDeletedSuccess": "The user federation provider has been deleted.", + "userFedDeleteError": "Could not delete user federation provider: '{{error}}'", + "userFedDeleteConfirmTitle": "Delete user federation provider?", + "userFedDeleteConfirm": "If you delete this user federation provider, all associated data will be removed.", + "userFedDisableConfirmTitle": "Disable user federation provider?", + "userFedDisableConfirm": "If you disable this user federation provider, it will not be considered for queries and imported users will be disabled and read-only until the provider is enabled again.", + "userFedUnlinkUsersConfirmTitle": "Unlink all users?", + "userFedUnlinkUsersConfirm": "Do you want to unlink all the users? Any users without a password in the database will not be able to authenticate anymore.", + "removeImportedUsers": "Remove imported users?", + "removeImportedUsersMessage": "Do you really want to remove all imported users? The option \"Unlink users\" makes sense just for the Edit Mode \"Unsynced\" and there should be a warning that \"unlinked\" users without the password in Keycloak database won't be able to authenticate.", + "removeImportedUsersSuccess": "Imported users have been removed.", + "removeImportedUsersError": "Could not remove imported users: '{{error}}'", + "syncUsersSuccess": "Sync of users finished successfully.", + "syncUsersError": "Could not sync users: '{{error}}'", + "unlinkUsersSuccess": "Unlink of users finished successfully.", + "unlinkUsersError": "Could not unlink users: '{{error}}'", + "validateRealm": "You must enter a realm", + "validateServerPrincipal": "You must enter a server principal", + "validateKeyTab": "You must enter a key tab", + "validateConnectionUrl": "You must enter a connection URL", + "validateBindDn": "You must enter the DN of the LDAP admin", + "validateBindCredentials": "You must enter the password of the LDAP admin", + "validateUuidLDAPAttribute": "You must enter a UUID LDAP attribute", + "validateUserObjectClasses": "You must enter one or more user object classes", + "validateEditMode": "You must select an edit mode", + "validateUsersDn": "You must enter users DN", + "validateUsernameLDAPAttribute": "You must enter a username LDAP attribute", + "validateRdnLdapAttribute": "You must enter an RDN LDAP attribute", + "validateCustomUserSearchFilter": "Filter must be enclosed in parentheses, for example: (filter)", + "mapperTypeMsadUserAccountControlManager": "msad-user-account-control-mapper", + "mapperTypeMsadLdsUserAccountControlMapper": "msad-user-account-control-mapper", + "mapperTypeGroupLdapMapper": "group-ldap-mapper", + "mapperTypeUserAttributeLdapMapper": "user-attribute-ldap-mapper", + "mapperTypeRoleLdapMapper": "role-ldap-mapper", + "mapperTypeHardcodedAttributeMapper": "hardcoded-attribute-mapper", + "mapperTypeHardcodedLdapRoleMapper": "hardcoded-ldap-role-mapper", + "mapperTypeCertificateLdapMapper": "certificate-ldap-mapper", + "mapperTypeFullNameLdapMapper": "full-name-ldap-mapper", + "mapperTypeHardcodedLdapGroupMapper": "hardcoded-ldap-group-mapper", + "mapperTypeLdapAttributeMapper": "hardcoded-ldap-attribute-mapper", + "ldapMappersList": "LDAP Mappers", + "ldapFullNameAttribute": "LDAP full name attribute", + "writeOnly": "Write only", + "ldapGroupsDn": "LDAP groups DN", + "groupNameLdapAttribute": "Group name LDAP attribute", + "groupObjectClasses": "Group object classes", + "preserveGroupInheritance": "Preserve group inheritance", + "ignoreMissingGroups": "Ignore missing groups", + "userGroupsRetrieveStrategy": "User groups retrieve strategy", + "mappedGroupAttributes": "Mapped group attributes", + "dropNonexistingGroupsDuringSync": "Drop non-existing groups during sync", + "groupsPath": "Groups path", + "membershipLdapAttribute": "Membership LDAP attribute", + "membershipAttributeType": "Membership attribute type", + "membershipUserLdapAttribute": "Membership user LDAP attribute", + "ldapFilter": "LDAP filter", + "mode": "Mode", + "memberofLdapAttribute": "Member-of LDAP attribute", + "ldapRolesDn": "LDAP roles DN", + "roleNameLdapAttribute": "Role name LDAP attribute", + "roleObjectClasses": "Role object classes", + "userRolesRetrieveStrategy": "User roles retrieve strategy", + "useRealmRolesMapping": "Use realm roles mapping", + "ldapAttributeName": "LDAP attribute name", + "ldapAttributeValue": "LDAP attribute value", + "userModelAttribute": "User model attribute", + "ldapAttribute": "LDAP attribute", + "readOnly": "Read only", + "alwaysReadValueFromLdap": "Always read value from LDAP", + "isMandatoryInLdap": "Is mandatory in LDAP", + "attributeDefaultValue": "Attribute default value", + "isBinaryAttribute": "Is binary attribute", + "derFormatted": "DER formatted", + "passwordPolicyHintsEnabled": "Password policy hints enabled", + "userModelAttributeName": "User model attribute name", + "attributeValue": "Attribute Value", + "selectRole": { + "label": "Select Role", + "tooltip": "Enter role in the textbox to the left, or click this button to browse and select the role you want." + }, + "group": "Group", + "providerType": "Provider Type", + "parentId": "Parent ID", + "kerberosPrincipal": "Kerberos Principal", + "kerberosKeyTab": "Kerberos Key Tab", + "sync-ldap-roles-to-keycloak": "Sync LDAP roles to Keycloak", + "sync-keycloak-roles-to-ldap": "Sync Keycloak roles to LDAP", + "sync-ldap-groups-to-keycloak": "Sync LDAP groups to Keycloak", + "sync-keycloak-groups-to-ldap": "Sync Keycloak groups to LDAP", + "addKerberosWizardDescription": "Text needed here", + "addLdapWizardDescription": "Text needed here", + "ldapGeneralOptionsSettingsDescription": "This section contains a few basic options common to all user storage providers.", + "uiDisplayNameHelp": "Display name of provider when linked in the Admin UI", + "vendorHelp": "LDAP vendor (provider)", + "ldapConnectionAndAuthorizationSettingsDescription": "This section contains options related to the configuration of the connection to the LDAP server. It also contains options related to authentication of the LDAP connection to the LDAP server.", + "consoleDisplayConnectionUrlHelp": "Connection URL to your LDAP server", + "enableStartTlsHelp": "Encrypts the connection to LDAP using STARTTLS, which will disable connection pooling", + "useTruststoreSpiHelp": "Specifies whether LDAP connection will use the Truststore SPI with the truststore configured in command-line options. 'Always' means that it will always use it. 'Never' means that it will not use it. Note that even if Keycloak truststore is not configured, the default java cacerts or certificate specified by 'javax.net.ssl.trustStore' property will be used.", + "connectionPoolingHelp": "Determines if Keycloak should use connection pooling for accessing LDAP server.", + "connectionTimeoutHelp": "LDAP connection timeout in milliseconds", + "bindTypeHelp": "Type of the authentication method used during LDAP bind operation. It is used in most of the requests sent to the LDAP server. Currently only 'none' (anonymous LDAP authentication) or 'simple' (bind credential + bind password authentication) mechanisms are available.", + "bindDnHelp": "DN of the LDAP admin, which will be used by Keycloak to access LDAP server", + "bindCredentialsHelp": "Password of LDAP admin. This field is able to obtain its value from vault, use ${vault.ID} format.", + "ldapSearchingAndUpdatingSettingsDescription": "This section contains options related to searching the LDAP server for the available users.", + "editModeLdapHelp": "READ_ONLY is a read-only LDAP store. WRITABLE means data will be synced back to LDAP on demand. UNSYNCED means user data will be imported, but not synced back to LDAP.", + "usersDNHelp": "Full DN of LDAP tree where your users are. This DN is the parent of LDAP users. It could be for example 'ou=users,dc=example,dc=com' assuming that your typical user will have DN like 'uid='john',ou=users,dc=example,dc=com'.", + "usernameLdapAttributeHelp": "Name of the LDAP attribute, which is mapped as Keycloak username. For many LDAP server vendors it can be 'uid'. For Active directory it can be 'sAMAccountName' or 'cn'. The attribute should be filled for all LDAP user records you want to import from LDAP to Keycloak.", + "rdnLdapAttributeHelp": "Name of the LDAP attribute, which is used as RDN (top attribute) of typical user DN. Usually it's the same as the Username LDAP attribute, however it is not required. For example for Active directory, it is common to use 'cn' as RDN attribute when username attribute might be 'sAMAccountName'.", + "uuidLdapAttributeHelp": "Name of the LDAP attribute, which is used as a unique object identifier (UUID) for objects in LDAP. For many LDAP server vendors, it is 'entryUUID'; however some are different. For example, for Active directory it should be 'objectGUID'. If your LDAP server does not support the notion of UUID, you can use any other attribute that is supposed to be unique among LDAP users in tree. For example 'uid' or 'entryDN'.", + "userObjectClassesHelp": "All values of LDAP objectClass attribute for users in LDAP, divided by commas. For example: 'inetOrgPerson, organizationalPerson'. Newly created Keycloak users will be written to LDAP with all those object classes and existing LDAP user records are found just if they contain all those object classes.", + "userLdapFilterHelp": "Additional LDAP filter for filtering searched users. Leave this empty if you don't need an additional filter. Make sure that it starts with '(' and ends with ')'.", + "searchScopeHelp": "For one level, the search applies only for users in the DNs specified by User DNs. For subtree, the search applies to the whole subtree. See LDAP documentation for more details.", + "readTimeoutHelp": "LDAP read timeout in milliseconds. This timeout applies for LDAP read operations.", + "paginationHelp": "Whether the LDAP server supports pagination", + "ldapSynchronizationSettingsDescription": "This section contains options related to synchronization of users from LDAP to the Keycloak database.", + "syncRegistrationsHelp": "Should newly created users be created within LDAP store? Priority effects which provider is chosen to sync the new user. This setting is effectively appplied only with WRITABLE edit mode.", + "importUsersHelp": "If true, LDAP users will be imported into the Keycloak DB and synced by the configured sync policies.", + "batchSizeHelp": "Count of LDAP users to be imported from LDAP to Keycloak within a single transaction", + "periodicFullSyncHelp": "Whether periodic full synchronization of LDAP users to Keycloak should be enabled or not", + "fullSyncPeriodHelp": "Period for full synchronization in seconds", + "periodicChangedUsersSyncHelp": "Whether periodic synchronization of changed or newly created LDAP users to Keycloak should be enabled or not", + "changedUsersSyncHelp": "Period for synchronization of changed or newly created LDAP users in seconds", + "ldapKerberosSettingsDescription": "This section contains options useful for the Kerberos integration. This is used only when the LDAP server is used together with Kerberos/SPNEGO for user authentication.", + "allowKerberosAuthenticationHelp": "Enable/disable HTTP authentication of users with SPNEGO/Kerberos tokens. The data about authenticated users will be provisioned from this LDAP server.", + "useKerberosForPasswordAuthenticationHelp": "User Kerberos login module for authenticating username/password against Kerberos server instead of authenticating against LDAP server with Directory Service API", + "cacheSettingsDescription": "This section contains options useful for caching users, which were loaded from this user storage provider.", + "cachePolicyHelp": "Cache Policy for this storage provider. 'DEFAULT' is whatever the default settings are for the global cache. 'EVICT_DAILY' is a time of day every day that the cache will be invalidated. 'EVICT_WEEKLY' is a day of the week and time the cache will be invalidated. 'MAX_LIFESPAN' is the time in milliseconds that will be the lifespan of a cache entry.", + "evictionDayHelp": "Day of the week the entry will become invalid", + "evictionHourHelp": "Hour of the day the entry will become invalid", + "evictionMinuteHelp": "Minute of the hour the entry will become invalid", + "maxLifespanHelp": "Max lifespan of cache entry in milliseconds", + "ldapAdvancedSettingsDescription": "This section contains all the other options for more fine-grained configuration of the LDAP storage provider.", + "enableLdapv3PasswordHelp": "Use the LDAPv3 Password Modify Extended Operation (RFC-3062). The password modify extended operation usually requires that LDAP user already has password in the LDAP server. So when this is used with 'Sync Registrations', it can be good to add also 'Hardcoded LDAP attribute mapper' with randomly generated initial password.", + "validatePasswordPolicyHelp": "Determines if Keycloak should validate the password with the realm password policy before updating it. For the case when user's password is saved in LDAP, some Keycloak password policies will not work (Not Recently Used, Expire Password, Hashing Iterations, Hashing Algorithm) due the fact that Keycloak does not have direct control over the password storage. It is needed to enable password policies at the LDAP server layer if you want to leverage those password policies.", + "trustEmailHelp": "If enabled, email provided by this provider is not verified even if verification is enabled for the realm.", + "IDK-periodicChangedUsersSyncHelp": "Should newly created users be created within LDAP store? Priority affects which provider is chosen to sync the new user.", + "kerberosWizardDescription": "Text needed here.", + "kerberosRequiredSettingsDescription": "This section contains a few basic options common to all user storage providers.", + "kerberosRealmHelp": "Name of kerberos realm. For example, FOO.ORG", + "serverPrincipalHelp": "Full name of server principal for HTTP service including server and domain name. For example, HTTP/host.foo.org@FOO.ORG", + "keyTabHelp": "Location of Kerberos KeyTab file containing the credentials of server principal. For example, /etc/krb5.keytab", + "krbPrincipalAttributeHelp": "Name of the LDAP attribute, which refers to Kerberos principal. This is used to lookup appropriate LDAP user after successful Kerberos/SPNEGO authentication in Keycloak. When this is empty, the LDAP user will be looked based on LDAP username corresponding to the first part of his Kerberos principal. For instance, for principal 'john@KEYCLOAK.ORG', it will assume that LDAP username is 'john'.", + "debugHelp": "Enable/disable debug logging to standard output for Krb5LoginModule.", + "allowPasswordAuthenticationHelp": "Enable/disable possibility of username/password authentication against Kerberos database", + "editModeKerberosHelp": "READ_ONLY means that password updates are not allowed and user always authenticates with Kerberos password. UNSYNCED means that the user can change the password in the Keycloak database and this one will be used instead of the Kerberos password.", + "updateFirstLoginHelp": "Update profile on first login", + "mapperTypeMsadUserAccountControlManagerHelp": "Mapper specific to MSAD. It's able to integrate the MSAD user account state into Keycloak account state (account enabled, password is expired etc). It's using userAccountControl and pwdLastSet MSAD attributes for that. For example if pwdLastSet is 0, the Keycloak user is required to update the password; if userAccountControl is 514 (disabled account) the Keycloak user is disabled as well etc. Mapper is also able to handle the exception code from LDAP user authentication.", + "mapperTypeMsadLdsUserAccountControlMapperHelp": "Mapper specific to MSAD LDS. It's able to integrate the MSAD LDS user account state into Keycloak account state (account enabled, password is expired etc). It's using msDS-UserAccountDisabled and pwdLastSet is 0, the Keycloak user is required to update password, if msDS-UserAccountDisabled is 'TRUE' the Keycloak user is disabled as well etc. Mapper is also able to handle exception code from LDAP user authentication.", + "mapperTypeGroupLdapMapperHelp": "Used to map group mappings of groups from some LDAP DN to Keycloak group mappings", + "mapperTypeRoleLdapMapperHelp": "Used to map role mappings of roles from some LDAP DN to Keycloak role mappings of either realm roles or client roles of particular client", + "mapperTypeHardcodedAttributeMapperHelp": "This mapper will hardcode any model user attribute and some property (like emailVerified or enabled) when importing user from LDAP.", + "mapperTypeHardcodedLdapRoleMapperHelp": "Users imported from LDAP will be automatically added into this configured role.", + "mapperTypeCertificateLdapMapperHelp": "Used to map single attribute which contains a certificate from LDAP user to attribute of UserModel in Keycloak DB", + "mapperTypeFullNameLdapMapperHelp": "Used to map the full-name of a user from single attribute in LDAP (usually 'cn' attribute) to firstName and lastName attributes of UserModel in Keycloak DB", + "mapperTypeHardcodedLdapGroupMapperHelp": "Users imported from LDAP will be automatically added into this configured group.", + "mapperTypeLdapAttributeMapperHelp": "This mapper is supported just if syncRegistrations is enabled. New users registered in Keycloak will be written to the LDAP with the hardcoded value of some specified attribute.", + "passwordPolicyHintsEnabledHelp": "Applicable just for writable MSAD. If on, then updating password of MSAD user will use LDAP_SERVER_POLICY_HINTS_OID extension, which means that advanced MSAD password policies like 'password history' or 'minimal password age' will be applied. This extension works just for MSAD 2008 R2 or newer.", + "nameHelpHelp": "Name of the mapper", + "mapperTypeHelp": "Used to map single attribute from LDAP user to attribute of UserModel in Keycloak DB", + "userModelAttributeHelp": "Name of the UserModel property or attribute you want to map the LDAP attribute into. For example 'firstName', 'lastName, 'email', 'street' etc.", + "ldapAttributeHelp": "Name of mapped attribute on LDAP object. For example 'cn', 'sn', 'mail', 'street', etc.", + "readOnlyHelp": "Read-only attribute is imported from LDAP to UserModel, but it's not saved back to LDAP when user is updated in Keycloak.", + "alwaysReadValueFromLdapHelp": "If on, then during reading of the LDAP attribute value will always used instead of the value from Keycloak DB.", + "isMandatoryInLdapHelp": "If true, attribute is mandatory in LDAP. Hence if there is no value in Keycloak DB, the empty value will be set to be propagated to LDAP.", + "attributeDefaultValueHelp": "If there is no value in Keycloak DB and attribute is mandatory in LDAP, this value will be propagated to LDAP.", + "isBinaryAttributeHelp": "Should be true for binary LDAP attributes.", + "derFormattedHelp": "Activate this if the certificate is DER formatted in LDAP and not PEM formatted.", + "ldapFullNameAttributeHelp": "Name of the LDAP attribute, which contains the fullName of the user. Usually it will be 'cn'.", + "fullNameLdapReadOnlyHelp": "For Read-only, data is imported from LDAP to Keycloak DB, but it's not saved back to LDAP when the user is updated in Keycloak.", + "fullNameLdapWriteOnlyHelp": "For Write-only, data is propagated to LDAP when a user is created or updated in Keycloak. But this mapper is not used to propagate data from LDAP back into Keycloak. This setting is useful if you configured separate firstName and lastName attribute mappers and you want to use those to read the attribute from LDAP into Keycloak.", + "ldapGroupsDnHelp": "LDAP DN where groups of this tree are saved. For example 'ou=groups,dc=example,dc=org'", + "groupNameLdapAttributeHelp": "Name of LDAP attribute, which is used in group objects for name and RDN of group. Usually it will be 'cn'. In this case typical group/role object may have DN like 'cn=Group1,ouu=groups,dc=example,dc=org'.", + "groupObjectClassesHelp": "Object class (or classes) of the group object. It's divided by commas if more classes needed. In typical LDAP deployment it could be 'groupOfNames'. In Active Directory it's usually 'group'.", + "preserveGroupInheritanceHelp": "Flag whether group inheritance from LDAP should be propagated to Keycloak. If false, then all LDAP groups will be mapped as flat top-level groups in Keycloak. Otherwise group inheritance is preserved into Keycloak, but the group sync might fail if LDAP structure contains recursions or multiple parent groups per child groups.", + "ignoreMissingGroupsHelp": "Ignore missing groups in the group hierarchy.", + "userGroupsRetrieveStrategyHelp": "Specify how to retrieve groups of user. LOAD_GROUPS_BY_MEMBER_ATTRIBUTE means that roles of user will be retrieved by sending LDAP query to retrieve all groups where 'member' is our user. GET_GROUPS_FROM_USER_MEMBEROF_ATTRIBUTE means that groups of user will be retrieved from 'memberOf' attribute of our user or from the other attribute specified by 'Member-Of LDAP Attribute'.", + "mappedGroupAttributesHelp": "List of names of attributes divided by commas. This points to the list of attributes on LDAP group, which will be mapped as attributes of Group in Keycloak. Leave this empty if no additional group attributes are required to be mapped in Keycloak.", + "dropNonexistingGroupsDuringSyncHelp": "If this flag is true, then during sync of groups from LDAP to Keycloak, we will keep just those Keycloak groups that still exist in LDAP. The rest will be deleted.", + "groupsPathHelp": "Keycloak group path the LDAP groups are added to. For example if value '/Applications/App1' is used, then LDAP groups will be available in Keycloak under group 'App1', which is child of top level group 'Applications'. The default value is '/' so LDAP groups will be mapped to the Keycloak groups at the top level. The configured group path must already exist in the Keycloak when creating this mapper.", + "ldapRolesDnHelp": "LDAP DN where roles of this tree are saved. For example, 'ou=finance,dc=example,dc=org'", + "roleNameLdapAttributeHelp": "Name of LDAP attribute, which is used in role objects for name and RDN of role. Usually it will be 'cn'. In this case typical group/role object may have DN like 'cn=role1,ou=finance,dc=example,dc=org'.", + "roleObjectClassesHelp": "Object class (or classes) of the role object. It's divided by commas if more classes are needed. In typical LDAP deployment it could be 'groupOfNames'. In Active Directory it's usually 'group'.", + "userRolesRetrieveStrategyHelp": "Specify how to retrieve roles of user. LOAD_ROLES_BY_MEMBER_ATTRIBUTE means that roles fo user will be retrieved by sending LDAP query to retrieve all roles where 'member' is our user. GET_ROLES_FROM_USER_MEMBEROF means that roles of user will be retrieved from 'memberOf' attribute of our user. Or from the other attributes specified by 'Member-Of LDAP Attribute'. LOAD_ROLES_BY_MEMBER_ATTRIBUTE is applicable just in Active Directory and it means that roles of user will be retrieved recursively with usage of LDAP_MATCHING_RULE_IN_CHAIN LDAP extension.", + "useRealmRolesMappingHelp": "If true, then LDAP role mappings will be mapped to realm role mappings in Keycloak. Otherwise it will be mapped to client role mappings.", + "clientIdHelpHelp": "Client ID of client to which LDAP role mappings will be mapped. Applicable only if 'Use Realm Roles Mapping' is false.", + "membershipLdapAttributeHelp": "Name of LDAP attribute on group, which is used for membership mappings. Usually it will be 'member'. However when 'Membership Attribute Type' is 'UID', then 'Membership LDAP Attribute' could be typically 'memberUid'.", + "membershipAttributeTypeHelp": "DN means that LDAP group has it's members declared in form of their full DN. For example 'member: uid=john,ou=users,dc=example,dc=com'. UID means that LDAP group has it's members declared in form of pure user uids. For example 'memberUid: john'.", + "membershipUserLdapAttributeHelp": "Used just if Membership Attribute Type is UID. It is the name of the LDAP attribute on user, which is used for membership mappings. Usually it will be 'uid'. For example if the value of 'Membership User LDAP Attribute' is 'uid' and LDAP group has 'memberUid: john', then it is expected that particular LDAP user will have attribute 'uid: john'.", + "ldapFilterHelp": "LDAP Filter adds an additional custom filter to the whole query for retrieve LDAP groups. Leave this empty if no additional filtering is needed and you want to retrieve all groups from LDAP. Otherwise make sure that filter starts with '(' and ends with ')'.", + "modeHelp": "LDAP_ONLY means that all group mappings of users are retrieved from LDAP and saved into LDAP. READ_ONLY is Read-only LDAP mode where group mappings are retrieved from both LDAP and DB and merged together. New group joins are not saved to LDAP but to DB. IMPORT is Read-only LDAP mode where group mappings are retrieved from LDAP just at the time when user is imported from LDAP and then they are saved to local keycloak DB.", + "memberofLdapAttributeHelp": "Used just when 'User Roles Retrieve Strategy' is GET_GROUPS_FROM_USER_MEMBEROF_ATTRIBUTE. It specifies the name of the LDAP attribute on the LDAP user, which contains the groups, which the user is member of. Usually it will be the default 'memberOf'.", + "userModelAttributeNameHelp": "Name of the model attribute to be added when importing user from LDAP", + "attributeValueHelp": "Value the attribute must have. If the attribute is a list, then the value must be contained in the list.", + "roleHelpHelp": "Role to grant to user. Click 'Select Role' button to browse roles, or just type it in the textbox. To reference an application role the syntax is appname.approle, i.e. myapp.myrole.", + "groupHelp": "Group to add the user in. Fill the full path of the group including path. For example: '/root-group/child-group'.", + "ldapAttributeNameHelp": "Name of the LDAP attribute, which will be added to the new user during registration", + "ldapAttributeValueHelp": "Value of the LDAP attribute, which will be added to the new user during registration. You can either hardcode any value like 'foo' but you can also use some special tokens. Only supported token right now is '${RANDOM}', which will be replaced with some randomly generated string.", + "listExplain": "Identity providers are social networks or identity brokers that allow users to authenticate to Keycloak.", + "searchForProvider": "Search for provider", + "addIdPMapper": "Add Identity Provider Mapper", + "editIdPMapper": "Edit Identity Provider Mapper", + "mappersList": "Mappers list", + "noMappers": "No Mappers", + "noMappersInstructions": "There are currently no mappers for this identity provider.", + "addKeycloakOpenIdProvider": "Add Keycloak OpenID Connect provider", + "addOpenIdProvider": "Add OpenID Connect provider", + "addSamlProvider": "Add SAML provider", + "manageDisplayOrder": "Manage display order", + "deleteProviderMapper": "Delete mapper?", + "deleteMapperConfirm": "Are you sure you want to permanently delete the mapper {{mapper}}?", + "deleteMapperSuccess": "Mapper successfully deleted.", + "disableProvider": "Disable provider?", + "disableSuccess": "Provider successfully disabled", + "disableError": "Could not disable the provider {{error}}", + "addIdentityProvider": "Add {{provider}} provider", + "redirectURI": "Redirect URI", + "samlEndpointsLabel": "SAML 2.0 Service Provider Metadata", + "orderDialogIntro": "The order that the providers are listed in the login page or the Account UI. You can drag the row handles to change the order.", + "manageOrderTableAria": "List of identity providers in the order listed on the login page", + "useDiscoveryEndpoint": "Use discovery endpoint", + "discoveryEndpoint": "Discovery endpoint", + "useEntityDescriptor": "Use entity descriptor", + "samlEntityDescriptor": "SAML entity descriptor", + "ssoServiceUrl": "Single Sign-On service URL", + "singleLogoutServiceUrl": "Single logout service URL", + "nameIdPolicyFormat": "NameID policy format", + "persistent": "Persistent", + "transient": "Transient", + "x509": "X.509 Subject Name", + "windowsDomainQN": "Windows Domain Qualified Name", + "unspecified": "Unspecified", + "principalType": "Principal type", + "principalAttribute": "Principal attribute", + "allowCreate": "Allow create", + "subjectNameId": "Subject NameID", + "attributeFriendlyName": "Attribute [Friendly Name]", + "claim": "Claim", + "claimValue": "Claim Value", + "claims": "Claims", + "socialProfileJSONFieldPath": "Social Profile JSON Field Path", + "mapperAttributeName": "Attribute Name", + "mapperUserAttributeName": "User Attribute Name", + "mapperAttributeFriendlyName": "Friendly name", + "httpPostBindingResponse": "HTTP-POST binding response", + "httpPostBindingAuthnRequest": "HTTP-POST binding for AuthnRequest", + "httpPostBindingLogout": "HTTP-POST binding logout", + "wantAuthnRequestsSigned": "Want AuthnRequests signed", + "encryptionAlgorithm": "Encryption Algorithm", + "samlSignatureKeyName": "SAML signature key name", + "wantAssertionsSigned": "Want Assertions signed", + "wantAssertionsEncrypted": "Want Assertions encrypted", + "forceAuthentication": "Force authentication", + "validatingX509Certs": "Validating X509 certificates", + "signServiceProviderMetadata": "Sign service provider metadata", + "passSubject": "Pass subject", + "serviceProviderEntityId": "Service provider entity ID", + "identityProviderEntityId": "Identity provider entity ID", + "importConfig": "Import config from file", + "showMetaData": "Show metadata", + "hideMetaData": "Hide metadata", + "noValidMetaDataFound": "No valid metadata was found at this URL: '{{error}}'", + "metadataOfDiscoveryEndpoint": "Metadata of the discovery endpoint", + "authorizationUrl": "Authorization URL", + "passLoginHint": "Pass login_hint", + "passMaxAge": "Pass max_age", + "passCurrentLocale": "Pass current locale", + "tokenUrl": "Token URL", + "logoutUrl": "Logout URL", + "backchannelLogout": "Backchannel logout", + "disableUserInfo": "Disable user info", + "isAccessTokenJWT": "Access Token is JWT", + "userInfoUrl": "User Info URL", + "issuer": "Issuer", + "prompt": "Prompt", + "prompts": { + "unspecified": "Unspecified", + "none": "None", + "consent": "Consent", + "login": "Login", + "select_account": "Select account" + }, + "clientAuthentications": { + "client_secret_post": "Client secret sent as post", + "client_secret_basic": "Client secret sent as basic auth", + "client_secret_jwt": "Client secret as jwt", + "private_key_jwt": "JWT signed with private key" + }, + "clientAssertionSigningAlg": "Client asserion signature algorithm", + "algorithmNotSpecified": "Algorithm not specified", + "acceptsPromptNone": "Accepts prompt=none forward from client", + "validateSignature": "Validate Signatures", + "validatingPublicKey": "Validating public key", + "validatingPublicKeyId": "Validating public key id", + "pkceEnabled": "Use PKCE", + "pkceMethod": "PKCE Method", + "allowedClockSkew": "Allowed clock skew", + "attributeConsumingServiceIndex": "Attribute Consuming Service Index", + "attributeConsumingServiceName": "Attribute Consuming Service Name", + "forwardParameters": "Forwarded query parameters", + "oidcSettings": "OpenID Connect settings", + "samlSettings": "SAML settings", + "reqAuthnConstraints": "Requested AuthnContext Constraints", + "keyID": "KEY_ID", + "NONE": "NONE", + "certSubject": "CERT_SUBJECT", + "storeTokens": "Store tokens", + "storedTokensReadable": "Stored tokens readable", + "comparison": "Comparison", + "authnContextClassRefs": "AuthnContext ClassRefs", + "addAuthnContextClassRef": "Add AuthnContext ClassRef", + "authnContextDeclRefs": "AuthnContext DeclRefs", + "addAuthnContextDeclRef": "Add AuthnContext DeclRef", + "accountLinkingOnly": "Account linking only", + "hideOnLoginPage": "Hide on login page", + "filteredByClaim": "Verify essential claim", + "claimFilterName": "Essential claim", + "claimFilterValue": "Essential claim value", + "firstBrokerLoginFlowAlias": "First login flow", + "postBrokerLoginFlowAlias": "Post login flow", + "syncMode": "Sync mode", + "syncModes": { + "inherit": "Inherit", + "import": "Import", + "legacy": "Legacy", + "force": "Force" + }, + "syncModeOverride": "Sync mode override", + "regexAttributeValues": "Regex Attribute Values", + "regexClaimValues": "Regex Claim Values", + "mapperSaveSuccess": "Mapper saved successfully.", + "mapperSaveError": "Error saving mapper: {{error}}", + "userAttribute": "User Attribute", + "userAttributeValue": "User Attribute Value", + "userSessionAttribute": "User Session Attribute", + "userSessionAttributeValue": "User Session Attribute Value", + "target": "Target", + "targetOptions": { + "local": "LOCAL", + "brokerId": "BROKER_ID", + "brokerUsername": "BROKER_USERNAME" + }, + "redirectURIHelp": "The redirect uri to use when configuring the identity provider.", + "clientSecretHelp": "The client secret registered with the identity provider. This field is able to obtain its value from vault, use ${vault.ID} format.", + "displayOrderHelp": "Number defining the order of the providers in GUI (for example, on the Login page). The lowest number will be applied first.", + "useDiscoveryEndpointHelp": "If this setting is enabled, the discovery endpoint will be used to fetch the provider config. Keycloak can load the config from the endpoint and automatically update the config if the source has any updates", + "discoveryEndpointHelp": "Import metadata from a remote IDP discovery descriptor.", + "importConfigHelp": "Import metadata from a downloaded IDP discovery descriptor.", + "passLoginHintHelp": "Pass login_hint to identity provider.", + "passMaxAgeHelp": "Pass max_age to identity provider.", + "passCurrentLocaleHelp": "Pass the current locale to the identity provider as a ui_locales parameter.", + "logoutUrlHelp": "End session endpoint to use to logout user from external IDP.", + "backchannelLogoutHelp": "Does the external IDP support backchannel logout?", + "disableUserInfoHelp": "Disable usage of User Info service to obtain additional user information? Default is to use this OIDC service.", + "isAccessTokenJWTHelp": "The Access Token received from the Identity Provider is a JWT and its claims will be accessible for mappers.", + "userInfoUrlHelp": "The User Info Url. This is optional.", + "issuerHelp": "The issuer identifier for the issuer of the response. If not provided, no validation will be performed.", + "promptHelp": "Specifies whether the Authorization Server prompts the End-User for re-authentication and consent.", + "acceptsPromptNoneHelp": "This is just used together with Identity Provider Authenticator or when kc_idp_hint points to this identity provider. In case that client sends a request with prompt=none and user is not yet authenticated, the error will not be directly returned to client, but the request with prompt=none will be forwarded to this identity provider.", + "validateSignatureHelp": "Enable/disable signature validation of external IDP signatures.", + "validatingPublicKeyHelp": "The public key in PEM format that must be used to verify external IDP signatures.", + "validatingPublicKeyIdHelp": "Explicit ID of the validating public key given above if the key ID. Leave blank if the key above should be used always, regardless of key ID specified by external IDP; set it if the key should only be used for verifying if the key ID from external IDP matches.", + "pkceEnabledHelp": "Use PKCE (Proof of Key-code exchange) for IdP Brokering", + "pkceMethodHelp": "PKCE Method to use", + "allowedClockSkewHelp": "Clock skew in seconds that is tolerated when validating identity provider tokens. Default value is zero.", + "attributeConsumingServiceIndexHelp": "Index of the Attribute Consuming Service profile to request during authentication.", + "attributeConsumingServiceNameHelp": "Name of the Attribute Consuming Service profile to advertise in the SP metadata.", + "forwardParametersHelp": "Non OpenID Connect/OAuth standard query parameters to be forwarded to external IDP from the initial application request to Authorization Endpoint. Multiple parameters can be entered, separated by comma (,).", + "clientAuthenticationHelp": "The client authentication method (cfr. https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication). In case of JWT signed with private key, the realm private key is used.", + "clientAssertionSigningAlgHelp": "Signature algorithm to create JWT assertion as client authentication. In the case of JWT signed with private key or Client secret as jwt, it is required. If no algorithm is specified, the following algorithm is adapted. RS256 is adapted in the case of JWT signed with private key. HS256 is adapted in the case of Client secret as jwt.", + "storeTokensHelp": "Enable/disable if tokens must be stored after authenticating users.", + "storedTokensReadableHelp": "Enable/disable if new users can read any stored tokens. This assigns the broker.read-token role.", + "accountLinkingOnlyHelp": "If true, users cannot log in through this provider. They can only link to this provider. This is useful if you don't want to allow login from the provider, but want to integrate with a provider", + "hideOnLoginPageHelp": "If hidden, login with this provider is possible only if requested explicitly, for example using the 'kc_idp_hint' parameter.", + "filteredByClaimHelp": "If true, ID tokens issued by the identity provider must have a specific claim. Otherwise, the user can not authenticate through this broker.", + "claimFilterNameHelp": "Name of the essential claim", + "claimFilterValueHelp": "Value of the essential claim (with regex support)", + "firstBrokerLoginFlowAliasHelp": "Alias of authentication flow, which is triggered after first login with this identity provider. Term 'First Login' means that no Keycloak account is currently linked to the authenticated identity provider account.", + "postBrokerLoginFlowAliasHelp": "Alias of authentication flow, which is triggered after each login with this identity provider. Useful if you want additional verification of each user authenticated with this identity provider (for example OTP). Leave this to \"None\" if you need no any additional authenticators to be triggered after login with this identity provider. Also note that authenticator implementations must assume that user is already set in ClientSession as identity provider already set it.", + "syncModeHelp": "Default sync mode for all mappers. The sync mode determines when user data will be synced using the mappers. Possible values are: 'legacy' to keep the behaviour before this option was introduced, 'import' to only import the user once during first login of the user with this identity provider, 'force' to always update the user during every login with this identity provider.", + "serviceProviderEntityIdHelp": "The Entity ID that will be used to uniquely identify this SAML Service Provider.", + "identityProviderEntityIdHelp": "The Entity ID used to validate the Issuer for received SAML assertions. If empty, no Issuer validation is performed.", + "useEntityDescriptorHelp": "Import metadata from a remote IDP SAML entity descriptor.", + "samlEntityDescriptorHelp": "Allows you to load external IDP metadata from a config file or to download it from a URL.", + "ssoServiceUrlHelp": "The Url that must be used to send authentication requests (SAML AuthnRequest).", + "singleLogoutServiceUrlHelp": "The Url that must be used to send logout requests.", + "nameIdPolicyFormatHelp": "Specifies the URI reference corresponding to a name identifier format.", + "principalTypeHelp": "Way to identify and track external users from the assertion. Default is using Subject NameID, alternatively you can set up identifying attribute.", + "principalAttributeHelp": "Name or Friendly Name of the attribute used to identify external users.", + "allowCreateHelp": "Allow the external identity provider to create a new identifier to represent the principal.", + "httpPostBindingResponseHelp": "Indicates whether to respond to requests using HTTP-POST binding. If false, HTTP-REDIRECT binding will be used.", + "httpPostBindingAuthnRequestHelp": "Indicates whether the AuthnRequest must be sent using HTTP-POST binding. If false, HTTP-REDIRECT binding will be used.", + "httpPostBindingLogoutHelp": "Indicates whether to respond to requests using HTTP-POST binding. If false, HTTP-REDIRECT binding will be used.", + "wantAuthnRequestsSignedHelp": "Indicates whether the identity provider expects a signed AuthnRequest.", + "encryptionAlgorithmHelp": "Encryption algorithm, which is used by SAML IDP for encryption of SAML documents, assertions or IDs. The corresponding decryption key for decrypt SAML document parts will be chosen based on this configured algorithm and should be available in realm keys for the encryption (ENC) usage. If algorithm is not configured, then any supported algorithm is allowed and decryption key will be chosen based on the algorithm configured in SAML document itself.", + "samlSignatureKeyNameHelp": "Signed SAML documents contain identification of signing key in KeyName element. For Keycloak / RH-SSO counter-party, use KEY_ID, for MS AD FS use CERT_SUBJECT, for others check and use NONE if no other option works.", + "wantAssertionsSignedHelp": "Indicates whether this service provider expects a signed Assertion.", + "wantAssertionsEncryptedHelp": "Indicates whether this service provider expects an encrypted Assertion.", + "forceAuthenticationHelp": "Indicates whether the identity provider must authenticate the presenter directly rather than rely on a previous security context.", + "validateSignatures": "Enable/disable signature validation of SAML responses.", + "validatingX509CertsHelp": "The certificate in PEM format that must be used to check for signatures. Multiple certificates can be entered, separated by comma (,).", + "signServiceProviderMetadataHelp": "Enable/disable signature of the provider SAML metadata.", + "passSubjectHelp": "During login phase, forward an optional login_hint query parameter to SAML AuthnRequest's Subject.", + "comparisonHelp": "Specifies the comparison method used to evaluate the requested context classes or statements. The default is \"Exact\".", + "authnContextClassRefsHelp": "Ordered list of requested AuthnContext ClassRefs.", + "authnContextDeclRefsHelp": "Ordered list of requested AuthnContext DeclRefs.", + "addIdpMapperName": "Name of the mapper.", + "syncModeOverrideHelp": "Overrides the default sync mode of the IDP for this mapper. Values are: 'legacy' to keep the behaviour before this option was introduced, 'import' to only import the user once during first login of the user with this identity provider, 'force' to always update the user during every login with this identity provider and 'inherit' to use the sync mode defined in the identity provider for this mapper.", + "advancedAttributeToRole": "If the set of attributes exists and can be matched, grant the user the specified realm or client role.", + "usernameTemplateImporter": "Format the username to import.", + "hardcodedUserSessionAttribute": "When a user is imported from a provider, hardcode a value to a specific user session attribute.", + "externalRoleToRole": "Looks for an external role in a keycloak access token. If external role exists, grant the user the specified realm or client role.", + "advancedClaimToRole": "If all claims exist, grant the user the specified realm or client role.", + "claimToRole": "If a claim exists, grant the user the specified realm or client role.", + "oidcAttributeImporter": "Import declared claim if it exists in ID, access token, or the claim set returned by the user profile endpoint into the specified user property or attribute.", + "attributeImporter": "Import declared SAML attribute if it exists in assertion into the specified user property or attribute.", + "hardcodedRole": "When user is imported from provider, hardcode a role mapping for it.", + "hardcodedAttribute": "When user is imported from provider, hardcode a value to a specific user attribute.", + "samlAttributeToRole": "If an attribute exists, grant the user the specified realm or client role.", + "templateHelp": "Template to use to format the username to import. Substitutions are enclosed in ${}. For example: '${ALIAS}.${CLAIM.sub}'. ALIAS is the provider alias. CLAIM. references an ID or Access token claim. The substitution can be converted to upper or lower case by appending |uppercase or |lowercase to the substituted value, e.g. '${CLAIM.sub | lowercase}", + "targetHelp": "Destination field for the mapper. LOCAL (default) means that the changes are applied to the username stored in local database upon user import. BROKER_ID and BROKER_USERNAME means that the changes are stored into the ID or username used for federation user lookup, respectively.", + "userSessionAttributeHelp": "Name of user session attribute you want to hardcode", + "userAttributeHelp": "Name of user attribute you want to hardcode", + "claimHelp": "Name of claim to search for in token. You can reference nested claims by using a '.', i.e. 'address.locality'. To use dot (.) literally, escape it with backslash. (\\.)", + "socialProfileJSONFieldPathHelp": "Path of field in Social Provider User Profile JSON data to get value from. You can use dot notation for nesting and square brackets for array index. E.g. 'contact.address[0].country'.", + "userAttributeValueHelp": "Value you want to hardcode", + "friendlyName": "Friendly name of attribute to search for in assertion. You can leave this blank and specify a name instead.", + "userAttributeName": "User attribute name to store SAML attribute. Use email, lastName, and firstName to map to those predefined user properties.", + "socialUserAttributeName": "User attribute name to store information.", + "attributesHelp": "Name and (regex) value of the attributes to search for in token. The configured name of an attribute is searched in SAML attribute name and attribute friendly name fields. Every given attribute description must be met to set the role. If the attribute is an array, then the value must be contained in the array. If an attribute can be found several times, then one match is sufficient.", + "regexAttributeValuesHelp": "If enabled attribute values are interpreted as regular expressions.", + "addMultivaluedLabel": "Add {{fieldLabel}}", + "selectGroup": "Select group", + "usermodel": { + "prop": { + "label": "Property", + "tooltip": "Name of the property method in the UserModel interface. For example, a value of 'email' would reference the UserModel.getEmail() method." + }, + "attr": { + "label": "User Attribute", + "tooltip": "Name of stored user attribute which is the name of an attribute within the UserModel.attribute map." + }, + "clientRoleMapping": { + "clientId": { + "label": "Client ID", + "tooltip": "Client ID for role mappings. Just client roles of this client will be added to the token. If this is unset, client roles of all clients will be added to the token." + }, + "rolePrefix": { + "label": "Client Role prefix", + "tooltip": "A prefix for each client role (optional)." + }, + "tokenClaimName": { + "tooltip": "Name of the claim to insert into the token. This can be a fully qualified name like 'address.street'. In this case, a nested json object will be created. To prevent nesting and use dot literally, escape the dot with backslash (\\.). The special token ${client_id} can be used and this will be replaced by the actual client ID. Example usage is 'resource_access.${client_id}.roles'. This is useful especially when you are adding roles from all the clients (Hence 'Client ID' switch is unset) and you want client roles of each client stored separately." + } + }, + "realmRoleMapping": { + "rolePrefix": { + "label": "Realm Role prefix", + "tooltip": "A prefix for each Realm Role (optional)." + } + } + }, + "userSession": { + "modelNote": { + "label": "User Session Note", + "tooltip": "Name of stored user session note within the UserSessionModel.note map." + } + }, + "multivalued": { + "label": "Multivalued", + "tooltip": "Indicates if attribute supports multiple values. If true, the list of all values of this attribute will be set as claim. If false, just first value will be set as claim" + }, + "aggregate": { + "attrs": { + "label": "Aggregate attribute values", + "tooltip": "Indicates if attribute values should be aggregated with the group attributes. If using OpenID Connect mapper the multivalued option needs to be enabled too in order to get all the values. Duplicated values are discarded and the order of values is not guaranteed with this option." + } + }, + "jsonType": { + "label": "Claim JSON Type", + "tooltip": "JSON type that should be used to populate the json claim in the token. long, int, boolean, String and JSON are valid values." + }, + "includeInIdToken": { + "label": "Add to ID token", + "tooltip": "Should the claim be added to the ID token?" + }, + "includeInAccessToken": { + "label": "Add to access token", + "tooltip": "Should the claim be added to the access token?" + }, + "includeInAccessTokenResponse": { + "label": "Add to access token response", + "tooltip": "Should the claim be added to the access token response? Should only be used for informative and non-sensitive data" + }, + "includeInUserInfo": { + "label": "Add to userinfo", + "tooltip": "Should the claim be added to the userinfo?" + }, + "sectorIdentifierUri": { + "label": "Sector Identifier URI", + "tooltip": "Providers that use pairwise sub values and support Dynamic Client Registration SHOULD use the sector_identifier_uri parameter. It provides a way for a group of websites under common administrative control to have consistent pairwise sub values independent of the individual domain names. It also provides a way for Clients to change redirect_uri domains without having to reregister all their users." + }, + "pairwiseSubAlgorithmSalt": { + "label": "Salt", + "tooltip": "Salt used when calculating the pairwise subject identifier. If left blank, a salt will be generated." + }, + "addressClaim": { + "street": { + "label": "User Attribute Name for Street", + "tooltip": "Name of User Attribute, which will be used to map to 'street_address' subclaim inside 'address' token claim. Defaults to 'street' ." + }, + "locality": { + "label": "User Attribute Name for Locality", + "tooltip": "Name of User Attribute, which will be used to map to 'locality' subclaim inside 'address' token claim. Defaults to 'locality' ." + }, + "region": { + "label": "User Attribute Name for Region", + "tooltip": "Name of User Attribute, which will be used to map to 'region' subclaim inside 'address' token claim. Defaults to 'region' ." + }, + "postal_code": { + "label": "User Attribute Name for Postal Code", + "tooltip": "Name of User Attribute, which will be used to map to 'postal_code' subclaim inside 'address' token claim. Defaults to 'postal_code' ." + }, + "country": { + "label": "User Attribute Name for Country", + "tooltip": "Name of User Attribute, which will be used to map to 'country' subclaim inside 'address' token claim. Defaults to 'country' ." + }, + "formatted": { + "label": "User Attribute Name for Formatted Address", + "tooltip": "Name of User Attribute, which will be used to map to 'formatted' subclaim inside 'address' token claim. Defaults to 'formatted' ." + } + }, + "included": { + "client": { + "audience": { + "label": "Included Client Audience", + "tooltip": "The Client ID of the specified audience client will be included in audience (aud) field of the token. If there are existing audiences in the token, the specified value is just added to them. It won't override existing audiences." + } + }, + "custom": { + "audience": { + "label": "Included Custom Audience", + "tooltip": "This is used just if 'Included Client Audience' is not filled. The specified value will be included in audience (aud) field of the token. If there are existing audiences in the token, the specified value is just added to them. It won't override existing audiences." + } + } + }, + "name-id-format": "Name ID Format", + "mapper": { + "nameid": { + "format": { + "tooltip": "Name ID Format using Mapper" + } + } + }, + "client-scopes-condition": { + "label": "Expected Scopes", + "tooltip": "The list of expected client scopes. Condition evaluates to true if specified client request matches some of the client scopes. It depends also whether it should be default or optional client scope based on the 'Scope Type' configured." + }, + "client-accesstype": { + "label": "Client Access Type", + "tooltip": "Access Type of the client, for which the condition will be applied." + }, + "client-roles": { + "label": "Client Roles" + }, + "client-roles-condition": { + "tooltip": "Client roles, which will be checked during this condition evaluation. Condition evaluates to true if client has at least one client role with the name as the client roles specified in the configuration." + }, + "client-updater-source-groups": { + "label": "Groups", + "tooltip": "Name of groups to check. Condition evaluates to true if the entity, who creates/updates client is member of some of the specified groups. Configured groups are specified by their simple name, which must match to the name of the Keycloak group. No support for group hierarchy is used here." + }, + "client-updater-trusted-hosts": { + "label": "Trusted hosts", + "tooltip": "List of Hosts, which are trusted. In case that client registration/update request comes from the host/domain specified in this configuration, condition evaluates to true. You can use hostnames or IP addresses. If you use star at the beginning (for example '*.example.com' ) then whole domain example.com will be trusted." + }, + "client-updater-source-roles": { + "label": "Updating entity role", + "tooltip": "The condition is checked during client registration/update requests and it evaluates to true if the entity (usually user), who is creating/updating client is member of the specified role. For reference the realm role, you can use the realm role name like 'my_realm_role' . For reference client role, you can use the client_id.role_name for example 'my_client.my_client_role' will refer to client role 'my_client_role' of client 'my_client'." + }, + "allowed-client-scopes": { + "label": "Allowed Client Scopes", + "tooltip": "Whitelist of the client scopes, which can be used on a newly registered client. Attempt to register client with some client scope, which is not whitelisted, will be rejected. By default, the whitelist is either empty or contains just realm default client scopes (based on 'Allow Default Scopes' configuration property)" + }, + "allow-default-scopes": { + "label": "Allow Default Scopes", + "tooltip": "If on, newly registered clients will be allowed to have client scopes mentioned in realm default client scopes or realm optional client scopes" + }, + "allowed-protocol-mappers": { + "label": "Allowed Protocol Mappers", + "tooltip": "Whitelist of allowed protocol mapper providers. If there is an attempt to register client, which contains some protocol mappers, which were not whitelisted, registration request will be rejected." + }, + "max-clients": { + "label": "Max Clients Per Realm", + "tooltip": "It will not be allowed to register a new client if count of existing clients in realm is same or bigger than the configured limit." + }, + "trusted-hosts": { + "label": "Trusted Hosts", + "tooltip": "List of Hosts, which are trusted and are allowed to invoke Client Registration Service and/or be used as values of Client URIs. You can use hostnames or IP addresses. If you use star at the beginning (for example '*.example.com' ) then whole domain example.com will be trusted." + }, + "host-sending-registration-request-must-match": { + "label": "Host Sending Client Registration Request Must Match", + "tooltip": "If on, any request to Client Registration Service is allowed just if it was sent from some trusted host or domain." + }, + "client-uris-must-match": { + "label": "Client URIs Must Match", + "tooltip": "If on, all Client URIs (Redirect URIs and others) are allowed just if they match some trusted host or domain." + }, + "clientScopeType": { + "default": "Default", + "optional": "Optional", + "none": "None" + }, + "createIdentityProviderSuccess": "Identity provider successfully created", + "createIdentityProviderError": "Could not create the identity provider: {{error}}", + "createClientError": "Could not create client: '{{error}}'", + "createClientSuccess": "Client created successfully", + "createClientScopeSuccess": "Client scope created", + "createClientScopeError": "Could not create client scope: '{{error}}'", + "createUserProviderSuccess": "User federation provider successfully created", + "createUserProviderError": "User federation provider could not be created: {{error}}", + "flowNameHelp": "Help text for the name of the new flow", + "flowDescriptionHelp": "Help text for the description of the new flow", + "noRoles-clientScopes": "No roles for this client scope", + "noRolesInstructions-clientScopes": "You haven't created any roles for this client scope. Create a role to get started.", + "noRoles-user": "No roles for this user", + "noRolesInstructions-user": "You haven't assigned any roles to this user. Assign a role to get started.", + "noRoles-client": "No roles for this client", + "noRolesInstructions-client": "You haven't created any roles for this client. Create a role to get started.", + "noRoles-groups": "No roles for this group", + "noRolesInstructions-groups": "You haven't created any roles for this group. Create a role to get started.", + "noRoles-roles": "No roles in this realm", + "noRolesInstructions-roles": "You haven't created any roles in this realm. Create a role to get started.", + "userRoleMappingUpdatedSuccess": "User role mapping successfully updated", + "realmNameField": "Realm name", + "searchForClientScope": "Search for client scope", + "searchForRoles": "Search role by name", + "titleAuthentication": "Authentication", + "titleEvents": "Events", + "titleRoles": "Realm roles", + "titleUsers": "Users", + "titleSessions": "Sessions", + "deleteConfirmClientScopes": "Are you sure you want to delete this client scope", + "deleteConfirmUsers": "Delete user?", + "deleteConfirmGroup_one": "Are you sure you want to delete this group '{{groupName}}'.", + "deleteConfirmGroup_other": "Are you sure you want to delete these groups.", + "deleteConfirmIdentityProvider": "Are you sure you want to permanently delete the provider '{{provider}}'?", + "deleteConfirmRealmSetting": "If you delete this realm, all associated data will be removed.", + "whoWillAppearLinkTextRoles": "Who will appear in this user list?", + "whoWillAppearLinkTextUsers": "Who will appear in this group list?", + "whoWillAppearPopoverTextRoles": "This tab shows only the users who are assigned directly to this role. To see users who are assigned this role as an associated role or through a group, go to", + "whoWillAppearPopoverTextUsers": "Groups are hierarchical. When you select Direct Membership, you see only the child group that the user joined. Ancestor groups are not included.", + "deletedSuccessClientScope": "The client scope has been deleted", + "deletedSuccessIdentityProvider": "Provider successfully deleted.", + "deletedSuccessRealmSetting": "The realm has been deleted", + "deletedErrorClientScope": "Could not delete client scope: {{error}}", + "deletedErrorIdentityProvider": "Could not delete the provider {{error}}", + "deletedErrorRealmSetting": "Could not delete realm: {{error}}", + "realmSaveSuccess": "Realm successfully updated", + "userProviderSaveSuccess": "User federation provider successfully saved", + "realmSaveError": "Realm could not be updated: {{error}}", + "userProviderSaveError": "User federation provider could not be saved: {{error}}", + "validateAttributeName": "Attribute configuration without name is not allowed.", + "disableConfirmIdentityProvider": "Are you sure you want to disable the provider '{{provider}}'", + "disableConfirmRealm": "User and clients can't access the realm if it's disabled. Are you sure you want to continue?", + "updateSuccessClientScope": "Client scope updated", + "updateErrorClientScope": "Could not update client scope: '{{error}}'", + "updateSuccessIdentityProvider": "Provider successfully updated", + "updateErrorIdentityProvider": "Could not update the provider {{error}}", + "orderChangeSuccessUserFed": "Successfully changed the priority order of user federation providers", + "orderChangeErrorUserFed": "Could not change the priority order of user federation providers {{error}}", + "disableNonceHelp": "Do not send the nonce parameter in the authentication request. The nonce parameter is sent and verified by default.", + "disableNonce": "Disable nonce" +} diff --git a/js/apps/admin-ui/public/locales/en/user-federation-help.json b/js/apps/admin-ui/public/locales/en/user-federation-help.json deleted file mode 100644 index 23139d860d..0000000000 --- a/js/apps/admin-ui/public/locales/en/user-federation-help.json +++ /dev/null @@ -1,110 +0,0 @@ -{ - "addKerberosWizardDescription": "Text needed here", - "addLdapWizardDescription": "Text needed here", - "ldapGeneralOptionsSettingsDescription": "This section contains a few basic options common to all user storage providers.", - "uiDisplayNameHelp": "Display name of provider when linked in the Admin UI", - "vendorHelp": "LDAP vendor (provider)", - "ldapConnectionAndAuthorizationSettingsDescription": "This section contains options related to the configuration of the connection to the LDAP server. It also contains options related to authentication of the LDAP connection to the LDAP server.", - "consoleDisplayConnectionUrlHelp": "Connection URL to your LDAP server", - "enableStartTlsHelp": "Encrypts the connection to LDAP using STARTTLS, which will disable connection pooling", - "useTruststoreSpiHelp": "Specifies whether LDAP connection will use the Truststore SPI with the truststore configured in command-line options. 'Always' means that it will always use it. 'Never' means that it will not use it. Note that even if Keycloak truststore is not configured, the default java cacerts or certificate specified by 'javax.net.ssl.trustStore' property will be used.", - "connectionPoolingHelp": "Determines if Keycloak should use connection pooling for accessing LDAP server.", - "connectionTimeoutHelp": "LDAP connection timeout in milliseconds", - "bindTypeHelp": "Type of the authentication method used during LDAP bind operation. It is used in most of the requests sent to the LDAP server. Currently only 'none' (anonymous LDAP authentication) or 'simple' (bind credential + bind password authentication) mechanisms are available.", - "bindDnHelp": "DN of the LDAP admin, which will be used by Keycloak to access LDAP server", - "bindCredentialsHelp": "Password of LDAP admin. This field is able to obtain its value from vault, use ${vault.ID} format.", - "ldapSearchingAndUpdatingSettingsDescription": "This section contains options related to searching the LDAP server for the available users.", - "editModeLdapHelp": "READ_ONLY is a read-only LDAP store. WRITABLE means data will be synced back to LDAP on demand. UNSYNCED means user data will be imported, but not synced back to LDAP.", - "usersDNHelp": "Full DN of LDAP tree where your users are. This DN is the parent of LDAP users. It could be for example 'ou=users,dc=example,dc=com' assuming that your typical user will have DN like 'uid='john',ou=users,dc=example,dc=com'.", - "usernameLdapAttributeHelp": "Name of the LDAP attribute, which is mapped as Keycloak username. For many LDAP server vendors it can be 'uid'. For Active directory it can be 'sAMAccountName' or 'cn'. The attribute should be filled for all LDAP user records you want to import from LDAP to Keycloak.", - "rdnLdapAttributeHelp": "Name of the LDAP attribute, which is used as RDN (top attribute) of typical user DN. Usually it's the same as the Username LDAP attribute, however it is not required. For example for Active directory, it is common to use 'cn' as RDN attribute when username attribute might be 'sAMAccountName'.", - "uuidLdapAttributeHelp": "Name of the LDAP attribute, which is used as a unique object identifier (UUID) for objects in LDAP. For many LDAP server vendors, it is 'entryUUID'; however some are different. For example, for Active directory it should be 'objectGUID'. If your LDAP server does not support the notion of UUID, you can use any other attribute that is supposed to be unique among LDAP users in tree. For example 'uid' or 'entryDN'.", - "userObjectClassesHelp": "All values of LDAP objectClass attribute for users in LDAP, divided by commas. For example: 'inetOrgPerson, organizationalPerson'. Newly created Keycloak users will be written to LDAP with all those object classes and existing LDAP user records are found just if they contain all those object classes.", - "userLdapFilterHelp": "Additional LDAP filter for filtering searched users. Leave this empty if you don't need an additional filter. Make sure that it starts with '(' and ends with ')'.", - "searchScopeHelp": "For one level, the search applies only for users in the DNs specified by User DNs. For subtree, the search applies to the whole subtree. See LDAP documentation for more details.", - "readTimeoutHelp": "LDAP read timeout in milliseconds. This timeout applies for LDAP read operations.", - "paginationHelp": "Whether the LDAP server supports pagination", - "ldapSynchronizationSettingsDescription": "This section contains options related to synchronization of users from LDAP to the Keycloak database.", - "syncRegistrations": "Should newly created users be created within LDAP store? Priority effects which provider is chosen to sync the new user. This setting is effectively appplied only with WRITABLE edit mode.", - "importUsersHelp": "If true, LDAP users will be imported into the Keycloak DB and synced by the configured sync policies.", - "batchSizeHelp": "Count of LDAP users to be imported from LDAP to Keycloak within a single transaction", - "periodicFullSyncHelp": "Whether periodic full synchronization of LDAP users to Keycloak should be enabled or not", - "fullSyncPeriodHelp": "Period for full synchronization in seconds", - "periodicChangedUsersSyncHelp": "Whether periodic synchronization of changed or newly created LDAP users to Keycloak should be enabled or not", - "changedUsersSyncHelp": "Period for synchronization of changed or newly created LDAP users in seconds", - "ldapKerberosSettingsDescription": "This section contains options useful for the Kerberos integration. This is used only when the LDAP server is used together with Kerberos/SPNEGO for user authentication.", - "allowKerberosAuthenticationHelp": "Enable/disable HTTP authentication of users with SPNEGO/Kerberos tokens. The data about authenticated users will be provisioned from this LDAP server.", - "useKerberosForPasswordAuthenticationHelp": "User Kerberos login module for authenticating username/password against Kerberos server instead of authenticating against LDAP server with Directory Service API", - "cacheSettingsDescription": "This section contains options useful for caching users, which were loaded from this user storage provider.", - "cachePolicyHelp": "Cache Policy for this storage provider. 'DEFAULT' is whatever the default settings are for the global cache. 'EVICT_DAILY' is a time of day every day that the cache will be invalidated. 'EVICT_WEEKLY' is a day of the week and time the cache will be invalidated. 'MAX_LIFESPAN' is the time in milliseconds that will be the lifespan of a cache entry.", - "evictionDayHelp": "Day of the week the entry will become invalid", - "evictionHourHelp": "Hour of the day the entry will become invalid", - "evictionMinuteHelp": "Minute of the hour the entry will become invalid", - "maxLifespanHelp": "Max lifespan of cache entry in milliseconds", - "ldapAdvancedSettingsDescription": "This section contains all the other options for more fine-grained configuration of the LDAP storage provider.", - "enableLdapv3PasswordHelp": "Use the LDAPv3 Password Modify Extended Operation (RFC-3062). The password modify extended operation usually requires that LDAP user already has password in the LDAP server. So when this is used with 'Sync Registrations', it can be good to add also 'Hardcoded LDAP attribute mapper' with randomly generated initial password.", - "validatePasswordPolicyHelp": "Determines if Keycloak should validate the password with the realm password policy before updating it. For the case when user's password is saved in LDAP, some Keycloak password policies will not work (Not Recently Used, Expire Password, Hashing Iterations, Hashing Algorithm) due the fact that Keycloak does not have direct control over the password storage. It is needed to enable password policies at the LDAP server layer if you want to leverage those password policies.", - "trustEmailHelp": "If enabled, email provided by this provider is not verified even if verification is enabled for the realm.", - "IDK-periodicChangedUsersSyncHelp": "Should newly created users be created within LDAP store? Priority affects which provider is chosen to sync the new user.", - "kerberosWizardDescription": "Text needed here.", - "kerberosRequiredSettingsDescription": "This section contains a few basic options common to all user storage providers.", - "kerberosRealmHelp": "Name of kerberos realm. For example, FOO.ORG", - "serverPrincipalHelp": "Full name of server principal for HTTP service including server and domain name. For example, HTTP/host.foo.org@FOO.ORG", - "keyTabHelp": "Location of Kerberos KeyTab file containing the credentials of server principal. For example, /etc/krb5.keytab", - "krbPrincipalAttributeHelp": "Name of the LDAP attribute, which refers to Kerberos principal. This is used to lookup appropriate LDAP user after successful Kerberos/SPNEGO authentication in Keycloak. When this is empty, the LDAP user will be looked based on LDAP username corresponding to the first part of his Kerberos principal. For instance, for principal 'john@KEYCLOAK.ORG', it will assume that LDAP username is 'john'.", - "debugHelp": "Enable/disable debug logging to standard output for Krb5LoginModule.", - "allowPasswordAuthenticationHelp": "Enable/disable possibility of username/password authentication against Kerberos database", - "editModeKerberosHelp": "READ_ONLY means that password updates are not allowed and user always authenticates with Kerberos password. UNSYNCED means that the user can change the password in the Keycloak database and this one will be used instead of the Kerberos password.", - "updateFirstLoginHelp": "Update profile on first login", - "mapperTypeMsadUserAccountControlManagerHelp": "Mapper specific to MSAD. It's able to integrate the MSAD user account state into Keycloak account state (account enabled, password is expired etc). It's using userAccountControl and pwdLastSet MSAD attributes for that. For example if pwdLastSet is 0, the Keycloak user is required to update the password; if userAccountControl is 514 (disabled account) the Keycloak user is disabled as well etc. Mapper is also able to handle the exception code from LDAP user authentication.", - "mapperTypeMsadLdsUserAccountControlMapperHelp": "Mapper specific to MSAD LDS. It's able to integrate the MSAD LDS user account state into Keycloak account state (account enabled, password is expired etc). It's using msDS-UserAccountDisabled and pwdLastSet is 0, the Keycloak user is required to update password, if msDS-UserAccountDisabled is 'TRUE' the Keycloak user is disabled as well etc. Mapper is also able to handle exception code from LDAP user authentication.", - "mapperTypeGroupLdapMapperHelp": "Used to map group mappings of groups from some LDAP DN to Keycloak group mappings", - "mapperTypeRoleLdapMapperHelp": "Used to map role mappings of roles from some LDAP DN to Keycloak role mappings of either realm roles or client roles of particular client", - "mapperTypeHardcodedAttributeMapperHelp": "This mapper will hardcode any model user attribute and some property (like emailVerified or enabled) when importing user from LDAP.", - "mapperTypeHardcodedLdapRoleMapperHelp": "Users imported from LDAP will be automatically added into this configured role.", - "mapperTypeCertificateLdapMapperHelp": "Used to map single attribute which contains a certificate from LDAP user to attribute of UserModel in Keycloak DB", - "mapperTypeFullNameLdapMapperHelp": "Used to map the full-name of a user from single attribute in LDAP (usually 'cn' attribute) to firstName and lastName attributes of UserModel in Keycloak DB", - "mapperTypeHardcodedLdapGroupMapperHelp": "Users imported from LDAP will be automatically added into this configured group.", - "mapperTypeLdapAttributeMapperHelp": "This mapper is supported just if syncRegistrations is enabled. New users registered in Keycloak will be written to the LDAP with the hardcoded value of some specified attribute.", - "passwordPolicyHintsEnabledHelp": "Applicable just for writable MSAD. If on, then updating password of MSAD user will use LDAP_SERVER_POLICY_HINTS_OID extension, which means that advanced MSAD password policies like 'password history' or 'minimal password age' will be applied. This extension works just for MSAD 2008 R2 or newer.", - "nameHelp": "Name of the mapper", - "mapperTypeHelp": "Used to map single attribute from LDAP user to attribute of UserModel in Keycloak DB", - "userModelAttributeHelp": "Name of the UserModel property or attribute you want to map the LDAP attribute into. For example 'firstName', 'lastName, 'email', 'street' etc.", - "ldapAttributeHelp": "Name of mapped attribute on LDAP object. For example 'cn', 'sn', 'mail', 'street', etc.", - "readOnlyHelp": "Read-only attribute is imported from LDAP to UserModel, but it's not saved back to LDAP when user is updated in Keycloak.", - "alwaysReadValueFromLdapHelp": "If on, then during reading of the LDAP attribute value will always used instead of the value from Keycloak DB.", - "isMandatoryInLdapHelp": "If true, attribute is mandatory in LDAP. Hence if there is no value in Keycloak DB, the empty value will be set to be propagated to LDAP.", - "attributeDefaultValueHelp": "If there is no value in Keycloak DB and attribute is mandatory in LDAP, this value will be propagated to LDAP.", - "isBinaryAttributeHelp": "Should be true for binary LDAP attributes.", - "derFormattedHelp": "Activate this if the certificate is DER formatted in LDAP and not PEM formatted.", - "ldapFullNameAttributeHelp": "Name of the LDAP attribute, which contains the fullName of the user. Usually it will be 'cn'.", - "fullNameLdapReadOnlyHelp": "For Read-only, data is imported from LDAP to Keycloak DB, but it's not saved back to LDAP when the user is updated in Keycloak.", - "fullNameLdapWriteOnlyHelp": "For Write-only, data is propagated to LDAP when a user is created or updated in Keycloak. But this mapper is not used to propagate data from LDAP back into Keycloak. This setting is useful if you configured separate firstName and lastName attribute mappers and you want to use those to read the attribute from LDAP into Keycloak.", - "ldapGroupsDnHelp": "LDAP DN where groups of this tree are saved. For example 'ou=groups,dc=example,dc=org'", - "groupNameLdapAttributeHelp": "Name of LDAP attribute, which is used in group objects for name and RDN of group. Usually it will be 'cn'. In this case typical group/role object may have DN like 'cn=Group1,ouu=groups,dc=example,dc=org'.", - "groupObjectClassesHelp": "Object class (or classes) of the group object. It's divided by commas if more classes needed. In typical LDAP deployment it could be 'groupOfNames'. In Active Directory it's usually 'group'.", - "preserveGroupInheritanceHelp": "Flag whether group inheritance from LDAP should be propagated to Keycloak. If false, then all LDAP groups will be mapped as flat top-level groups in Keycloak. Otherwise group inheritance is preserved into Keycloak, but the group sync might fail if LDAP structure contains recursions or multiple parent groups per child groups.", - "ignoreMissingGroupsHelp": "Ignore missing groups in the group hierarchy.", - "userGroupsRetrieveStrategyHelp": "Specify how to retrieve groups of user. LOAD_GROUPS_BY_MEMBER_ATTRIBUTE means that roles of user will be retrieved by sending LDAP query to retrieve all groups where 'member' is our user. GET_GROUPS_FROM_USER_MEMBEROF_ATTRIBUTE means that groups of user will be retrieved from 'memberOf' attribute of our user or from the other attribute specified by 'Member-Of LDAP Attribute'.", - "mappedGroupAttributesHelp": "List of names of attributes divided by commas. This points to the list of attributes on LDAP group, which will be mapped as attributes of Group in Keycloak. Leave this empty if no additional group attributes are required to be mapped in Keycloak.", - "dropNonexistingGroupsDuringSyncHelp": "If this flag is true, then during sync of groups from LDAP to Keycloak, we will keep just those Keycloak groups that still exist in LDAP. The rest will be deleted.", - "groupsPathHelp": "Keycloak group path the LDAP groups are added to. For example if value '/Applications/App1' is used, then LDAP groups will be available in Keycloak under group 'App1', which is child of top level group 'Applications'. The default value is '/' so LDAP groups will be mapped to the Keycloak groups at the top level. The configured group path must already exist in the Keycloak when creating this mapper.", - "ldapRolesDnHelp": "LDAP DN where roles of this tree are saved. For example, 'ou=finance,dc=example,dc=org'", - "roleNameLdapAttributeHelp": "Name of LDAP attribute, which is used in role objects for name and RDN of role. Usually it will be 'cn'. In this case typical group/role object may have DN like 'cn=role1,ou=finance,dc=example,dc=org'.", - "roleObjectClassesHelp": "Object class (or classes) of the role object. It's divided by commas if more classes are needed. In typical LDAP deployment it could be 'groupOfNames'. In Active Directory it's usually 'group'.", - "userRolesRetrieveStrategyHelp": "Specify how to retrieve roles of user. LOAD_ROLES_BY_MEMBER_ATTRIBUTE means that roles fo user will be retrieved by sending LDAP query to retrieve all roles where 'member' is our user. GET_ROLES_FROM_USER_MEMBEROF means that roles of user will be retrieved from 'memberOf' attribute of our user. Or from the other attributes specified by 'Member-Of LDAP Attribute'. LOAD_ROLES_BY_MEMBER_ATTRIBUTE is applicable just in Active Directory and it means that roles of user will be retrieved recursively with usage of LDAP_MATCHING_RULE_IN_CHAIN LDAP extension.", - "useRealmRolesMappingHelp": "If true, then LDAP role mappings will be mapped to realm role mappings in Keycloak. Otherwise it will be mapped to client role mappings.", - "clientIdHelp": "Client ID of client to which LDAP role mappings will be mapped. Applicable only if 'Use Realm Roles Mapping' is false.", - "membershipLdapAttributeHelp": "Name of LDAP attribute on group, which is used for membership mappings. Usually it will be 'member'. However when 'Membership Attribute Type' is 'UID', then 'Membership LDAP Attribute' could be typically 'memberUid'.", - "membershipAttributeTypeHelp": "DN means that LDAP group has it's members declared in form of their full DN. For example 'member: uid=john,ou=users,dc=example,dc=com'. UID means that LDAP group has it's members declared in form of pure user uids. For example 'memberUid: john'.", - "membershipUserLdapAttributeHelp": "Used just if Membership Attribute Type is UID. It is the name of the LDAP attribute on user, which is used for membership mappings. Usually it will be 'uid'. For example if the value of 'Membership User LDAP Attribute' is 'uid' and LDAP group has 'memberUid: john', then it is expected that particular LDAP user will have attribute 'uid: john'.", - "ldapFilterHelp": "LDAP Filter adds an additional custom filter to the whole query for retrieve LDAP groups. Leave this empty if no additional filtering is needed and you want to retrieve all groups from LDAP. Otherwise make sure that filter starts with '(' and ends with ')'.", - "modeHelp": "LDAP_ONLY means that all group mappings of users are retrieved from LDAP and saved into LDAP. READ_ONLY is Read-only LDAP mode where group mappings are retrieved from both LDAP and DB and merged together. New group joins are not saved to LDAP but to DB. IMPORT is Read-only LDAP mode where group mappings are retrieved from LDAP just at the time when user is imported from LDAP and then they are saved to local keycloak DB.", - "memberofLdapAttributeHelp": "Used just when 'User Roles Retrieve Strategy' is GET_GROUPS_FROM_USER_MEMBEROF_ATTRIBUTE. It specifies the name of the LDAP attribute on the LDAP user, which contains the groups, which the user is member of. Usually it will be the default 'memberOf'.", - "userModelAttributeNameHelp": "Name of the model attribute to be added when importing user from LDAP", - "attributeValueHelp": "Value of the model attribute to be added when importing user from LDAP", - "roleHelp": "Role to grant to user. Click 'Select Role' button to browse roles, or just type it in the textbox. To reference an application role the syntax is appname.approle, i.e. myapp.myrole.", - "groupHelp": "Group to add the user in. Fill the full path of the group including path. For example: '/root-group/child-group'.", - "ldapAttributeNameHelp": "Name of the LDAP attribute, which will be added to the new user during registration", - "ldapAttributeValueHelp": "Value of the LDAP attribute, which will be added to the new user during registration. You can either hardcode any value like 'foo' but you can also use some special tokens. Only supported token right now is '${RANDOM}', which will be replaced with some randomly generated string." -} diff --git a/js/apps/admin-ui/public/locales/en/user-federation.json b/js/apps/admin-ui/public/locales/en/user-federation.json deleted file mode 100644 index afe1556e62..0000000000 --- a/js/apps/admin-ui/public/locales/en/user-federation.json +++ /dev/null @@ -1,180 +0,0 @@ -{ - "userFederation": "User federation", - "descriptionLanding": "This is the description for the user federation landing page", - "userFederationExplain": "User federation provides access to external databases and directories, such as LDAP and Active Directory.", - "getStarted": "To get started, select a provider from the list below.", - "providers": "Add providers", - "addProvider_one": "Add {{provider}} provider", - "addProvider_other": "Add {{provider}} providers", - "addKerberosWizardTitle": "Add Kerberos user federation provider", - "addLdapWizardTitle": "Add LDAP user federation provider", - "syncChangedUsers": "Sync changed users", - "syncAllUsers": "Sync all users", - "syncLDAPGroupsSuccessful": "Data successfully synced {{result}}", - "syncLDAPGroupsError": "Data could not be synced due {{error}}", - "unlinkUsers": "Unlink users", - "removeImported": "Remove imported", - "deleteProvider": "Delete provider", - "generalOptions": "General options", - "uiDisplayName": "UI display name", - "vendor": "Vendor", - "connectionAndAuthenticationSettings": "Connection and authentication settings", - "connectionURL": "Connection URL", - "enableStartTls": "Enable StartTLS", - "useTruststoreSpi": "Use Truststore SPI", - "connectionPooling": "Connection pooling", - "connectionTimeout": "Connection timeout", - "bindType": "Bind type", - "bindDn": "Bind DN", - "bindCredentials": "Bind credentials", - "ldapSearchingAndUpdatingSettings": "LDAP searching and updating", - "editMode": "Edit mode", - "usersDN": "Users DN", - "usernameLdapAttribute": "Username LDAP attribute", - "rdnLdapAttribute": "RDN LDAP attribute", - "uuidLdapAttribute": "UUID LDAP attribute", - "userObjectClasses": "User object classes", - "userLdapFilter": "User LDAP filter", - "searchScope": "Search scope", - "readTimeout": "Read timeout", - "pagination": "Pagination", - "synchronizationSettings": "Synchronization settings", - "syncRegistrations": "Sync Registrations", - "importUsers": "Import users", - "batchSize": "Batch size", - "periodicFullSync": "Periodic full sync", - "fullSyncPeriod": "Full sync period", - "periodicChangedUsersSync": "Periodic changed users sync", - "changedUsersSyncPeriod": "Changed users sync period", - "kerberosIntegration": "Kerberos integration", - "allowKerberosAuthentication": "Allow Kerberos authentication", - "useKerberosForPasswordAuthentication": "Use Kerberos for password authentication", - "cacheSettings": "Cache settings", - "cachePolicy": "Cache policy", - "evictionDay": "Eviction day", - "evictionHour": "Eviction hour", - "evictionMinute": "Eviction minute", - "maxLifespan": "Max lifespan", - "ms": "milliseconds", - "advancedSettings": "Advanced settings", - "enableLdapv3Password": "Enable the LDAPv3 password modify extended operation", - "validatePasswordPolicy": "Validate password policy", - "trustEmail": "Trust email", - "requiredSettings": "Required Settings", - "kerberosRealm": "Kerberos realm", - "serverPrincipal": "Server principal", - "keyTab": "Key tab", - "krbPrincipalAttribute": "Kerberos principal attribute", - "debug": "Debug", - "allowPasswordAuthentication": "Allow password authentication", - "updateFirstLogin": "Update first login", - "always": "Always", - "never": "Never", - "oneLevel": "One Level", - "subtree": "Subtree", - "saveSuccess": "User federation provider successfully saved", - "saveError": "User federation provider could not be saved: {{error}}", - "createSuccess": "User federation provider successfully created", - "createError": "User federation provider could not be created: {{error}}", - "queryExtensions": "Query Supported Extensions", - "testAuthentication": "Test authentication", - "testSuccess": "Successfully connected to LDAP", - "testError": "Error when trying to connect to LDAP: '{{error}}'", - "learnMore": "Learn more", - "managePriorities": "Manage priorities", - "managePriorityOrder": "Manage priority order", - "managePriorityInfo": "Priority is the order of providers when doing a user lookup. You can drag the row handlers to change the priorities.", - "orderChangeSuccess": "Successfully changed the priority order of user federation providers", - "orderChangeError": "Could not change the priority order of user federation providers {{error}}", - "addNewProvider": "Add new provider", - "addCustomProvider": "Add custom provider", - "providerDetails": "Provider details", - "userFedDeletedSuccess": "The user federation provider has been deleted.", - "userFedDeleteError": "Could not delete user federation provider: '{{error}}'", - "userFedDeleteConfirmTitle": "Delete user federation provider?", - "userFedDeleteConfirm": "If you delete this user federation provider, all associated data will be removed.", - "userFedDisableConfirmTitle": "Disable user federation provider?", - "userFedDisableConfirm": "If you disable this user federation provider, it will not be considered for queries and imported users will be disabled and read-only until the provider is enabled again.", - "userFedUnlinkUsersConfirmTitle": "Unlink all users?", - "userFedUnlinkUsersConfirm": "Do you want to unlink all the users? Any users without a password in the database will not be able to authenticate anymore.", - "removeImportedUsers": "Remove imported users?", - "removeImportedUsersMessage": "Do you really want to remove all imported users? The option \"Unlink users\" makes sense just for the Edit Mode \"Unsynced\" and there should be a warning that \"unlinked\" users without the password in Keycloak database won't be able to authenticate.", - "removeImportedUsersSuccess": "Imported users have been removed.", - "removeImportedUsersError": "Could not remove imported users: '{{error}}'", - "syncUsersSuccess": "Sync of users finished successfully.", - "syncUsersError": "Could not sync users: '{{error}}'", - "unlinkUsersSuccess": "Unlink of users finished successfully.", - "unlinkUsersError": "Could not unlink users: '{{error}}'", - "validateName": "You must enter a name", - "validateRealm": "You must enter a realm", - "validateServerPrincipal": "You must enter a server principal", - "validateKeyTab": "You must enter a key tab", - "validateConnectionUrl": "You must enter a connection URL", - "validateBindDn": "You must enter the DN of the LDAP admin", - "validateBindCredentials": "You must enter the password of the LDAP admin", - "validateUuidLDAPAttribute": "You must enter a UUID LDAP attribute", - "validateUserObjectClasses": "You must enter one or more user object classes", - "validateEditMode": "You must select an edit mode", - "validateUsersDn": "You must enter users DN", - "validateUsernameLDAPAttribute": "You must enter a username LDAP attribute", - "validateRdnLdapAttribute": "You must enter an RDN LDAP attribute", - "validateCustomUserSearchFilter": "Filter must be enclosed in parentheses, for example: (filter)", - "mapperTypeMsadUserAccountControlManager": "msad-user-account-control-mapper", - "mapperTypeMsadLdsUserAccountControlMapper": "msad-user-account-control-mapper", - "mapperTypeGroupLdapMapper": "group-ldap-mapper", - "mapperTypeUserAttributeLdapMapper": "user-attribute-ldap-mapper", - "mapperTypeRoleLdapMapper": "role-ldap-mapper", - "mapperTypeHardcodedAttributeMapper": "hardcoded-attribute-mapper", - "mapperTypeHardcodedLdapRoleMapper": "hardcoded-ldap-role-mapper", - "mapperTypeCertificateLdapMapper": "certificate-ldap-mapper", - "mapperTypeFullNameLdapMapper": "full-name-ldap-mapper", - "mapperTypeHardcodedLdapGroupMapper": "hardcoded-ldap-group-mapper", - "mapperTypeLdapAttributeMapper": "hardcoded-ldap-attribute-mapper", - "ldapMappersList": "LDAP Mappers", - "ldapFullNameAttribute": "LDAP full name attribute", - "writeOnly": "Write only", - "ldapGroupsDn": "LDAP groups DN", - "groupNameLdapAttribute": "Group name LDAP attribute", - "groupObjectClasses": "Group object classes", - "preserveGroupInheritance": "Preserve group inheritance", - "ignoreMissingGroups": "Ignore missing groups", - "userGroupsRetrieveStrategy": "User groups retrieve strategy", - "mappedGroupAttributes": "Mapped group attributes", - "dropNonexistingGroupsDuringSync": "Drop non-existing groups during sync", - "groupsPath": "Groups path", - "membershipLdapAttribute": "Membership LDAP attribute", - "membershipAttributeType": "Membership attribute type", - "membershipUserLdapAttribute": "Membership user LDAP attribute", - "ldapFilter": "LDAP filter", - "mode": "Mode", - "memberofLdapAttribute": "Member-of LDAP attribute", - "ldapRolesDn": "LDAP roles DN", - "roleNameLdapAttribute": "Role name LDAP attribute", - "roleObjectClasses": "Role object classes", - "userRolesRetrieveStrategy": "User roles retrieve strategy", - "useRealmRolesMapping": "Use realm roles mapping", - "ldapAttributeName": "LDAP attribute name", - "ldapAttributeValue": "LDAP attribute value", - "userModelAttribute": "User model attribute", - "ldapAttribute": "LDAP attribute", - "readOnly": "Read only", - "alwaysReadValueFromLdap": "Always read value from LDAP", - "isMandatoryInLdap": "Is mandatory in LDAP", - "attributeDefaultValue": "Attribute default value", - "isBinaryAttribute": "Is binary attribute", - "derFormatted": "DER formatted", - "passwordPolicyHintsEnabled": "Password policy hints enabled", - "userModelAttributeName": "User model attribute name", - "attributeValue": "Attribute value", - "selectRole": "Select role", - "group": "Group", - "providerId": "Provider ID", - "providerType": "Provider Type", - "parentId": "Parent ID", - "kerberosPrincipal": "Kerberos Principal", - "kerberosKeyTab": "Kerberos Key Tab", - "sync-ldap-roles-to-keycloak": "Sync LDAP roles to Keycloak", - "sync-keycloak-roles-to-ldap": "Sync Keycloak roles to LDAP", - "sync-ldap-groups-to-keycloak": "Sync LDAP groups to Keycloak", - "sync-keycloak-groups-to-ldap": "Sync Keycloak groups to LDAP" -} diff --git a/js/apps/admin-ui/public/locales/en/users-help.json b/js/apps/admin-ui/public/locales/en/users-help.json deleted file mode 100644 index 24436aa7c0..0000000000 --- a/js/apps/admin-ui/public/locales/en/users-help.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "temporaryLocked": "The user may be locked due to multiple failed attempts to log in.", - "disabled": "A disabled user cannot log in.", - "emailVerified": "Has the user's email been verified?", - "requiredUserActions": "Require an action when the user logs in. 'Verify email' sends an email to the user to verify their email address. 'Update profile' requires user to enter in new personal information. 'Update password' requires user to enter in a new password. 'Configure OTP' requires setup of a mobile password generator.", - "groups": "Groups where the user has membership. To leave a group, select it and click Leave.", - "userIdHelperText": "Enter the unique ID of the user for this identity provider.", - "usernameHelperText": "Enter the username of the user for this identity provider.", - "federationLink": "UserStorageProvider this locally stored user was imported from." -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/en/users.json b/js/apps/admin-ui/public/locales/en/users.json deleted file mode 100644 index e4db59b36c..0000000000 --- a/js/apps/admin-ui/public/locales/en/users.json +++ /dev/null @@ -1,183 +0,0 @@ -{ - "title": "Users", - "usersExplain": "Users are the users in the current realm.", - "userList": "User list", - "searchForUser": "Search user", - "searchType.default": "Default search", - "searchType.attribute": "Attribute search", - "selectAttribute": "Select attribute", - "selectAttributes": "Select attributes", - "searchUserByAttributeMissingKeyError": "Specify a attribute key", - "searchUserByAttributeKeyAlreadyInUseError": "Attribute key already in use", - "searchUserByAttributeMissingValueError": "Specify a attribute value", - "searchUserByAttributeDescription": "It supports setting multiple attributes as the search filter by setting different keys or values. Only one value can be typed for a key.", - "startBySearchingAUser": "Start by searching for users", - "searchForUserDescription": "This realm may have a federated provider. Viewing all users may cause the system to slow down, but it can be done by searching for \"*\". Please search for a user above.", - "createUser": "Create user", - "createNewUser": "Create new user", - "noUsersFound": "No users found", - "noUsersFoundError": "No users found due to {{error}}", - "noUsersFoundErrorStorage": "No users found, could be due to wrongly configured federated provider {{error}}", - "noGroups": "No groups", - "noGroupsText": "You haven't added this user to any groups. Join a group to get started.", - "joinGroup": "Join Group", - "joinGroups": "Join Groups", - "join": "Join", - "joinGroupsFor": "Join groups for user {{username}}", - "selectGroups": "Select groups to join", - "searchForGroups": "Search for groups", - "leave": "Leave", - "leaveGroup_one": "Leave group {{name}}?", - "leaveGroup_other": "Leave groups?", - "leaveGroupConfirmDialog_one": "Are you sure you want to remove {{username}} from the group {{groupname}}?", - "leaveGroupConfirmDialog_other": "Are you sure you want to remove {{username}} from the {{count}} selected groups?", - "directMembership": "Direct membership", - "groupMembership": "Group membership", - "addedGroupMembership": "Added group membership", - "addedGroupMembershipError": "Error adding group membership", - "removedGroupMembership": "Removed group membership", - "removedGroupMembershipError": "Error removing group membership", - "path": "Path", - "emptyInstructions": "Change your search criteria or add a user", - "createdAt": "Created at", - "username": "Username", - "email": "Email", - "emailVerified": "Email verified", - "lastName": "Last name", - "firstName": "First name", - "status": "Status", - "disabled": "Disabled", - "temporaryLocked": "Temporarily locked", - "unlockSuccess": "User successfully unlocked", - "unlockError": "Could not unlock user due to {{error}}", - "emailInvalid": "You must enter a valid email.", - "notVerified": "Not verified", - "requiredUserActions": "Required user actions", - "requiredActionPlaceholder": "Select action", - "federationLink": "Federation link", - "addUser": "Add user", - "impersonate": "Impersonate", - "impersonateConfirm": "Impersonate user?", - "impersonateConfirmDialog": "Are you sure you want to log in as this user? If this user is in the same realm with you, your current login session will be logged out before you log in as this user.", - "impersonateError": "Could not impersonate the user: {{error}}", - "deleteUser": "Delete user", - "deleteConfirm": "Delete user?", - "deleteConfirmCurrentUser": "Are you sure you want to permanently delete this user", - "deleteConfirmDialog_one": "Are you sure you want to permanently delete {{count}} selected user", - "deleteConfirmDialog_other": "Are you sure you want to permanently delete {{count}} selected users", - "userID": "User ID", - "userCreated": "The user has been created", - "userSaved": "The user has been saved", - "userDetails": "User details", - "userCreateError": "Could not create user: {{error}}", - "userDeletedSuccess": "The user has been deleted", - "userDeletedError": "The user could not be deleted {{error}}", - "linkAccount": "Link account", - "unlink": "Unlink", - "unlinkAccount": "Unlink account", - "unlinkAccountTitle": "Unlink account from {{provider}}?", - "unlinkAccountConfirm": "Are you sure you want to permanently unlink this account from {{provider}}?", - "link": "Link", - "linkAccountTitle": "Link account to {{provider}}", - "idpLinkSuccess": "Identity provider has been linked", - "idpUnlinkSuccess": "The provider link has been removed", - "idpType": { - "social": "Social login", - "custom": "Custom" - }, - "couldNotLinkIdP": "Could not link identity provider {{error}}", - "verifyEmail": "Verify Email", - "updateUserLocale": "Update User Locale", - "consents": "Consents", - "sessions": "Sessions", - "noConsents": "No consents", - "noConsentsText": "The consents will only be recorded when users try to access a client that is configured to require consent. In that case, users will get a consent page which asks them to grant access to the client.", - "identityProvider": "Identity provider", - "identityProviderLinks": "Identity provider links", - "noProvidersLinked": "No identity providers linked. Choose one from the list below.", - "noAvailableIdentityProviders": "No available identity providers.", - "linkedIdPs": "Linked identity providers", - "linkedIdPsText": "The identity providers which are already linked to this user account", - "availableIdPs": "Available identity providers", - "availableIdPsText": "All the configured identity providers in this realm are listed here. You can link the user account to any of the IdP accounts.", - "whoWillAppearLinkText": "Who will appear in this group list?", - "whoWillAppearPopoverText": "Groups are hierarchical. When you select Direct Membership, you see only the child group that the user joined. Ancestor groups are not included.", - "revoke": "Revoke", - "revokeClientScopesTitle": "Revoke all granted client scopes?", - "revokeClientScopes": "Are you sure you want to revoke all granted client scopes for {{clientId}}?", - "deleteGrantsSuccess": "Grants successfully revoked.", - "deleteGrantsError": "Error deleting grants.", - "roleMapping": "Role mapping", - "roleMappingUpdatedSuccess": "User role mapping successfully updated", - "noRoles": "No roles for this user", - "noRolesInstructions": "You haven't assigned any roles to this user. Assign a role to get started.", - "unlockAllUsers": "Unlock all users", - "unlockUsersConfirm": "All the users that are temporarily locked will be unlocked.", - "unlock": "Unlock", - "unlockUsersSuccess": "Any temporarily locked users are now unlocked", - "unlockUsersError": "Could not unlock all users {{error}}", - "noCredentials": "No credentials", - "noCredentialsText": "This user does not have any credentials. You can set password for this user.", - "setPassword": "Set password", - "setPasswordFor": "Set password for {{username}}", - "defaultPasswordLabel": "My password", - "save": "Save", - "cancel": "Cancel", - "savePasswordSuccess": "The password has been set successfully.", - "savePasswordError": "Error saving password: {{error}}", - "confirmPasswordDoesNotMatch": "Password and confirmation does not match.", - "credentialType": "Type", - "credentialUserLabel": "User Label", - "credentialData": "Data", - "credentialsList": "Credentials List", - "setPasswordConfirm": "Set password?", - "setPasswordConfirmText": "Are you sure you want to set the password for the user {{username}}?", - "password": "Password", - "passwordConfirmation": "Password confirmation", - "resetPasswordConfirmation": "New password confirmation", - "savePassword": "Save password", - "deleteCredentialsConfirmTitle": "Delete credentials?", - "deleteCredentialsConfirm": "Are you sure you want to delete these users credentials?", - "deleteCredentialsSuccess": "The credentials has been deleted successfully.", - "deleteCredentialsError": "Error deleting users credentials: {{error}}", - "deleteBtn": "Delete", - "updatedCredentialMoveSuccess": "User Credential configuration has been saved", - "updatedCredentialMoveError": "User Credential configuration hasn't been saved", - "resetPasswordFor": "Reset password for {{username}}", - "resetPasswordConfirm": "Reset password?", - "resetPasswordConfirmText": "Are you sure you want to reset the password for the user {{username}}?", - "resetPassword": "Reset password", - "resetCredentialsSuccess": "The password has been reset successfully.", - "resetCredentialsError": "Error resetting users credentials: {{error}}", - "resetPasswordError": "Error resetting password: {{error}}", - "resetPasswordBtn": "Reset password", - "showPasswordDataName": "Name", - "showPasswordDataValue": "Value", - "showDataBtn": "Show data", - "userCredentialsHelpText": "The top level handlers allow you to shift the priority of the credential for the user, the topmost credential having the highest priority. The handlers within one expandable panel allow you to change the visual order of the credentials, the topmost credential will show at the most left.", - "userCredentialsHelpTextLabel": "User Credentials Help Text", - "type": "Type", - "userLabel": "User label", - "data": "Data", - "providedBy": "Provided by", - "passwordDataTitle": "Password data", - "updateCredentialUserLabelSuccess": "The user label has been changed successfully.", - "updateCredentialUserLabelError": "Error changing user label: {{error}}", - "credentialReset": "Credentials Reset", - "credentialResetBtn": "Credential Reset", - "resetActions": "Reset Actions", - "lifespan": "Expires In", - "VERIFY_EMAIL": "Verify Email (VERIFY_EMAIL)", - "UPDATE_PASSWORD": "Update password (UPDATE_PASSWORD)", - "UPDATE_PROFILE": "Update Profile (UPDATE_PROFILE)", - "CONFIGURE_TOTP": "Configure OTP (CONFIGURE_TOTP)", - "TERMS_AND_CONDITIONS": "Terms and Conditions (TERMS_AND_CONDITIONS)", - "hours": "Hours", - "minutes": "Minutes", - "seconds": "Seconds", - "credentialResetConfirm": "Send Email", - "credentialResetConfirmText": "Are you sure you want to send email to user", - "credentialResetEmailSuccess": "Email sent to user.", - "credentialResetEmailError": "Failed: {{error}}", - "editUserLabel": "Edit User Label Button" -} diff --git a/js/apps/admin-ui/public/locales/es/authentication-help.json b/js/apps/admin-ui/public/locales/es/authentication-help.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/es/authentication-help.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/es/authentication.json b/js/apps/admin-ui/public/locales/es/authentication.json deleted file mode 100644 index e36bbc76aa..0000000000 --- a/js/apps/admin-ui/public/locales/es/authentication.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "attestationPreference": { - "none": "ninguno" - }, - "edit": "Editar", - "alias": "Alias" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/es/client-scopes-help.json b/js/apps/admin-ui/public/locales/es/client-scopes-help.json deleted file mode 100644 index 234aad1001..0000000000 --- a/js/apps/admin-ui/public/locales/es/client-scopes-help.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "multiValued": "Indica si el atributo soporta múltiples valores. Si está habilitado, la lista de todos los valores de este atributo se fijará como reclamación. Si está deshabilitado, solo el primer valor será fijado como reclamación.", - "tokenClaimName": "Nombre del reclamo a insertar en el token. Puede ser un nombre completo como ''address.street''. En este caso, se creará un objeto JSON anidado.", - "claimJsonType": "El tipo de JSON que debería ser usado para rellenar la petición de JSON en el token. long, int, boolean y String son valores válidos", - "protocolMapper": "Protocolo." -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/es/client-scopes.json b/js/apps/admin-ui/public/locales/es/client-scopes.json deleted file mode 100644 index 71b2cb41e7..0000000000 --- a/js/apps/admin-ui/public/locales/es/client-scopes.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "protocol": "Protocolo", - "type": "Tipo", - "realmRoles": "Roles de dominio", - "clients": "Clientes" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/es/clients-help.json b/js/apps/admin-ui/public/locales/es/clients-help.json deleted file mode 100644 index ab11fc0636..0000000000 --- a/js/apps/admin-ui/public/locales/es/clients-help.json +++ /dev/null @@ -1,41 +0,0 @@ -{ - "clientType": "''OpenID connect'' permite a los clientes verificar la identidad del usuario final basado en la autenticación realizada por un servidor de autorización. ''SAML'' habilita la autenticación y autorización de escenarios basados en web incluyendo cross-domain y single sign-on (SSO) y utiliza tokens de seguridad que contienen afirmaciones para pasar información.", - "serviceAccount": "Permitir autenticar este cliente contra Keycloak y recibir un token de acceso dedicado para este cliente.", - "rootURL": "URL raíz añadida a las URLs relativas", - "validRedirectURIs": "Patrón de URI válida para la cual un navegador puede solicitar la redirección tras un inicio o cierre de sesión completado. Se permiten comodines simples p.ej. ''http://example.com/*''. También se pueden indicar rutas relativas p.ej. ''/my/relative/path/*''. Las rutas relativas generarán una URI de redirección usando el host y puerto de la petición. Para SAML, se deben fijar patrones de URI válidos si quieres confiar en la URL del servicio del consumidor indicada en la petición de inicio de sesión.", - "nameIdFormat": "El formato de NameID que se usará para el título", - "forceNameIdFormat": "Ignorar la petición de sujeto NameID y usar la configurada en la consola de administración.", - "forcePostBinding": "Usar siempre POST para las respuestas", - "includeAuthnStatement": "¿Debería incluirse una declaración especificando el método y la marca de tiempo en la respuesta de inicio de sesión?", - "signDocuments": "¿Debería el dominio firmar los documentos SAML?", - "signAssertions": "¿Deberían firmarse las aserciones en documentos SAML? Este ajuste no es necesario si el documento ya está siendo firmado.", - "signatureAlgorithm": "El algoritmo de firma usado para firmar los documentos.", - "canonicalization": "Método de canonicalización para las firmas XML", - "webOrigins": "Orígenes CORS permitidos. Para permitir todos los orígenes de URIs de redirección válidas añade ''+''. Para permitir todos los orígenes añade ''*''.", - "homeURL": "URL por defecto para usar cuando el servidor de autorización necesita redirigir o enviar de vuelta al cliente.", - "adminURL": "URL a la interfaz de administración del cliente. Fija este valor si el cliente soporta el adaptador de REST. Esta API REST permite al servidor de autenticación enviar al cliente políticas de revocación y otras tareas administrativas. Normalment se fija a la URL base del cliente.", - "clientId": "Indica el identificador (ID) referenciado en URIs y tokens. Por ejemplo ''my-client''", - "clientName": "Indica el nombre visible del cliente. Por ejemplo ''My Client''. También soporta claves para valores localizados. Por ejemplo: ${my_client}", - "description": "Indica la descripción del cliente. Por ejemplo ''My Client for TimeSheets''. También soporta claves para valores localizados. Por ejemplo: ${my_client_description}", - "loginTheme": "Selecciona el tema para las páginas de inicio de sesión, OTP, permisos, registro y recordatorio de contraseña.", - "encryptAssertions": "¿Deberían cifrarse las afirmaciones SAML con la clave pública del cliente usando AES?", - "clientSignature": "¿Firmará el cliente sus peticiones y respuestas SAML? ¿Y deberían ser validadas?", - "client-authenticator-type": "Cliente autenticador usado para autenticar este cliente contra el servidor Keycloak", - "nodeReRegistrationTimeout": "Indica el máximo intervalo de tiempo para que los nodos del cluster registrados se vuelvan a registrar. Si el nodo del cluster no envía una petición de re-registro a Keycloak dentro de este intervalo, será desregistrado de Keycloak", - "idpInitiatedSsoUrlName": "Nombre del fragmento de la URL para referenciar al cliente cuando quieres un SSO iniciado por el IDP. Dejando esto vacío deshabilita los SSO iniciados por el IDP. La URL referenciada desde el navegador será: {server-root}/realms/{realm}/protocol/saml/clients/{client-url-name}", - "idpInitiatedSsoRelayState": "Estado de retransmisión que quieres enviar con una petición SAML cuando se inicia un SSO iniciado por el IDP", - "masterSamlProcessingUrl": "Si está configurada, esta URL se usará para cada enlace al proveedor del servicio del consumidor de aserciones y servicios de desconexión únicos. Puede ser sobreescrito de forma individual para cada enlace y servicio en el punto final de configuración fina de SAML.", - "accessTokenLifespan": "Tiempo máximo antes de que un token de acceso expire. Se recomienda que este valor sea corto en relación al tiempo máximo de SSO", - "assertionConsumerServicePostBindingURL": "SAML POST Binding URL for the client''s assertion consumer service (login responses). You can leave this blank if you do not have a URL for this binding.", - "assertionConsumerServiceRedirectBindingURL": "Assertion Consumer Service Redirect Binding URL", - "logoutServicePostBindingURL": "URL de enlace SAML POST para la desconexión única del cliente. Puedes dejar esto en blanco si estás usando un enlace distinto.", - "logoutServiceRedirectBindingURL": "URL de enlace SAML de redirección para la desconexión única del cliente. Puedes dejar esto en blanco si estás usando un enlace distinto.", - "frontchannelLogout": "Cuando está activado, la desconexión require una redirección del navegador hacia el cliente. Cuando no está activado, el servidor realiza una invovación de desconexión en segundo plano.", - "certificate": "Certificado de cliente para validar los JWT emitidos por este cliente y firmados con la clave privada del cliente de tu almacén de claves.", - "archiveFormat": "Formato de archivo Java keystore o PKCS12", - "keyAlias": "Alias del archivo de tu clave privada y certificado.", - "keyPassword": "Contraseña para acceder a la clave privada contenida en el archivo", - "storePassword": "Contraseña para acceder al archivo", - "consentRequired": "Si está habilitado, los usuarios tienen que consentir el acceso del cliente.", - "fullScopeAllowed": "Permite deshabilitar todas las restricciones." -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/es/clients.json b/js/apps/admin-ui/public/locales/es/clients.json deleted file mode 100644 index b241df3f6d..0000000000 --- a/js/apps/admin-ui/public/locales/es/clients.json +++ /dev/null @@ -1,65 +0,0 @@ -{ - "protocol": "Protocolo", - "importClient": "Importar Cliente", - "webOrigins": "Orígenes web", - "adminURL": "URL de administración", - "formatOption": "Formato", - "encryptAssertions": "Cifrar afirmaciones", - "clientSignature": "Firma de Cliente requerida", - "credentials": "Credenciales", - "roles": "Roles", - "fullScopeAllowed": "Permitir todos los ámbitos", - "kc": { - "realm": { - "name": "Dominio" - } - }, - "password": "Contraseña", - "settings": "Ajustes", - "type": "Tipo", - "user": "Usuario", - "clientList": "Clientes", - "realmRoles": "Roles de dominio", - "frontchannelLogout": "Desonexión en primer plano (Front Channel)", - "rootUrl": "URL raíz", - "validRedirectUri": "URIs de redirección válidas", - "idpInitiatedSsoRelayState": "Estado de retransmisión de un SSO iniciado por el IDP", - "masterSamlProcessingUrl": "URL principal de procesamiento SAML", - "nameIdFormat": "Formato de NameID", - "forceNameIdFormat": "Forzar formato NameID", - "forcePostBinding": "Forzar enlaces POST", - "includeAuthnStatement": "Incluir AuthnStatement", - "signDocuments": "Firmar documentos", - "signAssertions": "Firmar aserciones", - "canonicalization": "Método de canonicalización", - "loginTheme": "Tema de inicio de sesión", - "clientAuthenticator": "Cliente autenticador", - "clientSecret": "Secreto de Cliente", - "revocation": "Revocación", - "clustering": "Clustering", - "notBefore": "No antes de", - "setToNow": "Fijar a ahora", - "addNode": "Añadir Nodo", - "push": "Push", - "clear": "Limpiar", - "nodeReRegistrationTimeout": "Tiempo de espera de re-registro de nodo", - "registeredClusterNodes": "Registrar nodos de cluster", - "nodeHost": "Host del nodo", - "lastRegistration": "Último registro", - "testClusterAvailability": "Probar disponibilidad del cluster", - "registerNodeManually": "Registrar nodo manualmente", - "fineGrainSamlEndpointConfig": "Fine Grain SAML Endpoint Configuration", - "assertionConsumerServicePostBindingURL": "Assertion Consumer Service POST Binding URL", - "assertionConsumerServiceRedirectBindingURL": "Assertion Consumer Service Redirect Binding URL", - "logoutServicePostBindingURL": "URL de enlace SAML POST para la desconexión", - "logoutServiceRedirectBindingURL": "URL de enlace SAML de redirección para la desconexión", - "accessTokenLifespan": "Duración del token de acceso", - "certificate": "Certificado", - "generateNewKeys": "Generar nuevas claves", - "archiveFormat": "Formato de Archivo", - "keyAlias": "Alias de clave", - "keyPassword": "Contraseña de la clave", - "storePassword": "Contraseña del almacén", - "importFile": "Archivo de Importación", - "mappers": "Asignadores" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/es/common-help.json b/js/apps/admin-ui/public/locales/es/common-help.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/es/common-help.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/es/common.json b/js/apps/admin-ui/public/locales/es/common.json deleted file mode 100644 index a32abb3698..0000000000 --- a/js/apps/admin-ui/public/locales/es/common.json +++ /dev/null @@ -1,33 +0,0 @@ -{ - "create": "Crear", - "save": "Guardar", - "key": "Clave", - "export": "Exportar", - "download": "Descargar", - "clear": "Limpiar", - "on": "Activado", - "edit": "Editar", - "enabled": "Habilitado", - "none": "ninguno", - "description": "Descripción", - "type": "Tipo", - "category": "Categoría", - "clients": "Clientes", - "realmRoles": "Roles de dominio", - "sessions": "Sesiones", - "mappers": "Asignadores", - "identityProviders": "Proveedores de identidad", - "settings": "Ajustes", - "times": { - "seconds": "Segundos", - "minutes": "Minutos", - "hours": "Horas", - "days": "Días" - }, - "credentials": "Credenciales", - "clientId": "ID Cliente", - "clientName": "Nombre", - "id": "ID", - "mapperType": "Tipo de asignador", - "password": "Contraseña" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/es/dashboard.json b/js/apps/admin-ui/public/locales/es/dashboard.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/es/dashboard.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/es/dynamic.json b/js/apps/admin-ui/public/locales/es/dynamic.json deleted file mode 100644 index 6ce9de0618..0000000000 --- a/js/apps/admin-ui/public/locales/es/dynamic.json +++ /dev/null @@ -1,47 +0,0 @@ -{ - "usermodel": { - "prop": { - "label": "Propiedad", - "tooltip": "Nombre del método de propiedad en la interfaz UserModel. Por ejemplo, un valor de ''email'' referenciaría al método UserModel.getEmail()." - }, - "attr": { - "label": "Atributo de usuario", - "tooltip": "Nombre del atributo de usuario almacenado que es el nombre del atributo dentro del map UserModel.attribute." - }, - "clientRoleMapping": { - "clientId": { - "label": "ID Cliente" - } - } - }, - "userSession": { - "modelNote": { - "label": "Nota sesión usuario", - "tooltip": "Nombre de la nota almacenada en la sesión de usuario dentro del mapa UserSessionModel.note" - } - }, - "multivalued": { - "label": "Valores múltiples", - "tooltip": "Indica si el atributo soporta múltiples valores. Si está habilitado, la lista de todos los valores de este atributo se fijará como reclamación. Si está deshabilitado, solo el primer valor será fijado como reclamación." - }, - "selectRole": { - "label": "Selecciona rol", - "tooltip": "Introduce el rol en la caja de texto de la izquierda, o haz clic en este botón para navegar y buscar el rol que quieres." - }, - "tokenClaimName": { - "label": "Nombre de reclamo del token", - "tooltip": "Nombre del reclamo a insertar en el token. Puede ser un nombre completo como ''address.street''. En este caso, se creará un objeto JSON anidado." - }, - "jsonType": { - "label": "Tipo JSON de reclamación", - "tooltip": "El tipo de JSON que debería ser usado para rellenar la petición de JSON en el token. long, int, boolean y String son valores válidos" - }, - "includeInIdToken": { - "label": "Añadir al token de ID" - }, - "includeInAccessToken": { - "label": "Añadir al token de acceso", - "tooltip": "¿Debería añadirse la identidad reclamada al token de acceso?" - }, - "name-id-format": "Formato de NameID" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/es/events.json b/js/apps/admin-ui/public/locales/es/events.json deleted file mode 100644 index 4bf06592c6..0000000000 --- a/js/apps/admin-ui/public/locales/es/events.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "user": "Usuario", - "realm": "Dominio" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/es/groups.json b/js/apps/admin-ui/public/locales/es/groups.json deleted file mode 100644 index e0a011d394..0000000000 --- a/js/apps/admin-ui/public/locales/es/groups.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "create": "Crear" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/es/identity-providers-help.json b/js/apps/admin-ui/public/locales/es/identity-providers-help.json deleted file mode 100644 index 656da38963..0000000000 --- a/js/apps/admin-ui/public/locales/es/identity-providers-help.json +++ /dev/null @@ -1,28 +0,0 @@ -{ - "redirectURI": "La URI de redirección usada para configurar el proveedor de identidad.", - "alias": "El alias que identifica de forma única un proveedor de identidad, se usa también para construir la URI de redirección.", - "clientId": "El identificador del cliente registrado con el proveedor de identidad.", - "clientSecret": "El secreto del cliente registrado con el proveedor de identidad.", - "discoveryEndpoint": "Importar metadatos desde un descriptor de un proveedor de identidad (IDP) remoto.", - "importConfig": "Importar metadatos desde un descriptor de un proveedor de identidad (IDP) descargado.", - "logoutUrl": "Punto de cierre de sesión para usar en la desconexión de usuarios desde un proveedor de identidad (IDP) externo.", - "backchannelLogout": "Does the external IDP support backchannel logout?", - "userInfoUrl": "La URL de información de usuario. Opcional.", - "issuer": "El identificador del emisor para el emisor de la respuesta. Si no se indica, no se realizará ninguna validación.", - "scopes": "Los ámbitos que se enviarán cuando se solicite autorización. Puede ser una lista de ámbitos separados por espacios. El valor por defecto es ''openid''.", - "validateSignature": "Habilitar/deshabilitar la validación de firmas de proveedores de identidad (IDP) externos", - "storeTokens": "Habilitar/deshabilitar si los tokens deben ser almacenados después de autenticar a los usuarios.", - "storedTokensReadable": "Habilitar/deshabilitar si los nuevos usuarios pueden leer los tokens almacenados. Esto asigna el rol ''broker.read-token''.", - "trustEmail": "Si está habilitado, el email recibido de este proveedor no se verificará aunque la verificación esté habilitada para el dominio.", - "useEntityDescriptor": "Importar metadatos desde un descriptor de entidad remoto de un IDP de SAML", - "samlEntityDescriptor": "Te permite cargar metadatos de un proveedor de identidad (IDP) externo de un archivo de coniguración o descargarlo desde una URL.", - "ssoServiceUrl": "La URL que debe ser usada para enviar peticiones de autenticación (SAML AuthnRequest).", - "singleLogoutServiceUrl": "La URL que debe usarse para enviar peticiones de desconexión.", - "httpPostBindingAuthnRequest": "Indica si AuthnRequest debe ser enviada usando HTTP-POST. Si no está activado se hace HTTP-REDIRECT.", - "wantAuthnRequestsSigned": "Indica si el proveedor de identidad espera recibir firmadas las AuthnRequest.", - "signatureAlgorithm": "El algoritmo de firma usado para firmar los documentos.", - "forceAuthentication": "Indica si el proveedor de identidad debe autenticar al presentar directamente las credenciales en lugar de depender de un contexto de seguridad previo.", - "validateSignatures": "Habilitar/deshabilitar la validación de firma en respuestas SAML.", - "validatingX509Certs": "El certificado en formato PEM que debe usarse para comprobar las firmas.", - "addIdpMapperName": "Nombre del asignador." -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/es/identity-providers.json b/js/apps/admin-ui/public/locales/es/identity-providers.json deleted file mode 100644 index ea0af9ab8a..0000000000 --- a/js/apps/admin-ui/public/locales/es/identity-providers.json +++ /dev/null @@ -1,35 +0,0 @@ -{ - "addIdPMapper": "Añadir asignador de proveedor de identidad", - "redirectURI": "URI de redirección", - "clientId": "ID Cliente", - "clientSecret": "Secreto de Cliente", - "alias": "Alias", - "ssoServiceUrl": "URL de servicio de conexión único (SSO)", - "singleLogoutServiceUrl": "URL de servicio de desconexión único", - "nameIdPolicyFormat": "Formato de política NameID", - "unspecified": "no especificado", - "httpPostBindingResponse": "HTTP-POST enlace de respuesta", - "httpPostBindingAuthnRequest": "HTTP-POST para AuthnRequest", - "wantAuthnRequestsSigned": "Firmar AuthnRequests", - "forceAuthentication": "Forzar autenticación", - "validatingX509Certs": "Validando certificado X509", - "authorizationUrl": "URL de autorización", - "tokenUrl": "Token URL", - "logoutUrl": "URL de desconexión", - "backchannelLogout": "Backchannel Logout", - "userInfoUrl": "URL de información de usuario", - "issuer": "Emisor", - "prompt": "Prompt", - "prompts": { - "none": "ninguno", - "consent": "consentimiento", - "login": "login" - }, - "validateSignature": "Validar firmas", - "storeTokens": "Almacenar tokens", - "storedTokensReadable": "Tokens almacenados legibles", - "trustEmail": "Confiar en el email", - "mapperType": "Tipo de asignador", - "selectRole": "Selecciona rol", - "userAttribute": "Atributo de usuario" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/es/realm-settings-help.json b/js/apps/admin-ui/public/locales/es/realm-settings-help.json deleted file mode 100644 index a4109612cb..0000000000 --- a/js/apps/admin-ui/public/locales/es/realm-settings-help.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "requireSsl": "¿Es HTTP obligatorio? ''ninguna'' significa que HTTPS no es obligatorio para ninguna direcicón IP de cliente, ''peticiones externas'' indica que localhost y las direcciones IP privadas pueden acceder sin HTTPS, ''todas las peticiones'' significa que HTTPS es obligatorio para todas las direcciones IP.", - "accountTheme": "Selecciona el tema para las páginas de gestión de la cuenta de usuario.", - "adminTheme": "Selecciona el tema para la consola de administración.", - "emailTheme": "Selecciona el tema para los emails que son enviados por el servidor.", - "failureFactor": "Indica cuantos fallos se permiten antes de que se dispare una espera.", - "waitIncrementSeconds": "Cuando se ha alcanzado el umbral de fallo, ¿cuanto tiempo debe estar un usuario bloqueado?", - "maxFailureWaitSeconds": "Tiempo máximo que un usuario quedará bloqueado.", - "maxDeltaTimeSeconds": "¿Cuando se debe reiniciar el contador de errores?", - "quickLoginCheckMilliSeconds": "Si ocurren errores de forma concurrente y muy rápida, bloquear al usuario.", - "minimumQuickLoginWaitSeconds": "Cuanto tiempo se debe esperar tras un fallo en un intento rápido de identificación", - "ssoSessionIdle": "Tiempo máximo que una sesión puede estar inactiva antes de que expire. Los tokens y sesiones de navegador son invalidadas cuando la sesión expira.", - "ssoSessionMax": "Tiempo máximo antes de que una sesión expire. Los tokens y sesiones de navegador son invalidados cuando una sesión expira.", - "offlineSessionIdle": "Tiempo máximo inactivo de una sesión sin conexión antes de que expire. Necesitas usar un token sin conexión para refrescar al menos una vez dentro de este periodo, en otro caso la sesión sin conexión expirará.", - "revokeRefreshToken": "Si está activado los tokens de actualización solo pueden usarse una vez. En otro caso los tokens de actualización no se revocan cuando se utilizan y pueden ser usado múltiples veces.", - "clientLoginTimeout": "Tiempo máximo que un cliente tiene para finalizar el protocolo de obtención del token de acceso. Debería ser normalmente del orden de 1 minuto.", - "editUsername": "Si está habilitado, el nombre de usuario es editable, en otro caso es de solo lectura." -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/es/realm-settings.json b/js/apps/admin-ui/public/locales/es/realm-settings.json deleted file mode 100644 index e851d402ea..0000000000 --- a/js/apps/admin-ui/public/locales/es/realm-settings.json +++ /dev/null @@ -1,63 +0,0 @@ -{ - "general": "General", - "login": "login", - "themes": "Temas", - "from": "De", - "host": "Host", - "port": "Puerto", - "enableSSL": "Habilitar SSL", - "enableStartTLS": "Habilitar StartTLS", - "username": "Usuario", - "password": "Contraseña", - "keyAlias": "Alias de clave", - "keyPassword": "Contraseña de la clave", - "type": "Tipo", - "providerId": "ID", - "provider": "Proveedor", - "certificate": "Certificado", - "userRegistration": "Registro de usuario", - "userRegistrationHelpText": "Habilitar/deshabilitar la página de registro. Un enlace para el registro se mostrará también en la página de inicio de sesión.", - "rememberMe": "Seguir conectado", - "rememberMeHelpText": "Muestra la casilla de selección en la página de inicio de sesión para permitir al usuario permanecer conectado entre reinicios del navegador hasta que la sesión expire.", - "registrationEmailAsUsername": "Email como nombre de usuario", - "verifyEmail": "Verificar email", - "editUsername": "Editar nombre de usuario", - "requireSsl": "Solicitar SSL", - "sslType": { - "all": "todas las peticiones", - "external": "peticiones externas", - "none": "ninguno" - }, - "loginTheme": "Tema de inicio de sesión", - "accountTheme": "Tema de cuenta", - "adminTheme": "Tema de consola de administración", - "emailTheme": "Tema de email", - "sessions": "Sesiones", - "SSOSessionIdle": "Sesiones SSO inactivas", - "SSOSessionMax": "Tiempo máximo sesión SSO", - "offlineSessionIdle": "Inactividad de sesión sin conexión", - "loginTimeout": "Tiempo máximo de desconexión", - "loginActionTimeout": "Tiempo máximo de acción en el inicio de sesión", - "revokeRefreshToken": "Revocar el token de actualización", - "accessTokenLifespan": "Duración del token de acceso", - "clientLoginTimeout": "Tiempo máximo de autenticación", - "clientProfileDescription": "Descripción", - "save": "Guardar", - "tokens": "Tokens", - "supportedLocales": "Idiomas soportados", - "defaultLocale": "Idioma por defecto", - "user": "Usuario", - "validatorDialogColNames": { - "colName": "Nombre de rol" - }, - "securityDefences": "Defensas de seguridad", - "headers": "Cabeceras", - "bruteForceDetection": "Detección de ataques por fuerza bruta", - "xFrameOptions": "X-Frame-Options", - "contentSecurityPolicy": "Content-Security-Policy", - "failureFactor": "Número máximo de fallos de inicio de sesión", - "waitIncrementSeconds": "Incremento de espera", - "maxFailureWaitSeconds": "Espera máxima", - "maxDeltaTimeSeconds": "Reinicio del contador de errores", - "minimumQuickLoginWaitSeconds": "Tiempo mínimo entre fallos de conexión rápidos" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/es/realm.json b/js/apps/admin-ui/public/locales/es/realm.json deleted file mode 100644 index f5a067c96d..0000000000 --- a/js/apps/admin-ui/public/locales/es/realm.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "enabled": "Habilitado" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/es/roles.json b/js/apps/admin-ui/public/locales/es/roles.json deleted file mode 100644 index 79aa2a117e..0000000000 --- a/js/apps/admin-ui/public/locales/es/roles.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "associatedRolesText": "Roles Asociados", - "title": "Roles de dominio", - "addRole": "Añadir rol", - "roleName": "Nombre de rol", - "composite": "Compuesto", - "userName": "Usuario" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/es/sessions.json b/js/apps/admin-ui/public/locales/es/sessions.json deleted file mode 100644 index f6d31af30a..0000000000 --- a/js/apps/admin-ui/public/locales/es/sessions.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "title": "Sesiones", - "lastAccess": "Último Acceso", - "revocation": "Revocación", - "notBefore": "No antes de", - "setToNow": "Fijar a ahora", - "clear": "Limpiar", - "push": "Push", - "none": "ninguno" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/es/translation.json b/js/apps/admin-ui/public/locales/es/translation.json new file mode 100644 index 0000000000..9c7927fe78 --- /dev/null +++ b/js/apps/admin-ui/public/locales/es/translation.json @@ -0,0 +1,313 @@ +{ + "create": "Crear", + "save": "Guardar", + "key": "Clave", + "export": "Exportar", + "download": "Descargar", + "clear": "Limpiar", + "on": "Activado", + "edit": "Editar", + "enabled": "Habilitado", + "none": "ninguno", + "description": "Descripción", + "type": "Tipo", + "category": "Categoría", + "clients": "Clientes", + "realmRoles": "Roles de dominio", + "sessions": "Sesiones", + "mappers": "Asignadores", + "identityProviders": "Proveedores de identidad", + "settings": "Ajustes", + "times": { + "seconds": "Segundos", + "minutes": "Minutos", + "hours": "Horas", + "days": "Días" + }, + "credentials": "Credenciales", + "clientId": "ID Cliente", + "clientName": "Nombre", + "id": "ID", + "mapperType": "Tipo de asignador", + "password": "Contraseña", + "protocol": "Protocolo", + "importClient": "Importar Cliente", + "webOrigins": "Orígenes web", + "adminURL": "URL de administración", + "formatOption": "Formato", + "encryptAssertions": "Cifrar afirmaciones", + "clientSignature": "Firma de Cliente requerida", + "roles": "Roles", + "fullScopeAllowed": "Permitir todos los ámbitos", + "kc": { + "realm": { + "name": "Dominio" + } + }, + "user": "Usuario", + "clientList": "Clientes", + "frontchannelLogout": "Desonexión en primer plano (Front Channel)", + "rootUrl": "URL raíz", + "validRedirectUri": "URIs de redirección válidas", + "idpInitiatedSsoRelayState": "Estado de retransmisión de un SSO iniciado por el IDP", + "masterSamlProcessingUrl": "URL principal de procesamiento SAML", + "nameIdFormat": "Formato de NameID", + "forceNameIdFormat": "Forzar formato NameID", + "forcePostBinding": "Forzar enlaces POST", + "includeAuthnStatement": "Incluir AuthnStatement", + "signDocuments": "Firmar documentos", + "signAssertions": "Firmar aserciones", + "canonicalization": "Método de canonicalización", + "loginTheme": "Tema de inicio de sesión", + "clientAuthenticator": "Cliente autenticador", + "clientSecret": "Secreto de Cliente", + "revocation": "Revocación", + "clustering": "Clustering", + "notBefore": "No antes de", + "setToNow": "Fijar a ahora", + "addNode": "Añadir Nodo", + "push": "Push", + "nodeReRegistrationTimeout": "Tiempo de espera de re-registro de nodo", + "registeredClusterNodes": "Registrar nodos de cluster", + "nodeHost": "Host del nodo", + "lastRegistration": "Último registro", + "testClusterAvailability": "Probar disponibilidad del cluster", + "registerNodeManually": "Registrar nodo manualmente", + "fineGrainSamlEndpointConfig": "Fine Grain SAML Endpoint Configuration", + "assertionConsumerServicePostBindingURL": "Assertion Consumer Service POST Binding URL", + "assertionConsumerServiceRedirectBindingURL": "Assertion Consumer Service Redirect Binding URL", + "logoutServicePostBindingURL": "URL de enlace SAML POST para la desconexión", + "logoutServiceRedirectBindingURL": "URL de enlace SAML de redirección para la desconexión", + "accessTokenLifespan": "Duración del token de acceso", + "certificate": "Certificado", + "generateNewKeys": "Generar nuevas claves", + "archiveFormat": "Formato de Archivo", + "keyAlias": "Alias de clave", + "keyPassword": "Contraseña de la clave", + "storePassword": "Contraseña del almacén", + "importFile": "Archivo de Importación", + "clientType": "''OpenID connect'' permite a los clientes verificar la identidad del usuario final basado en la autenticación realizada por un servidor de autorización. ''SAML'' habilita la autenticación y autorización de escenarios basados en web incluyendo cross-domain y single sign-on (SSO) y utiliza tokens de seguridad que contienen afirmaciones para pasar información.", + "serviceAccount": "Permitir autenticar este cliente contra Keycloak y recibir un token de acceso dedicado para este cliente.", + "rootURL": "URL raíz añadida a las URLs relativas", + "validRedirectURIs": "Patrón de URI válida para la cual un navegador puede solicitar la redirección tras un inicio o cierre de sesión completado. Se permiten comodines simples p.ej. ''http://example.com/*''. También se pueden indicar rutas relativas p.ej. ''/my/relative/path/*''. Las rutas relativas generarán una URI de redirección usando el host y puerto de la petición. Para SAML, se deben fijar patrones de URI válidos si quieres confiar en la URL del servicio del consumidor indicada en la petición de inicio de sesión.", + "nameIdFormatHelp": "El formato de NameID que se usará para el título", + "forceNameIdFormatHelp": "Ignorar la petición de sujeto NameID y usar la configurada en la consola de administración.", + "forcePostBindingHelp": "Usar siempre POST para las respuestas", + "includeAuthnStatementHelp": "¿Debería incluirse una declaración especificando el método y la marca de tiempo en la respuesta de inicio de sesión?", + "signDocumentsHelp": "¿Debería el dominio firmar los documentos SAML?", + "signAssertionsHelp": "¿Deberían firmarse las aserciones en documentos SAML? Este ajuste no es necesario si el documento ya está siendo firmado.", + "signatureAlgorithm": "El algoritmo de firma usado para firmar los documentos.", + "canonicalizationHelp": "Método de canonicalización para las firmas XML", + "webOriginsHelp": "Orígenes CORS permitidos. Para permitir todos los orígenes de URIs de redirección válidas añade ''+''. Para permitir todos los orígenes añade ''*''.", + "homeURL": "URL por defecto para usar cuando el servidor de autorización necesita redirigir o enviar de vuelta al cliente.", + "adminURLHelp": "URL a la interfaz de administración del cliente. Fija este valor si el cliente soporta el adaptador de REST. Esta API REST permite al servidor de autenticación enviar al cliente políticas de revocación y otras tareas administrativas. Normalment se fija a la URL base del cliente.", + "clientIdHelp": "El identificador del cliente registrado con el proveedor de identidad.", + "clientNameHelp": "Indica el nombre visible del cliente. Por ejemplo ''My Client''. También soporta claves para valores localizados. Por ejemplo: ${my_client}", + "descriptionHelp": "Indica la descripción del cliente. Por ejemplo ''My Client for TimeSheets''. También soporta claves para valores localizados. Por ejemplo: ${my_client_description}", + "loginThemeHelp": "Selecciona el tema para las páginas de inicio de sesión, OTP, permisos, registro y recordatorio de contraseña.", + "encryptAssertionsHelp": "¿Deberían cifrarse las afirmaciones SAML con la clave pública del cliente usando AES?", + "clientSignatureHelp": "¿Firmará el cliente sus peticiones y respuestas SAML? ¿Y deberían ser validadas?", + "client-authenticator-type": "Cliente autenticador usado para autenticar este cliente contra el servidor Keycloak", + "nodeReRegistrationTimeoutHelp": "Indica el máximo intervalo de tiempo para que los nodos del cluster registrados se vuelvan a registrar. Si el nodo del cluster no envía una petición de re-registro a Keycloak dentro de este intervalo, será desregistrado de Keycloak", + "idpInitiatedSsoUrlName": "Nombre del fragmento de la URL para referenciar al cliente cuando quieres un SSO iniciado por el IDP. Dejando esto vacío deshabilita los SSO iniciados por el IDP. La URL referenciada desde el navegador será: {server-root}/realms/{realm}/protocol/saml/clients/{client-url-name}", + "idpInitiatedSsoRelayStateHelp": "Estado de retransmisión que quieres enviar con una petición SAML cuando se inicia un SSO iniciado por el IDP", + "masterSamlProcessingUrlHelp": "Si está configurada, esta URL se usará para cada enlace al proveedor del servicio del consumidor de aserciones y servicios de desconexión únicos. Puede ser sobreescrito de forma individual para cada enlace y servicio en el punto final de configuración fina de SAML.", + "accessTokenLifespanHelp": "Tiempo máximo antes de que un token de acceso expire. Se recomienda que este valor sea corto en relación al tiempo máximo de SSO", + "assertionConsumerServicePostBindingURLHelp": "SAML POST Binding URL for the client''s assertion consumer service (login responses). You can leave this blank if you do not have a URL for this binding.", + "logoutServicePostBindingURLHelp": "URL de enlace SAML POST para la desconexión única del cliente. Puedes dejar esto en blanco si estás usando un enlace distinto.", + "logoutServiceRedirectBindingURLHelp": "URL de enlace SAML de redirección para la desconexión única del cliente. Puedes dejar esto en blanco si estás usando un enlace distinto.", + "frontchannelLogoutHelp": "Cuando está activado, la desconexión require una redirección del navegador hacia el cliente. Cuando no está activado, el servidor realiza una invovación de desconexión en segundo plano.", + "certificateHelp": "Certificado de cliente para validar los JWT emitidos por este cliente y firmados con la clave privada del cliente de tu almacén de claves.", + "archiveFormatHelp": "Formato de archivo Java keystore o PKCS12", + "keyAliasHelp": "Alias del archivo de tu clave privada y certificado.", + "keyPasswordHelp": "Contraseña para acceder a la clave privada contenida en el archivo", + "storePasswordHelp": "Contraseña para acceder al archivo", + "consentRequired": "Si está habilitado, los usuarios tienen que consentir el acceso del cliente.", + "fullScopeAllowedHelp": "Permite deshabilitar todas las restricciones.", + "multiValued": "Indica si el atributo soporta múltiples valores. Si está habilitado, la lista de todos los valores de este atributo se fijará como reclamación. Si está deshabilitado, solo el primer valor será fijado como reclamación.", + "tokenClaimName": { + "label": "Nombre de reclamo del token", + "tooltip": "Nombre del reclamo a insertar en el token. Puede ser un nombre completo como ''address.street''. En este caso, se creará un objeto JSON anidado." + }, + "claimJsonType": "El tipo de JSON que debería ser usado para rellenar la petición de JSON en el token. long, int, boolean y String son valores válidos", + "protocolMapper": "Protocolo.", + "associatedRolesText": "Roles Asociados", + "title": "Sesiones", + "addRole": "Añadir rol", + "roleName": "Nombre de rol", + "composite": "Compuesto", + "userName": "Usuario", + "username": "Usuario", + "verifyEmail": "Verificar email", + "credentialType": "Tipo", + "hours": "Horas", + "minutes": "Minutos", + "seconds": "Segundos", + "lastAccess": "Último Acceso", + "realm": "Dominio", + "general": "General", + "login": "login", + "themes": "Temas", + "from": "De", + "host": "Host", + "port": "Puerto", + "enableSSL": "Habilitar SSL", + "enableStartTLS": "Habilitar StartTLS", + "providerId": "ID", + "provider": "Proveedor", + "userRegistration": "Registro de usuario", + "userRegistrationHelpText": "Habilitar/deshabilitar la página de registro. Un enlace para el registro se mostrará también en la página de inicio de sesión.", + "rememberMe": "Seguir conectado", + "rememberMeHelpText": "Muestra la casilla de selección en la página de inicio de sesión para permitir al usuario permanecer conectado entre reinicios del navegador hasta que la sesión expire.", + "registrationEmailAsUsername": "Email como nombre de usuario", + "editUsername": "Editar nombre de usuario", + "requireSsl": "Solicitar SSL", + "sslType": { + "all": "todas las peticiones", + "external": "peticiones externas", + "none": "ninguno" + }, + "accountTheme": "Tema de cuenta", + "adminTheme": "Tema de consola de administración", + "emailTheme": "Tema de email", + "SSOSessionIdle": "Sesiones SSO inactivas", + "SSOSessionMax": "Tiempo máximo sesión SSO", + "offlineSessionIdle": "Inactividad de sesión sin conexión", + "loginTimeout": "Tiempo máximo de desconexión", + "loginActionTimeout": "Tiempo máximo de acción en el inicio de sesión", + "revokeRefreshToken": "Revocar el token de actualización", + "clientLoginTimeout": "Tiempo máximo de autenticación", + "clientProfileDescription": "Descripción", + "tokens": "Tokens", + "supportedLocales": "Idiomas soportados", + "defaultLocale": "Idioma por defecto", + "validatorDialogColNames": { + "colName": "Nombre de rol" + }, + "securityDefences": "Defensas de seguridad", + "headers": "Cabeceras", + "bruteForceDetection": "Detección de ataques por fuerza bruta", + "xFrameOptions": "X-Frame-Options", + "contentSecurityPolicy": "Content-Security-Policy", + "failureFactor": "Número máximo de fallos de inicio de sesión", + "waitIncrementSeconds": "Incremento de espera", + "maxFailureWaitSeconds": "Espera máxima", + "maxDeltaTimeSeconds": "Reinicio del contador de errores", + "minimumQuickLoginWaitSeconds": "Tiempo mínimo entre fallos de conexión rápidos", + "requireSslHelp": "¿Es HTTP obligatorio? ''ninguna'' significa que HTTPS no es obligatorio para ninguna direcicón IP de cliente, ''peticiones externas'' indica que localhost y las direcciones IP privadas pueden acceder sin HTTPS, ''todas las peticiones'' significa que HTTPS es obligatorio para todas las direcciones IP.", + "accountThemeHelp": "Selecciona el tema para las páginas de gestión de la cuenta de usuario.", + "adminThemeHelp": "Selecciona el tema para la consola de administración.", + "emailThemeHelp": "Selecciona el tema para los emails que son enviados por el servidor.", + "failureFactorHelp": "Indica cuantos fallos se permiten antes de que se dispare una espera.", + "waitIncrementSecondsHelp": "Cuando se ha alcanzado el umbral de fallo, ¿cuanto tiempo debe estar un usuario bloqueado?", + "maxFailureWaitSecondsHelp": "Tiempo máximo que un usuario quedará bloqueado.", + "maxDeltaTimeSecondsHelp": "¿Cuando se debe reiniciar el contador de errores?", + "quickLoginCheckMilliSeconds": "Si ocurren errores de forma concurrente y muy rápida, bloquear al usuario.", + "minimumQuickLoginWaitSecondsHelp": "Cuanto tiempo se debe esperar tras un fallo en un intento rápido de identificación", + "ssoSessionIdle": "Tiempo máximo que una sesión puede estar inactiva antes de que expire. Los tokens y sesiones de navegador son invalidadas cuando la sesión expira.", + "ssoSessionMax": "Tiempo máximo antes de que una sesión expire. Los tokens y sesiones de navegador son invalidados cuando una sesión expira.", + "offlineSessionIdleHelp": "Tiempo máximo inactivo de una sesión sin conexión antes de que expire. Necesitas usar un token sin conexión para refrescar al menos una vez dentro de este periodo, en otro caso la sesión sin conexión expirará.", + "revokeRefreshTokenHelp": "Si está activado los tokens de actualización solo pueden usarse una vez. En otro caso los tokens de actualización no se revocan cuando se utilizan y pueden ser usado múltiples veces.", + "clientLoginTimeoutHelp": "Tiempo máximo que un cliente tiene para finalizar el protocolo de obtención del token de acceso. Debería ser normalmente del orden de 1 minuto.", + "editUsernameHelp": "Si está habilitado, el nombre de usuario es editable, en otro caso es de solo lectura.", + "attestationPreference": { + "none": "ninguno" + }, + "alias": "Alias", + "enableStartTls": "Habilitar StartTLS", + "trustEmail": "Confiar en el email", + "selectRole": { + "label": "Selecciona rol", + "tooltip": "Introduce el rol en la caja de texto de la izquierda, o haz clic en este botón para navegar y buscar el rol que quieres." + }, + "trustEmailHelp": "Si está habilitado, el email recibido de este proveedor no se verificará aunque la verificación esté habilitada para el dominio.", + "addIdPMapper": "Añadir asignador de proveedor de identidad", + "redirectURI": "URI de redirección", + "ssoServiceUrl": "URL de servicio de conexión único (SSO)", + "singleLogoutServiceUrl": "URL de servicio de desconexión único", + "nameIdPolicyFormat": "Formato de política NameID", + "unspecified": "no especificado", + "httpPostBindingResponse": "HTTP-POST enlace de respuesta", + "httpPostBindingAuthnRequest": "HTTP-POST para AuthnRequest", + "wantAuthnRequestsSigned": "Firmar AuthnRequests", + "forceAuthentication": "Forzar autenticación", + "validatingX509Certs": "Validando certificado X509", + "authorizationUrl": "URL de autorización", + "tokenUrl": "Token URL", + "logoutUrl": "URL de desconexión", + "backchannelLogout": "Backchannel Logout", + "userInfoUrl": "URL de información de usuario", + "issuer": "Emisor", + "prompt": "Prompt", + "prompts": { + "none": "ninguno", + "consent": "consentimiento", + "login": "login" + }, + "validateSignature": "Validar firmas", + "storeTokens": "Almacenar tokens", + "storedTokensReadable": "Tokens almacenados legibles", + "userAttribute": "Atributo de usuario", + "redirectURIHelp": "La URI de redirección usada para configurar el proveedor de identidad.", + "aliasHelp": "El alias que identifica de forma única un proveedor de identidad, se usa también para construir la URI de redirección.", + "clientSecretHelp": "El secreto del cliente registrado con el proveedor de identidad.", + "discoveryEndpoint": "Importar metadatos desde un descriptor de un proveedor de identidad (IDP) remoto.", + "importConfig": "Importar metadatos desde un descriptor de un proveedor de identidad (IDP) descargado.", + "logoutUrlHelp": "Punto de cierre de sesión para usar en la desconexión de usuarios desde un proveedor de identidad (IDP) externo.", + "backchannelLogoutHelp": "Does the external IDP support backchannel logout?", + "userInfoUrlHelp": "La URL de información de usuario. Opcional.", + "issuerHelp": "El identificador del emisor para el emisor de la respuesta. Si no se indica, no se realizará ninguna validación.", + "scopes": "Los ámbitos que se enviarán cuando se solicite autorización. Puede ser una lista de ámbitos separados por espacios. El valor por defecto es ''openid''.", + "validateSignatureHelp": "Habilitar/deshabilitar la validación de firmas de proveedores de identidad (IDP) externos", + "storeTokensHelp": "Habilitar/deshabilitar si los tokens deben ser almacenados después de autenticar a los usuarios.", + "storedTokensReadableHelp": "Habilitar/deshabilitar si los nuevos usuarios pueden leer los tokens almacenados. Esto asigna el rol ''broker.read-token''.", + "useEntityDescriptor": "Importar metadatos desde un descriptor de entidad remoto de un IDP de SAML", + "samlEntityDescriptor": "Te permite cargar metadatos de un proveedor de identidad (IDP) externo de un archivo de coniguración o descargarlo desde una URL.", + "ssoServiceUrlHelp": "La URL que debe ser usada para enviar peticiones de autenticación (SAML AuthnRequest).", + "singleLogoutServiceUrlHelp": "La URL que debe usarse para enviar peticiones de desconexión.", + "httpPostBindingAuthnRequestHelp": "Indica si AuthnRequest debe ser enviada usando HTTP-POST. Si no está activado se hace HTTP-REDIRECT.", + "wantAuthnRequestsSignedHelp": "Indica si el proveedor de identidad espera recibir firmadas las AuthnRequest.", + "forceAuthenticationHelp": "Indica si el proveedor de identidad debe autenticar al presentar directamente las credenciales en lugar de depender de un contexto de seguridad previo.", + "validateSignatures": "Habilitar/deshabilitar la validación de firma en respuestas SAML.", + "validatingX509CertsHelp": "El certificado en formato PEM que debe usarse para comprobar las firmas.", + "addIdpMapperName": "Nombre del asignador.", + "usermodel": { + "prop": { + "label": "Propiedad", + "tooltip": "Nombre del método de propiedad en la interfaz UserModel. Por ejemplo, un valor de ''email'' referenciaría al método UserModel.getEmail()." + }, + "attr": { + "label": "Atributo de usuario", + "tooltip": "Nombre del atributo de usuario almacenado que es el nombre del atributo dentro del map UserModel.attribute." + }, + "clientRoleMapping": { + "clientId": { + "label": "ID Cliente" + } + } + }, + "userSession": { + "modelNote": { + "label": "Nota sesión usuario", + "tooltip": "Nombre de la nota almacenada en la sesión de usuario dentro del mapa UserSessionModel.note" + } + }, + "multivalued": { + "label": "Valores múltiples", + "tooltip": "Indica si el atributo soporta múltiples valores. Si está habilitado, la lista de todos los valores de este atributo se fijará como reclamación. Si está deshabilitado, solo el primer valor será fijado como reclamación." + }, + "jsonType": { + "label": "Tipo JSON de reclamación", + "tooltip": "El tipo de JSON que debería ser usado para rellenar la petición de JSON en el token. long, int, boolean y String son valores válidos" + }, + "includeInIdToken": { + "label": "Añadir al token de ID" + }, + "includeInAccessToken": { + "label": "Añadir al token de acceso", + "tooltip": "¿Debería añadirse la identidad reclamada al token de acceso?" + }, + "name-id-format": "Formato de NameID", + "titleRoles": "Roles de dominio", + "titleSessions": "Sesiones" +} diff --git a/js/apps/admin-ui/public/locales/es/user-federation-help.json b/js/apps/admin-ui/public/locales/es/user-federation-help.json deleted file mode 100644 index 8c0e1bc080..0000000000 --- a/js/apps/admin-ui/public/locales/es/user-federation-help.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "trustEmailHelp": "Si está habilitado, el email recibido de este proveedor no se verificará aunque la verificación esté habilitada para el dominio." -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/es/user-federation.json b/js/apps/admin-ui/public/locales/es/user-federation.json deleted file mode 100644 index 8a3ddf75ae..0000000000 --- a/js/apps/admin-ui/public/locales/es/user-federation.json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "enableStartTls": "Habilitar StartTLS", - "trustEmail": "Confiar en el email", - "selectRole": "Selecciona rol" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/es/users-help.json b/js/apps/admin-ui/public/locales/es/users-help.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/es/users-help.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/es/users.json b/js/apps/admin-ui/public/locales/es/users.json deleted file mode 100644 index a3d607fe22..0000000000 --- a/js/apps/admin-ui/public/locales/es/users.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "username": "Usuario", - "verifyEmail": "Verificar email", - "save": "Guardar", - "credentialType": "Tipo", - "password": "Contraseña", - "hours": "Horas", - "minutes": "Minutos", - "seconds": "Segundos" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/fr/authentication-help.json b/js/apps/admin-ui/public/locales/fr/authentication-help.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/fr/authentication-help.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/fr/authentication.json b/js/apps/admin-ui/public/locales/fr/authentication.json deleted file mode 100644 index e7e4460554..0000000000 --- a/js/apps/admin-ui/public/locales/fr/authentication.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "title": "Authentification" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/fr/client-scopes-help.json b/js/apps/admin-ui/public/locales/fr/client-scopes-help.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/fr/client-scopes-help.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/fr/client-scopes.json b/js/apps/admin-ui/public/locales/fr/client-scopes.json deleted file mode 100644 index b59e586419..0000000000 --- a/js/apps/admin-ui/public/locales/fr/client-scopes.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "clients": "Clients" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/fr/clients-help.json b/js/apps/admin-ui/public/locales/fr/clients-help.json deleted file mode 100644 index a46fcb328a..0000000000 --- a/js/apps/admin-ui/public/locales/fr/clients-help.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "loginTheme": "Sélectionnez le thème pour les pages de connexion, de mot de passe à usage unique basé sur le temps, des droits, de l''enregistrement, et du mot passe oublié.", - "accessTokenLifespan": "Durée maximale avant que le jeton d''accès n''expire. Cette valeur devrait être relativement plus petite que la durée d''inactivité (timeout) du SSO." -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/fr/clients.json b/js/apps/admin-ui/public/locales/fr/clients.json deleted file mode 100644 index cb1f9d391d..0000000000 --- a/js/apps/admin-ui/public/locales/fr/clients.json +++ /dev/null @@ -1,13 +0,0 @@ -{ - "password": "Mot de passe", - "clientList": "Clients", - "authentication": "Authentification", - "loginTheme": "Thème de connexion", - "revocation": "Révocation", - "notBefore": "Pas avant", - "setToNow": "Mettre à maintenant", - "push": "Appuyer", - "clear": "Effacer", - "accessTokenLifespan": "Durée de vie du jeton d''accès", - "certificate": "Certificat" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/fr/common-help.json b/js/apps/admin-ui/public/locales/fr/common-help.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/fr/common-help.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/fr/common.json b/js/apps/admin-ui/public/locales/fr/common.json deleted file mode 100644 index 698b265f2b..0000000000 --- a/js/apps/admin-ui/public/locales/fr/common.json +++ /dev/null @@ -1,21 +0,0 @@ -{ - "add": "Ajouter", - "save": "Sauver", - "clear": "Effacer", - "enabled": "Actif", - "manage": "Gérer", - "clients": "Clients", - "sessions": "Sessions", - "events": "Évènements", - "configure": "Configurer", - "realmSettings": "Configurations du domaine", - "authentication": "Authentification", - "userFederation": "Regroupement Utilisateur", - "times": { - "seconds": "Secondes", - "minutes": "Minutes", - "hours": "Heures", - "days": "Jours" - }, - "password": "Mot de passe" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/fr/dashboard.json b/js/apps/admin-ui/public/locales/fr/dashboard.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/fr/dashboard.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/fr/dynamic.json b/js/apps/admin-ui/public/locales/fr/dynamic.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/fr/dynamic.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/fr/events.json b/js/apps/admin-ui/public/locales/fr/events.json deleted file mode 100644 index bd83a6b13d..0000000000 --- a/js/apps/admin-ui/public/locales/fr/events.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "title": "Évènements" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/fr/groups.json b/js/apps/admin-ui/public/locales/fr/groups.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/fr/groups.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/fr/identity-providers-help.json b/js/apps/admin-ui/public/locales/fr/identity-providers-help.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/fr/identity-providers-help.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/fr/identity-providers.json b/js/apps/admin-ui/public/locales/fr/identity-providers.json deleted file mode 100644 index e9eec9d723..0000000000 --- a/js/apps/admin-ui/public/locales/fr/identity-providers.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "endpoints": "Endpoints" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/fr/realm-settings-help.json b/js/apps/admin-ui/public/locales/fr/realm-settings-help.json deleted file mode 100644 index 3d60e03352..0000000000 --- a/js/apps/admin-ui/public/locales/fr/realm-settings-help.json +++ /dev/null @@ -1,16 +0,0 @@ -{ - "requireSsl": "Niveau d''exigence HTTPS : ''aucun'' signifie que le HTTPS n''est requis pour aucune adresse IP cliente. ''les requêtes externes'' signifie que localhost et les adresses IP privées peuvent accéder sans HTTPS. ''toutes les requêtes'' signifie que le protocole HTTPS est obligatoire pour toutes les adresses IP.", - "accountTheme": "Sélectionnez le thème pour la gestion des comptes.", - "adminTheme": "Sélectionnez le thème de la UI d''administration.", - "emailTheme": "Sélectionnez le thème pour les courriels envoyées par le serveur.", - "failureFactor": "Nombre d''erreurs avant de déclencher le temps d''attente.", - "waitIncrementSeconds": "Quand le seuil des erreurs est atteint, combien de temps l''utilisateur est-il bloqué ?", - "maxFailureWaitSeconds": "Durée maximale de blocage du compte utilisateur", - "maxDeltaTimeSeconds": "Quand les erreurs sont-elles remises à zéro ?", - "quickLoginCheckMilliSeconds": "Si une erreur apparait trop rapidement, bloquer le compte utilisateur.", - "minimumQuickLoginWaitSeconds": "Durée d''attente demandée après une erreur entre deux connexions.", - "ssoSessionIdle": "Temps d''inactivité autorisé avant expiration de la session. Les jetons et les sessions navigateurs sont invalidées quand la session expire.", - "ssoSessionMax": "Durée maximale avant que la session n''expire. Les jetons et les sessions navigateurs sont invalidées quand la session expire.", - "clientLoginTimeout": "Durée maximale qu''a un client pour finir le protocole du jeton d''accès. Devrait être de l''ordre de la minute (1 min).", - "editUsername": "Si actif, le champ du nom de l''utilisateur est modifiable." -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/fr/realm-settings.json b/js/apps/admin-ui/public/locales/fr/realm-settings.json deleted file mode 100644 index 093aab4ad4..0000000000 --- a/js/apps/admin-ui/public/locales/fr/realm-settings.json +++ /dev/null @@ -1,57 +0,0 @@ -{ - "general": "Général", - "themes": "Thèmes", - "events": "Évènements", - "from": "De", - "host": "Hôte", - "port": "Port", - "authentication": "Authentification", - "enableSSL": "Activer SSL/TLS", - "enableStartTLS": "Activer StartTLS", - "username": "Nom de l''utilisateur", - "password": "Mot de passe", - "certificate": "Certificat", - "userRegistration": "Enregistrement d''utilisateur", - "userRegistrationHelpText": "Activer/désactiver la page d''enregistrement. Un lien pour l''enregistrement sera visible sur la page de connexion.", - "rememberMe": "Se souvenir de moi", - "rememberMeHelpText": "Affiche une case à cocher sur la page de connexion pour permettre aux utilisateurs de rester connectés entre deux redémarrages de leur navigateur, jusqu''à expiration de la session.", - "registrationEmailAsUsername": "Courriel comme nom d''utilisateur", - "loginWithEmail": "Authentification avec courriel", - "loginWithEmailHelpText": "Autorise l''utilisateur à s''authentifier avec son adresse de courriel.", - "duplicateEmails": "Doublon courriel", - "duplicateEmailsHelpText": "Autorise plusieurs utilisateurs à avoir la même adresse de courriel. Changer cette configuration va vider le cache. Il est recommandé de mettre à jour manuellement les contraintes sur le courriel dans la base de données après la désactivation du support des doublons.", - "verifyEmail": "Vérification du courriel", - "editUsername": "Éditez le nom de l''utilisateur", - "htmlDisplayName": "HTML Display name", - "requireSsl": "SSL requis", - "sslType": { - "all": "toutes les requêtes", - "external": "les requêtes externes" - }, - "endpoints": "Endpoints", - "loginTheme": "Thème de connexion", - "accountTheme": "Thème du compte", - "adminTheme": "Thème de la UI d''administration", - "emailTheme": "Thème pour le courriel", - "sessions": "Sessions", - "SSOSessionIdle": "Sessions SSO inactives", - "SSOSessionMax": "Maximum de sessions SSO", - "loginTimeout": "Durée d''inactivité de connexion", - "loginActionTimeout": "Durée d''inactivité des actions de connexions", - "accessTokenLifespan": "Durée de vie du jeton d''accès", - "clientLoginTimeout": "Durée d''inactivité de connexion (timeout)", - "save": "Sauver", - "tokens": "Jetons", - "supportedLocales": "Locales supportées", - "defaultLocale": "Locale par défaut", - "securityDefences": "Mesures de sécurité", - "headers": "En-têtes", - "bruteForceDetection": "Détection des attaques par force brute", - "xFrameOptions": "X-Frame-Options", - "contentSecurityPolicy": "Content-Security-Policy", - "failureFactor": "Nombre maximal d''erreurs de connexion", - "waitIncrementSeconds": "Temps d''attente", - "maxFailureWaitSeconds": "Durée maximale d''attente", - "maxDeltaTimeSeconds": "Durée de remise à zéro des erreurs", - "minimumQuickLoginWaitSeconds": "Durée minimale d''attente entre deux connexions" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/fr/realm.json b/js/apps/admin-ui/public/locales/fr/realm.json deleted file mode 100644 index 485ee5e90a..0000000000 --- a/js/apps/admin-ui/public/locales/fr/realm.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "enabled": "Actif" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/fr/roles.json b/js/apps/admin-ui/public/locales/fr/roles.json deleted file mode 100644 index 35ce0efb58..0000000000 --- a/js/apps/admin-ui/public/locales/fr/roles.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "userName": "Nom de l''utilisateur" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/fr/sessions.json b/js/apps/admin-ui/public/locales/fr/sessions.json deleted file mode 100644 index 2f16c63f9c..0000000000 --- a/js/apps/admin-ui/public/locales/fr/sessions.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "title": "Sessions", - "revocation": "Révocation", - "notBefore": "Pas avant", - "setToNow": "Mettre à maintenant", - "clear": "Effacer", - "push": "Appuyer" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/fr/translation.json b/js/apps/admin-ui/public/locales/fr/translation.json new file mode 100644 index 0000000000..8b52ed0ab0 --- /dev/null +++ b/js/apps/admin-ui/public/locales/fr/translation.json @@ -0,0 +1,102 @@ +{ + "add": "Ajouter", + "save": "Sauver", + "clear": "Effacer", + "enabled": "Actif", + "manage": "Gérer", + "clients": "Clients", + "sessions": "Sessions", + "events": "Évènements", + "configure": "Configurer", + "realmSettings": "Configurations du domaine", + "authentication": "Authentification", + "userFederation": "Regroupement Utilisateur", + "times": { + "seconds": "Secondes", + "minutes": "Minutes", + "hours": "Heures", + "days": "Jours" + }, + "password": "Mot de passe", + "clientList": "Clients", + "loginTheme": "Thème de connexion", + "revocation": "Révocation", + "notBefore": "Pas avant", + "setToNow": "Mettre à maintenant", + "push": "Appuyer", + "accessTokenLifespan": "Durée de vie du jeton d''accès", + "certificate": "Certificat", + "loginThemeHelp": "Sélectionnez le thème pour les pages de connexion, de mot de passe à usage unique basé sur le temps, des droits, de l''enregistrement, et du mot passe oublié.", + "accessTokenLifespanHelp": "Durée maximale avant que le jeton d''accès n''expire. Cette valeur devrait être relativement plus petite que la durée d''inactivité (timeout) du SSO.", + "userName": "Nom de l''utilisateur", + "impersonate": "Usurper l''identité", + "username": "Nom de l''utilisateur", + "verifyEmail": "Vérification du courriel", + "hours": "Heures", + "minutes": "Minutes", + "seconds": "Secondes", + "title": "Authentification", + "general": "Général", + "themes": "Thèmes", + "from": "De", + "host": "Hôte", + "port": "Port", + "enableSSL": "Activer SSL/TLS", + "enableStartTLS": "Activer StartTLS", + "userRegistration": "Enregistrement d''utilisateur", + "userRegistrationHelpText": "Activer/désactiver la page d''enregistrement. Un lien pour l''enregistrement sera visible sur la page de connexion.", + "rememberMe": "Se souvenir de moi", + "rememberMeHelpText": "Affiche une case à cocher sur la page de connexion pour permettre aux utilisateurs de rester connectés entre deux redémarrages de leur navigateur, jusqu''à expiration de la session.", + "registrationEmailAsUsername": "Courriel comme nom d''utilisateur", + "loginWithEmail": "Authentification avec courriel", + "loginWithEmailHelpText": "Autorise l''utilisateur à s''authentifier avec son adresse de courriel.", + "duplicateEmails": "Doublon courriel", + "duplicateEmailsHelpText": "Autorise plusieurs utilisateurs à avoir la même adresse de courriel. Changer cette configuration va vider le cache. Il est recommandé de mettre à jour manuellement les contraintes sur le courriel dans la base de données après la désactivation du support des doublons.", + "editUsername": "Éditez le nom de l''utilisateur", + "htmlDisplayName": "HTML Display name", + "requireSsl": "SSL requis", + "sslType": { + "all": "toutes les requêtes", + "external": "les requêtes externes" + }, + "endpoints": "Endpoints", + "accountTheme": "Thème du compte", + "adminTheme": "Thème de la UI d''administration", + "emailTheme": "Thème pour le courriel", + "SSOSessionIdle": "Sessions SSO inactives", + "SSOSessionMax": "Maximum de sessions SSO", + "loginTimeout": "Durée d''inactivité de connexion", + "loginActionTimeout": "Durée d''inactivité des actions de connexions", + "clientLoginTimeout": "Durée d''inactivité de connexion (timeout)", + "tokens": "Jetons", + "supportedLocales": "Locales supportées", + "defaultLocale": "Locale par défaut", + "securityDefences": "Mesures de sécurité", + "headers": "En-têtes", + "bruteForceDetection": "Détection des attaques par force brute", + "xFrameOptions": "X-Frame-Options", + "contentSecurityPolicy": "Content-Security-Policy", + "failureFactor": "Nombre maximal d''erreurs de connexion", + "waitIncrementSeconds": "Temps d''attente", + "maxFailureWaitSeconds": "Durée maximale d''attente", + "maxDeltaTimeSeconds": "Durée de remise à zéro des erreurs", + "minimumQuickLoginWaitSeconds": "Durée minimale d''attente entre deux connexions", + "requireSslHelp": "Niveau d''exigence HTTPS : ''aucun'' signifie que le HTTPS n''est requis pour aucune adresse IP cliente. ''les requêtes externes'' signifie que localhost et les adresses IP privées peuvent accéder sans HTTPS. ''toutes les requêtes'' signifie que le protocole HTTPS est obligatoire pour toutes les adresses IP.", + "accountThemeHelp": "Sélectionnez le thème pour la gestion des comptes.", + "adminThemeHelp": "Sélectionnez le thème de la UI d''administration.", + "emailThemeHelp": "Sélectionnez le thème pour les courriels envoyées par le serveur.", + "failureFactorHelp": "Nombre d''erreurs avant de déclencher le temps d''attente.", + "waitIncrementSecondsHelp": "Quand le seuil des erreurs est atteint, combien de temps l''utilisateur est-il bloqué ?", + "maxFailureWaitSecondsHelp": "Durée maximale de blocage du compte utilisateur", + "maxDeltaTimeSecondsHelp": "Quand les erreurs sont-elles remises à zéro ?", + "quickLoginCheckMilliSeconds": "Si une erreur apparait trop rapidement, bloquer le compte utilisateur.", + "minimumQuickLoginWaitSecondsHelp": "Durée d''attente demandée après une erreur entre deux connexions.", + "ssoSessionIdle": "Temps d''inactivité autorisé avant expiration de la session. Les jetons et les sessions navigateurs sont invalidées quand la session expire.", + "ssoSessionMax": "Durée maximale avant que la session n''expire. Les jetons et les sessions navigateurs sont invalidées quand la session expire.", + "clientLoginTimeoutHelp": "Durée maximale qu''a un client pour finir le protocole du jeton d''accès. Devrait être de l''ordre de la minute (1 min).", + "editUsernameHelp": "Si actif, le champ du nom de l''utilisateur est modifiable.", + "enableStartTls": "Activer StartTLS", + "titleAuthentication": "Authentification", + "titleEvents": "Évènements", + "titleSessions": "Sessions" +} diff --git a/js/apps/admin-ui/public/locales/fr/user-federation-help.json b/js/apps/admin-ui/public/locales/fr/user-federation-help.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/fr/user-federation-help.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/fr/user-federation.json b/js/apps/admin-ui/public/locales/fr/user-federation.json deleted file mode 100644 index cdba0893f8..0000000000 --- a/js/apps/admin-ui/public/locales/fr/user-federation.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "userFederation": "Regroupement Utilisateur", - "enableStartTls": "Activer StartTLS" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/fr/users-help.json b/js/apps/admin-ui/public/locales/fr/users-help.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/fr/users-help.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/fr/users.json b/js/apps/admin-ui/public/locales/fr/users.json deleted file mode 100644 index 72143e9011..0000000000 --- a/js/apps/admin-ui/public/locales/fr/users.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "impersonate": "Usurper l''identit\u00e9", - "username": "Nom de l''utilisateur", - "verifyEmail": "Vérification du courriel", - "save": "Sauver", - "password": "Mot de passe", - "hours": "Heures", - "minutes": "Minutes", - "seconds": "Secondes" -} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/it/authentication-help.json b/js/apps/admin-ui/public/locales/it/authentication-help.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/it/authentication-help.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/it/authentication.json b/js/apps/admin-ui/public/locales/it/authentication.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/it/authentication.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/it/client-scopes-help.json b/js/apps/admin-ui/public/locales/it/client-scopes-help.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/it/client-scopes-help.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/it/client-scopes.json b/js/apps/admin-ui/public/locales/it/client-scopes.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/it/client-scopes.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/it/clients-help.json b/js/apps/admin-ui/public/locales/it/clients-help.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/it/clients-help.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/it/clients.json b/js/apps/admin-ui/public/locales/it/clients.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/it/clients.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/it/common-help.json b/js/apps/admin-ui/public/locales/it/common-help.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/it/common-help.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/it/common.json b/js/apps/admin-ui/public/locales/it/common.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/it/common.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/it/dashboard.json b/js/apps/admin-ui/public/locales/it/dashboard.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/it/dashboard.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/it/dynamic.json b/js/apps/admin-ui/public/locales/it/dynamic.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/it/dynamic.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/it/events.json b/js/apps/admin-ui/public/locales/it/events.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/it/events.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/it/groups.json b/js/apps/admin-ui/public/locales/it/groups.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/it/groups.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/it/identity-providers-help.json b/js/apps/admin-ui/public/locales/it/identity-providers-help.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/it/identity-providers-help.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/it/identity-providers.json b/js/apps/admin-ui/public/locales/it/identity-providers.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/it/identity-providers.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/it/realm-settings-help.json b/js/apps/admin-ui/public/locales/it/realm-settings-help.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/it/realm-settings-help.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/it/realm-settings.json b/js/apps/admin-ui/public/locales/it/realm-settings.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/it/realm-settings.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/it/realm.json b/js/apps/admin-ui/public/locales/it/realm.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/it/realm.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/it/roles.json b/js/apps/admin-ui/public/locales/it/roles.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/it/roles.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/it/sessions.json b/js/apps/admin-ui/public/locales/it/sessions.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/it/sessions.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/ca/authentication-help.json b/js/apps/admin-ui/public/locales/it/translation.json similarity index 100% rename from js/apps/admin-ui/public/locales/ca/authentication-help.json rename to js/apps/admin-ui/public/locales/it/translation.json diff --git a/js/apps/admin-ui/public/locales/it/user-federation-help.json b/js/apps/admin-ui/public/locales/it/user-federation-help.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/it/user-federation-help.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/it/user-federation.json b/js/apps/admin-ui/public/locales/it/user-federation.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/it/user-federation.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/it/users-help.json b/js/apps/admin-ui/public/locales/it/users-help.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/it/users-help.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/it/users.json b/js/apps/admin-ui/public/locales/it/users.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/it/users.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/ja/translation.json b/js/apps/admin-ui/public/locales/ja/translation.json new file mode 100644 index 0000000000..bb53817642 --- /dev/null +++ b/js/apps/admin-ui/public/locales/ja/translation.json @@ -0,0 +1,926 @@ +{ + "add": "追加", + "create": "作成", + "save": "保存", + "continue": "続ける", + "remove": "削除", + "key": "キー", + "value": "値", + "next": "次へ", + "back": "戻る", + "export": "エクスポート", + "action": "アクション", + "download": "ダウンロード", + "clear": "クリア", + "on": "オン", + "off": "オフ", + "edit": "編集", + "enabled": "有効", + "disabled": "無効", + "disable": "無効", + "none": "none", + "signOut": "サインアウト", + "manageAccount": "アカウントの管理", + "serverInfo": "サーバー情報", + "testConnection": "接続テスト", + "description": "説明", + "type": "タイプ", + "category": "カテゴリー", + "priority": "優先度", + "clientScope": { + "default": "DEFAULT" + }, + "allTypes": "すべてのタイプ", + "manage": "管理", + "clients": "クライアント", + "clientScopes": "クライアント・スコープ", + "realmRoles": "レルムロール", + "users": "ユーザー", + "sessions": "セッション", + "events": "イベント", + "mappers": "マッパー", + "permissions": "パーミッション", + "usersPermissionsHint": "レルム内のすべてのユーザーを管理するきめ細かいパーミッション。レルム内のユーザーを管理できるユーザーには、さまざまなポリシーを定義できます。", + "clientsPermissionsHint": "このクライアントを管理したり、このクライアントによって定義されたロールを適用したりする管理者のきめ細かいパーミッションです。", + "permissionsEnabled": "パーミッションが有効", + "scopePermissions": { + "clients": { + "manage-description": "管理者がこのクライアントを管理できるかどうかを決定するポリシー", + "view-description": "管理者がこのクライアントを表示できるかどうかを決定するポリシー", + "map-roles-description": "管理者がこのクライアントによって定義されたロールをマップできるかどうかを決定するポリシー", + "map-roles-client-scope-description": "管理者がこのクライアントによって定義されたロールを別のクライアントのクライアント・スコープに適用できるかどうかを決定するポリシー", + "map-roles-composite-description": "管理者がこのクライアントによって定義されたロールをコンポジットとして別のロールに適用できるかどうかを決定するポリシー", + "token-exchange-description": "このクライアントを対象とするトークンのトークン交換を許可するクライアントを決定するポリシー。" + }, + "users": { + "view-description": "管理者がレルム内のすべてのユーザーを表示できるかどうかを決定するポリシー", + "manage-description": "管理者がレルム内のすべてのユーザーを管理できるかどうかを決定するポリシー", + "map-roles-description": "管理者がすべてのユーザーのロールをマップできるかどうかを決定するポリシー", + "manage-group-membership-description": "管理者がレルム内のすべてのユーザーのグループ・メンバーシップを管理できるかどうかを決定するポリシー。これは、特定のグループポリシーと組み合わせて使用??されます", + "impersonate-description": "管理者が他のユーザーを偽装できるかどうかを決定するポリシー", + "user-impersonated-description": "どのユーザーを偽装するかを決定するポリシー。これらのポリシーは、偽装されているユーザーに適用されます。" + } + }, + "configure": "設定", + "realmSettings": "レルムの設定", + "authentication": "認証", + "identityProviders": "アイデンティティー・プロバイダー", + "userFederation": "ユーザー・フェデレーション", + "settings": "設定", + "details": "詳細", + "Sunday": "日", + "Monday": "月", + "Tuesday": "火", + "Wednesday": "水", + "Thursday": "木", + "Friday": "金", + "Saturday": "土", + "times": { + "seconds": "秒", + "minutes": "分", + "hours": "時", + "days": "日" + }, + "attributes": "属性", + "credentials": "クレデンシャル", + "clientId": "クライアントID", + "clientName": "名前", + "id": "ID", + "mapperType": "マッパータイプ", + "leave": "外す", + "password": "パスワード", + "passwordConfirmation": "新しいパスワード(確認)", + "temporaryPassword": "一時的", + "temporaryPasswordHelpText": "有効の場合は、ユーザーは次のログイン時にパスワードの変更が必要となります。", + "profile": "プロファイル", + "disabledFeatures": "使用できない機能", + "protocol": "プロトコル", + "copy": "コピー", + "clientAuthorization": "認可", + "importClient": "クライアントのインポート", + "webOrigins": "Webオリジン", + "adminURL": "管理URL", + "formatOption": "フォーマット・オプション", + "encryptAssertions": "アサーションを暗号化する", + "clientSignature": "クライアント署名が必須", + "keys": "鍵", + "roles": "ロール", + "addClientScope": "クライアント・スコープの追加", + "fullScopeAllowed": "フルスコープを許可", + "setup": "セットアップ", + "selectAUser": "ユーザーを選択", + "client": "client", + "evaluate": "評価", + "reevaluate": "再評価", + "showAuthData": "認可データを表示", + "unanimous": "Unanimous", + "affirmative": "Affirmative", + "consensus": "Consensus", + "authScopes": "認可スコープ", + "anyResource": "任意のリソース", + "anyScope": "任意のスコープ", + "selectScope": "スコープを選択", + "applyToResourceType": "リソースタイプに適用", + "contextualInfo": "コンテキスト情報", + "contextualAttributes": "コンテキスト属性", + "kc": { + "realm": { + "name": "レルム" + } + }, + "policyEnforcementMode": "ポリシー施行モード", + "policyEnforcementModes": { + "ENFORCING": "実施", + "PERMISSIVE": "許容", + "DISABLED": "無効" + }, + "decisionStrategy": "決定戦略", + "iconUri": "アイコンURI", + "ownerManagedAccess": "User-Managed Accessの有効", + "allowRemoteResourceManagement": "リモートリソース管理", + "resources": "リソース", + "resource": "リソース", + "scope": "スコープ", + "owner": "オーナー", + "uris": "URI", + "scopes": "スコープ", + "policies": "ポリシー", + "createPermission": "パーミッションを作成", + "identityInformation": "アイデンティティー情報", + "resourceType": "リソースタイプ", + "createPolicy": "ポリシーを作成", + "applyPolicy": "ポリシーの適用", + "groupsClaim": "グループクレーム", + "month": "月", + "hour": "時", + "minute": "分", + "code": "コード", + "logic": "ロジック", + "logicType": { + "positive": "Positive", + "negative": "Negative" + }, + "scopeParameter": "スコープ・パラメーター", + "effectiveProtocolMappers": "有効なプロトコル・マッパー", + "effectiveRoleScopeMappings": "有効なロールスコープ・マッピング", + "generatedAccessToken": "生成されたアクセストークン", + "parentClientScope": "親クライアント・スコープ", + "user": "ユーザー", + "clientList": "クライアント", + "initialAccessToken": "初期アクセストークン", + "alwaysDisplayInUI": "常にコンソールに表示", + "created": "作成日", + "lastUpdated": "最終更新日", + "expires": "有効期限", + "count": "カウント", + "remainingCount": "残りのカウント", + "expiration": "有効期限", + "clientAuthentication": "クライアント認証", + "frontchannelLogout": "フロントチャンネル・ログアウト", + "rootUrl": "ルートURL", + "validRedirectUri": "有効なリダイレクトURI", + "idpInitiatedSsoRelayState": "IDP Initiated SSOのRelayState", + "masterSamlProcessingUrl": "SAMLを処理するマスターURL", + "nameIdFormat": "Name IDフォーマット", + "forceNameIdFormat": "Name IDフォーマットを強制", + "forcePostBinding": "POSTバインディングを強制", + "includeAuthnStatement": "AuthnStatementを含める", + "includeOneTimeUseCondition": "OneTimeUse条件を含める", + "optimizeLookup": "REDIRECT署名鍵検索の最適化", + "signDocuments": "ドキュメントを署名する", + "signAssertions": "アサーションを署名する", + "signatureKeyName": "SAML署名鍵名", + "canonicalization": "正規化方式", + "loginTheme": "ログインテーマ", + "clientAuthenticator": "クライアント認証", + "clientSecret": "クライアント・シークレット", + "selectMethodType": { + "import": "インポート" + }, + "registrationAccessToken": "登録用アクセストークン", + "subject": "サブジェクトDN", + "revocation": "無効化", + "clustering": "クラスタリング", + "notBefore": "この日時より前", + "setToNow": "現在日時を設定", + "addNode": "ノードを追加", + "push": "プッシュ", + "nodeReRegistrationTimeout": "ノード再登録のタイムアウト", + "registeredClusterNodes": "登録済みクラスターノード", + "nodeHost": "ノードホスト", + "lastRegistration": "最終登録", + "testClusterAvailability": "クラスターの可用性をテスト", + "registerNodeManually": "ノードを手動で登録", + "fineGrainOpenIdConnectConfiguration": "OpenID Connectの詳細設定", + "fineGrainSamlEndpointConfig": "SAMLエンドポイントの詳細設定", + "accessTokenSignatureAlgorithm": "アクセストークン署名アルゴリズム", + "idTokenSignatureAlgorithm": "IDトークン署名アルゴリズム", + "idTokenEncryptionKeyManagementAlgorithm": "IDトークン暗号化鍵管理アルゴリズム", + "idTokenEncryptionContentEncryptionAlgorithm": "IDトークン暗号化コンテンツの暗号化アルゴリズム", + "userInfoSignedResponseAlgorithm": "署名付きUserInfoレスポンスのアルゴリズム", + "requestObjectSignatureAlgorithm": "リクエスト・オブジェクトの署名アルゴリズム", + "requestObjectRequired": "リクエスト・オブジェクトが必要", + "excludeSessionStateFromAuthenticationResponse": "認証レスポンスからセッション状態を除外", + "assertionConsumerServicePostBindingURL": "アサーション・コンシューマー・サービスのPOSTバインディングURL", + "assertionConsumerServiceRedirectBindingURL": "アサーション・コンシューマー・サービスのRedirectバインディングURL", + "logoutServicePostBindingURL": "ログアウト・サービスのPOSTバインディングURL", + "logoutServiceRedirectBindingURL": "ログアウト・サービスのRedirectバインディングURL", + "assertionLifespan": "アサーションの有効期限", + "accessTokenLifespan": "アクセストークン生存期間", + "oAuthMutual": "OAuth 2.0相互TLS証明書バインド・アクセストークンが有効", + "keyForCodeExchange": "Proof Key for Code Exchangeのコードチャレンジ方式", + "authenticationOverrides": "認証フローのオーバーライド", + "browserFlow": "ブラウザーフロー", + "directGrant": "ダイレクト・グラント・フロー", + "useJwksUrl": "JWKS URLの使用", + "certificate": "証明書", + "jwksUrl": "JWKS URL", + "generateNewKeys": "新しい鍵を生成", + "archiveFormat": "アーカイブ形式", + "keyAlias": "キーエイリアス", + "keyPassword": "鍵のパスワード", + "storePassword": "ストアのパスワード", + "importFile": "ファイルをインポート", + "tokenLifespan": { + "expires": "有効期限" + }, + "clientType": "「OpenID Connect」により、クライアントは認可サーバーによって実行される認証に基づいてエンドユーザーのアイデンティティーを検証できます。「SAML」は、クロスドメインのシングル・サインオン(SSO)を含むWebベースの認証および認可のシナリオを可能にし、アサーションを含むセキュリティー・トークンを使用して情報を渡します。", + "serviceAccount": "このクライアントをKeycloakで認証し、このクライアント専用のアクセストークンの取得ができるようになります。OAuth2の仕様における「クライアント・クレデンシャル・グラント」のサポートを有効にします。", + "authorization": "きめ細かい認可のサポートを有効/無効にします。", + "directAccess": "ダイレクト・アクセス・グラントのサポートを有効にします。これは、アクセストークンの取得のためにKeycloakサーバーとユーザーのユーザー名/パスワードで直接アクセスを行います。OAuth2の仕様における「リソース・オーナー・パスワード・クレデンシャル・グラント」のサポートを有効にします。", + "standardFlow": "OpenID Connectの標準的な、認可コードによるリダイレクト・ベースの認証を有効にします。OpenID ConnectまたはOAuth2の仕様における「認可コードフロー」のサポートを有効にします。", + "implicitFlow": "OpenID Connectの認可コードなしのリダイレクト・ベース認証のサポートを有効にします。OpenID ConnectまたはOAuth2の仕様における「インプリシット・フロー」のサポートを有効にします。", + "rootURL": "相対URLに追加するルートURLを設定します。", + "validRedirectURIs": "ログインまたはログインの成功後にブラウザーがリダイレクト可能とする、有効なURIパターンを設定します。「http://example.com/*」のような単純なワイルドカードが使用可能です。相対パス、つまり「/my/relative/path/*」も指定可能です。相対パスはクライアントのルートURLを基準とします。または、未指定の場合は認証サーバーのルートURLが使用されます。SAMLでは、ログイン・リクエストに埋め込まれたコンシューマー・サービスのURLに依存している場合は、有効なURIパターンを設定する必要があります。", + "nameIdFormatHelp": "サブジェクトに使用するName IDフォーマットを設定します。", + "alwaysDisplayInUIHelp": "ユーザーのアクティブなセッションがない場合でも、このクライアントを常にアカウント・コンソールに一覧表示します。", + "forceNameIdFormatHelp": "要求されたNameIDサブジェクト・フォーマットを無視し、管理コンソールで設定された物を使用します。", + "forcePostBindingHelp": "レスポンスに常にPOSTバインディングを使用します。", + "includeAuthnStatementHelp": "認証方式とタイムスタンプを含めたステートメントをログイン・レスポンスに含めるべきか設定します。", + "includeOneTimeUseConditionHelp": "OneTimeUse条件をログイン・レスポンスに含めるべきか設定します。", + "optimizeLookupHelp": "Keycloakアダプターによって保護されたSPのREDIRECTバインディングでSAMLドキュメントに署名する際、署名鍵のIDを要素のSAMLプロトコルメッセージに含める必要があるかどうかを設定します。これにより、検証のために既知のすべてのキーを試行する代わりに単一のキーを使用するため、署名の検証が最適化されます。", + "signDocumentsHelp": "SAMLドキュメントをレルムで署名すべきか設定します。", + "signAssertionsHelp": "SAMLドキュメント内のアサーションを署名すべきか設定します。もしドキュメントが既に署名済みの場合は、この設定は不要です。", + "signatureAlgorithm": "ドキュメントの署名に使用する署名アルゴリズムです。", + "signatureKeyNameHelp": "署名されたSAML文書には、KeyName要素の署名鍵の識別情報が含まれています。Keycloak / RH-SSOカウンター・パーティーの場合は、KEY_IDを使用し、MS AD FSの場合はCERT_SUBJECTを使用します。他のオプションが動作しない場合はNONEをチェックして使用します。", + "canonicalizationHelp": "XML署名の正規化方式(Canonicalization Method)を設定します。", + "webOriginsHelp": "許可されるCORSオリジンを設定します。有効なリダイレクトURIのすべてのオリジンを許可するには「+」を追加してください。ただし、これには「*」ワイルドカードは含まれません。すべてのオリジンを許可するには、明示的に「*」を追加してください。", + "homeURL": "認証サーバーがクライアントへのリダイレクトまたは戻るリンクを必要とする際に使用するデフォルトURLを設定します。", + "adminURLHelp": "クライアントの管理インターフェイスのURLを設定します。クライアントがアダプターのREST APIをサポートしている場合に設定してください。このREST APIにより、認証サーバーは無効化ポリシーや他の管理タスクをプッシュすることができます。通常、クライアントのベースURLを設定します。", + "clientHelp": "認可リクエストを作成するクライアントを選択してください。提供されない場合は、認可リクエストは今いるページのクライアントで行われることになります。", + "clientIdHelp": "アイデンティティー・プロバイダーで登録されているクライアント識別子を設定します。", + "selectUser": "サーバーからパーミッションを検索するためにIDが使用されるユーザーを選択します。", + "rolesHelp": "選択されたユーザーに関連付けたいロールを選択してください。", + "contextualAttributesHelp": "実行環境や実行コンテキストによって提供される任意の属性を設定します。", + "applyToResourceTypeHelp": "このパーミッションが、特定タイプの全リソースに適用されるべきかどうかを指定します。この場合、パーミッションは特定リソースタイプの全インスタンスに対して評価されます。", + "resourcesHelp": "このパーミッションが適用されるリソース・インスタンスを指定します。", + "scopesSelect": "このパーミッションは1つまたは複数のスコープに適用されるように指定してください。", + "clientNameHelp": "クライアントの表示名を指定します。例えば、「My Client」です。ローカライズ用のキーもサポートしています。例: ${my_client}", + "descriptionHelp": "クライアント・スコープの説明", + "loginThemeHelp": "ログイン、OTP、グラント、登録、およびパスワード忘れに使用するページのテーマを選択します。", + "encryptAssertionsHelp": "SAMLアサーションをクライアントの公開鍵でAESを使い暗号化すべきか設定します。", + "clientSignatureHelp": "クライアントがSAMLリクエストとレスポンスを署名するか、そしてそれらを検証すべきどうかか設定します。", + "expirationHelp": "イベントの有効期限を設定します。期限切れのイベントはデータベースから定期的に削除されます。", + "countHelp": "このトークンを利用してクライアントをいくつ作成可能か指定します。", + "client-authenticator-type": "Keycloakサーバーに対してこのクライアントの認証に使用するクライアント認証方式を設定します。", + "registration-access-token": "登録用アクセストークンにより、クライアントはクライアント登録サービスにアクセスできます。", + "effectiveProtocolMappersHelp": "すべてのデフォルトのクライアント・スコープと選択されたオプションのスコープが含まれます。クライアントに発行されたアクセストークンを生成するときに、すべてのクライアント・スコープのすべてのプロトコル・マッパーとロールスコープのマッピングが使用されます", + "scopeParameterHelp": "このスコープ・パラメーターの値をコピー/ペーストし、このクライアント・アダプターから送信された最初のOpenID Connect認証リクエストで使用できます。このクライアントに発行されたトークンを生成するときは、デフォルトのクライアント・スコープと選択されたオプションのクライアント・スコープが使用されます", + "userHelp": "必要に応じて、サンプルのアクセストークンを生成するユーザーを選択します。ユーザーを選択しないと、評価中にサンプルのアクセストークンは生成されません", + "nodeReRegistrationTimeoutHelp": "登録されたクライアントをクラスターノードへ再登録する際の最大時間間隔を設定します。クラスターノードがこの時間内にKeycloakに再登録リクエストを送信しない場合は、Keycloakから登録解除されます。", + "accessTokenSignatureAlgorithmHelp": "アクセストークンの署名に使用されるJWAアルゴリズム。", + "idTokenSignatureAlgorithmHelp": "IDトークンの署名に使用されるJWAアルゴリズム。", + "idTokenEncryptionKeyManagementAlgorithmHelp": "IDトークンの暗号化鍵の管理に使用されるJWAアルゴリズム。このオプションは、暗号化されたIDトークンが必要な場合に必須です。空のままにすると、IDトークンは署名されますが、暗号化されません。", + "idTokenEncryptionContentEncryptionAlgorithmHelp": "IDトークンの暗号化の際に、コンテンツの暗号化に使用されるJWAアルゴリズム。このオプションは、暗号化されたIDトークンが必要な場合にのみ必須です。空のままにすると、IDトークンは署名されますが、暗号化されません。", + "userInfoSignedResponseAlgorithmHelp": "署名付きUserInfoエンドポイントのレスポンスに使用するJWAアルゴリズムを設定します。「unsigned」に設定した場合は、UserInfoレスポンスは署名されず、application/json形式で返されます。", + "requestObjectSignatureAlgorithmHelp": "クライアントが「request」または「request_uri」パラメーターで指定されたOIDCリクエスト・オブジェクトを送信する際に使用する必要がある、JWAアルゴリズムを設定します。「any」に設定した場合は、リクエスト・オブジェクトは任意のアルゴリズム(「none」を含む)で署名されます。", + "requestObjectRequiredHelp": "クライアントが認可リクエストとともにリクエスト・オブジェクトを提供する必要があるかどうか、およびそのためにどの方法を使用できるかを指定します。「not required」に設定されている場合、リクエスト・オブジェクトの提供はオプションです。それ以外のケースでは、リクエスト・オブジェクトを提供する必要があります。「request」に設定されている場合、リクエスト・オブジェクトは値で提供される必要があります。「request_uri」に設定されている場合、リクエスト・オブジェクトは参照によって提供される必要があります。「requestまたはrequest_uri」に設定されている場合、いずれの方法も使用できます。", + "idpInitiatedSsoUrlName": "IDP Initiated SSOを行う際にクライアントを参照するためのURLフラグメント名を設定します。空にするとIDP Initiated SSOは無効になります。ブラウザーから参照するURLは「{server-root}/realms/{realm}/protocol/saml/clients/{client-url-name}」になります。", + "idpInitiatedSsoRelayStateHelp": "IDP Initiated SSOを行う際のSAMLリクエストで送信したいRelayStateを設定します。", + "masterSamlProcessingUrlHelp": "設定された場合は、このURLがSPのアサーション・コンシューマーおよびシングル・ログアウト・サービスの両方のBindingに使われます。これは、SAMLエンドポイントの詳細設定にある各Bindingやサービスの設定にて個別に上書きすることができます。", + "excludeSessionStateFromAuthenticationResponseHelp": "これがオンの場合、パラメーター「session_state」はOpenID Connect認証レスポンスに含まれません。クライアントが「session_state」パラメーターをサポートしていない古いOIDC / OAuth2アダプターを使用している場合に便利です。", + "assertionLifespanHelp": "SAMLアサーション条件に設定された有効期限。その後、アサーションは無効になります。「SessionNotOnOrAfter」属性は変更されず、レルムレベルで定義された「SSOセッション最大」時間を引き続き使用します。", + "accessTokenLifespanHelp": "アクセストークンが有効期限切れとなる最大時間です。この値はSSOタイムアウトと比べて短くすることをお勧めします。", + "oAuthMutualHelp": "これにより、OAuth 2.0相互TLS証明書バインド・アクセストークンがサポートされます。つまり、Keycloakは、Keycloakのトークン・エンドポイントとこのクライアントの間で相互TLSにより交換されるクライアントのX.509証明書と、アクセストークンおよびリフレッシュ・トークンをバインドします。これらのトークンは、ベアラートークンの代わりにHolder-of-Keyトークンとして扱うことができます。", + "keyForCodeExchangeHelp": "PKCEのどのコードチャレンジ方式を使用するかを選択します。指定しない場合、Keycloakは、クライアントが適切なコードチャレンジとコード交換の方式で認可リクエストを送信しない限り、クライアントにPKCEを適用しません。", + "assertionConsumerServicePostBindingURLHelp": "アサーション・コンシューマー・サービス(ログイン・レスポンス)のSAML POSTバインディングURLを設定します。このBindingのためのURLがない場合は空でよいです。", + "assertionConsumerServiceRedirectBindingURLHelp": "アサーション・コンシューマー・サービス(ログイン・レスポンス)のSAML RedirectバインディングURLを設定します。このBindingのためのURLがない場合は空でよいです。", + "logoutServicePostBindingURLHelp": "シングル・ログアウト・サービスのSAMLPOSTバインディングURLを設定します。異なるBindingを使用している場合は空でよいです。", + "logoutServiceRedirectBindingURLHelp": "シングル・ログアウト・サービスのSAMLRedirectバインディングURLを設定します。異なるBindingを使用している場合は空でよいです。", + "frontchannelLogoutHelp": "有効の場合は、ログアウトはクライアントへのブラウザー・リダイレクトが必要になります。無効の場合は、サーバーはログアウトのバックグラウンド呼び出しを行います。", + "authenticationOverridesHelp": "レルム認証フロー・バインディングをオーバーライドします。", + "browserFlowHelp": "ブラウザー認証で使用したいフローを選択してください。", + "directGrantHelp": "ダイレクト・グラント認証で使用したいフローを選択してください。", + "certificateHelp": "クライアントで発行され、キーストアの秘密鍵で署名されたJWTを検証するためのクライアント証明書です。", + "jwksUrlHelp": "JWK形式のクライアント鍵が格納されているURLを設定します。詳細はJWKの仕様を参照してください。「jwt」クレデンシャルを持つKeycloakクライアント・アダプターを使用している場合は、アプリケーションに「/k_jwks」という接尾辞を付けたURLを使用することができます。例えば、「http://www.myhost.com/myapp/k_jwks」です。", + "archiveFormatHelp": "JavaキーストアまたはPKCS12アーカイブ形式", + "keyAliasHelp": "秘密鍵と証明書のアーカイブ・エイリアスです。", + "keyPasswordHelp": "アーカイブ内の秘密鍵にアクセスするためのパスワード", + "storePasswordHelp": "アーカイブ自身にアクセスするためのパスワード", + "consentRequired": "有効の場合は、ユーザーはクライアント・アクセスに同意する必要があります。", + "import": "リソースサーバーの認可設定を含むJSONファイルをインポートします。", + "policyEnforcementModeHelp": "ポリシー施行モードは、認可リクエストを評価する際に適用される方法を決定します。「Enforcing」は、与えられたリソースに関連するポリシーが存在しない場合でも、リクエストはデフォルトで拒否されることを意味します。「Permissive」は、与えられたリソースに関連するポリシーが存在しない場合でも、リクエストは許可されることを意味します。「Disabled」は、完全にポリシーの評価を無効にし、任意のリソースへのアクセスを許可します。", + "decisionStrategyHelp": "決定戦略は、パーミッションの評価方法と最終的な判定の取得方法を決定します。「Affirmative」とは、リソースおよびそのスコープへのアクセスを許可するために、少なくとも1つのパーミッションが肯定的な判定に評価される必要があることを意味します。「Unanimous」とは、最終的な判定も肯定的であるために、すべてのパーミッションが肯定的な判定に評価される必要があることを意味します。", + "allowRemoteResourceManagementHelp": "リソースは、リソースサーバーによりリモートで管理すべきかどうかを設定します。オフの場合は、リソースはこの管理コンソールだけで管理されます。", + "resourceName": "このリソースの一意な名前。この名前は、リソースを一意に識別するために使用でき、特定のリソースを照会するときに便利です。", + "typeHelp": "作成された各クライアントにデフォルト・スコープとして追加されるクライアント・スコープ", + "urisHelp": "リソースによって保護されているURIのセット。", + "scopesHelp": "認可リクエストの際に送信されるスコープです。スペース区切りでスコープのリストを設定します。デフォルトは「openid」です。", + "fullScopeAllowedHelp": "全ての制限の無効を許可します。", + "ownerManagedAccessHelp": "有効にすると、このリソースへのアクセスをリソースオーナーが管理できます。", + "resourceAttribute": "リソースに関連付けられた属性。", + "resetActions": "リセット・アクション", + "lifespan": "有効期限", + "scopeName": "このスコープのユニークな名前を設定します。名前はスコープの一意な識別に使用され、特定のスコープを照会する際に使用することができます。", + "policy-name": "このポリシーの名前を設定します。", + "policy-description": "このポリシーの説明を設定します。", + "policyDecisionStagey": "決定戦略は、ポリシーの評価方法と最終的な判定方法を決定します。「Affirmative」は、最終判定がpositiveとなるためには、少なくとも1つのポリシーがpositiveと評価する必要がある、ということを意味します。「Unanimous」は、全体の判定がpositiveとなるためには、すべてのポリシーがpositiveと評価する必要がある、ということを意味します。「Consensus」は、positiveの数がnegativeの数より多くなければならないことを意味します。positiveとnegativeの数が同じ場合は、最終的な判定はnegativeになります。", + "applyPolicyHelp": "このポリシーやパーミッションで定義されたスコープに適用するすべてのポリシーを設定します。", + "policyClient": "このポリシーで許可されるクライアントを指定します。", + "groupsClaimHelp": "定義されている場合、ポリシーは、パーミッションを要求するアイデンティティーを表すアクセストークンまたはIDトークン内の特定のクレームから、ユーザーのグループを取得します。定義されていない場合、ユーザーのグループはレルム設定から取得されます。", + "policyGroups": "どのユーザーがこのポリシーで許可されるか指定してください。", + "policyRoles": "このポリシーで許可されるクライアント・ロールを指定してください。", + "startTime": "ポリシーを許可しない日時を定義します。現在日時がこの値より後か、等しい場合にのみ許可されます。", + "expireTime": "ポリシーを許可しない日時を定義します。現在日時がこの値より前か、等しい場合にのみ許可されます。", + "monthHelp": "ポリシーが許可される月を定義します。2番目のフィールドに値を入力して範囲を指定することもできます。この場合、現在の月が指定した2つの値の間にあるか、等しい場合のみ許可されます。", + "dayMonth": "ポリシーが許可される日を定義します。2番目のフィールドに値を入力して範囲を指定することもできます。この場合、現在の日が指定した2つの値の間にあるか、等しい場合のみ許可されます。", + "hourHelp": "ポリシーが許可される時を定義します。2番目のフィールドに値を入力して範囲を指定することもできます。この場合、現在の時が指定した2つの値の間にあるか、等しい場合のみ許可されます。", + "minuteHelp": "ポリシーが許可される分を定義します。2番目のフィールドに値を入力して範囲を指定することもできます。この場合、現在の分が指定した2つの値の間にあるか、等しい場合のみ許可されます。", + "policyCode": "このポリシーに対する条件を提供するJavaScriptコード。", + "logicHelp": "ロジックは、ポリシーの判定方法を決定します。「Positive」の場合は、このポリシーの評価中に得られた結果(許可または拒否)が判定の実行に使用されます。「Negative」の場合は、結果は反転されます。つまり、許可は拒否になり、拒否は許可になります。", + "permissionName": "このパーミッションの名前を設定します。", + "permissionDescription": "このパーミッションの説明を設定します。", + "permissionType": "このパーミッションが適用されるリソースタイプを指定します。", + "permissionsEnabledHelp": "このロールを管理するために、きめ細かいパーミッションを有効にするかどうかを決定します。無効にすると、設定されている現在のパーミッションがすべて削除されます。", + "clientScopeList": "クライアント・スコープ", + "grantedClientScopes": "付与されたクライアント・スコープ", + "includeInTokenScope": "トークンスコープに含める", + "realmRolePrefix": "レルムロールのプレフィックス", + "displayOnConsentScreen": "同意画面で表示する", + "consentScreenText": "同意画面のテキスト", + "name": "クライアント・スコープの名前。レルム内でユニークでなければなりません。スコープ・パラメーターの値として使用されるため、名前には空白文字を含めないでください", + "protocolHelp": "このクライアント・スコープによって提供されているSSOプロトコル設定がどれか", + "displayOnConsentScreenHelp": "オンで、同意が必要なクライアントにこのクライアント・スコープが追加された場合、「同意画面のテキスト」で指定されたテキストが同意画面に表示されます。オフの場合、このクライアント・スコープは同意画面に表示されません", + "consentScreenTextHelp": "このクライアント・スコープが同意が必要なクライアントに追加された場合に、同意画面に表示されるテキスト。指定しない場合は、デフォルトでクライアント・スコープの名前になります", + "includeInTokenScopeHelp": "オンの場合、このクライアント・スコープの名前がアクセストークン・プロパティーの「scope」と同様にトークン・イントロスペクション・エンドポイントのレスポンスに追加されます。オフの場合、このクライアント・スコープはトークンとトークン・イントロスペクション・エンドポイントのレスポンスから除外されます。", + "guiOrder": "GUI(同意ページのような)でのプロバイダーの順序を整数で指定します。", + "prefix": "各レルムロールのプレフィックスを設定します(オプション)。", + "multiValued": "属性がマルチバリューをサポートしているかどうかを示します。サポートしている場合は、この属性のすべての値リストがクレームとして設定されます。サポートしていない場合は、最初の値だけがクレームとして設定されます。", + "tokenClaimName": { + "label": "トークンクレーム名", + "tooltip": "トークン内に挿入するクレームの名前を設定します。「address.street」のように完全修飾名で設定します。この場合、ネストされたJSONオブジェクトが作成されます。ネスティングを防ぎ、ドットを文字通りに使用するには、ドットをバックスラッシュ(\\.)でエスケープします。" + }, + "claimJsonType": "トークンへのJSONクレームの追加で使用されるJSONタイプを設定します。long、int、boolean、String、JSONが有効な値です。", + "protocolMapper": "プロトコルです。", + "createGroup": "グループの作成", + "members": "メンバー", + "email": "Eメール", + "lastName": "姓", + "firstName": "名", + "associatedRolesText": "関連ロール", + "title": "認証", + "addRole": "ロールの追加", + "roleName": "ロール名", + "composite": "複合", + "usersInRole": "ロールのユーザー", + "addUser": "ユーザーの追加", + "userName": "ユーザー名", + "join": "参加", + "groupMembership": "グループ・メンバーシップ", + "createdAt": "作成日", + "username": "ユーザー名", + "emailVerified": "Eメールが確認済み", + "status": "ステータス", + "requiredUserActions": "必要なユーザー・アクション", + "impersonate": "代理ログイン", + "verifyEmail": "Eメールの確認", + "consents": "同意", + "identityProvider": "アイデンティティー・プロバイダー", + "identityProviderLinks": "アイデンティティー・プロバイダーのリンク", + "revoke": "無効化", + "setPassword": "パスワードを設定", + "credentialType": "タイプ", + "credentialUserLabel": "ユーザーラベル", + "credentialData": "データ", + "resetPassword": "パスワードをリセット", + "showPasswordDataValue": "値", + "credentialResetBtn": "クレデンシャルのリセット", + "hours": "時", + "minutes": "分", + "seconds": "秒", + "credentialResetConfirm": "Eメールを送信", + "temporaryLocked": "ユーザーは、ログインに複数回失敗したため、ロックされている可能性があります。", + "emailVerifiedHelp": "ユーザーのEメールが確認済みかどうかを設定します。", + "requiredUserActionsHelp": "ユーザーがログインするときに必要なアクションです。「Verify email」は、Eメールアドレスを確認するためのEメールをユーザーに送信します。「Update profile」は、新しい個人情報を入力する必要があります。「Update password」は、ユーザーが新しいパスワードを入力する必要があります。「Configure OTP」は、モバイル・パスワード・ジェネレーターの設定が必要です。", + "groups": "メンバーであるグループです。グループから外すには、グループを選択して「外す」ボタンをクリックしてください。", + "lastAccess": "最終アクセス", + "adminEvents": "管理イベント", + "time": "日時", + "eventType": "イベントタイプ", + "ipAddress": "IPアドレス", + "realm": "レルム", + "resourcePath": "リソースパス", + "resourceTypes": "リソースタイプ", + "operationType": "操作タイプ", + "operationTypes": "操作タイプ", + "auth": "認証", + "representation": "Representation", + "partialImport": "部分インポート", + "partialExport": "部分エクスポート", + "general": "一般", + "login": "login", + "themes": "テーマ", + "eventListeners": "イベントリスナー", + "eventListenersHelpText": "どのリスナーがレルムのイベントを受け取るか設定します。", + "adminEventsSettings": "管理イベントの設定", + "saveEvents": "イベントの保存", + "clearAdminEvents": "管理イベントのクリア", + "includeRepresentation": "Representationを含める", + "from": "差出人", + "fromDisplayName": "差出人の表示名", + "replyTo": "返信先", + "replyToDisplayName": "返信先の表示名", + "envelopeFrom": "Envelope From", + "host": "ホスト", + "port": "ポート", + "enableSSL": "SSLの有効", + "enableStartTLS": "StartTLSの有効", + "keystore": "キーストア", + "providers": "プロバイダー", + "algorithm": "アルゴリズム", + "uiDisplayName": "コンソール表示名", + "active": "アクティブ", + "providerId": "ID", + "kid": "Kid", + "provider": "プロバイダー", + "providerDescription": "プロバイダーの説明", + "publicKeys": "公開鍵", + "userRegistration": "ユーザー登録", + "userRegistrationHelpText": "登録ページの有効/無効。ログインページに登録のリンクも表示されるようになります。", + "forgotPassword": "パスワード忘れ", + "rememberMe": "ログイン状態の保存", + "rememberMeHelpText": "セッションの有効期限が切れるまではブラウザーの再起動でもログイン状態を保存するチェックボックスをログインページに表示します。", + "registrationEmailAsUsername": "Eメールをユーザー名とする", + "loginWithEmail": "Eメールでログイン", + "loginWithEmailHelpText": "ユーザーがEメールアドレスでログインできるようにします。", + "duplicateEmails": "メールの重複", + "duplicateEmailsHelpText": "複数のユーザーが同じEメールアドレスを持つことを許可します。この設定を変更すると、ユーザーのキャッシュもクリアされます。重複するEメールアドレスのサポートを無効にした後で、データベース内の既存ユーザーのEメールの制約を手動で更新することをお勧めします。", + "editUsername": "ユーザー名の編集", + "htmlDisplayName": "HTML表示名", + "frontendUrl": "フロントエンドURL", + "requireSsl": "SSLの要求", + "sslType": { + "all": "全てのリクエスト", + "external": "外部リクエスト", + "none": "none" + }, + "userManagedAccess": "User-Managed Access", + "endpoints": "エンドポイント", + "openIDEndpointConfiguration": "OpenIDエンドポイントの設定", + "samlIdentityProviderMetadata": "SAML 2.0アイデンティティー・プロバイダー・メタデータ", + "accountTheme": "アカウントテーマ", + "adminTheme": "管理コンソールテーマ", + "emailTheme": "Eメールテーマ", + "SSOSessionIdle": "SSOセッション・アイドル", + "SSOSessionMax": "SSOセッション最大", + "SSOSessionIdleRememberMe": "SSOセッション・アイドル・リメンバーミー", + "SSOSessionMaxRememberMe": "SSOセッション最大リメンバーミー", + "clientSessionIdle": "クライアント・セッション・アイドル", + "clientSessionMax": "クライアント・セッション最大", + "offlineSessionIdle": "オフライン・セッション・アイドル", + "offlineSessionMaxLimited": "オフライン・セッション最大制限", + "offlineSessionMax": "オフライン・セッション最大", + "loginTimeout": "ログイン・タイムアウト", + "loginActionTimeout": "ログイン・アクション・タイムアウト", + "defaultSigAlg": "デフォルトの署名アルゴリズム", + "revokeRefreshToken": "リフレッシュ・トークンの無効化", + "refreshTokenMaxReuse": "リフレッシュ・トークンの最大再利用回数", + "accessTokenLifespanImplicitFlow": "インプリシット・フローにおけるアクセストークン生存期間", + "clientLoginTimeout": "クライアントのログイン・タイムアウト", + "userInitiatedActionLifespan": "ユーザー起動アクションの有効期間", + "defaultAdminInitiated": "デフォルトの管理者起動アクションの有効期間", + "executeActions": "アクションの実行", + "clientProfileDescription": "説明", + "tokens": "トークン", + "supportedLocales": "サポートされるロケール", + "defaultLocale": "デフォルト・ロケール", + "validatorDialogColNames": { + "colName": "ロール名" + }, + "validatorColNames": { + "colConfig": "設定" + }, + "eventTypes": { + "IMPERSONATE": { + "name": "代理ログイン" + }, + "LOGOUT": { + "name": "ログアウト" + }, + "REGISTER": { + "name": "登録" + }, + "RESET_PASSWORD": { + "name": "パスワードをリセット" + } + }, + "deleteEvents": "イベントのクリア", + "defaultRoles": "デフォルトロール", + "defaultGroups": "デフォルト・グループ", + "securityDefences": "セキュリティー防御", + "headers": "ヘッダー", + "bruteForceDetection": "ブルートフォースの検出", + "xFrameOptions": "X-Frame-Options", + "contentSecurityPolicy": "Content-Security-Policy", + "contentSecurityPolicyReportOnly": "Content-Security-Policy-Report-Only", + "xContentTypeOptions": "X-Content-Type-Options", + "xRobotsTag": "X-Robots-Tag", + "xXSSProtection": "X-XSS-Protection", + "strictTransportSecurity": "HTTP Strict Transport Security(HSTS)", + "failureFactor": "最大ログイン失敗回数", + "permanentLockout": "永久ロックアウト", + "waitIncrementSeconds": "連続失敗時の待機時間", + "maxFailureWaitSeconds": "最大待機時間", + "maxDeltaTimeSeconds": "ログイン失敗回数のリセット時間", + "minimumQuickLoginWaitSeconds": "クイックログイン失敗時の最小待機時間", + "fromDisplayNameHelp": "差出人のアドレスのユーザー・フレンドリーな名前です(オプション)。", + "replyToDisplayNameHelp": "返信先のアドレスのユーザー・フレンドリーな名前です(オプション)。", + "envelopeFromHelp": "バウンスに使用されるEメールアドレス(オプション)。", + "passwordHelp": "SMTPパスワード。このフィールドは、ボールトから値を取得できます。${vault.ID}形式を使用します。", + "frontendUrlHelp": "レルムのフロントエンドURLを設定します。デフォルトのホスト名プロバイダーと組み合わせて使用し、特定のレルムのフロントエンド・リクエストのベースURLをオーバーライドします。", + "requireSslHelp": "HTTPSが必須かどうか。「なし」は、HTTPSがどのIPアドレスのクライアントにも要求されないことを意味します。「外部リクエスト」は、ローカルホストとプライベートIPアドレスのクライアントがHTTPSなしでアクセスできることを意味します。「すべてのリクエスト」は、HTTPSがすべてのIPアドレスのクライアントに要求されることを意味します。", + "userManagedAccessHelp": "有効にすると、ユーザーはアカウント管理コンソールを使用してリソースとパーミッションを管理できます。", + "endpointsHelp": "プロトコル・エンドポイントの設定を表示します。", + "accountThemeHelp": "ユーザー・アカウント管理画面のテーマを選択します。", + "adminThemeHelp": "管理コンソールのテーマを選択します。", + "emailThemeHelp": "サーバーから送信されるEメールのテーマを選択します。", + "save-user-events": "有効の場合は、ログインイベントがデータベースに保存され、管理コンソールとアカウント管理で使用することができます。", + "save-admin-events": "有効の場合は、管理イベントがデータベースに保存され、管理コンソールで使用可能になります。", + "admin-clearEvents": "データベース内のすべての管理イベントを削除します。", + "includeRepresentationHelp": "作成または更新リクエストのJSON Representationを含めるかどうかを設定します。", + "failureFactorHelp": "検出するまでの失敗回数です。", + "permanentLockoutHelp": "最大ログイン失敗回数を超えたときに、ユーザーを永久にロックします。", + "waitIncrementSecondsHelp": "失敗回数が閾値に達した場合、どれくらいの時間ユーザーはロックアウトされるか設定します。", + "maxFailureWaitSecondsHelp": "ユーザーがロックアウトされる最大待機時間を設定します。", + "maxDeltaTimeSecondsHelp": "いつ失敗回数がリセットされるか設定します。", + "quickLoginCheckMilliSeconds": "クイックログイン失敗があまりにも頻繁に発生した場合は、ユーザーをロックアウトします。", + "minimumQuickLoginWaitSecondsHelp": "クイックログイン失敗後にどれくらいの時間待機するか設定します。", + "ssoSessionIdle": "セッションの有効期限が切れるまでのアイドル時間です。セッションの有効期限が切れると、トークンとブラウザー・セッションは無効化されます。", + "ssoSessionMax": "セッションの有効期限が切れるまでの最大時間です。セッションの有効期限が切れると、トークンとブラウザー・セッションは無効化されます。", + "ssoSessionIdleRememberMe": "リメンバーミー・セッションの有効期限が切れるまでのアイドル時間です。セッションが期限切れになると、トークンおよびブラウザー・セッションは無効になります。設定されていない場合は、標準のSSOセッション・アイドル値が使用されます。", + "clientSessionIdleHelp": "クライアント・セッションが期限切れになるまでアイドル状態にできる時間。トークンは、クライアント・セッションが期限切れになると無効になります。設定しない場合、標準のSSOセッション・アイドルの値が使用されます。", + "offlineSessionIdleHelp": "セッションの有効期限が切れるまでのオフライン時間です。この期限内に少なくとも1回はオフライン・トークンを使用してリフレッシュしないと、オフライン・セッションは有効期限切れとなります。", + "defaultSigAlgHelp": "このレルムでトークンの署名に使用されるデフォルトのアルゴリズム", + "revokeRefreshTokenHelp": "有効にすると、リフレッシュ・トークンは「リフレッシュ・トークンの最大再利用回数」までしか使用できず、別のトークンが使用されると無効化されます。無効にすると、リフレッシュ・トークンは使用後に無効化されず、複数回使用できます。", + "refreshTokenMaxReuseHelp": "リフレッシュ・トークンを再利用できる最大回数。別のトークンが使用された場合、即時に無効化されます。", + "clientLoginTimeoutHelp": "クライアントがアクセストークン・プロトコルを終了するまでの最大時間。これは通常1分です。", + "editUsernameHelp": "有効の場合はユーザー名フィールドが編集可能になり、そうでない場合は読み取り専用になります。", + "flows": "フロー", + "requiredActions": "必須アクション", + "passwordPolicy": "パスワード・ポリシー", + "otpPolicy": "OTPポリシー", + "webauthnPolicy": "WebAuthnポリシー", + "webauthnPasswordlessPolicy": "WebAuthnパスワードレス・ポリシー", + "webAuthnPolicyRpEntityName": "リライング・パーティー・エンティティー名", + "otpType": "OTPタイプ", + "policyType": { + "totp": "タイムベース", + "hotp": "カウンターベース" + }, + "otpHashAlgorithm": "OTPハッシュ・アルゴリズム", + "otpPolicyDigits": "桁数", + "otpPolicyPeriod": "OTPトークンの期間", + "initialCounter": "初期カウンター", + "webAuthnPolicySignatureAlgorithms": "署名アルゴリズム", + "webAuthnPolicyRpId": "リライング・パーティー・エンティティーID", + "webAuthnPolicyAttestationConveyancePreference": "期待する構成証明伝達", + "attestationPreference": { + "none": "none" + }, + "webAuthnPolicyAuthenticatorAttachment": "オーセンティケーター・アタッチメント", + "webAuthnPolicyRequireResidentKey": "常駐鍵が必要", + "webAuthnPolicyUserVerificationRequirement": "ユーザー検証要件", + "webAuthnPolicyCreateTimeout": "タイムアウト", + "webAuthnPolicyAvoidSameAuthenticatorRegister": "オーセンティケーターの重複登録回避", + "webAuthnPolicyAcceptableAaguids": "許容可能なAAGUID", + "default": "DEFAULT", + "flow": { + "browser": "ブラウザーフロー", + "registration": "登録フロー", + "direct grant": "ダイレクト・グラント・フロー" + }, + "flowType": "フロータイプ", + "flow-type": { + "basic-flow": "generic", + "form-flow": "form" + }, + "addExecution": "エグゼキューションを追加", + "requirement": "必要条件", + "requirements": { + "DISABLED": "無効" + }, + "alias": "エイリアス", + "flowTypeHelp": "どの種類のフォームかを設定します。", + "topLevelFlowType": "どの種類のトップレベル・フローを作成するか設定します。「client」タイプは、クライアント(アプリケーション)の認証で使用します。「generic」はユーザーと他のすべてで使用します。", + "aliasHelp": "エイリアスは一意にアイデンティティー・プロバイダーを識別するもので、リダイレクトURIの構築にも使用されます。", + "otpTypeHelp": "「totp」はタイムベースのワンタイム・パスワードです。「hotp」は、サーバーでハッシュに対してカウンターを保持するカウンターベースのワンタイム・パスワードです。", + "webAuthnPolicyRpEntityNameHelp": "WebAuthnリライング・パーティーとしての人間が読み取れるサーバー名", + "otpHashAlgorithmHelp": "OTPを生成するのにどのハッシュ・アルゴリズムを使用するか設定します。", + "otpPolicyDigitsHelp": "OTPの桁数を設定します。", + "otpPolicyPeriodHelp": "OTPトークンが有効な秒数を設定します。デフォルトは30秒です。", + "supportedApplications": "現在のOTPポリシーで動作することが分かっているアプリケーション", + "webAuthnPolicyFormHelp": "WebAuthn認証のポリシー。これは、「WebAuthn Register」必須アクションと「WebAuthn Authenticator」オーセンティケーターで使用されます。一般的な用途は、2要素認証にWebAuthnを使用する場合です。", + "webAuthnPolicyPasswordlessFormHelp": "パスワードレスWebAuthn認証のポリシー。これは、「Webauthn Register Passwordless」必須アクションおよび「WebAuthn Passwordless Authenticator」オーセンティケーターによって使用されます。一般的な使用法は、WebAuthnが一要素認証として使用される場合です。「WebAuthnポリシー」と「WebAuthnパスワードレス・ポリシー」の両方を使用すると、WebAuthnを同じレルムの第1要素オーセンティケーターと第2要素オーセンティケーターの両方として使用できます。", + "webAuthnPolicySignatureAlgorithmsHelp": "認証アサーションに使用する署名アルゴリズム。", + "webAuthnPolicyRpIdHelp": "これは、WebAuthnリライング・パーティーとしてのIDです。オリジンの有効なドメインでなければなりません。", + "webAuthnPolicyAttestationConveyancePreferenceHelp": "認証ステートメントを生成する方法の優先権をオーセンティケーターに通知します。", + "webAuthnPolicyAuthenticatorAttachmentHelp": "受け入れ可能なアタッチメント・パターンでオーセンティケーターと通信します。", + "webAuthnPolicyRequireResidentKeyHelp": "これは、オーセンティケーターに公開鍵クレデンシャルを常駐鍵として作成するかどうかを指示します。", + "webAuthnPolicyUserVerificationRequirementHelp": "ユーザーを実際に検証することを確認するためにオーセンティケーターと通信します。", + "webAuthnPolicyCreateTimeoutHelp": "ユーザーの公開鍵クレデンシャルの作成に対するタイムアウト値(秒単位)。0に設定すると、このタイムアウト・オプションは適応されません。", + "webAuthnPolicyAvoidSameAuthenticatorRegisterHelp": "すでに登録されているオーセンティケーターの登録を避けるかどうかを設定します。", + "webAuthnPolicyAcceptableAaguidsHelp": "登録可能なオーセンティケーターのAAGUIDのリスト。", + "unlinkUsers": "ユーザーのリンクを解除する", + "removeImported": "インポートを削除", + "vendor": "ベンダー", + "connectionURL": "接続URL", + "enableStartTls": "StartTLSの有効", + "useTruststoreSpi": "トラストストアSPIを使用", + "connectionPooling": "接続プーリング", + "connectionTimeout": "接続タイムアウト", + "bindType": "バインドタイプ", + "bindDn": "バインドDN", + "editMode": "編集モード", + "usersDN": "ユーザーDN", + "usernameLdapAttribute": "ユーザー名のLDAP属性", + "rdnLdapAttribute": "RDN LDAP属性", + "uuidLdapAttribute": "UUID LDAP属性", + "userObjectClasses": "ユーザー・オブジェクト・クラス", + "searchScope": "検索スコープ", + "readTimeout": "読み取りタイムアウト", + "pagination": "ページネーション", + "importUsers": "ユーザーのインポート", + "batchSize": "バッチサイズ", + "periodicFullSync": "定期的なフル同期", + "fullSyncPeriod": "フル同期の周期", + "periodicChangedUsersSync": "定期的な変更ユーザーの同期", + "changedUsersSyncPeriod": "変更ユーザーの同期周期", + "kerberosIntegration": "Kerberosと統合", + "allowKerberosAuthentication": "Kerberos認証を許可", + "useKerberosForPasswordAuthentication": "パスワード認証にKerberosを使用", + "cacheSettings": "キャッシュ設定", + "cachePolicy": "キャッシュ・ポリシー", + "evictionDay": "エビクションの日", + "evictionHour": "エビクションの時", + "evictionMinute": "エビクションの分", + "maxLifespan": "最大生存期間", + "validatePasswordPolicy": "パスワード・ポリシーの検証", + "trustEmail": "Eメールを信頼", + "requiredSettings": "必要な設定", + "kerberosRealm": "Kerberosレルム", + "serverPrincipal": "サーバー・プリンシパル", + "debug": "デバッグ", + "allowPasswordAuthentication": "パスワード認証を許可", + "testAuthentication": "認証テスト", + "ldapMappersList": "LDAPマッパー", + "ldapFilter": "LDAPフィルター", + "selectRole": { + "label": "ロールの選択", + "tooltip": "左側にあるテキストボックスにロールを入力するか、ブラウズして必要なロールを選択するためにこのボタンをクリックしてください。" + }, + "vendorHelp": "LDAPベンダー(プロバイダー)", + "consoleDisplayConnectionUrlHelp": "LDAPサーバーへの接続URL", + "connectionTimeoutHelp": "LDAP接続タイムアウト(ミリ秒単位)", + "bindCredentialsHelp": "LDAP管理者のパスワードを設定します。このフィールドは、ボールトから値を取得できます。${vault.ID}形式を使用します。", + "editModeLdapHelp": "READ_ONLYの場合、LDAPストアに読み取り専用でアクセスします。WRITABLEは、必要に応じてデータをLDAPに同期させることを意味します。UNSYNCEDは、ユーザーデータをインポートするが、LDAPに同期しないことを意味します。", + "fullSyncPeriodHelp": "フル同期の周期を秒で設定します。", + "changedUsersSyncHelp": "変更または新規作成されたLDAPユーザーの同期周期を秒で設定します。", + "trustEmailHelp": "有効とした場合は、このレルムでEメールの確認が有効となっている場合でも、このプロバイダーが提供するEメールは確認されなくなります。", + "debugHelp": "Krb5LoginModuleの標準出力へのデバッグロギングの有効/無効を設定します。", + "allowPasswordAuthenticationHelp": "Kerberosデータベースに対するユーザー名/パスワード認証の有効/無効を設定します。", + "updateFirstLoginHelp": "初回ログイン時のプロファイル更新の有効/無効を設定します。", + "addIdPMapper": "アイデンティティー・プロバイダー・マッパーを追加", + "redirectURI": "リダイレクトURI", + "ssoServiceUrl": "シングル・サインオン・サービスのURL", + "singleLogoutServiceUrl": "シングル・ログアウト・サービスのURL", + "nameIdPolicyFormat": "Name IDポリシー・フォーマット", + "unspecified": "未定義", + "principalType": "プリンシパル・タイプ", + "principalAttribute": "プリンシパル属性", + "httpPostBindingResponse": "HTTP-POSTバインディング・レスポンス", + "httpPostBindingAuthnRequest": "AuthnRequestのHTTP-POSTバインディング", + "httpPostBindingLogout": "HTTP-POSTバインディング・ログアウト", + "wantAuthnRequestsSigned": "AuthnRequestの署名が必要", + "samlSignatureKeyName": "SAML署名鍵名", + "wantAssertionsSigned": "アサーションの署名が必要", + "wantAssertionsEncrypted": "アサーションの暗号化が必要", + "forceAuthentication": "認証を強制", + "validatingX509Certs": "検証用のX509証明書", + "authorizationUrl": "認可URL", + "passLoginHint": "login_hintを渡す", + "passCurrentLocale": "現在のロケールを渡す", + "tokenUrl": "トークンURL", + "logoutUrl": "ログアウトURL", + "backchannelLogout": "バックチャンネル・ログアウト", + "disableUserInfo": "UserInfoの無効", + "userInfoUrl": "UserInfo URL", + "issuer": "発行者(Issuer)", + "prompt": "プロンプト(prompt)", + "prompts": { + "none": "none", + "consent": "consent", + "login": "login" + }, + "clientAuthentications": { + "client_secret_post": "POSTで送信されたクライアント・シークレット", + "client_secret_basic": "基本認証で送信されたクライアント・シークレット", + "client_secret_jwt": "JWTでクライアント・シークレット", + "private_key_jwt": "秘密鍵で署名されたJWT" + }, + "clientAssertionSigningAlg": "クライアントアサーション署名アルゴリズム", + "algorithmNotSpecified": "アルゴリズムの指定なし", + "acceptsPromptNone": "クライアントから転送されるprompt=noneを受け入れる", + "validateSignature": "署名検証", + "allowedClockSkew": "許容されるクロックスキュー", + "forwardParameters": "転送されるクエリー・パラメーター", + "storeTokens": "トークンの格納", + "storedTokensReadable": "読み取り可能なトークンを格納", + "accountLinkingOnly": "アカウントのリンクのみ", + "hideOnLoginPage": "ログインページで非表示", + "firstBrokerLoginFlowAlias": "初回ログインフロー", + "postBrokerLoginFlowAlias": "ログイン後のフロー", + "syncMode": "同期モード", + "syncModes": { + "inherit": "継承", + "import": "インポート", + "legacy": "レガシー", + "force": "強制" + }, + "syncModeOverride": "同期モードのオーバーライド", + "userAttribute": "ユーザー属性", + "redirectURIHelp": "アイデンティティー・プロバイダーの設定で使用するリダイレクトURIです。", + "displayName": "アイデンティティー・プロバイダーの分かりやすい名前を設定します。", + "clientSecretHelp": "アイデンティティー・プロバイダーで登録されているクライアント・シークレットを設定します。このフィールドは、ボールトから値を取得できます。${vault.ID}形式を使用します。", + "discoveryEndpoint": "リモートIDPディスカバリー・ディスクリプターよりメタデータをインポートします。", + "importConfig": "ダウンロードしたIDPディスカバリー・ディスクリプターよりメタデータをインポートします。", + "passLoginHintHelp": "アイデンティティー・プロバイダーにlogin_hintを渡します。", + "passCurrentLocaleHelp": "現在のロケールをui_localesパラメーターとしてアイデンティティー・プロバイダーに渡します。", + "logoutUrlHelp": "外部IDPからユーザーのログアウトに使用するセッション終了エンドポイントを設定します。", + "backchannelLogoutHelp": "外部IDPがバックチャンネル・ログアウトをサポートするどうかを設定します。", + "disableUserInfoHelp": "追加のユーザー情報を取得するUserInfoサービスの使用を無効にするかどうかを設定します。デフォルトではこのOIDCサービスを使用します。", + "userInfoUrlHelp": "UserInfoのURLを設定します。これはオプションです。", + "issuerHelp": "レスポンス内の発行者の識別子(Issuer Identifier)を設定します。未設定の場合は、検証は実行されません。", + "acceptsPromptNoneHelp": "これは、アイデンティティー・プロバイダー・オーセンティケーターとともに使用されるか、またはkc_idp_hintがこのアイデンティティー・プロバイダーを指す場合に使用されます。クライアントがprompt=noneでリクエストを送信し、ユーザーがまだ認証されていない場合、エラーは直接クライアントに返されませんが、prompt=noneのリクエストはこのアイデンティティー・プロバイダーに転送されます。", + "validateSignatureHelp": "外部IDPの署名検証の有効/無効を設定します。", + "useJwksUrlHelp": "有効とした場合は、アイデンティティー・プロバイダーの公開鍵が指定されたJWKS URLからダウンロードされます。アイデンティティー・プロバイダーが新しい鍵ペアを生成する際に、新しい鍵が常に再ダウンロードされるため、柔軟性が大幅に向上します。無効とした場合は、Keycloak DBの公開鍵(または証明書)が使用されるため、アイデンティティー・プロバイダーの鍵ペアが変更された際には、常にKeycloak DBに新しい鍵をインポートする必要があります。", + "allowedClockSkewHelp": "アイデンティティー・プロバイダーのトークンの検証時に許容されるクロックスキュー(秒単位)。デフォルト値は0です。", + "forwardParametersHelp": "最初のアプリケーションへのリクエストから取得し、外部IDPの認可エンドポイントへ転送されるOpenID Connect/OAuth標準以外のクエリー・パラメーター。複数のパラメーターをカンマ(,)で区切って入力できます。", + "clientAuthenticationHelp": "クライアント認証方法(参照:https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication)。秘密鍵で署名されたJWTの場合、レルム秘密鍵が使用されます。", + "clientAssertionSigningAlgHelp": "クライアント認証でJWTアサーションを利用するときの署名アルゴリズム。クライアント認証が 秘密鍵で署名されたJWT もしくは JWTでクライアント・シークレット の場合に設定します。アルゴリズムの指定をしなかった場合、 秘密鍵で署名されたJWT ではRS256 JWTでクライアント・シークレット ではHS256のアルゴリズムが使用されます。", + "storeTokensHelp": "ユーザー認証後のトークン格納の有効/無効を設定します。", + "storedTokensReadableHelp": "新しいユーザーが格納されたトークンを読み取り可能かどうかの有効/無効設定です。broker.read-tokenロールをアサインします。", + "accountLinkingOnlyHelp": "オンの場合、ユーザーはこのプロバイダーからログインできません。このプロバイダーにリンクすることのみできます。これは、プロバイダーからのログインを許可したくないが、プロバイダーと統合したい場合に便利です", + "hideOnLoginPageHelp": "非表示の場合、明示的に要求されていれば(例えば、「kc_idp_hint」パラメーターを使用していれば)、このプロバイダーによるログインが可能です。", + "firstBrokerLoginFlowAliasHelp": "このアイデンティティー・プロバイダーでの初回ログイン後に起動させる認証フローのエイリアスです。「初回ログイン」という用語は、認証したアイデンティティー・プロバイダー・アカウントに現在関連付けられているKeycloakアカウントがない状態であることを意味します。", + "syncModeHelp": "すべてのマッパーのデフォルトの同期モード。同期モードは、マッパーを使用してユーザーデータを同期するタイミングを決定します。可能な値は次のとおりです。このオプションが導入される前の動作を維持する「レガシー」、このアイデンティティー・プロバイダーを使用したユーザーの初回ログイン時に一度だけユーザーをインポートする「インポート」、このアイデンティティー・プロバイダーでログインするたびにユーザーを常に更新する「強制」。", + "useEntityDescriptor": "リモートIDPのSAMLエンティティー・ディスクリプターからメタデータをインポートします。", + "samlEntityDescriptor": "外部IDPメタデータを設定ファイルよりロード、またはURLよりダウンロードして設定します。", + "ssoServiceUrlHelp": "認証リクエスト(SAML AuthnRequest)の送信に使用するURLを設定します。", + "singleLogoutServiceUrlHelp": "ログアウト・リクエストの送信に使用するURLを設定します。", + "principalTypeHelp": "アサーションから外部ユーザーを識別し、追跡する方法。デフォルトではSubject NameIDを使用しますが、識別属性を設定することもできます。", + "principalAttributeHelp": "外部ユーザーを識別するために使用される属性の名前またはフレンドリー名。", + "httpPostBindingResponseHelp": "HTTP-POSTバインディングを使用してリクエストに応答するかどうかを設定します。オフの場合は、HTTP-REDIRECTバインディングが使用されます。", + "httpPostBindingAuthnRequestHelp": "HTTP-POSTバインディングを使用してAuthnRequestを送信するかどうかを設定します。オフの場合は、HTTP-REDIRECTバインディングが使用されます。", + "wantAuthnRequestsSignedHelp": "アイデンティティー・プロバイダーが署名付きAuthnRequestを要求するかどうかを設定します。", + "wantAssertionsSignedHelp": "このサービス・プロバイダーが署名付きアサーションを要求するかどうかを設定します。", + "wantAssertionsEncryptedHelp": "このサービス・プロバイダーが暗号化されたアサーションを期待するかどうかを設定します。", + "forceAuthenticationHelp": "アイデンティティー・プロバイダーが以前のセキュリティー・コンテキストに頼るのではなく、プレゼンターを直接認証すべきかどうかを設定します。", + "validateSignatures": "SAMLレスポンスの署名検証の有効/無効を設定します。", + "validatingX509CertsHelp": "署名の確認に使用するPEM形式の証明書を設定します。", + "addIdpMapperName": "マッパーの名前です。", + "syncModeOverrideHelp": "このマッパーのIDPのデフォルトの同期モードをオーバーライドします。値は次のとおりです。このオプションが導入される前の動作を維持する「レガシー」、このアイデンティティー・プロバイダーを使用したユーザーの初回ログイン時に一度だけユーザーをインポートする「インポート」、このアイデンティティー・プロバイダーでログインするたびにユーザーを常に更新する「強制」、このマッパーのアイデンティティー・プロバイダーで定義された同期モードを使用する「継承」。", + "selectARole": "ロールを選択してください", + "usermodel": { + "prop": { + "label": "プロパティー", + "tooltip": "UserModelインターフェイスのプロパティー・メソッドの名前です。例えば、「email」の値はUserModel.getEmail()メソッドを参照しています。" + }, + "attr": { + "label": "ユーザー属性", + "tooltip": "格納されるユーザー属性名、UserMode.attributeマップ内の属性名です。" + }, + "clientRoleMapping": { + "clientId": { + "label": "クライアントID", + "tooltip": "ロールマッピング用のクライアントID。このクライアントのクライアント・ロールだけがトークンに追加されます。これが設定されていない場合は、すべてのクライアントのクライアント・ロールがトークンに追加されます。" + }, + "rolePrefix": { + "label": "クライアント・ロールのプレフィックス", + "tooltip": "各クライアント・ロールのプレフィックスを設定します(オプション)。" + }, + "tokenClaimName": { + "tooltip": "トークン内に挿入するクレームの名前を設定します。「address.street」のように完全修飾名で設定します。この場合、ネストされたJSONオブジェクトが作成されます。ネスティングを防ぎ、ドットを文字通りに使用するには、ドットをバックスラッシュ(\\.)でエスケープします。特別なトークン${client_id}を使うことができ、これは実際のクライアントIDに置き換えられます。使用例は「resource_access.${client_id}.roles」です。これは、すべてのクライアントからロールを追加する場合(特に「Client ID」スイッチが設定されていない場合)や、各クライアントのクライアント・ロールを別々の場所に保存する場合に、特に便利です。" + } + }, + "realmRoleMapping": { + "rolePrefix": { + "label": "レルムロールのプレフィックス", + "tooltip": "各レルムロールのプレフィックスを設定します(オプション)。" + } + } + }, + "userSession": { + "modelNote": { + "label": "ユーザー・セッション・ノート", + "tooltip": "UserSessionModel.noteマップ内のユーザー・セッション・ノート名です。" + } + }, + "multivalued": { + "label": "マルチバリュー", + "tooltip": "属性がマルチバリューをサポートしているかどうかを示します。サポートしている場合は、この属性のすべての値リストがクレームとして設定されます。サポートしていない場合は、最初の値だけがクレームとして設定されます。" + }, + "aggregate": { + "attrs": { + "label": "属性値の集約", + "tooltip": "属性値をグループ属性と集約する必要があるかどうかを示します。OpenID Connectマッパーを使用している場合は、すべての値を取得するためにマルチバリューのオプションも有効にする必要があります。重複した値は破棄され、値の順序はこのオプションでは保証されません。" + } + }, + "jsonType": { + "label": "クレームJSONタイプ", + "tooltip": "トークンへのJSONクレームの追加で使用されるJSONタイプを設定します。long、int、boolean、String、JSONが有効な値です。" + }, + "includeInIdToken": { + "label": "IDトークンに追加", + "tooltip": "クレームをIDトークンに追加すべきかどうかを設定します。" + }, + "includeInAccessToken": { + "label": "アクセストークンに追加", + "tooltip": "クレームをアクセストークンに追加すべきかどうかを設定します。" + }, + "includeInUserInfo": { + "label": "UserInfoに追加", + "tooltip": "クレームをUserInfoに追加すべきかどうかを設定します。" + }, + "sectorIdentifierUri": { + "label": "セクター識別子URI", + "tooltip": "pairwise sub値を使用し、かつ動的クライアント登録をサポートするプロバイダーは、sector_identifier_uriパラメーターを使用すべきです(SHOULD)。これは、共通の管理下にあるWebサイト群に対し、個々のドメイン名とは独立してparwise sub値の一貫性を保持する方法を提供します。また、クライアントに対し、すべてのユーザーを再登録させることなしにredirect_uriを変更する方法も提供します。" + }, + "pairwiseSubAlgorithmSalt": { + "label": "ソルト", + "tooltip": "ペアワイズ対象識別子を計算する際に使用するソルトを設定します。空白のままにするとソルトは生成されます。" + }, + "addressClaim": { + "street": { + "label": "その他住所のユーザー属性名", + "tooltip": "「address」トークンクレーム内の「street_address」サブクレームにマップするために使用されるユーザー属性の名前。デフォルトは「street」です。" + }, + "locality": { + "label": "市区町村のユーザー属性名", + "tooltip": "「address」トークンクレーム内の「locality」サブクレームにマップするために使用されるユーザー属性の名前。デフォルトは「locality」です。" + }, + "region": { + "label": "都道府県のユーザー属性名", + "tooltip": "「address」トークンクレーム内の「region」サブクレームにマップするために使用されるユーザー属性の名前。デフォルトは「region」です。" + }, + "postal_code": { + "label": "郵便番号のユーザー属性名", + "tooltip": "「address」トークンクレーム内の「postal_code」サブクレームにマップするために使用されるユーザー属性の名前。デフォルトは「postal_code」です。" + }, + "country": { + "label": "国のユーザー属性名", + "tooltip": "「address」トークンクレーム内の「country」サブクレームにマップするために使用されるユーザー属性の名前。デフォルトは「country」です。" + }, + "formatted": { + "label": "整形された住所のユーザー属性名", + "tooltip": "「address」トークンクレーム内の「formatted」サブクレームにマップするために使用されるユーザー属性の名前。デフォルトは「formatted」です。" + } + }, + "included": { + "client": { + "audience": { + "label": "含まれるクライアント・オーディエンス", + "tooltip": "指定されたオーディエンス・クライアントのクライアントIDが、トークンのオーディエンス(aud)フィールドに含まれます。トークンに既存のオーディエンスが存在する場合は、指定された値が単にそれらに追加されます。既存のオーディエンスを上書きすることはありません。" + } + }, + "custom": { + "audience": { + "label": "含まれるカスタム・オーディエンス", + "tooltip": "これは「含まれるクライアント・オーディエンス」が入力されていない場合にのみ使用されます。指定された値が、トークンのオーディエンス(aud)フィールドに含まれます。トークンに既存のオーディエンスが存在する場合は、指定された値が単にそれらに追加されます。既存のオーディエンスを上書きすることはありません。" + } + } + }, + "name-id-format": "Name IDフォーマット", + "mapper": { + "nameid": { + "format": { + "tooltip": "マッパーを適用するName IDフォーマット" + } + } + }, + "clientScopeType": { "default": "DEFAULT" }, + "titleAuthentication": "認証", + "titleEvents": "イベント", + "titleRoles": "レルムロール", + "titleUsers": "ユーザー", + "titleSessions": "セッション" +} diff --git a/js/apps/admin-ui/public/locales/lt/translation.json b/js/apps/admin-ui/public/locales/lt/translation.json new file mode 100644 index 0000000000..79185fcfbc --- /dev/null +++ b/js/apps/admin-ui/public/locales/lt/translation.json @@ -0,0 +1,638 @@ +{ + "add": "Pridėti", + "create": "Sukurti", + "save": "Saugoti", + "continue": "Tęsti", + "remove": "Šalinti", + "key": "Raktas", + "value": "Reikšmė", + "back": "Atgal", + "export": "Eksportuoti", + "action": "Veiksmas", + "download": "Atsisiųsti", + "clear": "Išvalyti", + "on": "On", + "edit": "Redaguoti", + "enabled": "Įgalintas", + "disable": "Išjungti", + "none": "jokio", + "signOut": "Atsijungti", + "manageAccount": "Valdyti paskyrą", + "serverInfo": "Serverio informacija", + "testConnection": "Tikrinti jungtį", + "description": "Aprašymas", + "type": "Tipas", + "category": "Kategorija", + "priority": "Prioritetas", + "allTypes": "Visi tipai", + "manage": "Valdyti", + "clients": "Klientai", + "realmRoles": "Srities rolės", + "users": "Naudotojai", + "sessions": "Sesijos", + "events": "Įvykiai", + "mappers": "Atributų atitikmenys", + "permissions": "Leidimai", + "configure": "Konfigūruoti", + "realmSettings": "Srities nustatymai", + "authentication": "Autentifikavimas", + "identityProviders": "Tapatybės teikėjai", + "userFederation": "Naudotojų federavimas", + "settings": "Nustatymai", + "details": "Detaliau", + "Sunday": "Sekmadienis", + "Monday": "Pirmadienis", + "Tuesday": "Antradienis", + "Wednesday": "Trečiadienis", + "Thursday": "Ketvirtadienis", + "Friday": "Penktadienis", + "Saturday": "Šeštadienis", + "times": { + "seconds": "Sekundės", + "minutes": "Minutės", + "hours": "Valandos", + "days": "Dienos" + }, + "attributes": "Atributai", + "credentials": "Prisijungimo duomenys", + "clientId": "Kliento ID", + "clientName": "Vardas", + "id": "ID", + "mapperType": "Atitikmens tipas", + "leave": "Palikti", + "password": "Slaptažodis", + "passwordConfirmation": "Pakartotas slaptažodis", + "temporaryPassword": "Laikinas", + "temporaryPasswordHelpText": "Jei įgalinta, tuomet naudotojas privalės pasikeisti slaptažodį sekančio prisijungimo metu", + "protocol": "Protokolas", + "copy": "Kopijuoti", + "clientAuthorization": "Autorizacija", + "importClient": "Įdiegti programos nustatymus", + "webOrigins": "Šakninės nuorodos", + "adminURL": "Administravimo URL", + "formatOption": "Formato pasirinkimas", + "encryptAssertions": "Užkoduoti sprendinius", + "clientSignature": "Privalomas kliento parašas", + "keys": "Raktai", + "roles": "Rolės", + "addClientScope": "Kliento šablono kūrimas", + "fullScopeAllowed": "Taikymas pilna apimtimi", + "selectAUser": "Parinkite naudotoją", + "client": "client", + "evaluate": "Vertinti", + "reevaluate": "Vertinti pakartotinai", + "showAuthData": "Rodyti autorizacijos duomenis", + "unanimous": "Vienbalsė", + "affirmative": "Pozityvi", + "consensus": "Daugumos", + "authScopes": "Autorizacijos taikymo sritys", + "anyResource": "Bet kuris resursas", + "anyScope": "Bet kuri taikymo sritis", + "selectScope": "Parinkite taikymo sritį", + "applyToResourceType": "Pritaikyti resurso tipui", + "contextualInfo": "Kontekstinė informacija", + "contextualAttributes": "Kontekstiniai atributai", + "kc": { + "realm": { + "name": "Sritis" + } + }, + "policyEnforcementMode": "Taisyklių vykdymo rėžimas", + "policyEnforcementModes": { + "ENFORCING": "Taikyti", + "PERMISSIVE": "Liberalus" + }, + "decisionStrategy": "Sprendimo strategija", + "iconUri": "Ikonos URI", + "allowRemoteResourceManagement": "Nuotolinis resursų valdymas", + "resources": "Resursai", + "resource": "Resursas", + "scope": "Taikymo sritis", + "owner": "Savininkas", + "scopes": "Taikymo sritys", + "policies": "Taisyklės", + "createPermission": "Sukurti leidimą", + "identityInformation": "Tapatybės informacija", + "resourceType": "Resurso tipas", + "createPolicy": "Sukurti taisyklę", + "applyPolicy": "Pritaikyti taisyklę", + "month": "Mėnesis", + "hour": "Valanda", + "minute": "Minutė", + "code": "Programinis kodas", + "logic": "Logika", + "logicType": { + "positive": "Teigiama", + "negative": "Neigiama" + }, + "user": "Naudotojas", + "clientList": "Klientai", + "initialAccessToken": "Pradinis prieigos raktas", + "created": "Sukurta", + "lastUpdated": "Pask. kartą atnaujinta", + "expires": "Galioja iki", + "count": "Kiekis", + "remainingCount": "Likęs kiekis", + "expiration": "Galiojimas", + "clientAuthentication": "Klientų autentifikacijos seka", + "frontchannelLogout": "Išregistravimas per naršyklę", + "rootUrl": "Šakninis URL", + "validRedirectUri": "Leidžiamos nukreipimo nuorodos", + "idpInitiatedSsoRelayState": "IDP inicijuotos SSO būsenos perdavimas", + "masterSamlProcessingUrl": "Šakninis SAML apdorojimo URL", + "nameIdFormat": "NameID formatas", + "forceNameIdFormat": "Priverstinai naudoti NameID formatą", + "forcePostBinding": "Priverstinai naudoti POST sąryšį", + "includeAuthnStatement": "Įtraukti AuthnStatement", + "optimizeLookup": "Optimizuoti REDIRECT pasirašymo rakto paiešką", + "signDocuments": "Pasirašyti dokumentus", + "signAssertions": "Pasirašyti sprendinius", + "canonicalization": "Standartizavimo metodas", + "loginTheme": "Prisijungimo lango tema", + "clientAuthenticator": "Kliento autentifikavimo priemonės", + "clientSecret": "Kliento slaptas kodas", + "registrationAccessToken": "Registracijos prieigos raktas", + "revocation": "Atšaukimai", + "clustering": "Klasteriai", + "notBefore": "Ne anksčiau", + "setToNow": "Parinkti dabartinę datą", + "addNode": "Pridėti mazgą", + "push": "Informuoti apie atšaukimą", + "nodeReRegistrationTimeout": "Mazgo persiregistravimui skirtas laikas", + "registeredClusterNodes": "Registruoti klasterio mazgus", + "nodeHost": "Mazgo serveris", + "lastRegistration": "Vėliausia registracija", + "testClusterAvailability": "Tikrinti ar mazgas prieinamas", + "registerNodeManually": "Registruoti mazgą rankiniu būdu", + "fineGrainOpenIdConnectConfiguration": "Detalioji OpenID prisijungimo konfigūracija", + "fineGrainSamlEndpointConfig": "Detalioji SAML prieigos taškų konfigūracija", + "userInfoSignedResponseAlgorithm": "Naudotojo informacijos pasirašyto atsako algoritmas", + "requestObjectSignatureAlgorithm": "Užklausos objekto parašo algoritmas", + "assertionConsumerServicePostBindingURL": "Sprendinių naudotojo paslaugos POST jungties URL", + "assertionConsumerServiceRedirectBindingURL": "Sprendinių priėmimo paslaugos nukreipimo jungties URL", + "logoutServiceRedirectBindingURL": "Atsijungimo paslaugos nukreipimo jungties URL", + "accessTokenLifespan": "Prisijungimo rakto galiojimo laikas", + "browserFlow": "Autentifikacijos seka", + "directGrant": "Tiesioginių teisių seka", + "useJwksUrl": "Naudoti JWKS URL", + "certificate": "Sertifikatas", + "jwksUrl": "JWKS URL", + "generateNewKeys": "Generuoti naujus raktus", + "archiveFormat": "Archyvo formatas", + "keyAlias": "Rakto pseudonimas", + "keyPassword": "Rakto slaptažodis", + "storePassword": "Saugyklos slaptažodis", + "importFile": "Importuoti rinkmeną", + "clientType": "'OpenID connect' leidžia klientams tikrinti galutinio naudotojo tapatybę remiantis autorizacijos serverio atlikta autentifikacija. 'SAML' įgalina žiniatinklio, įskaitant skirtingų domenų atvejus, vieningos autentifikacijos ir autorizacijos scenarijus perduodant informaciją saugiose žinutėse.", + "serviceAccount": "Įgalina klientą autentifikuotis su Keycloak serveriu ir gauti dedikuotą prieigos raktą skirtą šiam klientui. OAuth2 specifikacijos terminais, tai reiškia 'Client Credentials Grant' teisę šiam klientui.", + "authorization": "Įgalinti detalų kliento autorizacijos palaikymą", + "directAccess": "Įgalina tiesioginį prieigos suteikimą, kuomet klientas turi prieigą prie naudotojo vardo ir slaptažodžio ir prieigos raktų gavimui šiais duomenimis gali tiesiogiai apsikeisti su Keycloak serveriu. OAuth2 specifikacijos terminais, šiam klientui įgalinimas 'Resource Owner Password Credentials Grant'.", + "standardFlow": "Įgalina standartinį OpenID Connect nukreipimą, kuomet autentifikacijos metu yra perduodamas autorizacijos kodas. OpenID Connect arba OAuth2 specifikacijos terminais tai reiškia 'Authorization Code Flow' įgalinimą šiam klientui.", + "implicitFlow": "Įgalina OpenID Connect nukreipimą, kuomet autentifikacijos metu nėra perduodamas autorizacijos kodas. OpenID Connect arba OAuth2 specifikacijos terminais tai reiškia 'Implicit Flow' įgalinimą šiam klientui.", + "rootURL": "Prie reliatyvių nuorodų pridedamas šakninis URL", + "validRedirectURIs": "Nukreipimo URI šablonas, kuomet naršyklei leidžiama nukreipti naudotoją po sėkmingos autentifikacijos ar atsijungimo metu. Leidžiami pakaitos simboliai, pvz. 'http://pavyzdys.lt/*'. Leidžiami reliatyvūs keliai pvz. /mano/reliatyvus/kelias/*. Reliatyvumas skaičiuojamas nuo kliento šakninio URL (jei nurodyta) arba nuo autentifikacijos serverio šakninio adreso. SAML atveju, kuomet tikimasi gavėjo paslaugos URL įtraukimo į prisijungimo užklausą, privaloma nurodyti teisingus URI šablonus.", + "nameIdFormatHelp": "Koks tapatybės identifikatoriaus formatas turi būti naudojamas.", + "forceNameIdFormatHelp": "Ignoruoti NameID tapatybės identifikatoriaus formatą, naudojant administratoriaus konsolėje nurodytą formatą.", + "forcePostBindingHelp": "Visuomet naudoti POST sąryšį siunčiant atsakymus.", + "includeAuthnStatementHelp": "Ar prisijungimo būdas ir laikas šurėtų būti įtraukiami į prisijungimo operacijos atsakymą?", + "optimizeLookupHelp": "Ar privalo būti itrauktas pasirašymo rakto ID į SAML protokolo žinutės elementą kuomet pasirašomi Keycloak REDIRECT SP sąsajos dokumentai? Tokiu būdu tikrinančioji pusė optimizuoja tikrinimo proceą naudodama tik vieną raktą vietoj to, kad bandytų visų raktų kombinacijas.", + "signDocumentsHelp": "Ar SAML dokumentai turi būtį pasirašomi šios srities?", + "signAssertionsHelp": "Ar SAML sprendiniai SAML dokumentuose turi būti pasirašomi? Šis nustatymas nebūtinas, kuomet naudojamas viso dokumento pasirašymas.", + "signatureAlgorithm": "Parašo algoritmas naudojamas dokumentų pasirašymui.", + "canonicalizationHelp": "XML parašo metodas.", + "webOriginsHelp": "Leidžiamos CORS nuorodos. Norėdami leisti nukreipimą į teisingas nuorodas, naudokite '+'. Norėdami leisti visas nuorodas, naudokite '*'.", + "homeURL": "Numatytas URL, kuris turi būti naudojamas naudotojo nukreipimui atgal į klientą.", + "adminURLHelp": "Kliento administravimo tinklinės sąsajos URL. Įrašyti tuomet, kai klientas palaiko adapterio REST API. Šis REST API leidžia autentifikacijos serveriui perduoti atšaukimo ir kitas su administravimu susijusias taisykles. Dažniausiai šis URL sutampa su kliento pagrindiniu URL.", + "clientHelp": "Nurodykite klientą, kuris atlieka autorizacijos užklausas. Nei nenurodyta, tuomet autorizacijos užklausa bus vertinama naudojant dabartinį klientą.", + "clientIdHelp": "Kliento identifikatorius užregistruotas tapatybės teikėjo sistemoje.", + "selectUser": "Nurodykite naudotoją, kurio vardu atliekamas teisių serveryje filtravimas.", + "rolesHelp": "Nurodykite pasirinkto naudotojo roles.", + "contextualAttributesHelp": "Galite pateikti vykdymo aplinkos arba vykdymo konteksto atributus.", + "applyToResourceTypeHelp": "Nurodykite ar šis leidimas turi būti pritaikomas visiems šio tipo resursams. Jei įgalinta, tuomet leidimo tikrinimas bus atliekamas visiems nurodyto tipo resursams.", + "resourcesHelp": "Nurodykite, kad šis leidimas turi būti taikomas tik tam tikriems resursams.", + "scopesSelect": "Nurodo, kad šis leidimas turi būti pritaikytas vienai ar daugiau taikymo sričių.", + "clientNameHelp": "Reikšmė, kuri rodoma naudotojams. Pavyzdžiui 'My Client'. Galimos lokalizuotos reikšmės - pavyzdžiui: ${my_client}", + "descriptionHelp": "Kliento šablono aprašymas", + "loginThemeHelp": "Pasirinkite kaip atrodys Jūsų prisijungimo, OTP, teisių suteikimo, naudotojų registracijos ir slaptažodžių priminimo langai.", + "encryptAssertionsHelp": "Ar SAML sprendiniai turi būti užkoduojami kliento viešuoju raktu naudojant AES?", + "clientSignatureHelp": "Ar kliento siunčiamos SAML užklausos ir atsakymai bus pasirašyti? Jei taip, tuomet ar juos privaloma tikrinti?", + "expirationHelp": "Nustato įvykių galiojimo laiką. Nebegaliojantys įvykiai periodiškai ištrinami iš duomenų bazės.", + "countHelp": "Nurodykite kiek klientų gali būti sukurti naudojant prieigos raktą", + "client-authenticator-type": "Kliento autentifikavimo priemonės naudojamos kliento autentifikavimuisi į Keycloak serverį", + "registration-access-token": "Registracijos prieigos raktas klientams suteikia prieigą prie klientų registracijos paslaugos ", + "nodeReRegistrationTimeoutHelp": "Nurodykite maksimalų laiko intervalą, per kurį mazgai privalo iš naujo prisiregistruoti. Jei mazgas neatsiųs persiregistravimo užklausos per nurodytą laiką, tuomet šis mazgas bus išregistruojamas iš Keycloak ", + "userInfoSignedResponseAlgorithmHelp": "JWA algoritmas naudojamas pasirašyti naudotojo informacijos prieigos taško atsaką. Jei nustatyta 'unsigned', tuomet naudotojo informacijos atsakas nebus pasirašytas ir bus grąžintas application/json formatu.", + "requestObjectSignatureAlgorithmHelp": "JWA algoritmas, kurį klientas naudoja siunčiant OIDC užklausos objektą, nusakytą 'request' arba 'request_uri' parameterais. Jei nustatyta 'any', tuomet užklausos objektas gali būti nepasirašytas arba pasirašytas bet kuriuo algoritmu.", + "idpInitiatedSsoUrlName": "Pavadinimas, kuris IDP inicijuoto SSO prisijungimo metu, perduodamas klientui per URL fragmentą. Palikus tuščią reikšmę IDP inicjuojamą SSO prisijungimo funkcionalumas išjungiamas. Šis fragmentas buv naudojamas formuojant šią nuorodą: {server-root}/realms/{realm}/protocol/saml/clients/{client-url-name}", + "idpInitiatedSsoRelayStateHelp": "SSO būsenos parametro (RelayState) perdavimas kartu su IDP inicijuota SSO SAML užklausa.", + "masterSamlProcessingUrlHelp": "Kuomet sukonfigūruotas, šis URL bus naudojamas visoms, 'SP Assertion Consumer' ir 'Single Logout Services' užklausoms. Detalioje SAML prieigos adresų konfigūravimo skyriuje šios reikšmės gali būti atskirai pakeistos.", + "accessTokenLifespanHelp": "Laikas, po kurio prisijungimui naudojamas raktas (Access Token) nustoja galioti. Rekomenduojama, kad šios reikšmės galiojimas būtų reliatyviai trumpas palyginus su SSO galiojimo laiku.", + "assertionConsumerServicePostBindingURLHelp": "Kliento sprendinių priėmimo paslaugos (prisijungimo rezultatų) SAML POST jungties URL. Jei tokių jungčių neturite, tuomet palikite tuščias reikšmes.", + "assertionConsumerServiceRedirectBindingURLHelp": "Kliento sprendinio priėmimo paslaugos SAML nukreipimo jungties URL (prisijungimo atsakymams). Jei tokių jungčių neturite, tuomet palikite tuščias reikšmes.", + "logoutServiceRedirectBindingURLHelp": "Kliento vieningo atsijungimo paslaugos SAML nukreipimo jungties. Jei naudojate kitas jungtis, tuomet šias reikšmes galite palikti neužpildytas.", + "frontchannelLogoutHelp": "Jei įgalinta, tuomet atsijungimas atliekamas naršyklės nukreipimu į kliento puslapį. Kitu atveju, atsijungimas atliekamas perduodant serveris-serveris užklausą.", + "browserFlowHelp": "Pasirinkite autentifikacijos naršyklėje seką", + "directGrantHelp": "Pasirinkite tiesioginių teisių seką (direct grant authentication).", + "certificateHelp": "Kliento sertifikatas naudojamas kliento išduotų ir privačiu raktu pasirašytų JWT prieigos raktų tikrinimui.", + "jwksUrlHelp": "URL, kuriuo pasiekiami kliento JWK formatu saugomi raktai. Žiūrėkite JWK specifikaciją detalesnei informacijai. Jei naudojamas kliento adapteris su \"jwt\" kredencialais, tuomet galite naudoti jūsų programos URL su '/k_jwks' sufiksu. Pavyzdžiui 'http://www.myhost.com/myapp/k_jwks' .", + "archiveFormatHelp": "Java raktų saugykla (keystore) arba PKCS12 formato rinkmena.", + "keyAliasHelp": "Privataus rakto ir sertifikato rinkmenos pseudonimas.", + "keyPasswordHelp": "Slaptažodžių saugykloje esančio privataus rakto slaptažodis", + "storePasswordHelp": "Slaptažodis, reikalingas norint atidaryti slaptažodžių saugyklą", + "consentRequired": "Jei įgalinta, tuomet naudotojai privalo patvirtinti, kad pageidauja prisijungti prie kliento (programos).", + "import": "Importuoti šio resursų serverio autorizacijos nustatymų JSON rinkmeną.", + "policyEnforcementModeHelp": "Taisyklių vykdymo rėžimas nusako kaip turi būti tenkinamos autorizacijos užklausų taisyklės. 'Taikyti' reiškia, kad tuo atveju kai nėra sukonfigūruota nei viena su resursu susijusi taisyklė, prieiga draudžiama. 'Liberalus' reiškia, kad tuo atveju kai nėra sukonfigūruota nei viena su resursu susijusi taisyklė, prieiga leidžiama. 'Išjungta' reiškia, kad neatliekamas taisyklių tikrinimas ir prieiga leidžiama prie visų resursų.", + "allowRemoteResourceManagementHelp": "Ar leidžiama nuotoliniu būdu resursų serveriui valdyti resursus? Jei neįgalinta, tuomet resursai gali būti valdomi tik per šią administravimo konsolę.", + "resourceName": "Unikalus resurso vardas. Vardas turi unikaliai identifikuoti resursą. Naudingas, kuomet ieškoma specifinių resursų.", + "typeHelp": "Šio resurso tipas. Reikšmė leidžia sugrupuoti skirtingus resursus turinčius tą patį tipą.", + "uris": "URI kuris taip pat gali būti naudojamas vienareikšmiškam resurso identifikavimui.", + "scopesHelp": "Taikymos sritys, kurios siunčiamos autorizavimo užklausoje. Reikšmės turi būti atskirtos tarpo simboliu. Numatyta reikšmė - 'openid'.", + "fullScopeAllowedHelp": "Įgalinimo atveju visi apribojimai išjungiami", + "resetActions": "Atkurti veiksmus", + "scopeName": "Unikalus taikymo srities pavadinimas. Šis pavadinimas gali vienareikšmiškai identifikuoti taikymo sritį. Naudingas kuomet ieškoma šios tam tikros srities. ", + "policy-name": "Šios taisyklės pavadinimas.", + "policy-description": "Šios taisyklės aprašymas.", + "policyDecisionStagey": "Sprendimo strategija nurodo kaip priimamas galutinis sprendimas, kuomet yra vykdomos visos šio leidimo taisyklės. 'Pozityvi' reiškia, kad galutiniam teigiamam sprendimui turi būti tenkinama bent viena taisyklė. 'Vienbalsė' reiškia, kad galutiniam teigiamam sprendimui visos taisyklės turi būti teigiamos. 'Daugumos' reiškia, kad galutinis teigiamas sprendimas bus priimtas tuomet, kai teigiamų taisyklių bus daugiau nei neigiamų. Jei teigiamų ir neigiamų taisyklių skaičius yra vienodas, tuomet galutinis rezultatas bus neigiamas.", + "applyPolicyHelp": "Nurodo visas taisykles, kurios turi būti įvertintos šios taisyklės ar leidimo taikymo sričiai.", + "policyGroups": "Nurodo kurie naudotojai tenkina šią taisyklę.", + "policyRoles": "Nurodo *kliento* rolė(įs) kurios tenkina šią taisyklę.", + "startTime": "Nurodykite laiką iki kurio ši taisyklė NETENKINAMA. Teigiamas rezultatas duodamas tik tuo atveju, kuomet dabartinė data ir laikas yra vėlesnė arba lygi šiai reikšmei.", + "expireTime": "Nurodykite laiką po kurio ši taisyklė NETENKINAMA. Teigiamas rezultatas duodamas tik tuo atveju, kuomet dabartinė data ir laikas yra ankstesni arba lygi šiai reikšmei.", + "monthHelp": "Nurodykite mėnesį iki kurio ši taisyklė TENKINAMA. Užpildžius antrąjį laukelį, taisyklė bus TENKINAMA jei mėnesis patenka į nurodytą intervalą. Reikšmės nurodomos imtinai.", + "dayMonth": "Nurodykite mėnesio dieną iki kurios ši taisyklė TENKINAMA. Užpildžius antrąjį laukelį, taisyklė bus TENKINAMA jei diena patenka į nurodytą intervalą. Reikšmės nurodomos imtinai.", + "hourHelp": "Nurodykite valandą iki kurios ši taisyklė TENKINAMA. Užpildžius antrąjį laukelį, taisyklė bus TENKINAMA jei valanda patenka į nurodytą intervalą. Reikšmės nurodomos imtinai.", + "minuteHelp": "Nurodykite minutę iki kurios ši taisyklė TENKINAMA. Užpildžius antrąjį laukelį, taisyklė bus TENKINAMA jei minutė patenka į nurodytą intervalą. Reikšmės nurodomos imtinai.", + "policyCode": "JavaScript kodas kuriame aprašytos šios taisyklės sąlygos.", + "logicHelp": "Logika nurodo kaip turi būti tenkinama taisyklė. Jei nurodyta 'Teigiama', tuomet šios taisyklės vykdymo metu gautas rezultatas (leisti arba drausti) bus naudojamas sprendinio priėmimui. Jei nurodyta 'Neigiama', tuomet šios taisyklės vykdymo rezultatas bus paneigtas, t.y. leidžiama taps draudžiama ir atvirkščiai.", + "permissionName": "Šio leidimo pavadinimas.", + "permissionDescription": "Šio leidimo aprašymas.", + "permissionType": "Nurodykite, kad ši taisyklė turi būti taikoma visiems šio tipo resursams.", + "realmRolePrefix": "Srities rolės prefiksas", + "name": "Kliento šablono pavadinimas. Privalo būti unikalus šioje srityje", + "protocolHelp": "Kurio SSO protokolo konfigūracija teikia šis šablonas", + "prefix": "Prefiksas, pridedamas prieš kiekvieną srities rolę (neprivalomas)", + "multiValued": "Nurodo, kad atributas gali turėti daugiau nei vieną reikšmę. Jei pažymėtas, tuomet visos reikšmės nustatomos kaip privalomos. Kitu atveju privaloma tik pirmoji reikšmė.", + "tokenClaimName": { + "label": "Reikalaujamo rakto pavadinimas", + "tooltip": "Į raktą įterpiamas privalomas atributas. Galite nurodyte pilną kelią iki atributo, pavyzdžiui 'address.street'. Pateiktu atveju bus sukuriamas sudėtinis (nested) JSON objektas." + }, + "claimJsonType": "Naudojamas JSON lauko tipas, kuris turi būti užpildomas rakto privalomoje JSON informacijoje. Galimi tipai: long, int, boolean ir String.", + "protocolMapper": "Protokolas...", + "createGroup": "Sukurti grupę", + "members": "Nariai", + "email": "El. paštas", + "lastName": "Pavardė", + "firstName": "Vardas", + "associatedRolesText": "Priskirtos rolės", + "title": "Autentifikavimas", + "addRole": "Pridėti rolę", + "roleName": "Rolės pavadinimas", + "composite": "Sudėtinis", + "addUser": "Pridėti naudotoją", + "userName": "Naudotojo vardas", + "join": "Prijungti", + "groupMembership": "Narystė grupėse", + "createdAt": "Sukūrimo data", + "username": "Naudotojo vardas", + "emailVerified": "El. paštas patvirtintas", + "status": "Būsena", + "requiredUserActions": "Privalomi veiksmai naudotojui", + "impersonate": "Įkūnyti", + "verifyEmail": "El. pašto patvirtinimas", + "consents": "Sutikimai", + "identityProvider": "Tapatybės teikėjas", + "identityProviderLinks": "Sąsajos su tapatybės teikėjais", + "revoke": "Atšaukti", + "credentialType": "Tipas", + "resetPassword": "Pakeisti slaptažodį", + "showPasswordDataValue": "Reikšmė", + "credentialResetBtn": "Prisijungimo duomenų atkūrimas", + "hours": "Valandos", + "minutes": "Minutės", + "seconds": "Sekundės", + "credentialResetConfirm": "Siųsti el. pašto laišką", + "temporaryLocked": "Naudotojas laikintai užrakintas, nes per daug klydo prisijungiant prie sistemos.", + "emailVerifiedHelp": "Ar naudotojo el. pašto adresas yra patvirtintas?", + "requiredUserActionsHelp": "Nurodykite kuriuos veiksmus po prisijungimo naudotojas privalo atlikti. 'Patvirtinti el. pašto adresą' į naudotojo el. pašto adresą siunčia patvirtinimo nuorodą. 'Atnaujinti profilio informaciją' reikalauja naudotojo peržiūrėti ir atnaujinti profilio informaciją. 'Atnaujinti slaptažodį' reikalauja naudotojo pasikeisti slaptažodį. 'Konfigūruoti OTP' reikalauja atnaujinti mobilaus slaptažodžių generatoriaus konfigūraciją.", + "groups": "Visos grupės, kurių narys yra šis naudotojas. Pažymėkite grupę ir paspauskite 'Palikti' norėdami pašalinti naudotoją iš grupės.", + "lastAccess": "Vėliausios prieigos laikas", + "adminEvents": "Administravimo įvykiai", + "time": "Laikas", + "eventType": "Įvykio tipas", + "ipAddress": "IP adresas", + "realm": "Sritis", + "resourcePath": "Resurso kelias", + "resourceTypes": "Resurso tipas", + "operationType": "Veiksmo tipas", + "operationTypes": "Veiksmas", + "auth": "Autentifikacijos informacija", + "representation": "Reprezentacija", + "partialImport": "Dalinis duomenų importavimas", + "general": "Bendra informacija", + "login": "prisijungimas", + "themes": "Temos", + "eventListeners": "Įvykių gavėjai", + "eventListenersHelpText": "Nurodykite srities įvykių gavėjus.", + "adminEventsSettings": "Administravimo veiksmų nustatymai", + "saveEvents": "Saugoti įvykius", + "clearAdminEvents": "Išvalyti administravimo įvykius", + "includeRepresentation": "Išsaugoti reprezentaciją", + "from": "Nuo", + "host": "Serveris", + "port": "Prievadas", + "enableSSL": "Įgalinti SSL", + "enableStartTLS": "Įgalinti StartTLS", + "keystore": "Raktų saugykla", + "providers": "Teikėjai", + "uiDisplayName": "Konsolėje rodomas pavadinimas", + "active": "Aktyvus", + "providerId": "ID", + "kid": "KID", + "provider": "Teikėjas", + "userRegistration": "Naudotojų registracija", + "userRegistrationHelpText": "Įgalina naudotojų registravimosi sąsają. Prisijungimo lange rodoma nuoroda į registravimosi puslapį.", + "rememberMe": "Prisiminti mane", + "rememberMeHelpText": "Prisijungimo lange rodyti pasirinkimą leidžiantį naudotojui likti prisijungus netgi tuomet, kai naršyklė yra išjungiama/įjungiama tol, kol nepasibaigia prisijungimo sesija.", + "registrationEmailAsUsername": "El. paštas kaip naudojo vardas", + "editUsername": "Naudotojo vardo redagavimas", + "htmlDisplayName": "Rodomas pavadinimas HTML formatu", + "requireSsl": "Reikalauti SSL", + "sslType": { + "all": "visoms užklausoms", + "external": "išorinėms užklausoms", + "none": "jokio" + }, + "endpoints": "Prieigos adresai", + "accountTheme": "Naudotojo profilio tema", + "adminTheme": "Administravimo konsolės tema", + "emailTheme": "El. pašto tema", + "SSOSessionIdle": "SSO sesijos neveikimo laikas", + "SSOSessionMax": "SSO sesijos maksimalus laikas", + "offlineSessionIdle": "Neprisijungusios sesijos neveikimo laikas", + "loginTimeout": "Naudotojo prisijungimui skirtas laikas", + "loginActionTimeout": "Naudotojo prisijungimo veiksmui skirtas laikas", + "revokeRefreshToken": "Prieigos raktą naudoti tik kartą", + "accessTokenLifespanImplicitFlow": "Prisijungimo rakto galiojimo laikas (Implicit Flow)", + "clientLoginTimeout": "Kliento prisijungimui skirtas laikas", + "clientProfileDescription": "Aprašymas", + "tokens": "Raktai", + "supportedLocales": "Palaikomos kalbos", + "defaultLocale": "Numatyta kalba", + "validatorDialogColNames": { + "colName": "Rolės pavadinimas" + }, + "validatorColNames": { + "colConfig": "Konfigūruoti" + }, + "eventTypes": { + "IMPERSONATE": { + "name": "Įkūnyti" + }, + "LOGOUT": { + "name": "Seanso pabaiga" + }, + "REGISTER": { + "name": "Registracijos" + }, + "RESET_PASSWORD": { + "name": "Pakeisti slaptažodį" + } + }, + "deleteEvents": "Išvalyti įvykius", + "defaultRoles": "Numatytosios rolės", + "defaultGroups": "Numatytos grupės", + "securityDefences": "Saugos priemonės", + "headers": "Antraštės", + "bruteForceDetection": "Grubios jėgos ataka", + "xFrameOptions": "X-Frame-Options", + "contentSecurityPolicy": "Content-Security-Policy", + "xContentTypeOptions": "X-Content-Type-Options", + "failureFactor": "Maksimalus bandymų prisijungimų skaičius", + "waitIncrementSeconds": "Laukimo laiko didinimas po", + "maxFailureWaitSeconds": "Maksimalus užrakinimo laikas", + "maxDeltaTimeSeconds": "Pamiršti nepavykusius prisijungimus po", + "minimumQuickLoginWaitSeconds": "Per greito bandymo prisijungti užrakinimo laikas", + "requireSslHelp": "Ar HTTPS privalomas? 'niekada' - HTTPS nereikalaujamas. 'išorinėms užklausoms' - jungiantis iš localhost ar serverio IP adresų galima prieiti ir per HTTP. 'visoms užklausoms' - HTTPS reikalaujamas jungiantis iš visų IP adresų.", + "accountThemeHelp": "Pasirinkite kaip atrodys naudotojo profilio valdymo langai.", + "adminThemeHelp": "Pasirinkite kaip atrodys administravimo konsolės langai.", + "emailThemeHelp": "Pasirinkite kaip atrodys siunčiami el. pašto laiškai.", + "save-user-events": "Jei įgalinta, tuomet su prisijungimu susiję veiksmai saugomi duomenų bazėje ir tampa prieinami per administravimo bei naudotojo paskyros valdymo skydus. ", + "save-admin-events": "Jei įgalinta, tuomet administravimo veiksmai saugomi duomenų bazėje ir tampa prieinami per administravimo valdymo skydą.", + "admin-clearEvents": "Ištrina visus su administravimu susijusius veiksmus iš duomenų bazės.", + "includeRepresentationHelp": "Išsaugoti kurūmo ir redagavimo užklausų JSON reprezentaciją.", + "failureFactorHelp": "Pasiekus maksimalų nesėkmingų bandymų prisijungti skaičių įjungiamas specialus rėžimas, kuomet laukimo intervalas yra didinamas po kiekvieno sekančio neteisingo bandymo.", + "waitIncrementSecondsHelp": "Laikas, kurį naudotojo prisijungimai yra draudžiami, kai nėsėkmingų bandymų skaičius pasiekia nustatytą ribą", + "maxFailureWaitSecondsHelp": "Maksimalus laikas, kuomet naudotojo paskyra yra užrakinama po nesėkmingų bandymų prisijungti.", + "maxDeltaTimeSecondsHelp": "Laikas, po kurio nepavykę prisijungimai bus pamiršti", + "quickLoginCheckMilliSeconds": "Jei nėsėkmingi bandymai prisijungti seka vienas kitą per greitai, tuomet naudotojo paskyra yra užrakinama.", + "minimumQuickLoginWaitSecondsHelp": "Laikas, kurį naudotojo prisijungimai yra draudžiami, kai nėsėkmingi bandymai prisijungti seka vienas kitą per greitai.", + "ssoSessionIdle": "Laikas, po kurio neaktyvi sesija bus užbaigta. Sesijos pasibaigimo metu visi raktai (Tokens) ir naršyklių sesijos sunaikinamos.", + "ssoSessionMax": "Laikas, po kurio prisijungimo sesija yra sunaikinama. Sesijos pasibaigimo metu visi raktai (Tokens) ir naršyklių sesijos sunaikinamos.", + "offlineSessionIdleHelp": "Darbo neprisijungus sesijos neveikimo laikas, po kurio neaktyvi sesija bus užbaigta. Darbo neprisijungus metu, prisijungimo raktai turi būti atnaujinami bent kartą per nurodytą periodą. Kitu atveju sesijos galiojmas bus sustabdytas.", + "revokeRefreshTokenHelp": "Jei įgalintas, tuomet atnaujinimo raktai (Refresh Token) gali būti naudojami tik vieną kartą. Kitu atveju - atnaujinimo raktai gali būti pernaudojami daugelį kartų. ", + "clientLoginTimeoutHelp": "Laikas, per kurį klientas turi užbaigti prisijungimo procesą. Normaliu atveju reikšmė turėtų būti 1 minutė.", + "editUsernameHelp": "Jei įgalintas, tuomet naudotojas gali keisti savo naudotojo vardą.", + "flows": "Sekos", + "requiredActions": "Privalomi veiksmai", + "passwordPolicy": "Slaptažodžių taisyklės", + "otpPolicy": "OTP taisyklės", + "otpType": "OTP tipas", + "policyType": { + "totp": "Paremtas laiku", + "hotp": "Paremtas skaitliuku" + }, + "otpHashAlgorithm": "OTP maišos algoritmas", + "otpPolicyDigits": "Skaitmenų skaičius", + "otpPolicyPeriod": "OTP rakto galiojimo intervalas", + "initialCounter": "Pradinė skaitliuko reikšmė", + "attestationPreference": { + "none": "jokio" + }, + "flow": { + "browser": "Autentifikacijos seka", + "registration": "Registracijos seka", + "direct grant": "Tiesioginių teisių seka" + }, + "flowType": "Sekos tipas", + "flow-type": { + "form-flow": "form" + }, + "addExecution": "Pridėti išimtį", + "requirement": "Privalomumas", + "alias": "Pseudonimas", + "flowTypeHelp": "Kokios rūšies ši forma?", + "topLevelFlowType": "Kokio tipo ši aukščiausio lygio sritis? 'client' tipas naudojamas klientų (programų) autentifikacijai. 'generic' naudojamas visais kitais atvejais.", + "aliasHelp": "Pseudonimas, kuris vienareikšmiškai identifikuoja tapatybės teikėją ir yra naudojamas konstruojant nukreipimo nuorodą.", + "otpTypeHelp": "'totp' paremtas ribotą laiką galiojančiu vienkartiniu slaptažodžiu. 'hotp' - ribotą kartų galiojančiu vienkartiniu slaptažodžiu.", + "otpHashAlgorithmHelp": "Kuris maišos algoritmas turi būti naudojamas OTP generavimui.", + "otpPolicyDigitsHelp": "Kiek OTP turėtų turėti skaitmenų?", + "otpPolicyPeriodHelp": "Kiek sekundžiu galios OTP prieigos raktas? Numatyta reikšmė 30 sekundžių.", + "vendor": "Gamintojas", + "connectionURL": "Jungties URL", + "enableStartTls": "Įgalinti StartTLS", + "useTruststoreSpi": "Naudoti raktų saugyklos SPI", + "connectionPooling": "Jungčių buferizavimas", + "bindType": "Autentifikacijos tipas", + "bindDn": "Prisijungimo DN", + "editMode": "Pakeitimų rėžimas", + "usersDN": "Naudotojų DN", + "usernameLdapAttribute": "Prisijungimo vardo LDAP atributas", + "rdnLdapAttribute": "RDN LDAP atributas", + "uuidLdapAttribute": "UUID LDAP atributas", + "userObjectClasses": "Naudotojų objektų klasės", + "searchScope": "Paieškos apimtis", + "pagination": "Puslapiavimas", + "batchSize": "Paketo dydis", + "periodicFullSync": "Pilnas periodinis sinchronizavimas", + "fullSyncPeriod": "Pilno sinchronizavimo intervalas", + "periodicChangedUsersSync": "Periodinis pakeitimų sinchronizavimas", + "changedUsersSyncPeriod": "Periodinis sinchronizavimo intervalas", + "kerberosIntegration": "Kerberos intergacija", + "allowKerberosAuthentication": "Leisti Kerberos autentifikaciją", + "useKerberosForPasswordAuthentication": "Naudoti Kerberos autentifikacijai su slaptažodžiu", + "trustEmail": "El. paštas patikimas", + "requiredSettings": "Privalomi nustatymai", + "kerberosRealm": "Kerberos sritis", + "serverPrincipal": "Pagrindinis serveris", + "debug": "Derinti", + "allowPasswordAuthentication": "Leisti autentifikaciją naudojant slaptažodį", + "testAuthentication": "Tikrinti autentifikaciją", + "ldapMappersList": "LDAP atitikmenų parinkėjai", + "ldapFilter": "LDAP filtras", + "selectRole": { + "label": "Parinkite rolę", + "tooltip": "Kairėje pusėje esančiame laukelyje įveskite rolės pavadinimą arba paspauskite Rinktis norėdami nurodyti pageidaujamą rolę." + }, + "vendorHelp": "LDAP gamintojas (teikėjas)", + "consoleDisplayConnectionUrlHelp": "Jungties į LDAP serverį URL", + "bindCredentialsHelp": "LDAP administratoriaus slaptažodis", + "editModeLdapHelp": "READ_ONLY reiškia, kad LDAP saugykla bus naudojama vien tik skaitymo rėžimu. WRITABLE reiškia, kad duomenys sinchronizuojami atgal į LDAP pagal poreikį. UNSYNCED reiškia, kad naudotojų duomenys bus importuoti, tačiau niekuomet nesinchronizuojami atgal į LDAP.", + "fullSyncPeriodHelp": "Laikas sekundėmis, kas kurį atliekamas pilnas naudotojų sinchronizavimas į Keycloak sistemą", + "changedUsersSyncHelp": "Intervalas sekundėmis, kas kurį atliekamas periodinis naujai registruotų arba su pakeistais duomenimis LDAP naudotojų sinchronizavimas į Keycloak", + "trustEmailHelp": "Jei įgalintas, tuomet šio tapatybės teikėjo pateiktas el. pašto adresas laikomas patikimu ir, nepaisant bendrųjų srities nustatymų, nėra papildomai tikrinamas.", + "debugHelp": "Ar įgalinti Krb5LoginModule veikimo pranešimų rašymą į standarinę išvestį derinimo rėžimu?", + "allowPasswordAuthenticationHelp": "Ar suteikti galimybę naudotojui prisijungti prie Kerberos naudojant naudotojo vardą ir slaptažodį?", + "updateFirstLoginHelp": "Pirmojo prisijungimo metu atnaujinti naudotojo profilio duomenis", + "addIdPMapper": "Pridėti tapatybės teikėjo atitikmens susiejimą", + "redirectURI": "Nukreipimo URI", + "ssoServiceUrl": "Vieningo prisijungimo paslaugos URL", + "singleLogoutServiceUrl": "Vieningo atsijungimo paslaugos URL", + "nameIdPolicyFormat": "NameID taisyklių formatas", + "unspecified": "nenurodyta", + "httpPostBindingResponse": "Siųsti atsakymus HTTP-POST", + "httpPostBindingAuthnRequest": "Siųsti AuthnRequest HTTP-POST ", + "wantAuthnRequestsSigned": "Reikalaujami pasirašytų AuthnRequests", + "forceAuthentication": "Priverstinė autentifikacija", + "validatingX509Certs": "X509 sertifikatai tikrinimui", + "authorizationUrl": "Autorizacijos URL", + "tokenUrl": "Prieigos raktų URL", + "logoutUrl": "Atsijungimo URL", + "backchannelLogout": "Foninis atjungimas", + "disableUserInfo": "Uždrausti naudotojo informacijos prieigą", + "userInfoUrl": "Naudotojo informacijos URL", + "issuer": "Išdavėjas", + "prompt": "Raginimas", + "prompts": { + "none": "jokio", + "consent": "sutikimo tekstas", + "login": "prisijungimas" + }, + "validateSignature": "Parašo tikrinimas", + "storeTokens": "Saugoti raktus", + "storedTokensReadable": "Saugoti raktus skaitomame formate", + "firstBrokerLoginFlowAlias": "Pirmojo prisijungimo eiga", + "postBrokerLoginFlowAlias": "Sekančių prisijungimų eiga", + "userAttribute": "Naudotojo atributas", + "redirectURIHelp": "Tapatybės teikėjo konfigūravimo nuoroda.", + "displayName": "Žmogui suprantamas, draugiškas tapatybės teikėjo pavadinimas.", + "clientSecretHelp": "Kliento saugos kodas užregistruotas tapatybės teikėjo sistemoje.", + "discoveryEndpoint": "Importuoti metaduomenis iš nutolusio IDP aptikimo aprašo (IDP discovery descriptor).", + "importConfig": "Importuoti metaduomenis iš rinkmenos, kurią atsisiuntėte iš IDP aptikimo aprašo (IDP discovery descriptor).", + "logoutUrlHelp": "Adresas, kuris turi būti naudojamas norint atjungti naudotoją nuo išorinio tapatybės teikėjo.", + "backchannelLogoutHelp": "Ar išorinis tapatybės teikėjas palaiko serveris-serveris naudotojo atjungimo būdą?", + "disableUserInfoHelp": "Ar uždrausti prieigą prie papildomos naudotojo profilio informacijos per User Info paslaugą? Numatyta reikšmė - naudoti šią OIDC paslaugą.", + "userInfoUrlHelp": "Naudotojo informacijos URL. Neprivalomas.", + "issuerHelp": "Išdavėjo identifikatorius perduodamas išdavėjo atsakyme. Tikrinimas nebus atliekamas jei reikšmė tuščia.", + "validateSignatureHelp": "Įgalinamas išorinių IDP parašų tikrinimas.", + "useJwksUrlHelp": "Jei įgalinta, tuomet tapatybės teikėjo viešasis raktas atsiunčiamas iš pateiktos JWKS URL. Įgalinimas suteikia lankstumo, nes tapatybės teikėjui pergeneravus raktus jie automatiškai atsiunčiami. Jei ši nuostata išjungta, tuomet naudojamas Keycloak DB saugomas viešasis raktas (arba sertifikatas) ir klientui sugeneravus naujus raktus juos rankiniu būdu reikės importuoti į Keycloak DB.", + "storeTokensHelp": "Jei įgalinta, tuomet po naudotojų prisijungimo, prieigos raktai bus išsaugoti.", + "storedTokensReadableHelp": "Jei įgalinta, tuomet naudotojai gali peržiūrėti išsaugotus prieigos raktus. Įgalinama broker.read-token rolė.", + "firstBrokerLoginFlowAliasHelp": "Autentifikacijos eigos pseudonimas, kuris bus sužadintas šio tapatybės teikėjo naudotojui prisijungus pirmą kartą. Terminas 'pirmas kartas' reiškia, kad Keycloak sistemoje nebuvo saugomas naudotojo profilis susietas su autentifikuotu šio tapatybės teikėjo naudotoju.", + "useEntityDescriptor": "Importuoti metaduomenis iš nutolusio IDP SAML subjekto aprašo.", + "samlEntityDescriptor": "Leidžia įkelti konfigūracinę rinkmeną arba nurodyti atsisiuntimo URL su išorinio IDP metaduomenimis.", + "ssoServiceUrlHelp": "Adresas, kuriuo turi būti siunčiamos autentifikacijos užklausos (SAML AuthnRequest).", + "singleLogoutServiceUrlHelp": "Adresas, kuriuo turi būti siunčiamos naudotojo atjungimo užklausos.", + "httpPostBindingAuthnRequestHelp": "Jei įgalinta, tuomet AuthnRequest siunčiami HTTP-POST saistymu. Kitu atveju bus naudojamas HTTP-REDIRECT.", + "wantAuthnRequestsSignedHelp": "Nurodykite, ar tapatybės teikėjas tikisi pasirašytų AuthnRequest užklausų.", + "forceAuthenticationHelp": "Jei įgalinta, tuomet tapatybės teikėjas privalo autentifikuoti naudotoją iš naujo nepasitikint ankstesniu prisijungimu.", + "validateSignatures": "Įjungti/išjungti SAML atsakymų parašo tikrinimą.", + "validatingX509CertsHelp": "PEM formato sertifikatai, kurie turi būti naudojami parašų tikrinimui. Reikšmės skiriamos kableliais (,).", + "addIdpMapperName": "Atitikmens susiejimo vardas.", + "selectARole": "Pasirinkti rolę", + "usermodel": { + "prop": { + "label": "Atributas", + "tooltip": "Sąsajos UserModel atributo metodo pavadinimas. Pavyzdžiui reikšmė 'email' atitinka UserMode.getEmail() metodą." + }, + "attr": { + "label": "Naudotojo atributas", + "tooltip": "Išsaugoto naudotojo atributo pavadinimas kuris naudojamas UserModel.attribute rinkinyje." + }, + "clientRoleMapping": { + "clientId": { + "label": "Kliento ID", + "tooltip": "Kliento ID naudojamas rolių atributų susiejime" + }, + "rolePrefix": { + "label": "Kliento rolės prefiksas", + "tooltip": "Prefiksas, pridedamas prieš kiekvieną kliento rolę (neprivalomas)" + } + }, + "realmRoleMapping": { + "rolePrefix": { + "label": "Srities rolės prefiksas", + "tooltip": "Prefiksas, pridedamas prieš kiekvieną srities rolę (neprivalomas)" + } + } + }, + "userSession": { + "modelNote": { + "label": "Naudotojo sesijos pastaba", + "tooltip": "Išsaugotos naudotojo sesijos pastaba, kuri saugoma UserSessionModel.note rinkinyje." + } + }, + "multivalued": { + "label": "Daugiareikšmis", + "tooltip": "Nurodo, kad atributas gali turėti daugiau nei vieną reikšmę. Jei pažymėtas, tuomet visos reikšmės nustatomos kaip privalomos. Kitu atveju privaloma tik pirmoji reikšmė." + }, + "jsonType": { + "label": "Privalomo atributo JSON tipas", + "tooltip": "Naudojamas JSON lauko tipas, kuris turi būti užpildomas rakto privalomoje JSON informacijoje. Galimi tipai: long, int, boolean ir String." + }, + "includeInIdToken": { + "label": "Pridėti prie ID rakto", + "tooltip": "Ar privaloma informacija turi būti pridedama prie ID rakto?" + }, + "includeInAccessToken": { + "label": "Pridėti prie prieigos rakto", + "tooltip": "Ar privaloma informacija turi būti pridedama prie prieigos rakto?" + }, + "includeInUserInfo": { + "label": "Pridėti prie naudotojo informacijos", + "tooltip": "Ar privaloma informacija turi būti pridedama prie naudotojo informacijos?" + }, + "sectorIdentifierUri": { + "label": "Sektoriaus identifikatoriaus URI", + "tooltip": "Paslaugų teikėjai, kurie naudoja porines subreikšmes ir palaiko dinaminę klientų registraciją (Dynamic Client Registration) turėtų naudoti sector_identifier_uri parametrą. Teikiamas funkcionalumas leidžia svetainių grupėms, valdomoms centralizuotos administravimo panelės, turėti pastovias porines subreikšmes nepriklausomas nuo domeno vardų. Tokiu būdu klientai gali keisti domenų redirect_uri neperregistruojant visų naudotojų." + }, + "pairwiseSubAlgorithmSalt": { + "label": "Druska", + "tooltip": "Druska naudojama porinio objekto identifikatoriaus skaičiavimo metu. Jei paliekama tuščia reikšmė, tuomet druskos reikšmė bus automatikšai sugeneruota." + }, + "name-id-format": "NameID formatas", + "titleAuthentication": "Autentifikavimas", + "titleEvents": "Įvykiai", + "titleRoles": "Srities rolės", + "titleUsers": "Naudotojai", + "titleSessions": "Sesijos" +} diff --git a/js/apps/admin-ui/public/locales/ca/common-help.json b/js/apps/admin-ui/public/locales/lv/translation.json similarity index 100% rename from js/apps/admin-ui/public/locales/ca/common-help.json rename to js/apps/admin-ui/public/locales/lv/translation.json diff --git a/js/apps/admin-ui/public/locales/ca/dashboard.json b/js/apps/admin-ui/public/locales/nl/translation.json similarity index 100% rename from js/apps/admin-ui/public/locales/ca/dashboard.json rename to js/apps/admin-ui/public/locales/nl/translation.json diff --git a/js/apps/admin-ui/public/locales/no/translation.json b/js/apps/admin-ui/public/locales/no/translation.json new file mode 100644 index 0000000000..5098bc3c54 --- /dev/null +++ b/js/apps/admin-ui/public/locales/no/translation.json @@ -0,0 +1,596 @@ +{ + "add": "Legg til", + "create": "Opprett", + "save": "Lagre", + "continue": "Fortsett", + "remove": "Fjern", + "key": "Nøkkel", + "value": "Verdi", + "back": "Tilbake", + "export": "Eksporter", + "action": "Handling", + "download": "Last ned", + "clear": "Tøm", + "on": "På", + "edit": "Rediger", + "enabled": "Aktivert", + "none": "Ingen", + "signOut": "Logg ut", + "manageAccount": "Administrer konto", + "serverInfo": "Serverinformasjon", + "testConnection": "Testkobling", + "description": "Beskrivelse", + "type": "Type", + "category": "Kategori", + "priority": "Prioritet", + "allTypes": "Alle typer", + "manage": "Håndter", + "clients": "Klienter", + "realmRoles": "Sikkerhetsdomeneroller", + "users": "Brukere", + "sessions": "Sesjoner", + "events": "Hendelser", + "mappers": "Mappere", + "permissions": "Tillatelser", + "configure": "Konfigurer", + "realmSettings": "Innstillinger for sikkerhetsdomene", + "authentication": "Autentisering", + "identityProviders": "Identitetsleverandør", + "userFederation": "Brukerfederering", + "settings": "Innstillinger", + "details": "Detaljer", + "times": { + "seconds": "Sekunder", + "minutes": "Minutter", + "hours": "Timer", + "days": "Dager" + }, + "attributes": "Attributter", + "credentials": "Innloggingsdetaljer", + "clientId": "Klient-ID", + "clientName": "Navn", + "id": "ID", + "mapperType": "Mappertype", + "leave": "Forlat", + "password": "Passord", + "passwordConfirmation": "Passord bekreftelse", + "temporaryPassword": "Midlertidig", + "temporaryPasswordHelpText": "Hvis aktivert, er brukeren påkrevd til å endre passordet ved neste innlogging", + "protocol": "Protokoll", + "copy": "Kopi", + "clientAuthorization": "Autorisasjon", + "importClient": "Importer klient", + "webOrigins": "Web origins", + "adminURL": "Admin URL", + "formatOption": "Formatalternativer", + "encryptAssertions": "Krypter assertions", + "clientSignature": "Klientens signatur er påkrevd", + "roles": "Roller", + "addClientScope": "Legg til klientmal", + "fullScopeAllowed": "Tillatt med fullt scope", + "selectAUser": "Velg en bruker", + "client": "klient", + "evaluate": "Evaluer", + "reevaluate": "Re-evaluering", + "showAuthData": "Vis autorisasjonsdata", + "unanimous": "Enstemmig", + "affirmative": "Bekreftende", + "consensus": "Konsensus", + "authScopes": "Autorisasjonsscopes", + "anyResource": "Enhver ressurs", + "anyScope": "Ethvert scope", + "selectScope": "Velg et scope", + "applyToResourceType": "Bruk på ressurstype", + "contextualInfo": "Kontekstuell informasjon", + "contextualAttributes": "Kontekstuelle attributter", + "kc": { + "realm": { + "name": "Sikkerhetsdomene" + } + }, + "policyEnforcementMode": "Modus for håndhevelse av policy", + "policyEnforcementModes": { + "ENFORCING": "Håndhevende", + "PERMISSIVE": "Ettergivende" + }, + "decisionStrategy": "Beslutningsstrategi", + "iconUri": "Ikon URI", + "allowRemoteResourceManagement": "Håndtering av ekstern ressurs", + "resources": "Ressurser", + "resource": "Ressurs", + "scope": "Scope", + "owner": "Eier", + "scopes": "Scope", + "policies": "Policier", + "createPermission": "Opprett tillatelse", + "identityInformation": "Identitetsinformasjon", + "resourceType": "Ressurstype", + "createPolicy": "Opprett policy", + "applyPolicy": "Anvend policy", + "code": "Kode", + "logic": "Logikk", + "logicType": { + "positive": "Positiv", + "negative": "Negativ" + }, + "user": "Bruker", + "clientList": "Klienter", + "initialAccessToken": "Første access token", + "created": "Opprettet", + "lastUpdated": "Sist oppdatert", + "expires": "Utløper", + "count": "Teller", + "remainingCount": "Resterende antall", + "expiration": "Holdbarhet", + "clientAuthentication": "Autentisering av klient", + "frontchannelLogout": "Front channel utlogging", + "rootUrl": "Root URL", + "validRedirectUri": "Gyldig redirect URIer", + "idpInitiatedSsoRelayState": "IDP initiert SSO relay state", + "masterSamlProcessingUrl": "Master SAML prosesserings URL", + "nameIdFormat": "Navn-ID format", + "forceNameIdFormat": "Force navn-ID format", + "forcePostBinding": "Force POST binding", + "includeAuthnStatement": "Inkluder AuthnStatement", + "signDocuments": "Signer dokumenter", + "signAssertions": "Signer assertions", + "canonicalization": "Kanoniseringsmetode", + "loginTheme": "Innloggingstema", + "clientAuthenticator": "Klientautentikator", + "clientSecret": "Klient secret", + "registrationAccessToken": "Access token for registrering", + "revocation": "Oppheving", + "clustering": "Clustering", + "notBefore": "Ikke før", + "setToNow": "Sett til nå", + "addNode": "Legg til node", + "push": "Send", + "nodeReRegistrationTimeout": "Timeout for re-registrering av node", + "registeredClusterNodes": "Registrerte clusternoder", + "nodeHost": "Nodevert", + "lastRegistration": "Siste registrering", + "testClusterAvailability": "Test cluster tilgjengelighet", + "registerNodeManually": "Register node manuelt", + "fineGrainSamlEndpointConfig": "Finkornet SAML endepunktskonfigurasjon", + "assertionConsumerServicePostBindingURL": "Assertion consumer service POST binding URL", + "assertionConsumerServiceRedirectBindingURL": "Assertion Consumer Service redirect binding URL", + "logoutServiceRedirectBindingURL": "Logout-tjeneste redirect binding URL", + "accessTokenLifespan": "Levetid for access token", + "browserFlow": "Nettleserflyt", + "directGrant": "Direct Grant Flyt", + "certificate": "Sertifikat", + "generateNewKeys": "Generer nye nøkler", + "archiveFormat": "Arkivformat", + "keyAlias": "Nøkkelalias", + "keyPassword": "Nøkkelpassord", + "storePassword": "Lagre passord", + "importFile": "Importer fil", + "clientType": "'OpenID connect' tillater klienter å verifisere identiteten til sluttbrukeren basert på autentisering utført av en autorisasjonsserver. 'SAML' aktiverer en web-basert autentisering og autoriseringsscenarier som inkluderer cross-domain single sign-on (SSO) og som bruker security tokens som inneholder assertions for å dele informasjon videre.", + "serviceAccount": "Lar deg autentisere denne klienten til Keycloak og hente access token dedikert til denne klienten. I følge OAuth2 spesifikasjonen, aktiverer dette støtte for 'Client Credentials Grant' for denne klienten.", + "authorization": "Aktiver/deaktiver finkornet autorisasjonssupport for en klient", + "directAccess": "Dette gir støtte for Direct Access Grants, som betyr at klienten har tilgang til brukerens brukernavn/passord og kan bytte dette direkte med Keycloak-serveren for access token. I følge OAuth2 spesifikasjonen, aktiverer dette støtte for 'Resource Owner Password Credentials Grant' for denne klienten.", + "standardFlow": "Dette aktiverer standard OpenID Connect redirect-basert autentisering med autorisasjonskode. I forhold til OpenID Connect eller OAuth2 spesifikasjoner aktiverer dette støtte for 'Authorization Code Flow' for denne klienten.", + "implicitFlow": "Dette aktiverer støtte for OpenID Connect redirect-basert autentisering uten autorisasjonskode. I forhold til OpenID Connect eller OAuth2 spesifikasjoner aktiverer dette støtte for 'Implicit Flow' for denne klienten.", + "rootURL": "Root URL lagt til relative URLer", + "validRedirectURIs": "Gyldig URI mønster som en nettleser kan redirecte til etter en vellykket innlogging eller utlogging. Enkle jokertegn er tillatt, for eksempel 'http://example.com/*'. Relativ sti kan også spesifiseres, for eksempel /my/relative/path/*. Relative stier er relative til klientens root URL, eller hvis ingen er spesifisert brukes root URL for autorisasjonsserveren. For SAML må du sette et gyldig URI mønster hvis du er avhengig av at URL for forbrukertjenesten er integrert med forespørselen for pålogging.", + "nameIdFormatHelp": "Navn-ID formatet som skal brukes for emnet.", + "forceNameIdFormatHelp": "Ignorer forespurt format på Navn-ID emnet og bruk den som er konfigurert i administrasjonskonsollen.", + "forcePostBindingHelp": "Bruk alltid POST binding for svar.", + "includeAuthnStatementHelp": "Skal et statement som spesifiserer metoden for tidsstempel inngå i innloggingssvaret?", + "signDocumentsHelp": "Skal SAML dokumenter bli signert av sikkerhetsdomenet?", + "signAssertionsHelp": "Skal assertions i SAML dokumenter bli signert? Denne innstillingen er ikke nødvendig hvis et dokument allerede har blitt signert.", + "signatureAlgorithm": "Signaturalgoritmen som brukes for å signere et dokument.", + "canonicalizationHelp": "Kanoniseringsmetode for XML signaturer.", + "webOriginsHelp": "Tillat CORS origins. For å tillate alle origins med gyldig Redirect URIer legg til '+'. For å tillate alle origins legg til '*'.", + "homeURL": "Standard URL som kan brukes når autorisasjonsserveren trenger å redirecte eller lenke tilbake til klienten.", + "adminURLHelp": "URL til administratorgrensesnitt for klienten. Sett denne hvis klienten støtter adapter REST API. Dette REST APIet tillater autorisasjonsserveren til å sende tilbakekallingsregler og andre administrative oppgaver. Vanligvis er dette satt til klientens base URL.", + "clientHelp": "Velg klienten som vil utføre denne autorisasjonsforespørselen.", + "clientIdHelp": "Identifikator for klient registrert hos identitetsleverandør.", + "selectUser": "Velg en bruker hvis identitet vil bli brukt for å søke tillatelser fra serveren.", + "rolesHelp": "Velg en rolle som du vil knytte til den valgte brukeren.", + "contextualAttributesHelp": "Ethvert attributt gitt av et kjørende miljø eller ved utførelseskontekst.", + "applyToResourceTypeHelp": "Spesifiserer om denne tillatelsen skal gjelde for alle ressurser med en gitt type. I dette tilfellet vil tillatelsen bli evaluert for alle instanser av gitt ressurstype.", + "resourcesHelp": "Spesifiserer at denne tillatelsen må bli brukt for en spesifikk ressursinstans.", + "scopesSelect": "Spesifiserer at denne tillatelse må anvendes på en eller flere scopes.", + "clientNameHelp": "Angir klientnavnet som blir vist. For eksempel, 'Min klient'. Støtter nøkler for lokaliserte verdier. For eksempel: ${my_client}", + "descriptionHelp": "Beskrivelse av klientmal", + "loginThemeHelp": "Velg tema for sidene: innlogging, OTP, rettigheter, registrering, glemt passord.", + "encryptAssertionsHelp": "Skal SAML assertions bli kryptert med klientens offentlige nøkkel ved å bruke AES?", + "clientSignatureHelp": "Skal klienten signere sine SAML forespørsler og svar? Og skal de valideres?", + "expirationHelp": "Setter utløpstid for hendelser. Utløpte hendelser vil med jevne mellomrom bli slettet fra databasen.", + "countHelp": "Angir hvor mange klienter som kan bli opprettet ved å bruke token.", + "client-authenticator-type": "Klientautentikator som blir brukt for å autentisere denne klienten mot keycloak-server", + "registration-access-token": "Access token for registrering gir klienter tilgang til registreringstjenesten for klienter.", + "nodeReRegistrationTimeoutHelp": "Intervall for å angi maksimum tid for registrerte klienters clusternoder for å re-registreres. Hvis en clusternode ikke sender re-regisreringsforespørsel til Keycloak innen dette intervallet, vil den bli uregistrert fra Keycloak.", + "idpInitiatedSsoUrlName": "Navn på URL-fragment som refererer til klienten når du vil gjøre en IDP initiert SSO. La denne stå tom om du ønsker å deaktivere IDP initiert SSO. URLen vil være: {server-root}/realms/{realm}/protocol/saml/clients/{client-url-name}", + "idpInitiatedSsoRelayStateHelp": "Relay state du ønsker å sende med SAML forespørselen når du vil utføre en IDP initiert SSO.", + "masterSamlProcessingUrlHelp": "Hvis konfigurert vil denne URLen bli brukt for hver binding til både SPs Assertion Consumer og Single Logout-tjenester. Denne kan bli individuelt overstyrt for hver binding og tjenester i konfigurasjonen for finkornet SAML endepunkt.", + "accessTokenLifespanHelp": "Maksimum tid før et access token utløper. Det anbefales at denne verdien er kort i forhold til SSO timeout.", + "assertionConsumerServicePostBindingURLHelp": "SAML POST binding URL for klientens assertion customer service (innloggingsrespons). Du kan la denne stå tom om du ikke ønsker en URL for denne bindingen.", + "assertionConsumerServiceRedirectBindingURLHelp": "SAML redirect for klientens assertion consumer service (innloggingsrespons). Du kan la denne stå tom om du ikke ønsker en URL for denne bindingen.", + "logoutServiceRedirectBindingURLHelp": "SAML redirect binding URL for klientens single logout-tjeneste. Du kan la dette stå tomt om du bruker en annen binding.", + "frontchannelLogoutHelp": "Hvis satt til true, krever utlogging en redirect i nettleser til klient. Hvis satt til false, vil server utføre en bakgrunnskall for utlogging.", + "browserFlowHelp": "Velg flyten du ønsker å bruke for nettleser-autentisering.", + "directGrantHelp": "Velg flyten du ønsker å bruke for direct grant autentisering.", + "certificateHelp": "Klientsertifikat for å validere JWT utstedt av klienten og signert av privatnøkkel til klient fra din keystore.", + "archiveFormatHelp": "Java keystore eller PKCS12 arkivformat.", + "keyAliasHelp": "Arkiv-alias for din privatnøkkel og sertifikater.", + "keyPasswordHelp": "Passord for å få tilgang til privatnøkler i arkivet", + "storePasswordHelp": "Passord for å få tilgang til arkivet", + "consentRequired": "Hvis aktivert må brukere gi samtykke for at klienten skal få tilgang.", + "import": "Importer en JSON-fil som inneholder innstillinger for autorisasjon for denne ressursserveren.", + "policyEnforcementModeHelp": "Modus for håndhevelse av policy dikterer hvordan policier blir håndhevet når autorisasjonsforespørsler blir evaluert. 'Håndhevende' betyr at forespørsler blir nektet som standard selv om det ikke er en policy knyttet til en gitt ressurs. 'Ettergivende' betyr at forespørsler blir tillatt selv om det ikke er en policy knyttet til en gitt ressurs. 'Deaktivert' deaktiverer fullstendig evalueringen av policier og tillater tilgang til enhver ressurs.", + "allowRemoteResourceManagementHelp": "Skal ressursene bli håndtert eksternt av ressursserveren? Hvis satt til false kan ressursene kun bli håndtert fra denne administratorkonsollen.", + "resourceName": "Et unikt navn for denne ressursen. Navnet kan bli brukt til å identifisere en ressurs og er nyttig i spørringer for en bestemt ressurs.", + "typeHelp": "Ressurstype. Den kan brukes til å gruppere ulike ressursinstanser av samme type.", + "uris": "En URI som også kan brukes for å identifisere denne ressursen.", + "scopesHelp": "Scopes som sendes når du ber om autorisasjon. Dette kan være en liste med scopes separert med mellomrom. Standard er satt til 'openid'.", + "fullScopeAllowedHelp": "Lar deg å deaktivere alle restriksjoner.", + "resetActions": "Tilbakestill handlinger", + "scopeName": "Et unikt navn for dette scopet. Navnet kan bli brukt for å identifisere et scope, og er nyttig i spørringer for en bestemt ressurs.", + "policy-name": "Navnet på denne policien.", + "policy-description": "En beskrivelse av denne policien.", + "policyDecisionStagey": "Beslutningsstrategi som dikterer hvordan policies knyttet til en gitt policy blir evaluert og hvordan endelig avgjørelse oppnås. 'Bekreftende' betyr at minst en policy må evalueres til en positiv beslutning for at den samlede avgjørelsen kan bli positiv. 'Enstemmig' betyr at alle policies må evalueres til en positiv beslutning for at den samlede avgjørelsen kan bli positiv. 'Konsensus' betyr at antall positive beslutninger må være høyere enn antall negative beslutninger. Hvis antallet av positive og negative er likt, blir den samlede avgjørelsen negativ.", + "applyPolicyHelp": "Spesifiserer alle policies som må bli anvendt for scopes definert av denne policien eller tillatelsen.", + "policyClient": "Spesifiser klient(er) som tillates av denne policien.", + "policyGroups": "Spesifiser bruker(e) som tillates av denne policien.", + "policyRoles": "Spesifiserer klientroller tillatt av denne policien.", + "startTime": "Definerer tiden før policien MÅ IKKE innvilges. Denne innvilges kun om gjeldende dato/tid er før eller lik denne verdien.", + "expireTime": "Definerer tiden etter en policy MÅ IKKE innvilges. Denne innvilges kun om gjeldende dato/tid er før eller lik denne verdien.", + "policyCode": "JavaScript-koden angir betingelsene for denne politikken.", + "logicHelp": "Logikken som dikterer hvordan beslutningspolicien skal utførres. Hvis 'Positiv', vil resulterende effekt (tillate eller nekte) oppnådd under evalueringen av denne policien bli brukt for å ta en beslutning. Hvis 'Negativ', vil resulterende effekt bli opphevet, med andre ord blir en tillatelse til et avslag og motsatt.", + "permissionName": "Navnet på denne tillatelsen.", + "permissionDescription": "En beskrivelse av denne tillatelsen.", + "permissionType": "Spesifiserer at denne tillatelsen må bli anvendt for alle ressursinstanser for en gitt type.", + "realmRolePrefix": "Prefiks for sikkerhetsdomenerolle", + "name": "Navn på klientmal. Må være unik i sikkerhetsdomenet.", + "protocolHelp": "Hvilken SSO protokoll-konfigurasjon som blir levert av denne klientmalen", + "prefix": "Prefiks for hver sikkerhetsdomenerolle (valgfri).", + "multiValued": "Angir om en attributt støtter flere verdier. Hvis true, vil listen med alle verdier for dette attributtet bli satt som claims. Hvis false, vil bare den første verdien bli satt som claim.", + "tokenClaimName": { + "label": "Navn på token claim", + "tooltip": "Navn på claim som skal legges inn i token. Denne kan være et fullt kvalifisert navn som 'address.street'. I dette tilfellet vil et nestet jsonobjekt bli laget." + }, + "claimJsonType": "JSON-type som burde bli brukt for å fylle json claimet i tokenet. long, int, boolean og String er gyldige verdier.", + "protocolMapper": "Protokoll...", + "createGroup": "Opprett gruppe", + "members": "Medlemmer", + "email": "E-postadresse", + "lastName": "Etternavn", + "firstName": "Fornavn", + "associatedRolesText": "Assosierte roller", + "title": "Autentisering", + "addRole": "Legg til rolle", + "roleName": "Rollenavn", + "composite": "Sammensatt", + "addUser": "Legg til bruker", + "userName": "Brukernavn", + "join": "Bli med", + "groupMembership": "Gruppemedlemskap", + "createdAt": "Opprettet ved", + "username": "Brukernavn", + "emailVerified": "E-post verifisert", + "requiredUserActions": "Påkrevde brukerhandlinger", + "impersonate": "Utgi deg for å være bruker", + "verifyEmail": "Bekreft e-postadresse", + "consents": "Samtykke", + "identityProvider": "Identitetsleverandør", + "identityProviderLinks": "Lenker til identitetsleverandør", + "revoke": "Opphev", + "credentialType": "Type", + "resetPassword": "Tilbakestill passord", + "showPasswordDataValue": "Verdi", + "hours": "Timer", + "minutes": "Minutter", + "seconds": "Sekunder", + "credentialResetConfirm": "Send e-post", + "temporaryLocked": "Brukeren kan ha blitt låst på grunn av at innloggingsforsøk har feilet for mange ganger.", + "emailVerifiedHelp": "Har brukerens e-post blitt verifisert?", + "requiredUserActionsHelp": "Krev en handling når brukeren logger inn. 'Verifiser e-post' sender en e-post til brukeren for å verifisere deres e-postadresse. 'Oppdater profil' krever at bruker legger inn personlig informasjon. 'Oppdater passord' krever at bruker skriver inn et nytt passord. 'Konfigurer OTP' krever installasjon av en passordgenerator for mobil.", + "groups": "Gruppen som brukeren er medlem av. Velg en gruppe på listen og klikk på 'Forlat' for å forlate gruppen.", + "lastAccess": "Sist aksessert", + "adminEvents": "administratorhendelser", + "time": "Tid", + "eventType": "Hendelsestype", + "ipAddress": "IP-adresse", + "realm": "Sikkerhetsdomene", + "resourcePath": "Filsti for ressurs", + "resourceTypes": "Ressurstyper", + "operationType": "Operasjonstype", + "operationTypes": "Operasjonstyper", + "auth": "Auth", + "representation": "Representasjon", + "partialImport": "Delvis import", + "general": "Generelt", + "login": "Innlogging", + "themes": "Tema", + "eventListeners": "Hendelseslyttere", + "eventListenersHelpText": "Konfigurer hvilke lyttere som skal motta eventer fra sikkerhetsdomenet.", + "adminEventsSettings": "Innstillinger for administratorhendelser", + "saveEvents": "Lagre hendelser", + "clearAdminEvents": "Fjern administratorhendelser", + "includeRepresentation": "Inkluder representasjon", + "from": "Fra", + "host": "Vert", + "port": "Port", + "enableSSL": "Aktiver SSL", + "enableStartTLS": "Aktiver StartTLS", + "providers": "Leverandører", + "uiDisplayName": "Konsoll vis navn", + "providerId": "ID", + "provider": "Leverandør", + "userRegistration": "Registrering av bruker", + "userRegistrationHelpText": "Aktiver/deaktiver registreringssiden. En lenke for registrering vil være synlig på innloggingssiden.", + "rememberMe": "Husk meg", + "rememberMeHelpText": "Vis en avkryssingsboks på innloggingssiden som lar brukere forbli innlogget mellom omstart av nettleser og inntil sesjonen utløper.", + "registrationEmailAsUsername": "E-postadresse som brukernavn", + "editUsername": "Rediger brukernavn", + "htmlDisplayName": "HTML vis navn", + "requireSsl": "Krev SSL", + "sslType": { + "all": "Alle forespørsler", + "external": "Eksterne forespørsler", + "none": "Ingen" + }, + "endpoints": "Endepunkter", + "accountTheme": "Kontotema", + "adminTheme": "Administrasjonskonsolltema", + "emailTheme": "E-posttema", + "SSOSessionIdle": "Inaktiv SSO sesjon", + "SSOSessionMax": "Maksimum SSO sesjon", + "offlineSessionIdle": "Inaktiv sesjon i frakoblet modus", + "loginTimeout": "Timeout for innlogging", + "loginActionTimeout": "Timeout for innloggingshandling.", + "revokeRefreshToken": "Fjern refresh token", + "accessTokenLifespanImplicitFlow": "Access token-levetid for implicit flow", + "clientLoginTimeout": "Timeout av klientinnlogging", + "clientProfileDescription": "Beskrivelse", + "tokens": "Tokens", + "supportedLocales": "Støttede lokaliteter", + "defaultLocale": "Standard lokalitet", + "validatorDialogColNames": { + "colName": "Rollenavn" + }, + "validatorColNames": { + "colConfig": "Konfig" + }, + "eventTypes": { + "IMPERSONATE": { + "name": "Utgi deg for å være bruker" + }, + "LOGOUT": { + "name": "Logg ut" + }, + "REGISTER": { + "name": "Registrer" + }, + "RESET_PASSWORD": { + "name": "Tilbakestill passord" + } + }, + "deleteEvents": "Fjern hendelser", + "defaultRoles": "Standardroller", + "defaultGroups": "Standardgrupper", + "securityDefences": "Sikkerhetsmekanismer", + "headers": "Headere", + "bruteForceDetection": "Deteksjon av Brute Force", + "xFrameOptions": "Alternativer for X-Frame", + "contentSecurityPolicy": "Sikkerhetspolicy for innhold", + "contentSecurityPolicyReportOnly": "Rapporterende sikkerhetspolicy for innhold", + "xContentTypeOptions": "Alternativer for X-innholdstyper", + "failureFactor": "Maksimum antall innloggingsfeil", + "waitIncrementSeconds": "økning av ventetid", + "maxFailureWaitSeconds": "Maksimum ventetid", + "maxDeltaTimeSeconds": "Tid for tilbakestilling av feil.", + "minimumQuickLoginWaitSeconds": "Minimum ventetid for hurtig innlogging", + "requireSslHelp": "Kreves HTTPS? 'Ingen' betyr at HTTPS ikke kreves for noen klienters IP-adresse. 'Ekstern forespørsel' betyr at localhost og private IP-adresser kan få tilgang uten HTTPS. 'Alle forespørsler' betyr at HTTPS kreves for alle IP-adresser.", + "accountThemeHelp": "Velg tema for brukerkontoadministrasjonssider.", + "adminThemeHelp": "Velg et tema for administrasjonskonsollen.", + "emailThemeHelp": "Velg tema for e-post sendt av server.", + "save-user-events": "Hvis aktivert vil innloggingshendelser bli lagret i databasen, noe som gjør hendelsene tilgjengelige for administrator og kontoadministrasjonskonsoll.", + "save-admin-events": "Hvis aktivert vil administratorhendelser bli lagret i databasen, som vil gjøre hendelsene tilgjengelige i administrasjonskonsollen.", + "admin-clearEvents": "Sletter alle administratorhendelser i databasen.", + "includeRepresentationHelp": "Inkluder JSON-representasjon for å skape og oppdatere forespørsler.", + "failureFactorHelp": "Hvor mange feil før ventetid blir aktivert.", + "waitIncrementSecondsHelp": "Når terskelen for feil er nådd, hvor lenge skal brukeren stenges ute?", + "maxFailureWaitSecondsHelp": "Maksimum tid en bruker vil være stengt ute.", + "maxDeltaTimeSecondsHelp": "Når vil teller for feil nullstilles?", + "quickLoginCheckMilliSeconds": "Hvis en feil skjer for raskt samtidig, steng brukeren ute.", + "minimumQuickLoginWaitSecondsHelp": "Ventetid etter en hurtig innloggingsfeil.", + "ssoSessionIdle": "Tiden en sesjon er tillatt å være inaktiv før den utløper. Tokens og nettlesersesjoner vil bli ugyldig når en sesjon utløper.", + "ssoSessionMax": "Maksimum tid før en sesjon utløper. Tokens og nettlesersesjoner vil bli ugyldig når en sesjon utløper.", + "offlineSessionIdleHelp": "Tiden en sesjon i frakoblet modus er tillatt å være inaktiv før den utløper. Du må bruke tokens for frakoblet modus for å oppdatere sesjonen minst en gang i denne perioden, ellers vil sesjonen utløpe.", + "revokeRefreshTokenHelp": "Hvis aktivert kan refresh token kun bli brukt en gang. Ellers vil refresh tokens kunne bli brukt flere ganger.", + "clientLoginTimeoutHelp": "Maksimum tid en klient har for å fullføre access token protokollen. Dette burde normalt være 1 minutt.", + "editUsernameHelp": "Dersom aktivert, er feltet for brukernavn redigerbart, ellers kun lesbart.", + "flows": "Flyt", + "requiredActions": "Påkrevde handlinger", + "passwordPolicy": "Passordpolicy", + "otpPolicy": "Policy for engangskode", + "otpType": "Type engangskode", + "policyType": { + "totp": "Tidsbasert", + "hotp": "Tellerbasert" + }, + "otpHashAlgorithm": "OTP hash-algoritme", + "otpPolicyDigits": "Antall siffer", + "otpPolicyPeriod": "Engangskode token", + "initialCounter": "Initiell teller", + "attestationPreference": { + "none": "Ingen" + }, + "flow": { + "browser": "Nettleserflyt", + "registration": "Registreringsflyt", + "direct grant": "Direct Grant Flyt" + }, + "flowType": "Type av flyt", + "flow-type": { + "form-flow": "skjema" + }, + "addExecution": "Legg til eksekvering", + "requirement": "Krav", + "alias": "Alias", + "flowTypeHelp": "Hva slags skjema det er", + "topLevelFlowType": "Hvilken type toppnivå flyt er det? Type 'klient' brukes for autentisering av klienter (applikasjoner) når generisk brukes for brukere og alt annet", + "aliasHelp": "Aliaset identifiserer en identitetsleverandør og kan brukes for å bygge en redirect uri.", + "otpTypeHelp": "Totp er et tidsbasert engangspassord. 'hotp' er et teller basert engangspassord hvor serveren følger med på en teller som den kan hashe mot.", + "otpHashAlgorithmHelp": "Hva slags hashing algoritme skal brukes for å generere OTP.", + "otpPolicyDigitsHelp": "Hvor mange sifre skal OTP ha?", + "otpPolicyPeriodHelp": "Hvor mange sekunder burde et engangskode token være gyldig? Standard er satt til 30 sekunder.", + "vendor": "Leverandør", + "connectionURL": "Tilkoblings URL", + "enableStartTls": "Aktiver StartTLS", + "useTruststoreSpi": "Bruk Truststore SPI", + "connectionPooling": "Connection Pooling", + "bindType": "Autentiseringstype", + "bindDn": "Bind DN", + "editMode": "Redigeringsmodus", + "usersDN": "DN-brukere", + "usernameLdapAttribute": "Brukernavn LDAP-attributt", + "rdnLdapAttribute": "RDN LDAP-attributt", + "uuidLdapAttribute": "UUID LDAP-attributt", + "userObjectClasses": "Brukerobjektklasser", + "searchScope": "Scope for søk", + "pagination": "Paginering", + "batchSize": "Batch størrelse", + "periodicFullSync": "Fullstendig periodisk synkronisering", + "fullSyncPeriod": "Fullstendig synkroniseringsperiode", + "periodicChangedUsersSync": "Periodisk synkronisering av endrede brukere", + "changedUsersSyncPeriod": "Synkroniseringsperiode for endrede brukere", + "kerberosIntegration": "Kerberos Integrasjon", + "allowKerberosAuthentication": "Tillat autentisering med Kerberos", + "useKerberosForPasswordAuthentication": "Bruk Kerberos for autentisering av passord", + "trustEmail": "Stol på e-post", + "requiredSettings": "Påkrevde innstillinger", + "kerberosRealm": "Sikkerhetsdomene for Kerberos", + "serverPrincipal": "Server principal", + "debug": "Feilsøking", + "allowPasswordAuthentication": "Tillat autentisering med passord", + "testAuthentication": "Testautentisering", + "ldapFilter": "LDAP filter", + "selectRole": { + "label": "Velg rolle", + "tooltip": "Skriv inn rolle i tekstboksen til venstre, eller klikk på denne knappen for å bla gjennom og velge rollen du ønsker." + }, + "vendorHelp": "LDAP leverandør (provider)", + "consoleDisplayConnectionUrlHelp": "Tilkoblings URL din til LDAP-server", + "bindCredentialsHelp": "Passord for LDAP administrator", + "editModeLdapHelp": "READ_ONLY er et skrivebeskyttet LDAP-lager. WRITABLE betyr at data vil bli synkronisert tilbake til LDAP på forespørsel. UNSYNCED betyr at brukerdata vil bli importert, men vil ikke bli synkronisert tilbake til LDAP.", + "fullSyncPeriodHelp": "Periode for fullstendig synkronisering i sekunder", + "changedUsersSyncHelp": "Tidsperiode for synkronisering av endrede eller nylig opprettede LDAP-brukere i sekunder.", + "trustEmailHelp": "Hvis aktivert vil ikke e-post levert av denne leverandøren bli verifisert selv om verifisering er aktivert for sikkerhetsdomenet.", + "debugHelp": "Aktiver/deaktiver logging av feilsøking til standard output for Krb5LoginModule.", + "allowPasswordAuthenticationHelp": "Aktiver/deaktivert muligheten for autentisering med brukernavn/passord mot databasen til Kerberos", + "updateFirstLoginHelp": "Oppdater profil ved første innlogging", + "addIdPMapper": "Legg til identitetsleverandørmappere", + "redirectURI": "Redirect URI", + "ssoServiceUrl": "Single sign-on service URL", + "singleLogoutServiceUrl": "Single utloggingstjeneste URL", + "nameIdPolicyFormat": "Policy for nameid-format", + "unspecified": "uspesifisert", + "httpPostBindingResponse": "HTTP-POST binding svar", + "httpPostBindingAuthnRequest": "HTTP-POST binding for AuthnRequest", + "wantAuthnRequestsSigned": "Vil ha AuthnRequests signert", + "forceAuthentication": "Force autentisering", + "validatingX509Certs": "Validerer X509 sertifikat", + "authorizationUrl": "Autorisasjons URL", + "tokenUrl": "Token URL", + "logoutUrl": "Utloggings URL", + "backchannelLogout": "Backchannel utlogging", + "userInfoUrl": "Brukerinfo URL", + "issuer": "Utgiver", + "prompt": "Prompt", + "prompts": { + "none": "Ingen", + "consent": "samtykke", + "login": "Innlogging" + }, + "validateSignature": "Valider signaturer", + "storeTokens": "Lagre Tokens", + "storedTokensReadable": "Lagrede lesbare tokens", + "firstBrokerLoginFlowAlias": "Flyt for første innlogging", + "postBrokerLoginFlowAlias": "Post-påloggingsflyt", + "userAttribute": "Brukerattributt", + "redirectURIHelp": "Redirect URI som skal brukes når du konfigurerer identitetsleverandøren.", + "clientSecretHelp": "Klient secret registrert hos identitetsleverandør.", + "discoveryEndpoint": "Importer metadata fra et eksternt IDP discovery descriptor.", + "importConfig": "Importer metadata fra en nedlastet IDP discovery descriptor.", + "logoutUrlHelp": "Endepunkt for avsluttende sesjon som brukes for å logge ut bruker fra ekstern IDP.", + "backchannelLogoutHelp": "Støtter ekstern IDP backchannel utlogging?", + "userInfoUrlHelp": "Brukerinfo URLen. Denne er valgfri.", + "issuerHelp": "Identifikator for utgiver av forespørselen. Hvis dette ikke er oppgitt vil ingen validering utføres.", + "validateSignatureHelp": "Aktiver/deaktiver signaturvalidering av eksterne IDP signaturer.", + "storeTokensHelp": "Aktiver/deaktiver hvis tokens må bli lagret etter at brukere har blitt autentisert.", + "storedTokensReadableHelp": "Aktiver/deaktiver hvis nye brukere kan lese lagrede tokens. Dette tildeles broker.read-token rollen.", + "firstBrokerLoginFlowAliasHelp": "Alias for autentiseringsflyt, som trigges etter første innlogging med denne identitetsleverandøren. Begrepet 'Første innlogging' betyr at det ennå ikke eksisterer en Keycloak-konto koblet til den autentiserte kontoen til identitetsleverandøren.", + "useEntityDescriptor": "Importer metadata fra et eksternt IDP SAML entity descriptor.", + "samlEntityDescriptor": "Lar deg laste inn ekstern IDP metadata fra en konfigurasjonsfil eller ved å laste det ned fra en URL.", + "ssoServiceUrlHelp": "URL som må brukes for å sende autentiseringsforespørsler (SAML AuthnRequest).", + "singleLogoutServiceUrlHelp": "URL som må brukes for å sende utloggingsforespørsler.", + "httpPostBindingAuthnRequestHelp": "Indikerer om AuthnRequests må bli sendt ved å bruke en HTTP-POST binding. Hvis satt til false, vil HTTP-REDIRECT binding bli brukt.", + "wantAuthnRequestsSignedHelp": "Indikerer om identitetsleverandør forventer en signert AuthnRequest.", + "forceAuthenticationHelp": "Indikerer om identitetsleverandør må autentisere presentatøren direkte i stedet for å stole på en tidligere sikkerhetskontekst.", + "validateSignatures": "Aktiver/deaktiver signaturvalidering av SAML svar.", + "validatingX509CertsHelp": "Sertifikatet i PEM format som må brukes for å se etter signaturer.", + "addIdpMapperName": "Navn på mapper.", + "selectARole": "Velg en rolle", + "usermodel": { + "prop": { + "label": "Egenskap", + "tooltip": "Navn på egenskapsmetoden i UserModel-grensesnittet. For eksempel, en verdi av 'e-post' vil referere til metoden UserModel.getEmail()." + }, + "attr": { + "label": "Brukerattributt", + "tooltip": "Navn på lagret brukerattributt som er navnet på en attributt innenfor UserModel.attribute map." + }, + "clientRoleMapping": { + "client": { + "label": "Klient-ID", + "tooltip": "Klient-ID for å mappe roller" + }, + "rolePrefix": { + "label": "Prefiks for klientrolle", + "tooltip": "Prefiks for hver klientrolle (valgfri)." + } + }, + "realmRoleMapping": { + "rolePrefix": { + "label": "Prefiks for sikkerhetsdomenerolle", + "tooltip": "Prefiks for hver sikkerhetsdomenerolle (valgfri)." + } + } + }, + "userSession": { + "modelNote": { + "label": "Brukersesjonsmerknad", + "tooltip": "Navn på lagret brukersesjonsmerknad innenfor UserSessionModel.note map." + } + }, + "multivalued": { + "label": "Flere verdier", + "tooltip": "Angir om en attributt støtter flere verdier. Hvis true, vil listen med alle verdier for dette attributtet bli satt som claims. Hvis false, vil bare den første verdien bli satt som claim." + }, + "jsonType": { + "label": "JSON-type for claims", + "tooltip": "JSON-type som burde bli brukt for å fylle json claimet i tokenet. long, int, boolean og String er gyldige verdier." + }, + "includeInIdToken": { + "label": "Legg til i ID token", + "tooltip": "Burde claim bli lagt til i ID token?" + }, + "includeInAccessToken": { + "label": "Legg til i access token", + "tooltip": "Burde claim bli lagt til i access token?" + }, + "includeInUserInfo": { + "label": "Legg til i brukerinfo", + "tooltip": "Burde claim bli lagt til i brukerinfo?" + }, + "name-id-format": "Navn-ID format", + "titleAuthentication": "Autentisering", + "titleEvents": "Hendelser", + "titleRoles": "Sikkerhetsdomeneroller", + "titleUsers": "Brukere", + "titleSessions": "Sesjoner" +} diff --git a/js/apps/admin-ui/public/locales/ca/users-help.json b/js/apps/admin-ui/public/locales/pl/translation.json similarity index 100% rename from js/apps/admin-ui/public/locales/ca/users-help.json rename to js/apps/admin-ui/public/locales/pl/translation.json diff --git a/js/apps/admin-ui/public/locales/pt-BR/translation.json b/js/apps/admin-ui/public/locales/pt-BR/translation.json new file mode 100644 index 0000000000..a3cf1388ef --- /dev/null +++ b/js/apps/admin-ui/public/locales/pt-BR/translation.json @@ -0,0 +1,590 @@ +{ + "add": "Adicionar", + "create": "Criar", + "save": "Salvar", + "continue": "Continuar", + "remove": "Remover", + "key": "Chave", + "value": "Valor", + "back": "Voltar", + "export": "Exportar", + "action": "Ações", + "download": "Download", + "clear": "Limpar", + "edit": "Editar", + "enabled": "Habilitado", + "none": "Nenhum", + "signOut": "Sign Out", + "manageAccount": "Administrar a conta", + "serverInfo": "Informação do servidor", + "testConnection": "Testar conexão", + "description": "Descrição", + "type": "Tipo", + "category": "Categoria", + "priority": "Prioridade", + "allTypes": "Todos os tipos", + "manage": "Administração", + "clients": "Clientes", + "realmRoles": "Roles do Realm", + "users": "Usuários", + "sessions": "Sessões", + "events": "Eventos", + "mappers": "Mapeamentos", + "permissions": "Permissões", + "configure": "Configuração", + "realmSettings": "Configurações do Realm", + "authentication": "Autenticação", + "identityProviders": "Provedores de identificação", + "userFederation": "Federação de usuários", + "settings": "Configurações", + "details": "Detalhes", + "times": { + "seconds": "Segundos", + "minutes": "Minutos", + "hours": "Horas", + "days": "Dias" + }, + "attributes": "Atributos", + "credentials": "Credenciais", + "clientId": "ID do cliente", + "clientName": "Nome", + "id": "ID", + "mapperType": "Tipo de mapeamento", + "leave": "Sair", + "password": "Senha", + "passwordConfirmation": "Confirmação de senha", + "temporaryPassword": "Temporária", + "temporaryPasswordHelpText": "If enabled user is required to change password on next login", + "protocol": "Protocolo", + "copy": "Copiar", + "clientAuthorization": "Autorização", + "importClient": "Importar cliente", + "adminURL": "URL do administrador", + "formatOption": "Formato", + "encryptAssertions": "Encriptar Assertions", + "clientSignature": "Assinatura do cliente requerida", + "roles": "Roles", + "addClientScope": "Adicionar modelo de cliente", + "fullScopeAllowed": "Permitir Escopo completo", + "selectAUser": "Selecione um usuário", + "client": "cliente", + "evaluate": "Avaliar", + "reevaluate": "Re-avaliar", + "showAuthData": "Exibir dados da autorização", + "unanimous": "Unânime", + "affirmative": "Afirmativa", + "consensus": "Consensual", + "authScopes": "Autorização de escopos", + "anyResource": "Qualquer recurso", + "anyScope": "Qualquer escopo", + "selectScope": "Selecione um escopo", + "applyToResourceType": "Aplicar ao tipo de recurso", + "contextualInfo": "Informação contextual", + "contextualAttributes": "Atributos contextuais", + "kc": { + "realm": { + "name": "Realm" + } + }, + "policyEnforcementMode": "Modo de execução da política", + "policyEnforcementModes": { + "ENFORCING": "Restritiva", + "PERMISSIVE": "Permissiva" + }, + "decisionStrategy": "Estratégia de decisão", + "iconUri": "URI do ícone", + "allowRemoteResourceManagement": "Administração remota de recursos", + "resources": "Recursos", + "resource": "Recurso", + "scope": "Escopo", + "owner": "Proprietário", + "scopes": "Escopos", + "policies": "Políticas", + "createPermission": "Criar permissão", + "identityInformation": "Informação de identidade", + "resourceType": "Tipo de recurso", + "createPolicy": "Criar política", + "applyPolicy": "Aplicar política", + "code": "Código", + "logic": "Lógica", + "logicType": { + "positive": "Positiva", + "negative": "Negativa" + }, + "user": "Usuário", + "clientList": "Clientes", + "initialAccessToken": "Token de acesso inicial", + "expires": "Expira em", + "count": "Quantidade", + "remainingCount": "Quantidade restante", + "expiration": "Duração", + "clientAuthentication": "Autenticação do cliente", + "frontchannelLogout": "Front Channel Logout", + "validRedirectUri": "URIs de redirecionamento válidas", + "idpInitiatedSsoRelayState": "Estado de relay para SSO iniciado via IDP", + "masterSamlProcessingUrl": "URL de processamento SAML principal", + "nameIdFormat": "Formato do NameID", + "forceNameIdFormat": "Forçar formato do NameID", + "forcePostBinding": "Forçar Binding via POST", + "includeAuthnStatement": "Incluir AuthnStatement", + "signDocuments": "Assinar documentos", + "signAssertions": "Assinar assertions", + "canonicalization": "Método de Canonicalization ", + "loginTheme": "Tema de login", + "clientAuthenticator": "Autenticador do cliente", + "clientSecret": "Secret do Cliente", + "registrationAccessToken": "Token de acesso para registro", + "revocation": "Revogação", + "notBefore": "Não antes de", + "setToNow": "Definir como agora", + "addNode": "Adicionar nó", + "push": "Enviar", + "nodeReRegistrationTimeout": "Tempo limite para re-registro de nó", + "registeredClusterNodes": "Nós de cluster registrados", + "nodeHost": "Host", + "lastRegistration": "Último registro", + "testClusterAvailability": "Testar disponibilidade do cluster", + "registerNodeManually": "Registrar nó manualmente", + "fineGrainSamlEndpointConfig": "Configuração de endpoint para configuração fina do SAML ", + "assertionConsumerServicePostBindingURL": "URL para conexão post para o serviço consumidor de Assertions", + "assertionConsumerServiceRedirectBindingURL": "URL para conexão de redirecionamento do serviço consumidor de Assertions", + "logoutServicePostBindingURL": "URL de conexão POST para o serviço de logout", + "logoutServiceRedirectBindingURL": "URL de conexão para o redirecionamento do serviço de logout", + "accessTokenLifespan": "Duração do Token de Acesso", + "browserFlow": "Fluxo de browser", + "directGrant": "Fluxo de Direct Grant", + "certificate": "Certificado", + "generateNewKeys": "Gerar novas chaves", + "archiveFormat": "Formato do arquivo", + "keyAlias": "Alias da chave", + "keyPassword": "Senha da chave", + "storePassword": "Salvar senha", + "importFile": "Importar arquivo", + "clientType": "'OpenID connect' permite aos Clientes verificarem a identidade do usuário final baseado na autenticação realizada por um servidor de Autorização. 'SAML' permite cenários de autenticação e autorização web-based incluindo cross-domain single sign-on (SSO) e utiliza tokens de segurança contendo assertions para trafegar informações.", + "serviceAccount": "Permite autenticar este cliente no Keycloak e recuperar tokens de acesso dedicados para este cliente. Em termos da especificações OAuth2, habilita suporte para 'Client Credentials Grants' para este cliente.", + "authorization": "Enable/Disable fine-grained authorization support for a client", + "directAccess": "Habilita o suporte para concessões de acesso direto (Direct Access Grants), o que significa que o cliente tem acesso ao nome de usuário/senha e negocia diretamente com o servidor Keycloak pelo token de acesso. Em termos de especificações OAuth2, habilita suporte de \"Resource Owner Password Credentials Grant\" para este cliente.", + "standardFlow": "Isto habilita a autenticação baseada em redirecionamento com código de autorização padrão do OpenID Connect. Em termos de especificações OpenID Connect ou OAuth2, isto habilita suporte ao 'Fluxo de Código de Autorização' para este cliente.", + "implicitFlow": "Isto habilita suporte a autenticação baseada em redirecionamento sem código de autorização. Em tempos de especificações OpenID Connect ou OAuth2, isto habilita suporte do 'Fluxo Implícito' para este cliente.", + "rootURL": "URL raiz adicionada à URLs relativas", + "validRedirectURIs": "Padrão de URI válido para onde um navegador pode redirecionar depois de um login bem-sucedido ou sair. Wildcards simples são permitidos, por exemplo 'http://example.com/*'. Caminhos relativos podem ser especificados também, ex: /my/relative/path/*. Caminhos relativos são relativos à URL raiz do cliente, ou se nenhum for especificado a URL raiz do servidor é usado. Para SAML, é necessário definir padrões de URI válidos se você está contando com a URL do serviço consumidor incorporada com a solicitação de login.", + "nameIdFormatHelp": "O formato de Name ID para utilizar como assunto.", + "forceNameIdFormatHelp": "Ignora o NameID de assunto solicitado e utiliza o configurado no UI de administração.", + "forcePostBindingHelp": "Sempre utilizar POST para respostas.", + "includeAuthnStatementHelp": "Deve ser adicionado um statement especificando o método e timestamp nas respostas de login?", + "signDocumentsHelp": "Devem os documentos SAML serem assinados pelo realm?", + "signAssertionsHelp": "Devem as asserções dentro dos documentos SAML serem assinadas? Esta configuração não é necessária se o documento já está sendo assinado.", + "signatureAlgorithm": "O algoritmo de assinatura a ser utilizado para assinar documentos.", + "canonicalizationHelp": "Canonicalization Method para assinaturas XML.", + "webOrigins": "Permitir origens CORS. Para permitir todas as URIs de redirecionamento de origem válidas adicionar '+'. Para permitir todas as origens adicionar '*'.", + "homeURL": "URL padrão para utilizar quando o servidor de autenticação necessita redirecionar ou linkar para o cliente.", + "adminURLHelp": "URL para a inteface administrativa do cliente. Defina este valor se o cliente suporta a API do adaptador REST. Esta API rest permite que o servidor de autenticação envie políticas de revogação e outras tarefas administrativas. Geralmente este valor é definido apontando para a URL base do cliente.", + "clientHelp": "Select the client making this authorization request. If not provided, authorization requests would be done based on the client you are in.", + "clientIdHelp": "O identificador do cliente registrado com o provedor de identificação.", + "selectUser": "Select an user whose identity is going to be used to query permissions from the server.", + "rolesHelp": "Select the roles you want to associate with the selected user.", + "contextualAttributesHelp": "Any attribute provided by a running environment or execution context.", + "applyToResourceTypeHelp": "Specifies if this permission would be applied to all resources with a given type. In this case, this permission will be evaluated for all instances of a given resource type.", + "resourcesHelp": "Specifies that this permission must be applied to a specific resource instance.", + "scopesSelect": "Define que esta permissões deve ser aplicada para um ou mais escopos.", + "clientNameHelp": "Especifica o nome de exibição do cliente. Por exemplo 'Meu Cliente'. Também aceita chaves para valores localizados. Por exemplo: ${meu_cliente}", + "descriptionHelp": "Descrição do modelo de cliente.", + "loginThemeHelp": "Selecione o tema para páginas de login, OTP, grant, cadastro e recuperar senha.", + "encryptAssertionsHelp": "Devem as asserções SAML serem encriptadas com a chave pública do cliente usando AES?", + "clientSignatureHelp": "O cliente irá assinar os pedidos e respostas saml? E eles devem ser validados?", + "expirationHelp": "Sets the expiration for events. Expired events are periodically deleted from the database.", + "countHelp": "Especifica quantos clientes podem ser criados usando o token", + "client-authenticator-type": "Autenticador de Cliente usado para autenticar este cliente ao servidor Keycloak", + "registration-access-token": "O token de acesso para registro provê acesso aos cliente para o serviço de registro cliente.", + "nodeReRegistrationTimeoutHelp": "Intervalo para especificar o tempo máximo para nós clientes de cluster registrados se re-registrarem. Se os nós do cluster não enviarem solicitações de re-registro dentro deste intervalo eles serão deregistrados do Keycloak.", + "idpInitiatedSsoUrlName": "Nome do fragmento URL para referenciar o cliente quando você deseja um SSO iniciado por IDP. Deixar este campo vazio irá desabilitar SSO iniciado por IDP. A URL que você irá referenciar do seu browser será: {server-root}/realms/{realm}/protocol/saml/clients/{client-url-name}", + "idpInitiatedSsoRelayStateHelp": "O estado de Relay que você deseja enviar com um pedido SAML quando você deseja realizar SSO iniciado por IDP.", + "masterSamlProcessingUrlHelp": "Se configurado, esta URL será utilizada para todos os bindings do \"SP's Assertion Consumer\" e \"Single Logout Services\". Ela pode ser sobreescriva idnvidualmente para cada ligação e serviço na Configuração Detalhada do Endpoint SAML.", + "accessTokenLifespanHelp": "Tempo máximo antes que um token de acesso expire. Recomenda-se que este valor seja menor em relação ao tempo de inativação do inativação do SSO.", + "assertionConsumerServicePostBindingURLHelp": "URL de ligação SAML via post para as asserções de consumidor de serviços do cliente (respostas de login). Você pode deixar este campo em branco se você não tiver uma URL para esta ligação.", + "assertionConsumerServiceRedirectBindingURLHelp": "URL de ligação SAML de redirecionamento para as asserções de consumidor de serviços do cliente (respostas de login). Você pode deixar este campo em branco se você não tiver uma URL para esta ligação.", + "logoutServiceRedirectBindingURLHelp": "URL de ligação SAML de redirecionamento para o serviço de logout único do cliente. Voce pode deixar este campo em branco s e estiver usando uma ligação diferente.", + "frontchannelLogoutHelp": "Quando marcado, o logout requer um redirecionamento do browser para o cliente. Caso contrário o servidor executo uma invocação em background para o logout.", + "browserFlowHelp": "Select the flow you want to use for browser authentication.", + "directGrantHelp": "Select the flow you want to use for direct grant authentication.", + "certificateHelp": "Certificado do cliente para validar JWT emitidos pelo cliente e assinados pela chave privada do cliente da sua keystore.", + "archiveFormatHelp": "Keystore Java ou arquivo em formato PKCS12.", + "keyAliasHelp": "Alias do arquivo para sua chave privada e certificado.", + "keyPasswordHelp": "Senha para acessar a chave privada no certificado.", + "storePasswordHelp": "Senha para acessar o arquivo em si.", + "consentRequired": "Se habilitado os usuários devem consentir com o acesso ao cliente.", + "import": "Import a JSON file containing authorization settings for this resource server.", + "policyEnforcementModeHelp": "The policy enforcement mode dictates how policies are enforced when evaluating authorization requests. 'Enforcing' means requests are denied by default even when there is no policy associated with a given resource. 'Permissive' means requests are allowed even when there is no policy associated with a given resource. 'Disabled' completely disables the evaluation of policies and allow access to any resource.", + "allowRemoteResourceManagementHelp": "Should resources be managed remotely by the resource server? If false, resources can only be managed from this Admin UI.", + "resourceName": "An unique name for this resource. The name can be used to uniquely identify a resource, useful when querying for a specific resource.", + "typeHelp": "The type of this resource. It can be used to group different resource instances with the same type.", + "uris": "An URI that can also be used to uniquely identify this resource.", + "scopesHelp": "Os escopos que serão enviados ao solicitar autorização. Pode ser uma lista de escopos separadas por espaço. Valor padrão é 'openid'.", + "fullScopeAllowedHelp": "Permite a você desabilitar todas as restrições.", + "resetActions": "Ações para reiniciar", + "scopeName": "An unique name for this scope. The name can be used to uniquely identify a scope, useful when querying for a specific scope.", + "policy-name": "The name of this policy.", + "policy-description": "A description for this policy.", + "policyDecisionStagey": "The decision strategy dictates how the policies associated with a given policy are evaluated and how a final decision is obtained. 'Affirmative' means that at least one policy must evaluate to a positive decision in order to the overall decision be also positive. 'Unanimous' means that all policies must evaluate to a positive decision in order to the overall decision be also positive. 'Consensus' means that the number of positive decisions must be greater than the number of negative decisions. If the number of positive and negative is the same, the final decision will be negative.", + "applyPolicyHelp": "Specifies all the policies that must be applied to the scopes defined by this policy or permission.", + "policyGroups": "Specifies which user(s) are allowed by this policy.", + "policyRoles": "Especifica quais role(s) do *cliente* são permitidos por esta política.", + "startTime": "Defines the time before which the policy MUST NOT be granted. Only granted if current date/time is after or equal to this value.", + "expireTime": "Defines the time after which the policy MUST NOT be granted. Only granted if current date/time is before or equal to this value.", + "policyCode": "The JavaScript code providing the conditions for this policy.", + "logicHelp": "The logic dictates how the policy decision should be made. If 'Positive', the resulting effect (permit or deny) obtained during the evaluation of this policy will be used to perform a decision. If 'Negative', the resulting effect will be negated, in other words, a permit becomes a deny and vice-versa.", + "permissionName": "The name of this permission.", + "permissionDescription": "A description for this permission.", + "permissionType": "Specifies that this permission must be applied to all resources instances of a given type.", + "realmRolePrefix": "Prefixo do Realm Role", + "name": "Nome do modelo de cliente. Deve ser único neste Realm.", + "protocolHelp": "Qual configuração de protocolo SSO será provida por este modelo de cliente.", + "prefix": "Um prefixo para cada Realm Role (opcional).", + "multiValued": "Indica se um atributo suporta múltiplos valores. Se verdadeiro, então a lista de todos os valores desse atributo será definida como o claim. Se falso, então apenas o primeiro valor será utilizado.", + "tokenClaimName": { + "label": "Nome do Token Claim", + "tooltip": "Nome do claim para inserir no token. Pode ser um nome completo (fully qualified) como 'address.street'. Neste caso, um objeto json aninhado será criado." + }, + "claimJsonType": "Tipo JSON que deve ser utilizado para popular o claim json no token. Os valores válidos são Long, int boolean e String.", + "protocolMapper": "Protocolo...", + "createGroup": "Criar grupo", + "members": "Membros", + "email": "E-mail", + "lastName": "Sobrenome", + "firstName": "Primeiro nome", + "associatedRolesText": "Roles associados", + "title": "Autenticação", + "addRole": "Adicionar Role", + "roleName": "Nome do Role", + "composite": "Composto", + "usersInRole": "Usuários no role", + "addUser": "Adicionar usuário", + "userName": "Usuário", + "join": "Participar", + "groupMembership": "Grupos associados", + "createdAt": "Criado em", + "username": "Usuário", + "emailVerified": "E-mail verificado", + "requiredUserActions": "Ações necessárias do usuário", + "impersonate": "Personificar", + "verifyEmail": "Verificar e-mail", + "consents": "Consentimentos", + "identityProvider": "Provedor de identificação", + "identityProviderLinks": "Links de provedores de identificação.", + "revoke": "Revogar", + "credentialType": "Tipo", + "resetPassword": "Reiniciar senha", + "showPasswordDataValue": "Valor", + "hours": "Horas", + "minutes": "Minutos", + "seconds": "Segundos", + "credentialResetConfirm": "Enviar e-mail", + "temporaryLocked": "The user may have been locked due to failing to login too many times.", + "emailVerifiedHelp": "Has the user's email been verified?", + "requiredUserActionsHelp": "Require an action when the user logs in. 'Verify email' sends an email to the user to verify their email address. 'Update profile' requires user to enter in new personal information. 'Update password' requires user to enter in a new password. 'Configure OTP' requires setup of a mobile password generator.", + "groups": "Groups user is a member of. Select a listed group and click the Leave button to leave the group.", + "lastAccess": "Último acesso", + "adminEvents": "Eventos de adminstração", + "time": "Tempo", + "eventType": "Tipo de evento", + "ipAddress": "Endereço IP", + "realm": "Realm", + "resourcePath": "Path do recurso", + "operationType": "Tipo de operação", + "operationTypes": "Tipos de operações", + "auth": "Autenticação", + "representation": "Representação", + "partialImport": "Importação parcial", + "general": "Geral", + "login": "Login", + "themes": "Temas", + "eventListeners": "Listeners de eventos", + "eventListenersHelpText": "Configure what listeners receive events for the realm.", + "adminEventsSettings": "Configuração de eventos de administração", + "saveEvents": "Salvar eventos", + "clearAdminEvents": "Limpar eventos administrativos", + "includeRepresentation": "Incluir representação", + "from": "Remetente", + "host": "Host", + "port": "Porta", + "enableSSL": "Habilitar SSL", + "enableStartTLS": "Habilitar StartTLS", + "providers": "Provedores", + "uiDisplayName": "Nome de exibição no UI", + "providerId": "ID", + "provider": "Provedor", + "userRegistration": "Cadastro de usuário", + "userRegistrationHelpText": "Habilita/desabilita a página de cadastro. Um link para a página de cadastro também será exibido na tela de login.", + "rememberMe": "Lembrar me", + "rememberMeHelpText": "Exibe um checkbox na página de login para permitir ao usuário continuar logado entre restarts do browser até que a sessão expire.", + "registrationEmailAsUsername": "Email como nome de usuário", + "editUsername": "Editar nome de usuário", + "htmlDisplayName": "Nome de exibição HTML", + "requireSsl": "SSL requerido", + "sslType": { + "all": "todas requisições", + "external": "requisições externas", + "none": "Nenhum" + }, + "endpoints": "Endpoints", + "accountTheme": "Tema para conta", + "adminTheme": "Tema para UI de administração", + "emailTheme": "Tema de e-mail", + "SSOSessionIdle": "Sessão SSO inativa", + "SSOSessionMax": "Sessão SSO Máxima", + "offlineSessionIdle": "Sessão Offline Inativa", + "loginTimeout": "Tempo máximo do Login", + "loginActionTimeout": "Tempo limite da ação de Login", + "revokeRefreshToken": "Revogar Token de Atualização", + "accessTokenLifespanImplicitFlow": "Duração do token de acesso para fluxos Implícitos", + "clientLoginTimeout": "Tempo limite para login do Cliente", + "clientProfileDescription": "Descrição", + "tokens": "Tokens", + "supportedLocales": "Locais disponíveis", + "defaultLocale": "Local padrão", + "validatorDialogColNames": { + "colName": "Nome do Role" + }, + "validatorColNames": { + "colConfig": "Configuração" + }, + "eventTypes": { + "IMPERSONATE": { + "name": "Personificar" + }, + "LOGOUT": { + "name": "Logout" + }, + "REGISTER": { + "name": "Registro" + }, + "RESET_PASSWORD": { + "name": "Reiniciar senha" + } + }, + "deleteEvents": "Limpar eventos", + "defaultRoles": "Roles padrão", + "defaultGroups": "Grupos Padrão", + "securityDefences": "Defesas", + "headers": "Cabeçalhos", + "bruteForceDetection": "Detecção de ataque de Força Bruta", + "xFrameOptions": "X-Frame-Options", + "contentSecurityPolicy": "Content-Security-Policy", + "xContentTypeOptions": "X-Content-Type-Options", + "failureFactor": "Falhas de login", + "waitIncrementSeconds": "Incremento de Espera", + "maxFailureWaitSeconds": "Espera máxima", + "maxDeltaTimeSeconds": "Tempo para zerar falhas", + "minimumQuickLoginWaitSeconds": "Espera mínima após Quick Login", + "requireSslHelp": "É necessário SSL? 'Nunca' significa que HTTPS não é requerido para nenhum endereço IP cliente. 'Requisições externas' significa que localhost e IPs privados podem acessar sem HTTPS. 'Todas requisições' significa que HTTPS é requerido para todos os endereços IPs.", + "accountThemeHelp": "Selecione o tema para as páginas de administração de conta do usuário.", + "adminThemeHelp": "Selecione o tema para o UI de administração.", + "emailThemeHelp": "Selecione o tema para os e-mail que são enviados pelo servidor.", + "save-user-events": "If enabled login events are saved to the database which makes events available to the Admin and Account management UIs.", + "save-admin-events": "If enabled admin events are saved to the database which makes events available to the Admin UI.", + "admin-clearEvents": "Deletes all admin events in the database.", + "includeRepresentationHelp": "Include JSON representation for create and update requests.", + "failureFactorHelp": "Quantas falhas de login antes que a espera seja habilitada.", + "waitIncrementSecondsHelp": "Quando a quantidade de falhas for alcançada, quanto tempo o usuário deve aguardar antes de tentar novamente?", + "maxFailureWaitSecondsHelp": "Tempo máximo que um usuário deverá aguardar após uma falha de quick login.", + "maxDeltaTimeSecondsHelp": "Quando o contador de falhas será resetado?", + "quickLoginCheckMilliSeconds": "Se uma falha ocorre concorrentemente neste período, travar a conta do usuário.", + "minimumQuickLoginWaitSecondsHelp": "Quanto tempo aguardar após uma falha de quick login.", + "ssoSessionIdle": "Tempo que uma sessão pode ficar inativa antes de expirar. Tokens e sessões de navegador são invalidados quando uma sessão é expirada.", + "ssoSessionMax": "Tempo máximo antes que uma sessão seja expirada. Tokens e sessões de navegador são invalidados quando uma sessão é expirada.", + "offlineSessionIdleHelp": "Tempo que uma sessão offline pode ficar inativa antes de expirar. Você precisa utilizar um token de atualização offline pelo menos uma vez neste período, caso contrário a sessão offline será expirada.", + "revokeRefreshTokenHelp": "Se habilitado os tokens de atualização podem ser utilizados somente uma vez. Caso contrário os tokens de atualização não são revogados quando utilizados e podem ser utilizados várias vezes.", + "clientLoginTimeoutHelp": "Tempo máximo que um cliente tem para finalizar o procolo do token de acesso. Normalmente deve ser 1 minuto.", + "editUsernameHelp": "Se habilitado, o campo nome de usuário é editável, senão será apenas leitura.", + "flows": "Fluxos", + "requiredActions": "Ações requeridas", + "passwordPolicy": "Política de senha", + "otpPolicy": "Política OTP", + "otpType": "Tipo OTP", + "policyType": { + "totp": "Baseado em tempo", + "hotp": "Baseado em contador" + }, + "otpHashAlgorithm": "Algoritmo de hash OTP", + "otpPolicyDigits": "Quantidade de dígitos", + "otpPolicyPeriod": "Período de token OTP ", + "initialCounter": "Contador inicial", + "attestationPreference": { + "none": "Nenhum" + }, + "flow": { + "browser": "Fluxo de browser", + "registration": "Fluxo de registro", + "direct grant": "Fluxo de Direct Grant" + }, + "flowType": "Flow Type", + "flow-type": { + "basic-flow": "genérico", + "form-flow": "formulário" + }, + "addExecution": "Adicionar execução", + "requirement": "Condição", + "alias": "Alias", + "flowTypeHelp": "What kind of form is it", + "topLevelFlowType": "What kind of top level flow is it? Type 'client' is used for authentication of clients (applications) when generic is for users and everything else", + "aliasHelp": "O alias é o identificador único de um provedor de identidade e também é utilizado para construir a uri de redirecionamento.", + "otpTypeHelp": "totp is Time-Based One Time Password. 'hotp' is a counter base one time password in which the server keeps a counter to hash against.", + "otpHashAlgorithmHelp": "What hashing algorithm should be used to generate the OTP.", + "otpPolicyDigitsHelp": "How many digits should the OTP have?", + "otpPolicyPeriodHelp": "How many seconds should an OTP token be valid? Defaults to 30 seconds.", + "vendor": "Vendor", + "connectionURL": "URL de conexão", + "enableStartTls": "Habilitar StartTLS", + "useTruststoreSpi": "Utilizar Truststore SPI", + "connectionPooling": "Pooling de conexões", + "bindType": "Tipo de autenticação", + "bindDn": "Bind DN", + "editMode": "Modo de edição", + "usersDN": "Users DN", + "usernameLdapAttribute": "Atributo LDAP para Username", + "rdnLdapAttribute": "Atributo LDAP para RDN", + "uuidLdapAttribute": "Atributo LDAP para UUID", + "userObjectClasses": "Classes do objeto User", + "searchScope": "Escopo de pesquisa", + "pagination": "Paginação", + "batchSize": "Tamanho do lote", + "periodicFullSync": "Syncronização completa periódica", + "fullSyncPeriod": "Período", + "periodicChangedUsersSync": "Sincronização periódica de usuários alterados", + "changedUsersSyncPeriod": "Período", + "kerberosIntegration": "Integração com Kerberos", + "allowKerberosAuthentication": "Permitir autenticação Kerberos", + "useKerberosForPasswordAuthentication": "Utilizar Kerberos para autenticação via senha", + "trustEmail": "Confiar no e-mail recebido", + "requiredSettings": "Configurações obrigatórias", + "kerberosRealm": "Realm do Kerberos", + "serverPrincipal": "Principal do servidor", + "debug": "Debug", + "allowPasswordAuthentication": "Permitir autenticação via senha", + "testAuthentication": "Testar autenticação", + "ldapFilter": "Filtro do LDAP", + "selectRole": { + "label": "Selecione o Role", + "tooltip": "Entre com o role na caixa à esquerda, ou clique neste botão para navegar e selecionar o role desejado." + }, + "vendorHelp": "LDAP vendor (provedor)", + "consoleDisplayConnectionUrlHelp": "Conexão URL para o seu servidor LDAP", + "bindCredentialsHelp": "Senha do administrador do LDAP", + "editModeLdapHelp": "READ_ONLY é um LDAP somente leitura. WRITABLE significa que os dados serão sicronizados de volta para o LDAP on demand. UNSYNCED significa que os dados do usuário serão importados, mas não sicronizados de volta para o LDAP.", + "fullSyncPeriodHelp": "Intervalo para a sincronização completa em segundos.", + "changedUsersSyncHelp": "Intervalo para sincronização dos usuários alterados ou novos do LDAP em segundos.", + "trustEmailHelp": "Se habilitado então o e-mail provido por este provedor não será verificado mesmo que a verificação esteja habilitada para este realm.", + "debugHelp": "Habilita/Desabilita log de nível debug para a saída padrão para Krb5LoginModule.", + "allowPasswordAuthenticationHelp": "Habilita/Desabilita a possibilidade de autenticação via usuário/senha contra o banco Kerberos", + "updateFirstLoginHelp": "Atualizar o perfil no primeiro login", + "addIdPMapper": "Adicionar mapeamento de provedor de identificação", + "redirectURI": "URI de redirecionamento", + "ssoServiceUrl": "URL de serviço do Single Sign On", + "singleLogoutServiceUrl": "URL de serviço de Single Logout", + "nameIdPolicyFormat": "Política de formato NameID", + "unspecified": "Não especificado", + "httpPostBindingResponse": "Responder com HTTP-POST", + "httpPostBindingAuthnRequest": "Utilizar HTTP-POST binding para AuthnRequest", + "wantAuthnRequestsSigned": "Esperar AuthnRequests assinados", + "forceAuthentication": "Forçar autenticação", + "validatingX509Certs": "Validar certificados X509", + "authorizationUrl": "URL de autorização", + "tokenUrl": "URL do Token", + "logoutUrl": "URL de logout", + "backchannelLogout": "Backchannel Logout", + "userInfoUrl": "URL de informações do usuário", + "issuer": "Emissor", + "prompt": "Prompt", + "prompts": { + "none": "Nenhum", + "consent": "Consentimento", + "login": "Login" + }, + "validateSignature": "Validar assinaturas", + "storeTokens": "Salvar Tokens", + "storedTokensReadable": "Leitura de tokens salvos", + "firstBrokerLoginFlowAlias": "Fluxo do primeiro login", + "postBrokerLoginFlowAlias": "Fluxo pós login", + "userAttribute": "Atributo do usuário", + "redirectURIHelp": "A url de redirecionamento para usar quando da configuração do provedor de identidade.", + "clientSecretHelp": "A senha do cliente registrado junto ao provedor de identificação.", + "discoveryEndpoint": "Importar metadata de um descritor de descoberta remoto do IDP.", + "importConfig": "Importar metadata fr um descritor de descoberta baixado do IDP.", + "logoutUrlHelp": "'End session endpoint' para utilizar para realizar logour dos usuários do IDP externo.", + "backchannelLogoutHelp": "O IDP externo suporta logou via backchannel?", + "userInfoUrlHelp": "A Url de informações de usuário. Opcional.", + "issuerHelp": "O identificador de emissor para o emissor da resposta. Se não for provido nenhuma validação será realizada.", + "validateSignatureHelp": "Habilita/Desabilita a validação de assinatura de IDP externo.", + "storeTokensHelp": "Habilita/desabilita se os tokens deve ser guardados depois de autenticar os usuários.", + "storedTokensReadableHelp": "Habilita/desabilita se novos usuários podem ler quaisquer tokens salvo. Isto irá adicionar o role broker.read-token.", + "firstBrokerLoginFlowAliasHelp": "Alias do fluxo de autenticação que será invocado depois do primeiro login com este provedor de identificação. O termo 'Primeiro Login' significa que ainda não existe uma conta no Keycloak ligada a esta conta autenticada neste provedor.", + "useEntityDescriptor": "Importar metadata de um descritor de entidade IDP SAML remoto.", + "samlEntityDescriptor": "Permite que vocÊ carregue metadata de IDP externos de um arquivo de configuração ou baixando a partir de uma URL.", + "ssoServiceUrlHelp": "A Url que deve ser utilizada para enviar solicitações de autenticação (SAML AuthnRequest).", + "singleLogoutServiceUrlHelp": "A Url que deve ser utilizada para enviar solicitações de logout.", + "httpPostBindingAuthnRequestHelp": "Indica se o AuthnRequest deve ser enviado utilizando HTTP-POST. Se falso, HTTP-REDIRECT será utilizado.", + "wantAuthnRequestsSignedHelp": "Indicate se um provedor de identificação deve experar um AuthnRequest assinado.", + "forceAuthenticationHelp": "Indica se um provedor de identificação deve autenticar o apresentador diretamente ao invés de confiar em um contexto de segurança anterior.", + "validateSignatures": "Habilita/Desabilita validação de assinaturas de respostas SAML.", + "validatingX509CertsHelp": "O certificado em formato PEM que deve ser usado para verificar assinaturas.", + "addIdpMapperName": "Nome do mapeamento", + "selectARole": "Selecione um role", + "usermodel": { + "prop": { + "label": "Propriedade", + "tooltip": "Nome do método da propriedade na interface UserModel. Por exemplo, o valor 'email' iria referenciar o método UserModel.getEmail() ." + }, + "attr": { + "label": "Atributo do usuário", + "tooltip": "Nome do atributo do usuário que é uma chave de atributo no mapa UserModel.attribute." + }, + "clientRoleMapping": { + "clientId": { + "label": "ID do cliente", + "tooltip": "ID do cliente para mapeamentos de roles" + }, + "rolePrefix": { + "label": "Prefixo para o role de Cliente", + "tooltip": "Um prefixo para cada role do cliente (opcional)" + } + }, + "realmRoleMapping": { + "rolePrefix": { + "label": "Prefixo do Realm Role", + "tooltip": "Um prefixo para cada Realm Role (opcional)." + } + } + }, + "userSession": { + "modelNote": { + "label": "Nota da sessão de usuário", + "tooltip": "Nome da nota de sessão do usuário salva no mapa UserSessionModel.note." + } + }, + "multivalued": { + "label": "Múltiplos valores", + "tooltip": "Indica se um atributo suporta múltiplos valores. Se verdadeiro, então a lista de todos os valores desse atributo será definida como o claim. Se falso, então apenas o primeiro valor será utilizado." + }, + "jsonType": { + "label": "Tipo JSON do Claim", + "tooltip": "Tipo JSON que deve ser utilizado para popular o claim json no token. Os valores válidos são Long, int boolean e String." + }, + "includeInIdToken": { + "label": "Adicionar ao token de ID", + "tooltip": "O claim deve ser adicionado ao token de ID?" + }, + "includeInAccessToken": { + "label": "Adicionar ao token de acesso", + "tooltip": "O claim deve ser adicionado ao token de acesso?" + }, + "includeInUserInfo": { + "label": "Adicionar à informação do usuário", + "tooltip": "O claim deve ser adicionado à informação do usuário?" + }, + "name-id-format": "Formato do NameID", + "titleAuthentication": "Autenticação", + "titleEvents": "Eventos", + "titleRoles": "Roles do Realm", + "titleUsers": "Usuários", + "titleSessions": "Sessões" +} diff --git a/js/apps/admin-ui/public/locales/ru/translation.json b/js/apps/admin-ui/public/locales/ru/translation.json new file mode 100644 index 0000000000..9bdb20de33 --- /dev/null +++ b/js/apps/admin-ui/public/locales/ru/translation.json @@ -0,0 +1,695 @@ +{ + "add": "Добавить", + "create": "Создать", + "save": "Сохранить", + "continue": "Продолжить", + "remove": "Удалить", + "key": "Ключ", + "value": "Значение", + "back": "Назад", + "export": "Экспорт", + "action": "Действие", + "download": "Скачать", + "clear": "Очистить", + "on": "Вкл", + "edit": "Редактировать", + "enabled": "Включено", + "disable": "Отключено", + "none": "нет", + "signOut": "Выход", + "manageAccount": "Управление учетной записью", + "serverInfo": "Информация о сервере", + "testConnection": "Тест соединения", + "description": "Описание", + "type": "Тип", + "category": "Категория", + "priority": "Приоритет", + "allTypes": "Все типы", + "manage": "Управление", + "clients": "Клиенты", + "realmRoles": "Роли Realm", + "users": "Пользователи", + "sessions": "Сессии", + "events": "События", + "mappers": "Сопоставления", + "permissions": "Разрешения", + "configure": "Конфигурация", + "realmSettings": "Настройки Realm", + "authentication": "Аутентификация", + "identityProviders": "Поставщики идентификации", + "userFederation": "Федерация пользователей", + "settings": "Настройки", + "details": "Детали", + "Sunday": "Воскресенье", + "Monday": "Понедельник", + "Tuesday": "Вторник", + "Wednesday": "Среда", + "Thursday": "Четверг", + "Friday": "Пятница", + "Saturday": "Суббота", + "times": { + "seconds": "секунд", + "minutes": "минут", + "hours": "часов", + "days": "дней" + }, + "attributes": "Атрибуты", + "credentials": "Учетные данные", + "clientId": "ID клиента", + "clientName": "Имя", + "id": "ID", + "mapperType": "Тип сопоставления", + "leave": "Покинуть", + "password": "Пароль", + "passwordConfirmation": "Подтверждение пароля", + "temporaryPassword": "Временный", + "temporaryPasswordHelpText": "Если включено, пользователю необходимо сменить пароль при следующем входе", + "disabledFeatures": "Отключенные функции сервера", + "protocol": "Протокол", + "copy": "Копировать", + "clientAuthorization": "Авторизация", + "importClient": "Импортировать клиента", + "webOrigins": "Web источники", + "adminURL": "URL администрирования приложения", + "formatOption": "Формат", + "encryptAssertions": "Зашифровка утверждений", + "clientSignature": "Подпись клиента обязательна", + "keys": "Ключи", + "roles": "Роли", + "addClientScope": "Добавить шаблон клиента", + "fullScopeAllowed": "Полный доступ к областям", + "selectAUser": "Выберите пользователя", + "client": "клиент", + "evaluate": "Оценка", + "reevaluate": "Переоценить", + "showAuthData": "Показать авторизационные данные", + "unanimous": "Единогласная", + "affirmative": "Утвердительная", + "consensus": "Консенсусная", + "authScopes": "Области авторизации", + "anyResource": "Любой ресурс", + "anyScope": "Любая область", + "selectScope": "Выберите область", + "applyToResourceType": "Применить к типу ресурса", + "contextualInfo": "Контекстная информация", + "contextualAttributes": "Контекстные аттрибуты", + "kc": { + "realm": { + "name": "Realm" + } + }, + "policyEnforcementMode": "Режим применения политик", + "policyEnforcementModes": { + "ENFORCING": "Обязывающая", + "PERMISSIVE": "Разрешающая" + }, + "decisionStrategy": "Стратегия решения", + "iconUri": "Иконка URI", + "allowRemoteResourceManagement": "Удаленное управление ресурсами", + "resources": "Ресурсы", + "resource": "Ресурс", + "scope": "Область", + "owner": "Владелец", + "scopes": "Области", + "policies": "Политики", + "createPermission": "Создать полномочия", + "identityInformation": "Идентичность данных", + "resourceType": "Тип ресурса", + "createPolicy": "Создать политику", + "applyPolicy": "Применить политику", + "month": "Месяц", + "hour": "Час", + "minute": "Минута", + "code": "Код", + "logic": "Логика", + "logicType": { + "positive": "Позитивная", + "negative": "Негитивная" + }, + "user": "Пользователь", + "clientList": "Клиенты", + "initialAccessToken": "Токен первичного доступа", + "created": "Создано", + "lastUpdated": "Обновлено", + "expires": "Истекает", + "count": "Счетчик", + "remainingCount": "Счетчик остатка", + "expiration": "Истечение", + "clientAuthentication": "Аутентификация клиента", + "frontchannelLogout": "Выход с переднего канала", + "rootUrl": "Корневой URL", + "validRedirectUri": "Валидация URI перенаправления", + "idpInitiatedSsoRelayState": "Передача состояния SSO инициирующим поставщиком идентификации", + "masterSamlProcessingUrl": "Основной URL обработчика SAML", + "nameIdFormat": "Наименование формата ID", + "forceNameIdFormat": "Принудительно использовать формат ID", + "forcePostBinding": "Принудительно использовать POST Binding", + "includeAuthnStatement": "Включать Аутентификационные Заявки", + "includeOneTimeUseCondition": "Включить условие одноразового использования", + "optimizeLookup": "Оптимизация REDIRECT поиска подписанного ключа", + "signDocuments": "Подпись документов", + "signAssertions": "Sign Assertions", + "signatureKeyName": "Наименование ключа сигнатуры SAML", + "canonicalization": "Метод канонизации", + "loginTheme": "Тема страницы входа", + "clientAuthenticator": "Проверка подлинности клиента", + "clientSecret": "Секрет клиента", + "registrationAccessToken": "Токен доступа к регистрации", + "revocation": "Отзыв", + "clustering": "Кластеризация", + "notBefore": "Не ранее чем", + "setToNow": "Установить на сейчас", + "addNode": "Добавить узел", + "push": "Разослать", + "nodeReRegistrationTimeout": "Таймаут узла перерегистрации", + "registeredClusterNodes": "Зарегистрированные узлы кластера", + "nodeHost": "Хост узла", + "lastRegistration": "Последняя регистрация", + "testClusterAvailability": "Протестировать доступность кластера", + "registerNodeManually": "Зарегистрировать узел вручную", + "fineGrainOpenIdConnectConfiguration": "Тонкая настройка конфигурации OpenID Connect", + "fineGrainSamlEndpointConfig": "Тонкая настройка конфигурации конечных точек доступа SAML", + "userInfoSignedResponseAlgorithm": "Алгоритм подписи ответа информации о пользователе", + "requestObjectSignatureAlgorithm": "Алгоритм сигнатуры объекта запроса", + "assertionConsumerServicePostBindingURL": "Привязка URL POST-запроса для сервиса подтверждения потребителей", + "assertionConsumerServiceRedirectBindingURL": "Привязка URL-адреса переадресации для сервиса подтверждения потребителей", + "logoutServicePostBindingURL": "URL для выхода из сервиса в привязанном POST-методе", + "logoutServiceRedirectBindingURL": "URL переадресации для выхода из сервиса", + "accessTokenLifespan": "Продолжительность жизни токена доступа", + "browserFlow": "Сценарий браузера", + "directGrant": "Сценарий Direct Grant Flow", + "useJwksUrl": "Использовать JWKS URL", + "certificate": "Сертификат", + "jwksUrl": "JWKS URL", + "generateNewKeys": "Сгенерировать новые ключи", + "archiveFormat": "Формат архивации", + "keyAlias": "Синоним ключа", + "keyPassword": "Пароль для ключа", + "storePassword": "Пароль хранилища", + "importFile": "Импортировать файл", + "clientType": "'OpenID connect' разрешает клиентам проверить личность конечного пользователя, основанного на выполнении аутентификации на Сервере Авторизации.'SAML' включает веб-сценарии аутентификации и авторизации, включая кроссдоменные центры единого управления доступом (SSO) и использующие токены безопасности, содержащие заявления на передачу информации.", + "serviceAccount": "Разрешает Вам аутентифицировать этого клиента в Keycloak и получить токен доступа специально для этого клиента. В терминах OAuth2 спецификации включает поддержку 'Client Credentials Grant' для этого клиента.", + "authorization": "Включить/Выключить тонко-настраиваемую поддержку авторизации для клиента", + "directAccess": "Включает поддержку Direct Access Grants, которая означает, что клиент имеет доступ к имени пользователя и пароля и обменивает их напрямую с сервером Keycloak на токен доступа. В терминах OAuth2 спецификации означает поддержку 'Resource Owner Password Credentials Grant' для этого клиента.", + "standardFlow": "Включает стандартное OpenID Connect перенаправление, основанное на аутентификации с кодом авторизации. В терминах OpenID Connect или OAuth2 спецификаций включает 'Authorization Code Flow' для этого клиента.", + "implicitFlow": "Включает поддержку OpenID Connect перенаправления, основанного на аутентификации без кода авторизации. В терминах OpenID Connect или OAuth2 спецификаций включает поддержку 'Implicit Flow' для этого клиента.", + "rootURL": "Корневой URL добавляется к относительным URL", + "validRedirectURIs": "Валидирует паттерн URI, на который может быть перенаправлен браузер после успешного входа или выхода. Разрешены простые ссылки, напр. 'http://example.com/*'. Также допускается использовать относительный путь, напр. '/my/relative/path/*'. Относительные пути необходимо указывать относительно корневого URL клиента, или, если он не специфицирован, корневого URL сервера авторизации. Для SAML Вы должны задать валидный паттерн URI, если Вы полагаетесь на URL сервиса потребителя, внедренного в запрос авторизации.", + "nameIdFormatHelp": "Наименование формата ID для использования в теме.", + "forceNameIdFormatHelp": "Игнорирует запрошенный формат заголовка NameID и использует сконфигурированный через консоль администратора.", + "forcePostBindingHelp": "Всегда использовать POST Binding для ответов.", + "includeAuthnStatementHelp": "Должны ли заявки на методы и временные метки быть включены в ответе на вход?", + "includeOneTimeUseConditionHelp": "Должно ли условие одноразового использования быть включено в ответе на вход?", + "optimizeLookupHelp": "При подписи SAML документов при REDIRECT сопоставлении с SP, который обеспечивается безопасностью адаптера Keycloak, должен ли включать ID подписанного ключа в сообщение по протоколу SAML в элемент? Это оптимизирует валидацию сигнатуры, где в качестве проверки используется один ключ вместо попытки проверки каждого ключа во время валидации.", + "signDocumentsHelp": "Должны ли SAML документы быть подписаны в realm?", + "signAssertionsHelp": "Должны ли утверждения внутри SAML документов быть подписаны? Устанавливает отсутствие необходимости подписывать уже подписанные документы.", + "signatureAlgorithm": "Алгоритм, используемый для подписи документов.", + "signatureKeyNameHelp": "Подписанные SAML документы содержат идентификаторы ключей подписи в элементе KeyName. Для Keycloak / RH-SSO контрагентов, используйте KEY_ID, для MS AD FS используйте CERT_SUBJECT, для остальных установите и используйте NONE если другие опции не работают.", + "canonicalizationHelp": "Метод канонизации для XML сигнатур.", + "webOriginsHelp": "Разрешает CORS источникам. Чтобы разрешить всем источники с допустимыми URI-адресами переадресации, добавьте '+'. Чтобы разрешить все источники, добавьте '*'.", + "homeURL": "Используемый URL по умолчанию. Используется в случае, если серверу требуется перенаправление или обратная ссылка на клиента.", + "adminURLHelp": "URL для доступа к интерфейсу администратора в заданном клиенте. Необходимо установить, если клиент поддерживает адаптер REST API. Это REST API разрешает серверу авторизации слать политики отзыва и прочие административные задачи. Обычно устанавливается значение, соответствующее базовому URL клиента.", + "clientHelp": "Выберите клиента, осуществляющего авторизационный запрос. Если не задан, авторизационные запросы будут основаны на том клиенте, в котором вы находитесь.", + "clientIdHelp": "Идентификатор клиента, зарегистрированный с помощью поставщика идентификации.", + "selectUser": "Выберите пользователя, идентификационные данные которого будут использованы для запроса разрешений с сервера.", + "rolesHelp": "Выберите роли, которые вы хотите связать с выбранным пользователем.", + "contextualAttributesHelp": "Любой аттрибут определяется запущенным окружением или контекстом исполнения.", + "applyToResourceTypeHelp": "Определяет, будет ли это разрешение будет применено ко всем ресурсам с данным типом. В этом случае это разрешение будет вычисляться для всех экземпляров с заданным типом ресурса.", + "resourcesHelp": "Определяет, что это разрешение должно быть применено к конкретному экземпляру ресурсов.", + "scopesSelect": "Определяет, что разрешение должно быть применено к одной или нескольким областям.", + "clientNameHelp": "Задает отображаемое название клиента. Например 'My Client'. Поддерживает ключи для локализованных значений. Например\\: ${my_client}", + "descriptionHelp": "Описание шаблона клиента", + "loginThemeHelp": "Выберите тему для страниц входа, временного одноразового пароля (OTP), выдачи разрешений, регистрации и восстановления пароля.", + "encryptAssertionsHelp": "Должны ли SAML утверждения быть зашифрованы публичным ключом клиента, используя AES?", + "clientSignatureHelp": "Будет ли клиент подписывать свои saml запросы и ответы? И должны ли они быть провалидированы?", + "expirationHelp": "Установить срок истечения для событий. Истекшие события периодически удаляются из базы данных.", + "countHelp": "Определяет, как много клиентов может быть создано с помощью этого токена", + "client-authenticator-type": "Проверка подлинности клиента используется для аутентификации этого клиента вместо сервера Keycloak", + "registration-access-token": "Токен доступа к регистрации обеспечивает доступ для клиентов к сервису регистрации клиентов.", + "nodeReRegistrationTimeoutHelp": "Интервал, означающий максимальное время для узлов кластера зарегистрированных клиентов для их перерегистрации. Если узел кластера не может послать запрос перерегистрации в Keycloak за указанное время, то он будет разрегистрирован из Keycloak", + "userInfoSignedResponseAlgorithmHelp": "JWA алгоритм используется для подписи ответа ресурса информации о пользователе. Если установлено в 'unsigned', то ответ инофрмации о пользователе не будет подписан и будет возвращен в формате application/json.", + "requestObjectSignatureAlgorithmHelp": "JWA алгоритм, который необходим клиенту для использования во время отсылки OIDC запроса объекта, специфицированного по 'request' или 'request_uri' параметрам. Если установлено в 'any', то объект запроса будет подписан любым алгоритмом (включая 'none' ).", + "idpInitiatedSsoUrlName": "Имя URL фрагмента, обозначающего клиента, если вы хотите, чтобы SSO был проинициирован поставщиком идентификации. Оставьте это поле пустым, чтобы отключить инициирование SSO с помощью поставщика идентификации. URL для ссылки вашего браузера может быть в следующем виде: {server-root}/realms/{realm}/protocol/saml/clients/{client-url-name}", + "idpInitiatedSsoRelayStateHelp": "Передать состояние, которое вы хотите послать вместе с SAML запросом, которым хотите проиницировать SSO поставщиком идентификации.", + "masterSamlProcessingUrlHelp": "Если URL сконфигурирован, то он будет каждый раз для связывания SP's Assertion Consumer и Single Logout Services. Может быть переопределен индивидуально для связывания каждого сервиса в тонкой настройке конфигурации конечных точек доступа SAML.", + "accessTokenLifespanHelp": "Максимальное время действия токена доступа. Значение рекомендуется устанавливать как можно ближе к таймауту SSO.", + "assertionConsumerServicePostBindingURLHelp": "URL-адрес SAML POST запроса для клиентских сервисов подтверждения потребителей (запросы входа). Вы можете оставить это поле пустым, если не имеете URL для осуществления такой приввязки.", + "assertionConsumerServiceRedirectBindingURLHelp": "SAML переадресация на привязанный URL для клиентского сервиса подтверждения потребителей (запросы входа). Вы можете оставить это поле пустым, если вы не имеете URL для осуществления такой привязки.", + "logoutServicePostBindingURLHelp": "SAML POST связанный URL для клиентского сервиса единого выхода. Если Вы используете другие привязки, то можете оставить это поле пустым.", + "logoutServiceRedirectBindingURLHelp": "SAML переадресует на привязанный URL для единой точки выхода из сервиса для клиентов. Если Вы используете другие привязки, то можете остаавить это поле пустым.", + "frontchannelLogoutHelp": "Когда правила, выход требует перенаправить браузер на клиента. Если ложь, сервер выполняет фоновый режим для выхода из системы.", + "browserFlowHelp": "Выберите сценарий, который вы хотите использовать для аутентификации через браузер.", + "directGrantHelp": "Выберите сценарий, который вы хотите использоваться для аутентификации direct grant.", + "certificateHelp": "Клиентский сертификат для валидации JWT, выпущенный клиентом и подписанный клиентским приватным ключом из Вашего хранилища ключей.", + "jwksUrlHelp": "URL, где клиентские ключи хранятся в формате JWK. Для дополнительных деталей смотрите спецификацию JWK. Если Вы будете использовать адаптер клиента keycloak с учетными записями \"jwt\", то Вы можете использовать URL вашего приложения с суффиксом '/k_jwks'. Например 'http://www.myhost.com/myapp/k_jwks' .", + "archiveFormatHelp": "Формат архивации Java keystore или PKCS12.", + "keyAliasHelp": "Синоним архива для Вашего приватного ключа и сертификата.", + "keyPasswordHelp": "Пароль для доступа к приватного ключу в архиве", + "storePasswordHelp": "Пароль для доступа в сам архив ", + "consentRequired": "Если включено, пользователи должны дать согласие на доступ клиентскому приложению.", + "import": "Импорт JSON файла, содержащего авторизационные настройки для этого сервера ресурсов.", + "policyEnforcementModeHelp": "Режим применения политик диктует, каким образом политики применяются при оценке запросов на авторизацию. «Обязывающая» означает, что запросы запрещены по умолчанию, даже если нет никакой политики, связанной с данным ресурсом. \"Разрешающая\" означает, что запросы разрешены даже если не существует политика, связанная с данным ресурсом. 'Отключено' полностью отключает оценку политики и позволяет получить доступ к любому ресурсу.", + "allowRemoteResourceManagementHelp": "Должны ли ресурсы управляться удаленно сервером ресурсов? Если нет, то ресурсы могут управляться только через консоль администратора. ", + "resourceName": "Уникальное имя для этого ресурса. Имя может быть использовано для уникальной идентификации ресурса, используется при запросах конкретных ресурсов.", + "typeHelp": "Тип этого ресурса. Может быть использовано для группировки различных экземпляров ресурса с тем же типом.", + "uris": "URI, который также может быть использован для уникальной идентификации этого ресурса.", + "scopesHelp": "Области, которые будут посланы после запроса авторизации. Это может быть список областей, разделенных пробелом. По умолчанию 'openid'.", + "fullScopeAllowedHelp": "Отключает все ограничения.", + "resetActions": "Действия сброса", + "scopeName": "Уникальное имя для области. Имя может быть использовано для уникальной идентификации области, используется при запросах конкретных областей.", + "policy-name": "Название этой политики.", + "policy-description": "Описание этой политики.", + "policyDecisionStagey": "Стратегия решения диктует как политики связаны с заданными разрешениями и как формируется окончательное решение. 'Утвердительная' означает, что, по крайней мере, одна политика должна дать положительную оценку для того, чтобы окончательное решение также было положительным. 'Единогласная' означает что все политики должны дать положительную оценку для того, чтобы окончательная оценка также была положительной. 'Консенсусная' означает, что количество положительных решений должно превышать количество отрицательных решений. Если количество положительных и отрицательных решений совпадает, окончательное решение будет отрицательным.", + "applyPolicyHelp": "Определяем все политики, которые должны быть применены к областям, определенным этой политикой или разрешением.", + "policyClient": "Задайте, какие клиенты допущеный этой политикой.", + "policyGroups": "Задайте, какие пользователи допущены этой политикой.", + "policyRoles": "Задайте роли клиента, допущенные этой политикой.", + "startTime": "Определете время, до наступления которого политика НЕ ДОЛЖНА быть разрешена. Разрешено только если текущее время/дата больше или равны заданному значению.", + "expireTime": "Определяет время, после которого политика НЕ ДОЛЖНА быть разрешена. Разрешено только если текущее время/дата менеьше или равны заданному значению.", + "monthHelp": "Определяет месяц, в который политика ДОЛЖНА быть разрешена. Вы также можете определить диапазон, заполнив второе поле. В этом случае разрешение выдается только если текущий месяц равен или находится между заданными значениями.", + "dayMonth": "Определяет день месяца, в который политика ДОЛЖНА быть разрешена. Вы также можете определить диапазон, заполнив второе поле. В этом случае разрешение выдается только если текущий день месяца равен или находится между заданными значениями.", + "hourHelp": "Определяет час, в который политика ДОЛЖНА быть разрешена. Вы также можете определить диапазон, заполнив второе поле. В этом случае разрешение выдается только если текущий час равен или находится между заданными значениями.", + "minuteHelp": "Определяет минуту, в которую политика ДОЛЖНА быть разрешена. Вы также можете определить диапазон, заполнив второе поле. В этом случае разрешение выдается только если текущая минута равна или находится между заданными значениями.", + "policyCode": "Код JavaScript, предоставляющий условия для этой политики.", + "logicHelp": "Логика диктует, как политика должна применяться. Если 'Позитивная', результирующий эффект (разрешение или запрещение) полученный в ходе оценки этой политики будет использован для выполнения решения. Если 'Негативная', результирующий эффект будет отрицательным, другими словами, разрешение становится запрещением и наоборот.", + "permissionName": "Имя этого разрешения.", + "permissionDescription": "Описание этого разрешения.", + "permissionType": "Определяет, что это разрешение должно быть применено ко всем экземплярам ресурсов заданного типа.", + "realmRolePrefix": "Префикс ролей Realm", + "name": "Наименование шаблона клиента. Должно быть уникально для realm", + "protocolHelp": "Какая конфигурация протокола SSO будет поддержана шаблоном клиента", + "prefix": "Префикс для каждой роли Realm (опционально).", + "multiValued": "Отображается, если атрибут поддерживает несколько значений. Если включен, то список всех значений будет претендовать на этот атрибут. В противном случае выбираться будет только первое значение ", + "tokenClaimName": { + "label": "Имя переменной в токене", + "tooltip": "Имя переменной при добавлении ее в токен. Может быть полное имя, например 'address.street'. В таком случае будет создан вложенный json объект." + }, + "claimJsonType": "Тип переменной в JSON, который должен использоваться при добавлении ее в токен. Допустимые значения long, int, boolean, и String.", + "protocolMapper": "Протокол...", + "createGroup": "Создать группу", + "members": "Члены", + "email": "E-mail", + "lastName": "Фамилия", + "firstName": "Имя", + "associatedRolesText": "Ассоциированные роли", + "title": "Аутентификация", + "addRole": "Добавить роль", + "roleName": "Наименование роли", + "composite": "Составная", + "addUser": "Добавить пользователя", + "userName": "Имя пользователя", + "join": "Присоединиться", + "groupMembership": "Членство в группах", + "createdAt": "Создан", + "username": "Имя пользователя", + "emailVerified": "Подтверждение E-mail", + "status": "Статус", + "requiredUserActions": "Требуемые действия от пользователя", + "impersonate": "Имперсонировать", + "verifyEmail": "Подтверждение E-mail", + "consents": "Согласия", + "identityProvider": "Поставщик идентификации", + "identityProviderLinks": "Ссылки поставщика идентификации", + "revoke": "Отобрать", + "credentialType": "Тип", + "resetPassword": "Сброс пароля", + "showPasswordDataValue": "Значение", + "credentialResetBtn": "Сброс учетных данных", + "hours": "часов", + "minutes": "минут", + "seconds": "секунд", + "credentialResetConfirm": "Послать письмо", + "temporaryLocked": "Пользователь может быть заблокирован в случае многократных неудачных попыток входа.", + "emailVerifiedHelp": "Должен ли пользователь подтверждать свой E-mail?", + "requiredUserActionsHelp": "Требует действий от пользователя когда он входит. 'Подтвердить E-mail' высылает письмо пользователю для подтверждения его E-mail. 'Обновить профиль' требует от пользователя ввести новую персональную информацию. 'Обновить пароль' требует от пользователя ввести новый пароль. 'Настроить OTP' требует установить мобильное приложение генерации паролей.", + "groups": "Пользователь является членом группы. Выберите в списке группу и нажмите кнопку Покинуть, чтобы покинуть группу.", + "lastAccess": "Последний доступ", + "adminEvents": "События администратора", + "time": "Время", + "eventType": "Тип события", + "ipAddress": "IP адрес", + "realm": "Realm", + "resourcePath": "Путь к ресурсу", + "resourceTypes": "Типы ресурсов", + "operationType": "Тип операции", + "operationTypes": "Типы операций", + "auth": "Аутентификация", + "representation": "Представление", + "partialImport": "Частичный импорт", + "general": "Главная", + "login": "вход", + "themes": "Темы", + "eventListeners": "Слушатели событий", + "eventListenersHelpText": "Настройка слушателей, получающих события для realm.", + "adminEventsSettings": "Настройки событий администратора", + "saveEvents": "Сохранять события", + "clearAdminEvents": "Очистить события администратора", + "includeRepresentation": "Включить представление", + "from": "От", + "host": "Сервер", + "port": "Порт", + "enableSSL": "Включить SSL", + "enableStartTLS": "Включить StartTLS", + "keystore": "Хранилище ключей", + "providers": "Поставщики", + "uiDisplayName": "Наименование в консоли", + "active": "Активные", + "providerId": "ID", + "kid": "KID", + "provider": "Поставщик", + "publicKeys": "Публичные ключи", + "userRegistration": "Самостоятельная регистрация пользователей", + "userRegistrationHelpText": "Включить/выключить страницу регистрации. Ссылка для регистрации будет также показана на странице входа.", + "rememberMe": "Запомнить меня", + "rememberMeHelpText": "Показать чекбокс на странице входа, чтобы разрешить пользователю запомнить вход в учетную запись в случае если браузерная сессия устареет.", + "registrationEmailAsUsername": "E-mail как имя пользователя", + "loginWithEmail": "Вход по E-mail", + "loginWithEmailHelpText": "Разрешает пользователям входить с помощью E-mail.", + "duplicateEmails": "Дублирующиеся E-mail", + "duplicateEmailsHelpText": "Разрешает разным пользователям иметь один и тот же E-mail. Изменение этой настройки также очистит пользовательский кэш. После выключения поддержки дублирующихся email рекомендуется вручную почистить в базе данных ограничения по E-mail существующим пользователям.", + "editUsername": "Редактируемое имя пользователя", + "htmlDisplayName": "Отображаемое название в HTML", + "requireSsl": "Требует SSL", + "sslType": { + "all": "все запросы", + "external": "внешние запросы", + "none": "нет" + }, + "endpoints": "Конечные точки", + "accountTheme": "Тема учетной записи", + "adminTheme": "Тема консоли администратора", + "emailTheme": "Тема для E-mail", + "SSOSessionIdle": "Таймаут сессии SSO", + "SSOSessionMax": "Ограничение сессии SSO", + "offlineSessionIdle": "Таймаут оффлайн сессии", + "loginTimeout": "Таймаут входа", + "loginActionTimeout": "Таймаут действий по входу", + "revokeRefreshToken": "Одноразовые токены обновления", + "accessTokenLifespanImplicitFlow": "Продолжительность жизни токена доступа для Implicit Flow", + "clientLoginTimeout": "Таймаут авторизации клиента", + "clientProfileDescription": "Описание", + "tokens": "Токены", + "supportedLocales": "Поддерживаемые языки", + "defaultLocale": "Язык по умолчанию", + "validatorDialogColNames": { + "colName": "Наименование роли" + }, + "validatorColNames": { + "colConfig": "Конфигурация" + }, + "eventTypes": { + "IMPERSONATE": { + "name": "Имперсонировать" + }, + "LOGOUT": { + "name": "Выход" + }, + "REGISTER": { + "name": "Регистрация" + }, + "RESET_PASSWORD": { + "name": "Сброс пароля" + } + }, + "deleteEvents": "Очистить события", + "defaultRoles": "Роли по умолчанию", + "defaultGroups": "Группы по умолчанию", + "securityDefences": "Защита безопасности", + "headers": "Заголовки", + "bruteForceDetection": "Определение Brute Force", + "xFrameOptions": "X-Frame-Options", + "contentSecurityPolicy": "Content-Security-Policy", + "xContentTypeOptions": "X-Content-Type-Options", + "failureFactor": "Максимальное количество неудачных попыток входа", + "waitIncrementSeconds": "Порог ожидания", + "maxFailureWaitSeconds": "Максимальное ожидание", + "maxDeltaTimeSeconds": "Время сброса неудачных попыток", + "minimumQuickLoginWaitSeconds": "Минимальное ожидание быстрого входа", + "requireSslHelp": "Требуется ли HTTPS? 'нет' означает, что HTTPS не требуется для клиентов с любым IP адресом. 'Внешние запросы' означает, что localhost и внутренние IP адреса могут получить доступ без HTTPS. 'Все запросы' означает, что HTTPS требуется вне зависимости от IP адреса.", + "accountThemeHelp": "Выберите тему для управления учетной записью пользователя.", + "adminThemeHelp": "Выберите тему для консоли администратора.", + "emailThemeHelp": "Выберите тему для E-mail, которые будут отсылаться с сервера.", + "save-user-events": "Если включено, то события будут сохранены в базу данных, что сделает их доступными администратору и консоли управления учетной записью.", + "save-admin-events": "Если включено, то события администратора будет сохранены в базу данных, что сделает их доступными через консоль администратора.", + "admin-clearEvents": "Удалить все события администратора из базы данных.", + "includeRepresentationHelp": "Включить JSON представление для запросов на создание и обновление.", + "failureFactorHelp": "Количество неудачных попыток входа до блокировки пользователя.", + "waitIncrementSecondsHelp": "Если порог ошибок превышен, сколько времени пользователь будет заблокирован?", + "maxFailureWaitSecondsHelp": "Максимальное время, на которое пользователь будет заблокирован.", + "maxDeltaTimeSecondsHelp": "Через какое время счетчик неудачных попыток будет сброшен?", + "quickLoginCheckMilliSeconds": "Если попытки аутентификации происходят слишком часто, то пользователя необходимо заблокировать.", + "minimumQuickLoginWaitSecondsHelp": "Как долго ждать после неудачной попытки быстрого входа.", + "ssoSessionIdle": "Допустимое время бездействия сессии. По истечении этого времени токены и браузерные сессии становятся невалидными.", + "ssoSessionMax": "Максимальное время до того, как истечет сессия. По истечении этого времени токены и браузерные сессии становятся невалидными.", + "offlineSessionIdleHelp": "Допустимое время бездействия оффлайн сессии. Вам необходимо использовать оффлайн токен для обновления хотя бы раз за этот период, иначе сессия истечет.", + "revokeRefreshTokenHelp": "Если включено, то токены обновления могут быть использованы один раз. Иначе токен отзываться не будет и может использоваться многократно.", + "clientLoginTimeoutHelp": "Максимальное время клиента для завершения протокола access token. Обычно устанавливается равным 1-ой минуте.", + "editUsernameHelp": "Если включено,то имя пользователя можно будет отредактировать, иначе оно будет доступным только для чтения.", + "flows": "Сценарии", + "requiredActions": "Требуемые действия", + "passwordPolicy": "Политики пароля", + "otpPolicy": "Политики OTP", + "otpType": "Тип одноразового пароля OTP", + "policyType": { + "totp": "Основан на времени", + "hotp": "Основан на счетчике" + }, + "otpHashAlgorithm": "Алгоритм хеша OTP", + "otpPolicyDigits": "Количество цифр", + "otpPolicyPeriod": "Период токена OTP", + "initialCounter": "Начальное значение счетчика", + "attestationPreference": { + "none": "нет" + }, + "flow": { + "browser": "Сценарий браузера", + "registration": "Сценарий регистрации", + "direct grant": "Сценарий Direct Grant Flow" + }, + "flowType": "Тип сценария", + "flow-type": { + "basic-flow": "общий", + "form-flow": "форма" + }, + "addExecution": "Добавить исполнение", + "requirement": "Требования", + "alias": "Синоним", + "flowTypeHelp": "Какого типа эта форма", + "topLevelFlowType": "Какой это тип сценария верхнего уровня? Тип \"клиент\" используется для аутентификации клиентов (приложений), когда \"общий\" для пользователей и всего остального", + "aliasHelp": "Синоним уникально идентифицирует поставщика идентификации, а также используется для построения адреса переадресации.", + "otpTypeHelp": "totp является Временным одноразовым паролем. 'hotp' основанный на счетчике одноразовый пароль в котором сервер хранит счетчик хеша.", + "otpHashAlgorithmHelp": "Какой алгоритм хеширования должен быть использован для генерации OTP.", + "otpPolicyDigitsHelp": "Сколько цифр должен иметь OTP?", + "otpPolicyPeriodHelp": "Сколько секунд токен OTP должен быть действителен? По умолчанию 30 секунд.", + "unlinkUsers": "Отвязать пользователей", + "removeImported": "Удалить импортированных", + "vendor": "Поставщик", + "connectionURL": "URL соединения", + "enableStartTls": "Включить StartTLS", + "useTruststoreSpi": "Использование доверенных сертификатов SPI", + "connectionPooling": "Пул соединений", + "connectionTimeout": "Таймаут соединения", + "bindType": "Тип аутентификации", + "bindDn": "Сопоставление DN", + "editMode": "Режим редактирования", + "usersDN": "Пользователи DN", + "usernameLdapAttribute": "Атрибут Username в LDAP", + "rdnLdapAttribute": "Атрибут RDN в LDAP", + "uuidLdapAttribute": "Атрибут UUID в LDAP", + "userObjectClasses": "Классы объектов пользователя", + "searchScope": "Поиск области", + "readTimeout": "Таймаут чтения", + "pagination": "Постраничный вывод", + "importUsers": "Импортировать пользователей", + "batchSize": "Размер пачки", + "periodicFullSync": "Периодическая полная синхронизация", + "fullSyncPeriod": "Период полной синхронизации", + "periodicChangedUsersSync": "Периодическая синхронизация изменений пользователей", + "changedUsersSyncPeriod": "Период синхронизации измененных пользователей", + "kerberosIntegration": "Интеграция с Kerberos", + "allowKerberosAuthentication": "Разрешить аутентификацию Kerberos", + "useKerberosForPasswordAuthentication": "Использовать Kerberos для аутентификации по паролю", + "trustEmail": "Подтверждение E-mail", + "requiredSettings": "Требуемые настройки", + "kerberosRealm": "Kerberos Realm", + "serverPrincipal": "Основной сервер", + "debug": "Отладчик", + "allowPasswordAuthentication": "Разрешить аутентификацию по паролю", + "testAuthentication": "Проверка аутентификации", + "ldapMappersList": "Сопоставления LDAP", + "ldapFilter": "LDAP фильтр", + "selectRole": { + "label": "Выберите роль", + "tooltip": "Введите роль в текстовом поле слева, или нажмите на кнопку, чтобы выбрать желаемую роль." + }, + "vendorHelp": "LDAP поставщик (провайдер)", + "consoleDisplayConnectionUrlHelp": "URL соединения с вашим сервером LDAP", + "connectionTimeoutHelp": "Таймаут соединения с LDAP в миллисекундах", + "bindCredentialsHelp": "Пароль администратора LDAP", + "editModeLdapHelp": "READ_ONLY означает доступ только на чтение из LDAP. WRITABLE означает, что данные будут обратно синхронизированы в LDAP по заявке. UNSYNCED означает, что данные пользователя будут импортированы, но не синхронизированы обратно в LDAP.", + "fullSyncPeriodHelp": "Период для полной синхронизации в секундах", + "changedUsersSyncHelp": "Период для синхронизации измененных или вновь созданных пользователей LDAP в секундах", + "trustEmailHelp": "Если включено, то E-mail, предоставленный этим поставщиком не будет подтвержденным даже если подтверждение включено для realm.", + "debugHelp": "Включить/выключить отладочные логи в стандартный вывод для Krb5LoginModule.", + "allowPasswordAuthenticationHelp": "Включить/выключить возможность аутентификации по имени/пароля вопреки базе данных Kerberos", + "updateFirstLoginHelp": "Обновить профиль при первом входе", + "addIdPMapper": "Добавить сопоставление поставщика учетных записей", + "redirectURI": "URI перенаправления", + "ssoServiceUrl": "Адрес сервиса единой точки входа", + "singleLogoutServiceUrl": "Адреса сервиса единого выхода", + "nameIdPolicyFormat": "Формат политики NameID", + "unspecified": "неопределенный", + "principalType": "Тип идентификации", + "principalAttribute": "Атрибут-идентификатор", + "httpPostBindingResponse": "Привязанный ответ HTTP-POST", + "httpPostBindingAuthnRequest": "Привязывание HTTP-POST для AuthnRequest", + "httpPostBindingLogout": "Привязывание HTTP-POST для выхода", + "wantAuthnRequestsSigned": "Ожидание подписи AuthnRequests", + "samlSignatureKeyName": "Наименование ключа сигнатуры SAML", + "forceAuthentication": "Принудительная аутентификация", + "validatingX509Certs": "Проверка X509 сертификатов", + "authorizationUrl": "URL авторизации", + "tokenUrl": "URL токена", + "logoutUrl": "URL выхода", + "backchannelLogout": "Backchannel Logout", + "disableUserInfo": "Отключить информацию о пользователе", + "userInfoUrl": "URL информации о пользователе", + "issuer": "Эмитент", + "prompt": "Подсказка", + "prompts": { + "none": "нет", + "consent": "согласие", + "login": "вход" + }, + "validateSignature": "Проверка подписей", + "storeTokens": "Хранение токенов", + "storedTokensReadable": "Сохраненные токены доступны на чтение", + "accountLinkingOnly": "Только связывание учетной записи", + "hideOnLoginPage": "Скрыть на странице входа", + "firstBrokerLoginFlowAlias": "Сценарий первого входа", + "postBrokerLoginFlowAlias": "Сценарий после входа", + "userAttribute": "Атрибут пользователя", + "redirectURIHelp": "Этот uri перенаправления используется в том случае, если сконфигурирован поставщик идентификации.", + "displayName": "Дружелюбное имя для провайдеров идентификации.", + "clientSecretHelp": "Секрет клиента, зарегистрированный с помощью поставщика идентификации.", + "discoveryEndpoint": "Импорт метаданных из дескриптора развертывания удаленного поставщика идентификации.", + "importConfig": "Импорт метаданных со скачанного дескриптора развертывания удаленного поставщика идентификации.", + "logoutUrlHelp": "Конечная точка окончания сессии, используемая для выхода пользователя из внешнего IDP.", + "backchannelLogoutHelp": "Поддерживает ли внешний IDP backchannel logout?", + "disableUserInfoHelp": "Отключить использование сервиса информации о пользователе, чтобы получить дополнительную информацию о пользователе? По умолчанию используется сервис OIDC.", + "userInfoUrlHelp": "Url информации о пользователе. Это поле опционально.", + "issuerHelp": "Идентификатор эмитента для эмитента ответа. Если не предоставлен, проверка не будет выполняться.", + "validateSignatureHelp": "Включить/выключить проверку подписей внешних поставщиков идентификации.", + "useJwksUrlHelp": "Если включено, то публичные ключи поставщиков идентификации будет скачаны с заданного JWKS URL. Это дает дополнительную гибкость, так как новые ключи скачиваются каждый раз когда поставщик идентификации создает новую пару. Если выключено, то будут использованы публичные ключи (или сертификат) из базы данных Keycloak, и в случае изменений пары на поставщике идентификации вам будет необходимо каждый раз импортировать новые ключи в базу данных Keycloak.", + "storeTokensHelp": "Включено/выключено хранение токенов после аутентификации пользователя.", + "storedTokensReadableHelp": "Включено/выключено чтение новыми пользователями любых сохраненных токенов. Это назначается ролью broker.read-token.", + "accountLinkingOnlyHelp": "Если установлено, то пользователи не смогут войти через этого провайдера. Только устанавливает связь к этому провайдеру. Используется, если вы не хотите разрешать вход через этого провайдера, но хотите с этим провайдером иметь интеграцию.", + "hideOnLoginPageHelp": "Если скрыто, то вход с этим провайдером возможен только при явном вызове, например при использовании параметра 'kc_idp_hint'.", + "firstBrokerLoginFlowAliasHelp": "Синоним сценария аутентификации, который срабатывает после первого входа с этого поставщика идентификации. Термин 'First Login' означает, что еще не существует учетной записи Keycloak связанной с аутентифицированной учетной записью поставщика идентификации.", + "useEntityDescriptor": "Импортировать метаданные из удаленного дескриптора сущностей IDP SAML.", + "samlEntityDescriptor": "Позволяет вам загрузить метаданные внешнего IDP из файла конфигурации или скачать его из URL.", + "ssoServiceUrlHelp": "Url, который должен быть использован для отправленных запросов на аутентификацию (SAML AuthnRequest).", + "singleLogoutServiceUrlHelp": "Url, который должен быть использован для отправленных запросов на выход.", + "principalTypeHelp": "Определяет, каким образом Keycloak идентифицирует внешних пользователей по SAML-сообщению. По умолчанию идентификация происходит по Subject NameID, в качестве альтернативы можно использовать атрибут-идентификатор.", + "principalAttributeHelp": "Имя (Name) или \"дружественное имя\" (Friendly Name) атрибута, идентифицирующего внешних пользователей.", + "httpPostBindingResponseHelp": "Указывает, необходоимо ли отвечать на завпросы, используя привязку HTTP-POST. Если не задано, то будет использован HTTP-REDIRECT.", + "httpPostBindingAuthnRequestHelp": "Указывает, должны ли AuthnRequest быть посланы, используя привязку HTTP-POST. Если нет, то будет использован HTTP-REDIRECT.", + "wantAuthnRequestsSignedHelp": "Указывает, ожидает ли поставщик идентификации подписанных AuthnRequest.", + "forceAuthenticationHelp": "Указывает, должен ли поставщик идентификации аутентифицировать ведущего напрямую, а не использовать предыдущий контекст безопасности.", + "validateSignatures": "Включает/выключает проверку подписи ответов от SAML.", + "validatingX509CertsHelp": "Сертификат в формате PEM, который должен быть использован для проверки подписи.", + "addIdpMapperName": "Наименование сопоставления.", + "selectARole": "Выберите роль", + "usermodel": { + "prop": { + "label": "Свойство", + "tooltip": "Имя свойства метода в интерфейсе UserModel. Для примера, значение 'email' будет ссылкой на метод UserModel.getEmail()." + }, + "attr": { + "label": "Атрибут пользователя", + "tooltip": "Имя сохраненного атрибута пользователя, которое является именем атрибута, согласованным с UserModel.attribute." + }, + "clientRoleMapping": { + "clientId": { + "label": "ID клиента", + "tooltip": "ID клиента для сопоставления ролей" + }, + "rolePrefix": { + "label": "Префикс ролей клиента", + "tooltip": "Префикс для каждой роли клиента (опционально)." + } + }, + "realmRoleMapping": { + "rolePrefix": { + "label": "Префикс ролей Realm", + "tooltip": "Префикс для каждой роли Realm (опционально)." + } + } + }, + "userSession": { + "modelNote": { + "label": "Заметка сессии пользователя", + "tooltip": "Наименование процедуры заметки сессии пользователя согласованным с UserSessionModel.note." + } + }, + "multivalued": { + "label": "Несколько значений", + "tooltip": "Отображается, если атрибут поддерживает несколько значений. Если включен, то список всех значений будет претендовать на этот атрибут. В противном случае выбираться будет только первое значение " + }, + "jsonType": { + "label": "Тип переменной JSON", + "tooltip": "Тип переменной в JSON, который должен использоваться при добавлении ее в токен. Допустимые значения long, int, boolean, и String." + }, + "includeInIdToken": { + "label": "Добавить в токен ID", + "tooltip": "Должно ли значение быть добавлено в токен ID?" + }, + "includeInAccessToken": { + "label": "Добавить в токен доступа", + "tooltip": "Должно ли значение быть добавлено в токен доступа?" + }, + "includeInUserInfo": { + "label": "Добавить в информацию о пользователе", + "tooltip": "Должно ли требование быть добавлено в информацию о пользователе?" + }, + "sectorIdentifierUri": { + "label": "Сектор идентификации URI", + "tooltip": "Провайдеры, использующие пары вспомогательных значений и поддерживающие динамическую регистрацию клиентов ДОЛЖНЫ использовать sector_identified_uri параметр. Это обеспечивает способ для группы сайтов под общим административным контролем, чтобы иметь последовательные попарные значения независимо от индивидуальных доменных имен. Это также обеспечивает способ для клиентов для изменения redirect_uri доменов, не имещющих возможности перерегистрации всех своих пользователей." + }, + "pairwiseSubAlgorithmSalt": { + "label": "Соль", + "tooltip": "Соль, используемая для вычисления парного субъекта идентификатора. Если поле не заполнено, то соль будет сгенерирована." + }, + "addressClaim": { + "street": { + "label": "Имя пользовательского атрибута, обозначающего Улицу", + "tooltip": "Имя пользовательского атрибута, которое будет использоваться для сопоставления атрибута 'street_address' внутри атрибута 'address' токена. По умолчанию 'street' ." + }, + "locality": { + "label": "Имя пользовательского атрибута, обозначающего Местонахождение", + "tooltip": "Имя пользовательского атрибута, которое будет использоваться для сопоставления атрибута 'locality' внутри атрибута 'address' токена. По умолчанию 'locality' ." + }, + "region": { + "label": "Имя пользовательского атрибута, обозначающего Регион", + "tooltip": "Имя пользовательского атрибута, которое будет использоваться для сопоставления атрибута 'region' внутри атрибута 'address' токена. По умолчанию 'region' ." + }, + "postal_code": { + "label": "Имя пользовательского атрибута, обозначающего Почтовый индекс", + "tooltip": "Имя пользоватеслького атрибута, котоое будет использоваться для сопоставления атрибута 'postal_code' внутри атрибута 'address' токена. По умолчанию 'postal_code' ." + }, + "country": { + "label": "Имя пользовательского атрибута, обозначающего Страна", + "tooltip": "Имя пользовательского атрибута, которое будет использоватлься для сопоставления атрибута 'country' внутри атрибута 'address' токена. По умолчанию 'country' ." + }, + "formatted": { + "label": "Имя пользовательсокого атрибута, обозначающего Формитированный адрес", + "tooltip": "Имя пользовательского атрибута, которое будет использоваться для сопоставления атрибута 'formatted' внутри атрибута 'address' токена. По умолчанию 'formatted' ." + } + }, + "name-id-format": "Наименование формата ID", + "titleAuthentication": "Аутентификация", + "titleEvents": "События", + "titleRoles": "Роли Realm", + "titleUsers": "Пользователи", + "titleSessions": "Сессии" +} diff --git a/js/apps/admin-ui/public/locales/zh-CN/translation.json b/js/apps/admin-ui/public/locales/zh-CN/translation.json new file mode 100644 index 0000000000..b2da8409d9 --- /dev/null +++ b/js/apps/admin-ui/public/locales/zh-CN/translation.json @@ -0,0 +1,3247 @@ +{ + "fullName": "{{familyName}}{{givenName}}", + "unknownUser": "匿名", + "add": "添加", + "yes": "是", + "no": "否", + "create": "创建", + "save": "保存", + "revert": "还原", + "cancel": "取消", + "reload": "重新加载", + "continue": "继续", + "close": "关闭", + "delete": "删除", + "remove": "移除", + "revoke": "撤销", + "search": "搜索", + "key": "键", + "value": "数值", + "noSearchResults": "没有搜索结果", + "noSearchResultsInstructions": "单击上面的搜索栏搜索群组", + "clearAllFilters": "清除所有筛选条件", + "next": "下一步", + "back": "返回", + "finish": "结束", + "skipCustomizationAndFinish": "跳过自定义并完成", + "export": "导出", + "action": "操作", + "download": "下载", + "resourceFile": "资源文件", + "clear": "清除", + "clearFile": "清除该文件", + "clearFileExplain": "是否要清除该文件?", + "on": "开", + "off": "关", + "edit": "编辑", + "enabled": "开启", + "disabled": "禁用", + "disable": "禁用", + "selectOne": "选择一个选项", + "select": "选择", + "choose": "选择...", + "any": "任何", + "none": "无", + "signOut": "退出", + "manageAccount": "管理帐户", + "serverInfo": "服务器信息", + "realmInfo": "领域信息", + "help": "帮助", + "helpLabel": "更多帮助{{label}}", + "helpEnabled": "开启帮助", + "helpDisabled": "关闭帮助", + "documentation": "文档", + "enableHelpMode": "开启帮助模式", + "enableHelp": "帮助已启用", + "learnMore": "了解更多", + "show": "显示", + "hide": "隐藏", + "showRemaining": "显示${remaining}", + "more": "还有{{count}}个", + "test": "测试", + "testConnection": "测试连接", + "name": "名称", + "role": "角色", + "description": "描述", + "type": "类型", + "category": "目录", + "priority": "优先级", + "unexpectedError": "发生意外错误: {{error}}", + "retry": "刷新并继续", + "plus": "加", + "minus": "减", + "confirm": "确认", + "clientScope": "客户范围", + "allTypes": "所有类型", + "home": "首页", + "manage": "管理", + "clients": "客户端", + "clientScopes": "客户端范围", + "realmRoles": "领域角色", + "clientRoles": "客户端角色", + "users": "用户管理", + "groups": "群组管理", + "sessions": "会话", + "events": "事件", + "mappers": "映射", + "permissions": "权限", + "permissionsList": "权限列表", + "permissionsListIntro": "通过单击作用域名称编辑权限列表。然后重定向到名为的客户端的权限详细信息页面 <1>{{realm}}", + "usersPermissionsHint": "用于管理领域中所有用户的细粒度权限。可以定义不同的策略,允许谁管理领域中的用户。", + "clientsPermissionsHint": "细粒度权限,用于管理员管理此客户端或应用此客户端定义的角色。", + "groupsPermissionsHint": "确定是否为管理此角色启用细粒度权限。禁用将删除当前已设置的所有权限。", + "rolesPermissionsHint": "确定是否为管理此角色启用细粒度权限。禁用将删除当前已设置的所有权限。", + "identityProvidersPermissionsHint": "确定是否为管理此角色启用细粒度权限。禁用将删除当前已设置的所有权限。", + "permissionsScopeName": "作用域名称", + "permissionsEnabled": "已启用权限", + "permissionsDisable": "是否禁用权限?", + "permissionsDisableConfirm": "如果禁用权限,将自动删除下面列表中的所有权限。此外,相关的资源和作用域将被删除", + "scopePermissions": { + "clients": { + "manage-description": "决定管理员是否可以管理此客户端的策略", + "configure-description": "减少了管理员的管理权限。无法设置作用域、模板或协议映射器。", + "view-description": "决定管理员是否可以查看此客户端的策略", + "map-roles-description": "决定管理员是否可以映射此客户端定义的角色的策略", + "map-roles-client-scope-description": "决定管理员是否可以将此客户端定义的角色应用于其他客户端的客户端范围的策略", + "map-roles-composite-description": "决定管理员是否可以将此客户端定义的角色作为组合应用于其他角色的策略", + "token-exchange-description": "决定允许哪些客户端将令牌交换为此客户端的令牌的策略。" + }, + "users": { + "view-description": "决定管理员是否可以查看领域中所有用户的策略。", + "manage-description": "决定管理员是否可以管理领域中所有用户的策略。", + "map-roles-description": "决定管理员是否可以为所有用户映射角色的策略。", + "manage-group-membership-description": "决定管理员是否可以管理域中所有用户的组成员身份的策略。这与特定的群组策略一起使用。", + "impersonate-description": "决定管理员是否可以模拟其他用户的策略。", + "user-impersonated-description": "决定可以模拟哪些用户的策略。这些策略将应用于被模拟的用户。" + }, + "groups": { + "view-description": "决定管理员是否可以查看此群组的策略。", + "manage-description": "决定管理员是否可以管理此群组的策略。", + "view-members-description": "决定管理员是否可以查看此群组成员的策略。", + "manage-members-description": "决定管理员是否可以管理此群组成员的策略。", + "manage-membership-description": "决定管理员是否可以在此群组中添加或删除用户的策略。" + }, + "roles": { + "map-role-description": "决定管理员是否可以将此角色映射到用户或群组的策略。", + "map-role-client-scope-description": "决定管理员是否可以将此角色应用于客户端的客户端范围的策略。", + "map-role-composite-description": "决定管理员是否可以将此角色作为复合角色应用于其他角色的策略。" + }, + "identityProviders": { + "token-exchange-description": "决定允许哪些客户端使用此身份提供程序生成的外部令牌交换令牌的策略。" + } + }, + "configure": "配置", + "realmSettings": "领域设置", + "authentication": "身份验证", + "identityProviders": "身份供应商", + "userFederation": "用户联盟", + "settings": "设置", + "details": "详细", + "required": "是否为必填项", + "maxLength": "最大长度{{length}}", + "lessThan": "必须小于 {{value}}", + "greaterThan": "必须大于 {{value}}", + "createRealm": "创建领域", + "recent": "最近", + "jumpToSection": "跳转到", + "Sunday": "星期日", + "Monday": "星期一", + "Tuesday": "星期二", + "Wednesday": "星期三", + "Thursday": "星期四", + "Friday": "星期五", + "Saturday": "星期六", + "filterByRoles": "按领域角色筛选", + "filterByClients": "按客户端筛选", + "assignRole": "分配角色", + "assign": "赋予", + "unAssignRole": "取消分配", + "hideInheritedRoles": "隐藏继承的角色", + "assignRolesTo": "为{{client}}账号分配角色", + "inherent": "继承", + "unitLabel": "选择时间单位", + "times": { + "seconds": "秒", + "minutes": "分", + "hours": "小时", + "days": "天", + "years": "年" + }, + "attributes": "属性", + "missingAttributes": "尚未定义任何属性。单击下面的按钮添加属性,密钥和值是密钥对所必需的。", + "addAttribute": "添加属性", + "removeAttribute": "移除属性", + "keyPlaceholder": "输入一个键", + "valuePlaceholder": "输入一个值", + "keyError": "必须至少提供一个键。", + "valueError": "必须至少提供一个值。", + "credentials": "凭证", + "clientId": "客户端ID", + "clientName": "客户端名称", + "id": "ID", + "addMapper": "添加映射器", + "createNewMapper": "创建映射", + "searchForMapper": "搜索映射器", + "mapperType": "映射器类型", + "mappingDeletedSuccess": "映射删除成功", + "mappingDeletedError": "无法删除映射: {{error}}", + "mappingDetails": "映射详情", + "mappingUpdatedSuccess": "映射更新成功", + "mappingUpdatedError": "无法更新映射: {{error}}", + "mappingCreatedSuccess": "映射创建成功", + "mappingCreatedError": "无法创建映射: {{error}}", + "deleteMappingTitle": "删除映射?", + "deleteMappingConfirm": "是否要删除此映射?", + "emptyMappers": "无映射", + "emptyMappersInstructions": "如果要添加映射,请单击下面的按钮添加预设的映射或配置新的映射", + "emptyPrimaryAction": "添加预设的映射", + "leave": "离开", + "reorder": "重新排序", + "onDragStart": "开始拖动{{item}}", + "onDragMove": "正在拖动{{item}}", + "onDragCancel": "已取消拖动。列表未更改。", + "onDragFinish": "拖动完成{{list}}", + "notFound": "找不到您要查找的资源", + "password": "密码", + "passwordConfirmation": "确认密码", + "temporaryPassword": "临时密码", + "temporaryPasswordHelpText": "如果启用,用户需要在下次登录时更改密码", + "forbidden_one": "禁止, needed: 权限", + "forbidden_other": "禁止, needed: 权限", + "noRealmRolesToAssign": "没有要分配的领域角色", + "loadingRealms": "领域加载中...", + "helpToggleInfo": "此开关将启用/禁用UI中的部分帮助信息。包括任何帮助文本、链接和弹出窗口", + "showPassword": "以明文展示密码字段", + "helpFileUpload": "上传 JSON 文件", + "helpFileUploadClient": "上传 JSON 或 XML 文件", + "dragHelp": "按空格键或回车键开始拖动,并使用箭头键向上或向下导航。按回车键确认拖动,或按任何其他键取消拖动操作", + "realmName": "领域名称", + "welcome": "欢迎访问", + "introduction": "如果您想离开此页面并管理此领域,请单击左侧导航栏中相应的菜单项。", + "version": "版本", + "product": "产品名称", + "profile": "配置文件", + "enabledFeatures": "启用的功能", + "experimental": "实验性", + "preview": "预览", + "supported": "已获支持", + "infoEnabledFeatures": "显示已启用的预览和实验功能。", + "infoDisabledFeatures": "显示所有禁用的功能。", + "disabledFeatures": "禁用的功能", + "providerInfo": "供应商信息", + "providers": "添加供应商", + "spi": "SPI", + "showMore": "显示更多", + "showLess": "显示更少", + "memory": "内存", + "totalMemory": "内存总量", + "freeMemory": "空余内存", + "usedMemory": "已用内存", + "protocolTypes": { + "all": "全部", + "saml": "SAML", + "openid-connect": "OpenID Connect" + }, + "protocol": "协议", + "copy": "复制", + "copied": "授权细节已复制。", + "copyError": "复制授权详情时出错:{{error}}", + "exportAuthDetailsS​​uccess": "成功导出授权详情。", + "exportAuthDetailsError": "导出授权详细信息时出错:{{error}}", + "clientType": "客户端类型", + "clientAuthorization": "授权", + "implicitFlow": "隐式流", + "createClient": "创建客户端", + "importClient": "导入客户端", + "homeURL": "主页 URL", + "webOrigins": "网络根源", + "addWebOrigins": "添加网络根源", + "adminURL": "管理网址", + "formatOption": "格式选项", + "encryptAssertions": "加密断言", + "clientSignature": "需要客户端签名", + "downloadAdaptorTitle": "下载适配器配置", + "privateKeyMask": "私钥未设置或未知", + "keys": "密钥", + "roles": "角色", + "createRole": "创建角色", + "noRoles": "此用户没有角色", + "noRolesInstructions": "您尚未为此用户分配任何角色。分配角色以开始。", + "addClientScope": "添加客户端范围", + "dedicatedScopeName": "{{clientName}}-dedicated", + "dedicatedScopeDescription": "此客户端的专用范围和映射器", + "dedicatedScopes": "专用范围", + "fullScopeAllowed": "允许全范围", + "addClientScopesTo": "将客户端范围添加到 {{clientName}}", + "clientScopeRemoveSuccess": "范围映射成功移除", + "clientScopeRemoveError": "无法移除范围映射 {{error}}", + "clientScopeSuccess": "作用域映射已更新", + "clientScopeError": "无法更新作用域映射{{error}}", + "searchByName": "按名称搜索", + "setup": "设置", + "selectAUser": "选择一个用户", + "selectARole": "选择一个角色", + "client": "客户端", + "evaluateError": "无法评估,由于: {{error}}", + "evaluate": "评估", + "reevaluate": "重新评估", + "showAuthData": "显示授权数据", + "authData": "授权数据", + "authDataDescription": "表示作为处理授权请求的结果携带授权数据的令牌。这种表示基本上是 Keycloak 向请求许可的客户端发出的内容。检查 `authorization` 声明以获取基于当前授权请求。", + "results": "结果", + "allResults": "所有结果", + "resultPermit": "结果许可", + "resultDeny": "结果拒绝", + "permit": "允许", + "deny": "拒绝", + "unanimous": "一致", + "affirmative": "肯定的", + "consensus": "共识", + "votedToStatus": "投票给{{status}}", + "overallResults": "总体结果", + "grantedScopes": "授权范围", + "deniedScopes": "拒绝范围", + "permission": "权限", + "lastEvaluation": "上次评估", + "resourcesAndScopes": "资源和范围", + "authScopes": "授权范围", + "authDetails": "授权详情", + "anyResource": "任何资源", + "anyScope": "任何范围", + "selectScope": "选择范围", + "applyToResourceType": "应用于资源类型", + "contextualInfo": "上下文信息", + "contextualAttributes": "上下文属性", + "selectOrTypeAKey": "选择或键入一个键", + "custom": "自定义属性...", + "kc": { + "identity": { + "authc": { + "method": "认证方式" + } + }, + "realm": { + "name": "领域" + }, + "time": { + "date_time": "日期/时间 (月/天/年 时:分:秒)" + }, + "client": { + "network": { + "ip_address": "客户端IPv4地址", + "host": "客户端主机" + }, + "user_agent": "客户端/用户 代理" + } + }, + "oneTimePassword": "一次性密码", + "kerberos": "kerberos", + "removeMappingTitle": "移除角色?", + "removeMappingConfirm_one": "您确定要移除这个角色吗?", + "removeMappingConfirm_other": "您确定要移除 {{count}} 个角色", + "clientScopeSearch": { + "name": "姓名", + "type": "赋值类型", + "protocol": "协议" + }, + "authorization": "授权", + "policyEnforcementMode": "策略执行模式", + "policyEnforcementModes": { + "ENFORCING": "强制执行", + "PERMISSIVE": "获准使用", + "DISABLED": "禁用" + }, + "decisionStrategy": "决策策略", + "decisionStrategies": { + "UNANIMOUS": "无异议", + "AFFIRMATIVE": "肯定的", + "CONSENSUS": "一致同意" + }, + "importResources": "将导入以下设置和数据:", + "importWarning": "上面导入的数据和设置可能会覆盖已经存在的数据和设置。", + "importResourceSuccess": "资源导入成功", + "importResourceError": "由于 {{error}} 无法导入资源", + "createResource": "创建资源", + "resourceDetails": "资源详情", + "emptyPermissions": "无权限", + "emptyPermissionInstructions": "如果要创建权限,请点击下方按钮创建基于资源或基于范围的权限。", + "noScopeCreateHint": "您需要先创建授权范围。", + "noResourceCreateHint": "没有资源您不能创建基于资源的权限", + "createResourceBasedPermission": "创建基于资源的权限", + "createScopeBasedPermission": "创建基于范围的权限", + "displayName": "显示名称", + "addUri": "添加 URI", + "authorizationScopes": "授权范围", + "iconUri": "图标 URI", + "ownerManagedAccess": "启用用户管理访问", + "resourceAttribute": "资源属性", + "createResourceSuccess": "资源创建成功", + "updateResourceSuccess": "资源更新成功", + "resourceSaveError": "由于{{error}}无法保留资源", + "associatedPermissions": "关联权限", + "allowRemoteResourceManagement": "远程资源管理", + "resources": "资源", + "resource": "资源", + "emptyResources": "没有资源", + "emptyResourcesInstructions": "如果您想创建资源,请点击下面的按钮。", + "scope": "作用域", + "owner": "所有者", + "uris": "URIs", + "scopes": "范围", + "policies": "策略", + "createPermission": "创建权限", + "permissionDetails": "权限详情", + "deleteResource": "永久删除资源?", + "deleteResourceConfirm": "如果删除此资源,部分权限将受到影响。", + "deleteResourceWarning": "当其他资源不再使用时,以下权限将被删除:", + "resourceDeletedSuccess": "资源删除成功", + "resourceDeletedError": "无法删除资源 {{error}}", + "identityInformation": "身份信息", + "searchForPermission": "搜索权限", + "deleteScope": "永久删除授权范围?", + "deleteScopeConfirm": "如果删除此授权范围,部分权限将受到影响。", + "deleteScopeWarning": "以下权限将在不再被其他授权范围使用时删除:", + "resourceScopeSuccess": "权限范围删除成功", + "resourceScopeError": "由于{{error}},无法删除授权范围", + "associatedPolicy": "关联政策", + "deletePermission": "永久删除权限?", + "deletePermissionConfirm": "您确定要删除权限 {{permission}}", + "permissionDeletedSuccess": "成功删除权限", + "permissionDeletedError": "由于{{error}}无法删除权限", + "applyToResourceTypeFlag": "应用于资源类型", + "resourceType": "资源类型", + "createPermissionSuccess": "成功创建权限", + "updatePermissionSuccess": "成功更新权限", + "permissionSaveError": "由于{{error}}无法更新权限", + "createAuthorizationScope": "创建授权范围", + "authorizationScopeDetails": "授权范围详情", + "emptyAuthorizationScopes": "无授权范围", + "emptyAuthorizationInstructions": "如果要创建授权范围,请点击下方按钮创建授权范围", + "createScopeSuccess": "授权范围创建成功", + "updateScopeSuccess": "授权范围更新成功", + "scopeSaveError": "由于{{error}},无法保留授权范围", + "createPolicy": "创建客户端策略", + "policyDetails": "策略详情", + "createPolicyOfType": "创建 {{policyType}} 策略", + "dependentPermission": "依赖权限", + "deletePolicy": "永久删除策略?", + "deletePolicyConfirm": "如果删除此策略,某些权限或聚合策略将受到影响。", + "deletePolicyWarning": "以下聚合策略将自动删除:", + "policyDeletedSuccess": "策略已成功删除", + "policyDeletedError": "无法删除资源 {{error}}", + "emptyPolicies": "没有策略", + "emptyPoliciesInstructions": "如果您要创建策略,请点击下面的按钮创建策略。", + "chooseAPolicyType": "选择策略类型", + "chooseAPolicyTypeInstructions": "从下面的列表中选择一个策略类型,然后您可以配置一个新的授权策略。这有一些类型和描述。", + "policyProvider": { + "regex": "为您的权限定义正则表达式条件。", + "role": "为您的权限定义条件,允许一组一个或多个角色访问一个对象。", + "js": "使用 JavaScript 为您的权限定义条件。它是 Keycloak 支持的基于规则的策略类型之一,并具有编写基于 Evaluation API 的任何策略的灵活性。", + "client": "定义允许一组一个或多个客户端访问对象的权限条件。", + "time": "为您的权限定义时间条件。", + "user": "定义允许一组一个或多个用户访问对象的权限条件。", + "client-scope": "为您的权限定义条件,允许一组一个或多个客户端范围访问一个对象。", + "aggregate": "重用现有策略来构建更复杂的策略,并使您的权限与授权请求处理期间评估的策略更加分离。", + "group": "为您的权限定义条件,允许一组一个或多个组(及其层次结构)访问一个对象。" + }, + "applyPolicy": "应用策略", + "addClientScopes": "添加客户端范围", + "emptyAddClientScopes": "无客户端范围", + "emptyAddClientScopesInstructions": "没有要添加的客户端范围", + "groupsClaim": "团体声明", + "addGroups": "添加群组", + "requiredClient": "请至少添加一个客户端。", + "requiredClientScope": "请至少添加一个客户端范围。", + "requiredGroups": "请至少添加一组。", + "requiredRoles": "请至少添加一个角色。", + "addGroupsToGroupPolicy": "将群组添加到群组策略", + "extendToChildren": "扩展到子级", + "targetClaim": "目标声明", + "regexPattern": "正则表达式模式", + "addRoles": "添加角色", + "startTime": "开始时间", + "repeat": "重复", + "notRepeat": "不重复", + "month": "月", + "dayMonth": "日", + "hour": "小时", + "minute": "分钟", + "code": "代码", + "expireTime": "过期时间", + "logic": "逻辑", + "logicType": { + "positive": "肯定", + "negative": "否定" + }, + "createPolicySuccess": "成功创建策略", + "updatePolicySuccess": "成功更新策略", + "policySaveError": "由于{{error}}无法更新策略", + "assignedClientScope": "分配的客户范围", + "assignedType": "分配类型", + "emptyClientScopes": "此客户端没有任何添加的客户端范围", + "emptyClientScopesInstructions": "当前没有链接到此客户端的客户端范围。您可以将现有的客户端范围添加到此客户端以共享协议映射器和角色。", + "emptyClientScopesPrimaryAction": "添加客户端范围", + "scopeParameter": "作用域参数", + "scopeParameterPlaceholder": "选择范围参数", + "effectiveProtocolMappers": "有效的协议映射器", + "effectiveRoleScopeMappings": "有效角色范围映射", + "generatedAccessToken": "生成的访问令牌", + "generatedIdToken": "生成的 ID 令牌", + "generatedIdTokenNo": "没有生成 id 令牌", + "generatedIdTokenIsDisabled": "未选择用户时禁用生成的 ID 令牌", + "generatedUserInfo": "生成的用户信息", + "generatedUserInfoNo": "没有生成用户信息", + "generatedUserInfoIsDisabled": "未选择用户时禁用生成的用户信息", + "searchForProtocol": "搜索协议映射器", + "parentClientScope": "父级客户端范围", + "searchForRole": "搜索角色", + "origin": "产地", + "user": "用户", + "generatedAccessTokenNo": "没有生成访问令牌", + "generatedAccessTokenIsDisabled": "未选择用户时禁用生成的访问令牌", + "clientList": "客户端", + "clientsList": "客户端列表", + "initialAccessToken": "初始访问令牌", + "expirationValueNotValid": "值应该大于或等于 1", + "clientSettings": "客户端详情", + "selectEncryptionType": "选择加密类型", + "generalSettings": "通用设置", + "alwaysDisplayInUI": "始终显示在 UI 中", + "capabilityConfig": "功能配置", + "clientsExplain": "客户端是可以请求用户身份验证的应用程序和服务。", + "explainBearerOnly": "这是一种特殊的 OIDC 类型。此客户端只允许承载令牌请求,不能参与浏览器登录。", + "createSuccess": "身份供应商已成功创建", + "createError": "无法创建身份供应商:{{error}}", + "clientImportError": "无法导入客户端:{{error}}", + "clientSaveSuccess": "客户端更新成功", + "clientSaveError": "无法更新客户端:{{error}}", + "clientImportSuccess": "客户端导入成功", + "clientDelete": "删除客户端 {{clientId}} 吗?", + "clientDeletedSuccess": "客户端已删除", + "clientDeleteError": "无法删除客户端:{{error}}", + "clientDeleteConfirmTitle": "删除客户端?", + "disableConfirmTitle": "禁用领域?", + "downloadAdapterConfig": "下载适配器配置", + "disableConfirm": "您确定要禁用供应商'{{provider}}'", + "clientDeleteConfirm": "如果您删除此客户端,所有相关数据都将被删除。", + "searchInitialAccessToken": "搜索令牌", + "createToken": "创建初始访问令牌", + "tokenDeleteConfirm": "您确定要永久删除初始访问令牌 {{id}}", + "tokenDeleteConfirmTitle": "删除初始访问令牌?", + "tokenDeleteSuccess": "初始访问令牌删除成功", + "tokenDeleteError": "无法删除初始访问令牌:'{{error}}'", + "timestamp": "创建日期", + "created": "已创建", + "lastUpdated": "最后更新", + "expires": "过期", + "count": "数量", + "remainingCount": "剩余数量", + "expiration": "过期", + "noTokens": "没有初始访问令牌", + "noTokensInstructions": "您还没有创建任何初始访问令牌。通过单击“创建”创建一个初始访问令牌。", + "tokenSaveSuccess": "已创建新的初始访问令牌", + "tokenSaveError": "无法创建初始访问令牌 {{error}}", + "initialAccessTokenDetails": "初始访问令牌详细信息", + "copyInitialAccessToken": "请在关闭前复制并粘贴初始访问令牌,因为以后无法检索它。", + "copySuccess": "成功复制到剪贴板!", + "clipboardCopyError": "复制到剪贴板时出错。", + "copyToClipboard": "复制到剪贴板", + "clientRegistration": "客户端注册", + "anonymousAccessPolicies": "匿名访问策略", + "authenticatedAccessPolicies": "经过身份验证的访问策略", + "provider": "供应者", + "providerId": "供应商ID", + "providerCreateSuccess": "新客户端策略创建成功", + "providerCreateError": "由于{{error}}无法创建客户端策略", + "providerUpdatedSuccess": "客户端策略更新成功", + "providerUpdatedError": "由于{{error}}无法更新客户端策略", + "clientRegisterPolicyDeleteConfirmTitle": "删除客户端注册策略?", + "clientRegisterPolicyDeleteConfirm": "您确定要永久删除客户端注册策略{{name}}", + "clientRegisterPolicyDeleteSuccess": "客户端注册策略删除成功", + "clientRegisterPolicyDeleteError": "无法删除客户端注册策略:'{{error}}'", + "chooseAPolicyProvider": "选择策略供应商", + "clientAuthentication": "客户端认证", + "authenticationFlow": "认证流程", + "standardFlow": "标准流程", + "directAccess": "直接访问授权", + "serviceAccount": "服务账户角色", + "oauthDeviceAuthorizationGrant": "OAuth 2.0 设备授权授予", + "oidcCibaGrant": "OIDC CIBA 补助金", + "enableServiceAccount": "启用服务账户角色", + "searchByRoleName": "按角色名称搜索", + "roleMappingUpdatedSuccess": "已成功更新用户角色映射", + "roleMappingUpdatedError": "无法更新角色映射 {{error}}", + "displayOnClient": "在页面上显示客户端", + "consentScreenText": "许可页面的显示文本", + "loginSettings": "登录设置", + "logoutSettings": "注销设置", + "backchannelLogoutUrl": "反向通道注销 URL", + "backchannelUrlInvalid": "反向通道注销 URL 不是有效的 URL", + "backchannelLogoutSessionRequired": "需要反向通道注销会话", + "backchannelLogoutRevokeOfflineSessions": "后台注销撤销离线会话", + "frontchannelLogout": "前台通道注销", + "frontchannelLogoutUrl": "前端通道注销 URL", + "frontchannelUrlInvalid": "前端通道注销 URL 不是有效 URL", + "accessSettings": "访问设置", + "rootUrl": "根网址", + "validRedirectUri": "有效的重定向 URI", + "validPostLogoutRedirectUri": "有效的注销后重定向 URI", + "idpInitiatedSsoUrlName": "IDP 发起的 SSO URL 名称", + "idpInitiatedSsoUrlNameHelp": "当您想执行 IDP 发起的 SSO 时引用客户端的 URL 片段名称。将此留空将禁用 IDP 发起的 SSO。您将从浏览器引用的 URL 将是:{server-root}/realms/{realm }/protocol/saml/clients/{client-url-name}", + "idpInitiatedSsoRelayState": "IDP 发起的 SSO 中继状态", + "masterSamlProcessingUrl": "主 SAML 处理 URL", + "samlCapabilityConfig": "SAML 功能", + "signatureAndEncryption": "签名和加密", + "nameIdFormat": "姓名ID格式", + "forceNameIdFormat": "强制名称 ID 格式", + "forcePostBinding": "强制 POST 绑定", + "forceArtifactBinding": "强制神器绑定", + "includeAuthnStatement": "包括验证声明", + "includeOneTimeUseCondition": "包括一次性使用的条件", + "optimizeLookup": "优化重定向签名密钥查找", + "signDocuments": "签署文件", + "signAssertions": "签署断言", + "signatureKeyName": "SAML 签名密钥名称", + "canonicalization": "规范化方法", + "addRedirectUri": "添加有效的重定向 URI", + "addPostLogoutRedirectUri": "添加有效的注销后重定向 URI", + "loginTheme": "登录页面主题", + "consentRequired": "需要授权", + "clientAuthenticator": "客户端验证器", + "changeAuthenticatorConfirmTitle": "更改为 {{clientAuthenticatorType}}?", + "changeAuthenticatorConfirm": "如果您将身份验证器更改为 {{clientAuthenticatorType}},Keycloak 数据库将更新,您可能需要为此客户端下载新的适配器配置。", + "signedJWTConfirm": "从密钥选项卡为客户端生成私钥和证书。", + "anyAlgorithm": "任何算法", + "clientSecret": "客户端密码", + "regenerate": "重新生成", + "secretExpiresOn": "密码在 {{time}} 过期", + "secretRotated": "密码轮换使用", + "invalidateSecret": "无效", + "secretHasExpired": "密码已过期,请点击上面的 \"Regenerate\" 按钮生成一个新的 Secret", + "invalidateRotatedSecret": "使轮换使用的密码无效?", + "invalidateRotatedSecretExplain": "使轮换使用的密码无效后,轮换的秘密将被自动删除", + "invalidateRotatedSuccess": "轮换使用的秘密成功删除", + "invalidateRotatedError": "无法删除轮换使用的密码:{{error}}", + "confirmClientSecretTitle": "为这个客户端重新生成密码?", + "confirmClientSecretBody": "如果您重新生成密钥,Keycloak 数据库将被更新,您将需要为此客户端下载一个新的适配器。", + "confirmAccessTokenTitle": "重新生成注册访问令牌?", + "confirmAccessTokenBody": "如果您重新生成注册访问令牌,将更新有关客户端注册服务的访问数据。", + "clientSecretSuccess": "重新生成客户端密码", + "clientSecretError": "无法重新生成客户端密码,因为:{{error}}", + "signingKeysConfig": "签名密钥配置", + "signingKeysConfigExplain": "如果您启用下面的\"需要客户端签名\",您必须通过生成或导入密钥来配置签名密钥,客户端将签署他们的 saml 请求和响应。签名将被验证。", + "encryptionKeysConfig": "加密密钥配置", + "encryptionKeysConfigExplain": "如果启用下面的\"加密断言\",则必须通过生成或导入密钥来配置加密密钥,SAML 断言将使用 AES 使用客户端的公钥进行加密。", + "enableClientSignatureRequired": "启用\"需要客户端签名\"?", + "enableClientSignatureRequiredExplain": "如果启用\"需要客户端签名\",此客户端的适配器将被更新。您可能需要为此客户端下载一个新的适配器。您需要为此客户端生成或导入密钥,否则身份验证不管用。", + "selectMethod": "选择方法", + "selectMethodType": { + "generate": "生成", + "import": "导入" + }, + "realmCertificateAlias": "领域证书别名", + "exportSamlKeyTitle": "导出 SAML 密钥", + "samlKeysExportSuccess": "成功导出密钥", + "samlKeysExportError": "无法导出密钥,因为:{{error}}", + "browse": "浏览", + "importKey": "导入密钥", + "disableSigning": "禁用\"{{key}}\"", + "disableSigningExplain": "如果您禁用 \"{{key}}\",Keycloak 数据库将更新,您可能需要为此客户端下载新的适配器。", + "reGenerateSigning": "为此客户端重新生成签名密钥", + "reGenerateSigningExplain": "如果您为客户端重新生成签名密钥,Keycloak 数据库将更新,您可能需要为此客户端下载新的适配器。", + "registrationAccessToken": "注册访问令牌", + "accessTokenSuccess": "重新生成访问令牌", + "accessTokenError": "无法重新生成访问令牌,因为:{{error}}", + "signatureAlgorithm": "签名算法", + "allowRegexComparison": "允许正则表达式模式比较", + "subject": "主题 DN", + "searchForClient": "搜索客户", + "advanced": "高级", + "revocation": "撤销", + "clustering": "集群", + "notBefore": "不早于", + "setToNow": "设置到现在", + "noAdminUrlSet": "没有发送推送。没有配置管理 URI 或没有可用的注册集群节点", + "notBeforeSetToNow": "不在为客户端设置之前", + "notBeforeNowClear": "之前未为客户端清除", + "notBeforePushFail": "无法将 \"not before\" 推送到:{{failedNodes}}", + "notBeforePushSuccess": "成功推送 \"not before\" 到:{{successNodes}}", + "testClusterFail": "验证可用性失败:{{failedNodes}}。修复或注销失败的集群节点并重试", + "testClusterSuccess": "成功验证可用性:{{successNodes}}", + "deleteNode": "删除节点?", + "deleteNodeBody": "您确定要永久删除节点\"{{node}}\"", + "deleteNodeSuccess": "节点删除成功", + "deleteNodeFail": "无法删除节点。因为'{{error}}'", + "addedNodeSuccess": "节点添加成功", + "addedNodeFail": "无法添加节点。因为'{{error}}'", + "addNode": "添加节点", + "push": "推送", + "nodeReRegistrationTimeout": "节点重新注册超时", + "registeredClusterNodes": "注册集群节点", + "nodeHost": "节点主机", + "noNodes": "没有节点注册", + "noNodesInstructions": "没有节点注册,您可以手动添加一个。", + "lastRegistration": "上次注册", + "testClusterAvailability": "测试集群可用性", + "registerNodeManually": "手动注册节点", + "fineGrainOpenIdConnectConfiguration": "细粒度 OpenID 连接配置", + "fineGrainSamlEndpointConfig": "细粒度 SAML 端点配置", + "logoUrl": "徽标网址", + "policyUrl": "策略网址", + "termsOfServiceUrl": "服务条款网址", + "accessTokenSignatureAlgorithm": "访问令牌签名算法", + "idTokenSignatureAlgorithm": "ID令牌签名算法", + "idTokenEncryptionKeyManagementAlgorithm": "ID令牌加密密钥管理算法", + "userInfoResponseEncryptionKeyManagementAlgorithm": "用户信息响应加密密钥管理算法", + "userInfoResponseEncryptionContentEncryptionAlgorithm": "用户信息响应加密内容加密算法", + "idTokenEncryptionContentEncryptionAlgorithm": "ID令牌加密内容加密算法", + "userInfoSignedResponseAlgorithm": "用户信息签名响应算法", + "requestObjectSignatureAlgorithm": "请求对象签名算法", + "requestObjectRequired": "需要请求对象", + "requestObject": { + "not required": "非必需", + "request or request_uri": "请求或请求 URI", + "request only": "仅请求", + "request_uri only": "仅请求 URI" + }, + "requestObjectEncryption": "请求对象加密算法", + "requestObjectEncoding": "请求对象内容加密算法", + "validRequestURIs": "有效的请求 URI", + "addRequestUri": "添加有效的请求 URI", + "authorizationSignedResponseAlg": "授权响应签名算法", + "authorizationEncryptedResponseAlg": "授权响应加密密钥管理算法", + "authorizationEncryptedResponseEnc": "授权响应加密内容加密算法", + "openIdConnectCompatibilityModes": "开放 ID 连接兼容模式", + "excludeSessionStateFromAuthenticationResponse": "从身份验证响应中排除会话状态", + "useRefreshTokens": "使用刷新令牌", + "useRefreshTokenForClientCredentialsGrant": "使用刷新令牌授予客户端凭据", + "useLowerCaseBearerType": "在令牌响应中使用小写承载类型", + "assertionConsumerServicePostBindingURL": "断言消费者服务 POST 绑定 URL", + "assertionConsumerServiceRedirectBindingURL": "断言消费者服务重定向绑定 URL", + "logoutServicePostBindingURL": "注销服务 POST 绑定 URL", + "logoutServiceRedirectBindingURL": "注销服务重定向绑定URL", + "logoutServiceSoapBindingUrl": "注销服务 SOAP 绑定 URL", + "logoutServiceArtifactBindingUrl": "注销服务 ARTIFACT 绑定 URL", + "artifactBindingUrl": "工件绑定 URL", + "artifactResolutionService": "工件解析服务", + "advancedSettings": "高级设置", + "assertionLifespan": "断言寿命", + "accessTokenLifespan": "访问令牌寿命", + "clientSessionIdle": "客户端会话空闲时间", + "clientSessionMax": "客户端会话最长时间", + "clientOfflineSessionIdle": "客户端离线令牌空闲", + "clientOfflineSessionMax": "客户端离线令牌最大值", + "oAuthMutual": "OAuth 2.0 相互 TLS 证书绑定访问令牌已启用", + "keyForCodeExchange": "代码交换代码挑战方法的证明密钥", + "pushedAuthorizationRequestRequired": "需要推送授权请求", + "acrToLoAMapping": "ACR 到 LoA 映射", + "defaultACRValues": "默认 ACR 值", + "authenticationOverrides": "身份验证流程覆盖", + "browserFlow": "浏览器流程", + "directGrant": "直接授权流程", + "jwksUrlConfig": "JWKS URL 配置", + "keysIntro": "如果 \"Use JWKS URL switch\" 被打开,您需要填写一个有效的 JWKS URL。保存后,管理员可以从 JWKS URL 下载密钥,或者密钥将在看到这些东西时由 Keycloak 服务器自动下载匿名的 KID 签名", + "useJwksUrl": "使用 JWKS URL", + "certificate": "证书", + "jwksUrl": "JWKS 网址", + "generateNewKeys": "生成新密钥", + "generateKeys": "生成密钥?", + "generate": "生成", + "archiveFormat": "存档格式", + "keyAlias": "秘钥别名", + "keyPassword": "密钥密码", + "storePassword": "存储密码", + "generateSuccess": "新密钥对和证书生成成功", + "generateError": "无法生成新的密钥对和证书 {{error}}", + "import": "导入", + "importFile": "导入文件", + "importSuccess": "导入新证书", + "importError": "无法导入证书 {{error}}", + "importParseError": "无法解析文件 {{error}}", + "tokenLifespan": { + "inherited": "从领域设置继承", + "expires": "过期于", + "never": "永不过期" + }, + "enableDisable": "禁用的客户端无法启动登录或获得访问令牌。", + "clientTypeHelp": "'OpenID Connect' 允许客户端根据授权服务器执行的身份验证来验证最终用户的身份。'SAML' 启用基于 Web 的身份验证和授权方案,包括跨域单点登录( SSO) 并使用包含断言的安全令牌来传递信息。", + "serviceAccountHelp": "允许您向 Keycloak 验证此客户端并检索专用于此客户端的访问令牌。根据 OAuth2 规范,这可以支持此客户端的'客户端凭据授权'。", + "manageServiceAccountUser": "要管理详细信息和群组映射,请单击用户名 <1>{{link}}", + "authenticationHelp": "这定义了 OIDC 客户端的类型。当它打开时,OIDC 类型设置为机密访问类型。当它关闭时,它设置为公共访问类型", + "authorizationHelp": "为客户端启用/禁用细粒度授权支持", + "authDetailsHelp": "导出并下载此资源服务器的所有资源设置。", + "directAccessHelp": "这启用了对直接访问授权的支持,这意味着客户端可以访问用户的用户名/密码,并直接与 Keycloak 服务器交换它以获得访问令牌。就 OAuth2 规范而言,这启用了对“资源所有者密码”的支持授予此客户的凭证。", + "standardFlowHelp": "这启用了基于标准 OpenID Connect 重定向的身份验证和授权代码。根据 OpenID Connect 或 OAuth2 规范,这启用了对此客户端的'授权代码流'的支持。", + "implicitFlowHelp": "这启用了对基于 OpenID Connect 重定向的身份验证的支持,无需授权代码。根据 OpenID Connect 或 OAuth2 规范,这启用了对此客户端的'隐式流'支持。", + "oauthDeviceAuthorizationGrantHelp": "这启用了对 OAuth 2.0 设备授权授予的支持,这意味着客户端是输入功能有限或缺少合适浏览器的设备上的应用程序。", + "oidcCibaGrantHelp": "这启用了对 OIDC CIBA Grant 的支持,这意味着用户通过一些外部身份验证设备而不是用户的浏览器进行身份验证。", + "rootURL": "添加到相对 URL 的根 URL", + "validRedirectURIs": "成功登录后浏览器可以重定向到的有效 URI 模式。允许使用简单的通配符,例如 'http://example.com/*'。也可以指定相对路径,例如 /my/relative/path /*。相对路径是相对于客户端根 URL 的。如果没有指定,则使用身份验证服务器根URL。对于SAML协议,如果您依赖于登录请求中嵌入的消费者服务URL,则必须设置有效的URI模式。 ", + "validPostLogoutRedirectURIs": "浏览器在成功注销后可以重定向到的有效 URI 模式。'+' 值或空字段将使用有效重定向 URI 列表。'-' 值将不允许任何注销后重定向uris。允许使用简单的通配符,例如“http://example.com/*”。也可以指定相对路径,例如/my/relative/path/*。相对路径是相对于客户端根 URL 的,或者如果没有指定使用身份验证服务器根 URL。", + "nameIdFormatHelp": "用于主题的名称 ID 格式。", + "alwaysDisplayInUIHelp": "始终在帐户 UI 中列出此客户端,即使用户没有活动会话。", + "forceNameIdFormatHelp": "忽略请求的 NameID 主题格式并使用管理 UI 配置的格式。", + "forcePostBindingHelp": "始终使用 POST 绑定进行响应。", + "forceArtifactBindingHelp": "是否应通过 SAML ARTIFACT 绑定系统将响应消息返回给客户端?", + "includeAuthnStatementHelp": "是否应在登录响应中包含指定方法和时间戳的语句?", + "includeOneTimeUseConditionHelp": "一次性使用的条件是否应该包含在登录响应中?", + "optimizeLookupHelp": "当在 REDIRECT 绑定中为由 Keycloak 适配器保护的 SP 签署 SAML 文档时,签名密钥的 ID 是否应该包含在 元素中的 SAML 协议消息中?这优化了作为验证方的签名验证使用单个密钥而不是尝试每个已知密钥进行验证。", + "signDocumentsHelp": "SAML 文档应该由领域签名吗?", + "signAssertionsHelp": "SAML 文档中的断言应该被签名吗?如果文档已经被签名,则不需要此设置。", + "signatureAlgorithmHelp": "用于签署文档的签名算法。请注意,基于 'SHA1' 的算法已被弃用,将来可能会被删除。建议坚持使用一些更安全的算法而不是 '*_SHA1'", + "signatureKeyNameHelp": "签名的 SAML 文档在 KeyName 元素中包含签名密钥的标识。对于 Keycloak / RH-SSO 对应方,使用 KEY_ID。而对于 MS AD FS,则使用 CERT_SUBJECT。对于其他人,如果没有其他有效的选项,请查看并使用 NONE。", + "canonicalizationHelp": "XML 签名的规范化方法。", + "webOriginsHelp": "允许的 CORS 来源。要允许有效重定向 URI 的所有来源,请添加 '+'。不过这不包括 '*' 通配符。要允许所有来源,请明确添加 '*'。", + "homeURLHelp": "当 auth 服务器需要重定向或链接回客户端时使用的默认 URL。", + "adminURLHelp": "客户端管理界面的 URL。如果客户端支持适配器 REST API,则设置此项。此 REST API 允许 auth 服务器推送撤销策略和其他管理任务。通常将其设置为基本URL客户端。", + "clientHelp": "选择发出此授权请求的客户端。如果未提供,将根据您所在的客户端完成授权请求。", + "clientIdHelp": "向身份供应商注册的客户端标识符。", + "selectUser": "选择一个用户,其身份将用于从服务器查询权限。", + "rolesHelp": "选择要与所选用户关联的角色。", + "contextualAttributesHelp": "运行环境或执行上下文提供的任何属性。", + "resourceTypeHelp": "指定此权限必须应用于给定类型的所有资源实例。", + "applyToResourceTypeHelp": "指定此权限是否应应用于给定类型的所有资源。在这种情况下,将为给定资源类型的所有实例评估此权限。", + "resourcesHelp": "指定此权限必须应用于特定资源实例。", + "scopesSelect": "指定此权限必须应用于一个或多个范围。", + "clientNameHelp": "指定客户端的显示名称。例如'我的客户'。也支持本地化值的键。例如:${my_client}", + "descriptionHelp": "新流程描述的帮助文本", + "loginThemeHelp": "为登录、OTP、授予、注册和忘记密码页面选择主题。", + "encryptAssertionsHelp": "SAML 断言是否应该使用 AES 使用客户端的公钥加密?", + "clientSignatureHelp": "客户端会签署他们的 saml 请求和响应吗?他们应该被验证吗?", + "downloadType": "这是关于下载类型的信息", + "detailsHelp": "这是关于细节的信息", + "clientPolicyName": "策略的显示名称", + "createTokenHelp": "初始访问令牌只能用于创建客户端", + "expirationHelp": "设置事件的到期时间。过期的事件会定期从数据库中清除。", + "countHelp": "指定使用令牌可以创建多少个客户端", + "client-authenticator-type": "客户端身份验证,将根据 Keycloak 服务器验证此客户端", + "registration-access-token": "注册访问令牌为客户端提供对客户端注册服务的访问。", + "signature-algorithm": "JWA算法,客户端在签署JWT进行认证时需要使用的算法。如果留空,则允许客户端使用任何算法。", + "anonymousAccessPoliciesHelp": "当未经身份验证的请求调用客户端注册服务时使用这些策略。这意味着该请求不包含初始访问令牌或承载令牌。", + "authenticatedAccessPoliciesHelp": "当通过身份验证请求调用客户端注册服务时使用这些策略。这意味着该请求包含初始访问令牌或承载令牌。", + "allowRegexComparisonHelp": "如果关闭,则来自给定客户端证书的主题 DN 必须与 RFC8705 规范中描述的‘主题 DN’属性中的给定 DN 完全匹配。主题 DN 可以采用 RFC2553 或 RFC1779 格式。如果打开, 那么来自给定客户端证书的主题 DN 应该与“主题 DN”属性指定的正则表达式相匹配。", + "subjectHelp": "用于验证客户端证书中的主题 DN 的正则表达式。使用 \"(.*?)(?:$)\" 匹配所有类型的表达式。", + "evaluateExplain": "此页面允许您查看所有协议映射器和角色范围映射", + "effectiveProtocolMappersHelp": "包含所有默认客户端范围和选定的可选范围。所有这些客户端范围的协议映射器和角色范围映射将在生成为客户端颁发的访问令牌时使用", + "effectiveRoleScopeMappingsHelp": "选定的可选客户端范围,将在为该客户端发出访问令牌时使用。当您希望在初始OpenID连接身份验证请求从您的客户端适配器发送时并且要应用这些可选的客户端范围时,您可以在上面看到OAuth范围参数需要使用的值。", + "generatedAccessTokenHelp": "请参阅示例访问令牌,该令牌将在选定用户通过身份验证时生成并发送到客户端。您可以看到令牌将包含的声明和角色基于有效的协议映射器和角色范围映射,也基于关于分配给用户本人的声明/角色", + "generatedIdTokenHelp": "请参阅示例ID Token。当选定的用户通过身份验证时,ID token将被生成并发送给客户端。您可以看到令牌将包含的声明和角色基于有效的协议映射器和角色范围映射,也基于分配给用户自己的声明/角色。", + "generatedUserInfoHelp": "参见示例用户信息,它将由用户信息端点提供", + "scopeParameterHelp": "您可以复制/粘贴范围参数的这个值,并在从该客户端适配器发送的初始 OpenID Connect 身份验证请求中使用它。默认客户端范围和选定的可选客户端范围将在生成为此客户端颁发的令牌时使用", + "userHelp": "可选择用户,将为选择的用户生成示例访问令牌。如果不选择用户,则在评估期间不会生成示例访问令牌", + "notBeforeHelp": "撤销在此时间之前为此客户端颁发的任何令牌。要推送该策略,您应该首先在“设置”选项卡中设置一个有效的管理 URL。", + "notBeforeIntro": "为了成功向客户端推送撤销策略,您需要先为此客户端在<1>设置选项卡下设置管理 URL", + "notBeforeTooltip": "管理员 URL 应该首先在设置选项卡中设置。", + "nodeReRegistrationTimeoutHelp": "指定注册客户端集群节点重新注册的最大时间间隔。如果集群节点在这段时间内不向 Keycloak 发送重新注册请求,它将从 Keycloak 中注销", + "fineGrainOpenIdConnectConfigurationHelp": "此部分用于配置此客户端与 OpenID Connect 协议相关的高级设置。", + "fineGrainSamlEndpointConfigHelp": "此部分为断言消费者和单点注销服务配置确切的 URL。", + "logoUrlHelp": "引用客户端应用程序徽标的 URL", + "policyUrlHelp": "依赖方客户端提供给最终用户的 URL,以了解如何使用配置文件数据", + "policyUsers": "指定此策略允许的用户。", + "termsOfServiceUrlHelp": "依赖方客户端提供给最终用户以阅读依赖方服务条款的 URL", + "accessTokenSignatureAlgorithmHelp": "用于签署访问令牌的 JWA 算法。", + "idTokenSignatureAlgorithmHelp": "用于签署 ID 令牌的 JWA 算法。", + "idTokenEncryptionKeyManagementAlgorithmHelp": "JWA 算法用于加密 ID 令牌的密钥管理。如果您想要加密的 ID 令牌,则需要此选项。如果留空,ID 令牌只是签名,但不加密。", + "idTokenEncryptionContentEncryptionAlgorithmHelp": "在加密 ID 令牌时用于内容加密的 JWA 算法。如果您想要加密的 ID 令牌,则需要此选项。如果留空,ID 令牌只是签名,但不加密。", + "userInfoSignedResponseAlgorithmHelp": "用于签名用户信息端点响应的 JWA 算法。如果设置为'未签名',则用户信息响应将不会被签名并将以 application/json 格式返回。", + "userInfoResponseEncryptionKeyManagementAlgorithmHelp": "JWA 算法用于加密用户信息端点响应的密钥管理。如果您想要加密用户信息端点响应,则需要此选项。如果留空,用户信息端点响应不加密。", + "userInfoResponseEncryptionContentEncryptionAlgorithmHelp": "在加密用户信息端点响应时用于内容加密的 JWA 算法。如果指定了用户信息响应加密密钥管理算法,则此值的默认值为 A128CBC-HS256。", + "requestObjectSignatureAlgorithmHelp": "JWA算法,客户端在发送'request'或'request_uri'参数指定的OIDC请求对象时需要使用的JWA算法。如果设置为'任何',请求对象可以被任何算法签名(包括'none') ", + "requestObjectRequiredHelp": "指定客户端是否需要为其授权请求提供请求对象,以及他们可以为此使用什么方法。如果设置为\"not required\",则提供请求对象是可选的。在所有其他情况下, 提供请求对象是强制性的。如果设置为\"request\",则请求对象必须按值提供。如果设置为\"request_uri\",则请求对象必须通过引用提供。如果设置为\"request\" or request_uri\", 两种方法都可以使用。", + "requestObjectEncryptionHelp": "JWE算法,客户端发送'request'或'request_uri'参数指定的OIDC请求对象时需要使用的JWE算法。如果设置为'任何',加密是可选的,允许任何算法。", + "requestObjectEncodingHelp": "JWE算法,client在对'request'或'request_uri'参数指定的OIDC请求对象的内容进行加密时需要使用的算法。如果设置为'any',则允许任何算法。", + "validRequestURIsHelp": "有效 URI 列表,可在 OpenID Connect 身份验证请求期间用作 'request_uri' 参数的值。支持与有效重定向 URI 相同的功能。例如通配符或相对路径。", + "idpInitiatedSsoRelayStateHelp": "当您想要执行 IDP 发起的 SSO 时,您想要使用 SAML 请求发送的中继状态。", + "masterSamlProcessingUrlHelp": "如果配置,则此 URL 将用于每个绑定到 SP 的断言消费者和单点注销服务。这可以在 Fine Grain SAML 端点配置中为每个绑定和服务单独覆写。", + "authorizationSignedResponseAlgHelp": "当响应模式为 jwt 时,用于签署授权响应令牌的 JWA 算法。", + "authorizationEncryptedResponseAlgHelp": "当响应模式为 jwt 时,用于加密授权响应的密钥管理的 JWA 算法。如果要加密授权响应,则需要此选项。如果留空,授权响应只是签名,但不加密。", + "authorizationEncryptedResponseEncHelp": "当响应模式为 jwt 时,JWA 加密授权响应时用于内容加密的算法。如果您想要加密授权响应,则需要此选项。如果留空,则授权响应只是签名,但不加密。", + "openIdConnectCompatibilityModesHelp": "此部分用于配置与旧版 OpenID Connect / OAuth 2 适配器向后兼容的设置。特别是当您的客户端使用旧版 Keycloak / RH-SSO 适配器时,它非常有用。", + "excludeSessionStateFromAuthenticationResponseHelp": "如果启用,参数 'session_state' 将不会包含在 OpenID Connect 身份验证响应中。如果您的客户端使用不支持 'session_state' 参数的旧 OIDC / OAuth2 适配器,这将很有用。", + "useRefreshTokensHelp": "如果打开,将创建一个 refresh_token 并将其添加到令牌响应中。如果关闭,则不会生成任何 refresh_token。", + "useRefreshTokenForClientCredentialsGrantHelp": "如果启用,如果使用 client_credentials 授权,将创建一个 refresh_token 并将其添加到令牌响应中。OAuth 2.0 RFC6749 第 4.4.3 节指出,在使用 client_credentials 授权时不应生成 refresh_token。如果关闭则不会生成 refresh_token 并且相关的用户会话将被删除。", + "useLowerCaseBearerTypeHelp": "如果启用,令牌响应将设置为小写的类型 \"bearer\"。默认情况下,服务器将类型设置为 RFC6750 定义的 \"Bearer\"。", + "advancedSettingsOpenid-connect": "此部分用于配置此客户端与 OpenID Connect 协议相关的高级设置", + "advancedSettingsSaml": "此部分用于配置此客户端的高级设置", + "assertionLifespanHelp": "在 SAML 断言条件中设置的寿命。在此之后断言将无效。\"SessionNotOnOrAfter\" 属性不会被修改,并继续使用在领域级别定义的 \"SSO Session Max\" 时间。", + "accessTokenLifespanHelp": "访问令牌过期前的最长时间。建议此值相对于 SSO 超时时间较短", + "clientSessionIdleHelp": "允许客户端会话在到期前空闲的时间。当客户端会话到期时,令牌将失效。如果未设置,它将使用标准的 SSO 会话空闲值。", + "clientSessionMaxHelp": "客户端会话过期前的最长时间。会话过期时令牌失效。如果未设置,它将使用标准 SSO 会话最大值。", + "clientOfflineSessionIdleHelp": "在刷新离线令牌无效之前允许客户端空闲的时间。该选项仅影响令牌时间而不影响全局 SSO 会话。如果未设置,它将使用标准 SSO 会话空闲值。", + "clientOfflineSessionMaxHelp": "离线令牌对客户端无效之前的最长时间。该选项仅影响令牌时间而不影响全局 SSO 会话。如果未设置,它将使用标准 SSO 会话最大值。", + "oAuthMutualHelp": "这启用了对 OAuth 2.0 双向 TLS 证书绑定访问令牌的支持,这意味着 keycloak 将访问令牌和刷新令牌与令牌的 X.509 证书绑定在一起,请求客户端在 keycloak 的令牌端点和这个客户。这些令牌可以被视为密钥持有者令牌而不是不记名令牌。", + "keyForCodeExchangeHelp": "选择使用哪种 PKCE 代码质询方法。如果未指定,除非客户端发送具有适当代码质询和代码交换方法的授权请求,否则 keycloak 不会将 PKCE 应用于客户端。", + "pushedAuthorizationRequestRequiredHelp": "布尔参数,指示授权服务器是否仅通过推送的授权请求方法接受授权请求数据。", + "acrToLoAMappingHelp": "定义哪个 ACR(身份验证上下文类参考)值映射到哪个 LoA(身份验证级别)。ACR 可以是任何值,而 LoA 必须是数字。", + "defaultACRValuesHelp": "如果 OIDC 请求中的 'claims' 或 'acr_values' 参数没有明确请求 ACR,则用作自愿 ACR 的默认值。", + "assertionConsumerServicePostBindingURLHelp": "客户端断言消费者服务(登录响应)的 SAML POST 绑定 URL。如果您没有此绑定的 URL,则可以将其留空。", + "assertionConsumerServiceRedirectBindingURLHelp": "客户端断言消费者服务(登录响应)的 SAML 重定向绑定 URL。如果您没有此绑定的 URL,则可以将其留空。", + "logoutServicePostBindingURLHelp": "客户端单点注销服务的 SAML POST 绑定 URL。如果您使用不同的绑定,可以将此留空", + "logoutServiceRedirectBindingURLHelp": "客户端单点注销服务的 SAML 重定向绑定 URL。如果您使用不同的绑定,可以将此留空。", + "logoutServiceSoapBindingUrlHelp": "客户端单点注销服务的 SAML SOAP 绑定 URL。如果您使用不同的绑定,可以将此留空。", + "logoutServiceArtifactBindingUrlHelp": "客户端单一注销服务的 SAML ARTIFACT 绑定 URL。如果您使用不同的绑定,则可以将此留空。", + "artifactBindingUrlHelp": "将 HTTP ARTIFACT 消息发送到的 URL。如果您使用不同的绑定,则可以将此留空。在强制 ARTIFACT 绑定与 IdP 发起的登录时,应设置此值。", + "frontchannelLogoutHelp": "当为 true 时,注销需要浏览器重定向到客户端。当为 false 时,服务器执行后台调用以注销。", + "frontchannelLogoutUrlHelp": "当注销请求发送到该领域时(通过 end_session_endpoint)将导致客户端自行注销的 URL。如果未提供,则默认为基本 url。", + "backchannelLogoutUrlHelp": "当注销请求发送到该领域时(通过 end_session_endpoint)将导致客户端自行注销的 URL。如果省略,在这种情况下将不会向客户端发送注销请求。", + "backchannelLogoutSessionRequiredHelp": "指定在使用反向通道注销 URL 时注销令牌中是否包含 sid(会话 ID)声明。", + "backchannelLogoutRevokeOfflineSessionsHelp": "指定在使用反向通道注销 URL 时注销令牌中是否包含 \"revoke_offline_access\" 事件。Keycloak 将在收到带有此事件的注销令牌时撤销离线会话。", + "artifactResolutionServiceHelp": "客户端的 SAML 工件解析服务。这是 Keycloak 将向其发送 SOAP ArtifactResolve 消息的端点。如果您没有此绑定的 URL,则可以将其留空。", + "authenticationOverridesHelp": "覆写领域认证流程绑定。", + "browserFlowHelp": "选择要用于浏览器身份验证的流程。", + "directGrantHelp": "选择您要用于直接授权身份验证的流程。", + "useJwksUrlHelp": "如果开关打开,身份供应商公钥将从给定的 JWKS URL 下载。这具有很大的灵活性,因为当身份供应商生成新的密钥对时,新密钥总是会再次重新下载。如果开关关闭,则使用来自 Keycloak 的公钥(或证书)。因此当身份供应商密钥对发生变化时,您始终需要将新密钥也导入 Keycloak 数据库。", + "certificateHelp": "用于验证JWT的客户端证书,由客户端私钥从您的密钥库中颁发并签名。", + "jwksUrlHelp": "存储 JWK 格式的身份供应商密钥的 URL。有关更多详细信息,请参阅 JWK 规范。如果您使用外部 Keycloak 身份供应商,则可以使用类似“http://broker-keycloak:8180/realms/test”的 URL /protocol/openid-connect/certs' 假设您的代理 Keycloak 在 'http://broker-keycloak:8180' 上运行并且它的领域是 'test' 。", + "generateKeysDescription": "如果您生成新密钥,您可以自动下载带有私钥的密钥库并将其保存在您的客户端。Keycloak 服务器将只保存证书和公钥,而不保存私钥。", + "archiveFormatHelp": "Java 密钥库或 PKCS12 存档格式。", + "keyAliasHelp": "私钥别名", + "keyPasswordHelp": "私钥密码", + "realmCertificateAliasHelp": "领域证书也存储在存档中。这是它的别名。", + "storePasswordHelp": "访问存档本身的密码", + "consentRequiredHelp": "如果启用,用户必须同意客户端访问。", + "displayOnClientHelp": "仅当此客户端的“需要同意”打开时才适用。如果此开关关闭,则授权页面将仅包含与配置的客户端范围对应的授权。如果打开,授权上还会有一项关于此客户端本身的页面。", + "consentScreenTextHelp": "将此客户端作用域添加到需要许可的某些客户端时,将在许可页面上显示的文本。如果未填充,则默认为客户端作用域的名称", + "importHelp": "导入包含此资源服务器授权设置的 JSON 文件。", + "policyEnforcementModeHelp": "策略执行模式规定了在评估授权请求时如何执行策略。'强制执行' 意味着默认情况下拒绝请求,即使没有与给定资源关联的策略。'获准使用' 意味着即使有请求也被允许没有与给定资源关联的策略。“禁用”完全禁用策略评估并允许访问任何资源。", + "decisionStrategyHelp": "决策策略规定了如何评估权限以及如何获得最终决定。'肯定'意味着至少一个权限必须评估为肯定的决定才能授予对资源及其范围的访问权限。'一致' 意味着所有权限都必须评估为一个肯定的决定,以便最终决定也是正向的。", + "allowRemoteResourceManagementHelp": "资源应该由资源服务器远程管理吗?如果为假,资源只能从这个 Admin UI 管理。", + "resourceName": "此资源的唯一名称。该名称可用于唯一标识资源,在查询特定资源时很有用。", + "displayNameHelp": "身份供应商的友好名称。", + "typeHelp": "客户端作用域,将以默认作用域的形式添加到每个创建的客户端", + "urisHelp": "一组受资源保护的 URI。", + "scopesHelp": "请求授权时要发送的范围。它可以是一个以空格分隔的范围列表。默认为'openid'。", + "dedicatedScopeExplain": "这是一个包括专用映射器和范围的客户端范围", + "fullScopeAllowedHelp": "允许您禁用所有限制。", + "iconUriHelp": "指向图标的 URI。", + "ownerManagedAccessHelp": "如果启用,资源所有者可以管理对该资源的访问设置。", + "resourceAttributeHelp": "与资源关联的属性。", + "resetActions": "复位操作", + "lifespan": "到期时间", + "scopeName": "此作用域的唯一名称。该名称可用于唯一标识一个作用域,在查询特定作​​用域时很有用。", + "scopeDisplayName": "此作用域的唯一名称。该名称可用于唯一标识一个作用域,在查询特定作​​用域时很有用。", + "policy-name": "策略的名称。", + "policy-description": "策略的描述。", + "policyDecisionStagey": "决策策略规定了如何评估与给定权限相关的策略以及如何获得最终决定。'肯定'意味着至少有一个策略必须评估为肯定的决定才能做出最终决定也是肯定的。“一致”意味着所有政策都必须评估为肯定的决定,以便最终决定也是肯定的。“共识”意味着积极决定的数量必须大于消极决定的数量。如果数量正面和负面的相同,最终决定是否定的。", + "applyPolicyHelp": "指定必须应用于此策略或权限定义的范围的所有策略。", + "policyClient": "指定此策略允许的客户端。", + "groupsClaimHelp": "如果已定义,该策略将从表示请求权限的身份的访问令牌或 ID 令牌中的给定声明中获取用户组。如果未定义,则用户组将从您的领域配置中获取。", + "policyGroups": "指定此策略允许的用户。", + "targetClaimHelp": "指定策略将获取的目标声明。", + "regexPatternHelp": "指定正则表达式模式。", + "policyRoles": "指定此策略允许的客户端角色。", + "startTimeHelp": "定义在该时间之前不得授予策略。仅当当前日期/时间晚于或等于此值时才授予。", + "expireTimeHelp": "定义在该时间之后不得授予策略。仅当当前日期/时间早于或等于此值时才授予。", + "monthHelp": "定义必须授予策略的月份。您还可以通过填写第二个字段来提供范围。在这种情况下,仅当当前月份介于或等于您提供的两个值时才授予权限。", + "dayMonthHelp": "定义必须授予策略的日期。您还可以通过填写第二个字段来提供范围。在这种情况下,仅当月份的当前日期介于或等于两个值时才授予权限。", + "hourHelp": "定义必须授予策略的时间。您还可以通过填写第二个字段来提供范围。在这种情况下,仅当当前时间介于或等于您提供的两个值时才授予权限。", + "minuteHelp": "定义必须授予策略的分钟。您还可以通过填写第二个字段来提供范围。在这种情况下,仅当当前分钟介于或等于您提供的两个值时才授予权限。", + "policyCode": "为该策略提供条件的 JavaScript 代码。", + "logicHelp": "逻辑决定了应该如何做出政策决定。如果是'肯定',则在评估该政策期间获得的结果效果(允许或拒绝)将用于执行决定。如果'否定',则由此产生的效果将被否定,换句话说,许可变为拒绝,反之亦然。", + "permissionName": "权限的名称。", + "permissionDescription": "权限的描述。", + "applyToResourceTypeFlagHelp": "指定此权限是否应用于给定类型的所有资源。在这种情况下,将为给定资源类型的所有实例评估此权限。", + "permissionResources": "指定此权限必须应用于特定资源实例。", + "permissionScopes": "指定此权限必须应用于一个或多个范围。", + "permissionPolicies": "指定必须应用于此策略或权限定义的范围的所有策略。", + "permissionType": "指定此权限必须应用于给定类型的所有资源实例。", + "permissionDecisionStrategy": "决策策略规定了如何评估与给定权限相关的策略以及如何获得最终决策。'肯定'意味着至少有一个策略必须评估为肯定决策才能做出最终决策也是肯定的。“一致”意味着所有政策都必须评估为肯定的决定,以便最终决定也是肯定的。“共识”意味着肯定决定的数量必须大于否定决定的数量。如果肯定和否定的数量相同,则最终决定是否定的。", + "permissionsEnabledHelp": "确定是否启用细粒度权限来管理此角色。禁用将删除所有已设置的当前权限。", + "createClientScope": "创建客户端作用域", + "clientScopeList": "客户端作用域", + "grantedClientScopes": "已授予客户端作用域", + "clientScopeDetails": "客户端作用域详细信息", + "clientScopeExplain": "客户端作用域是多个客户端之间共享的一组通用协议映射和角色。", + "searchFor": "按名称搜索角色", + "displayOrder": "显示顺序", + "deleteClientScope_one": "删除客户端作用域{{name}}", + "deleteClientScope_other": "删除{{count}}个客户端作用域", + "deleteConfirm": "您确定要永久删除供应商'{{provider}}'吗?", + "changeTypeTo": "将类型更改为", + "changeTypeIntro": "{{count}}个所选客户端作用域将更改为", + "deletedSuccess": "供应商已成功删除。", + "deleteError": "无法删除供应商 {{error}}", + "includeInTokenScope": "包含在令牌作用域中", + "realmRolePrefix": "领域角色前缀", + "userInfo": "用户信息", + "updateSuccess": "供应商更新成功", + "updateError": "无法更新供应商 {{error}}", + "addMapperExplain": "如果需要更精细的控制,可以在此客户端上创建协议映射", + "newRoleName": "新角色名称", + "searchClientByName": "按名称搜索客户端", + "mapperCreateSuccess": "映射器创建成功。", + "mapperCreateError": "创建映射器时出错。", + "fromPredefinedMapper": "来自预定义映射", + "byConfiguration": "根据配置", + "emptyBuiltInMappersInstructions": "所有内置映射都已添加到此客户端。", + "emptySecondaryAction": "配置新映射", + "displayOnConsentScreen": "在许可上显示", + "guiOrder": "显示顺序", + "shouldBeANumber": "应为一个数字", + "chooseAMapperType": "选择映射类型", + "addPredefinedMappers": "添加预定义的映射", + "predefinedMappingDescription": "从此表中选择任何预定义的映射", + "configureMappingDescription": "从此表中选择任何映射", + "mappingTable": "具有预定义映射的表", + "headerName": "标题名称", + "nameHelp": "新流程命名的帮助文本", + "protocolHelp": "此客户端作用域提供的SSO协议配置", + "displayOnConsentScreenHelp": "如果启用,并且此客户端作用域被添加到需要许可的某些客户端,则“许可页面的展示文本”指定的文本将展示在许可申请的页面上。如果禁用,此客户端作用域将不会展示在许可申请的页面上", + "includeInTokenScopeHelp": "如果启用,此客户端作用域的名称将添加到访问令牌属性“scope”以及令牌自检端点响应中。如果禁用,此客户端作用域将从令牌和令牌自检端点响应中省略。", + "guiOrderHelp": "将GUI中提供程序的顺序(如“许可”页面)指定为整数", + "prefix": "每个领域角色的前缀(非必需)。", + "multiValued": "指示属性是否支持多个值。如果为是,则此属性的所有值将被设置为声明。如果为否,则只将第一个值设置为声明", + "tokenClaimName": { + "label": "令牌声明名称", + "tooltip": "插入到令牌中的声明名称。这可以是一个完全限定的名称,如“address.street”。在这种情况下,将创建一个嵌套的json对象。为了防止嵌套并直接使用点,请使用反斜杠(\\.)转义点。" + }, + "claimJsonType": "应该用于填充令牌中的 JSON 声明的 JSON 类型。long、int、boolean、String和JSON类型都是有效值。", + "protocolMapper": "协议映射", + "mapperName": "映射名称", + "roleHelp": "如果所有属性都存在,则授予用户的角色。单击“选择角色”按钮浏览角色,或直接在文本框中键入。要引用客户端角色,语法为 clientname.clientrole,即 myclient.myrole。 ", + "newRoleNameHelp": "新角色名称。新名称格式与角色将映射到访问令牌中的位置相对应。因此,新名称“myapp.newname”将角色映射到访问标记中的位置。新名称“newname”将角色映射到令牌中的领域角色。", + "groupDetails": "群组详细信息", + "childGroups": "子组", + "createGroup": "创建群组", + "createChildGroup": "创建子组", + "groupName": "群组名称", + "searchForGroups": "搜索群组", + "global": "全局", + "local": "本地", + "searchGroups": "搜索群组", + "filterGroups": "筛选群组", + "searchGroup": "搜索群组", + "renameGroup": "重命名组", + "deleteGroup": "删除群组", + "usersLeft_one": "{{count}}用户离开了群组", + "usersLeft_other": "{{count}}用户离开了群组", + "usersLeftError": "无法从群组中移除用户: {{error}}", + "usersAdded_one": "{{count}}用户已添加到群组", + "usersAdded_other": "{{count}}添加到群组的用户", + "usersAddedError": "无法将用户添加到群组: {{error}}", + "exactSearch": "精确搜索", + "members": "成员", + "searchMembers": "搜索成员", + "addMember": "添加成员", + "includeSubGroups": "包含子组用户", + "path": "路经", + "moveTo": "移动到", + "moveToGroup": "将{{group1}}移动到{{group2}}", + "root": "根目录", + "moveHere": "移至此处", + "moveGroupEmpty": "无子级群组", + "moveGroupEmptyInstructions": "没有子组,请选择“移至此处”将所选群组移动到该群组下并作为此群组的子组", + "moveGroupSuccess": "群组已迁移", + "moveGroupError": "无法移动群组{{error}}", + "tableOfGroups": "群组列表", + "groupsDescription": "群组是一组可应用于用户的属性和角色映射。您可以创建、编辑和删除群组,并管理其子级组织。", + "groupCreated": "已创建群组", + "couldNotCreateGroup": "无法创建群组{{error}}", + "createAGroup": "创建群组", + "renameAGroup": "重命名群组", + "rename": "重命名", + "email": "电子邮件", + "lastName": "姓", + "firstName": "名", + "membership": "从属关系", + "noGroupsInThisRealm": "此领域中没有群组", + "noGroupsInThisRealmInstructions": "尚未在此领域中创建任何群组。请创建一个群组以开始。", + "noGroupsInThisSubGroup": "此子组中没有群组", + "noGroupsInThisSubGroupInstructions": "尚未在此子组中创建任何群组。", + "deleteConfirmTitle_one": "是否删除群组?", + "deleteConfirmTitle_other": "是否删除群组?", + "deleteConfirm_one": "是否要删除此群组“{{groupName}}”。", + "deleteConfirm_other": "是否要删除这些群组?", + "groupDeleted_one": "已删除群组", + "groupDeleted_other": "已删除群组", + "groupDeleteError": "删除群组{{error}}时出错", + "groupUpdated": "群组已更新", + "groupUpdateError": "更新群组{{error}}时出错", + "roleMapping": "角色映射", + "noViewRights": "没有权限查看该群组.", + "uploadFile": "上传 JSON 文件", + "invalidRealmName": "领域名称不能包含特殊字符", + "realmExplain": "领域管理用户、凭据、角色和群组。用户属于某个领域并可以登录到该领域。领域彼此独立,只能管理和验证各自控制的用户。", + "noRealmRoles": "无领域角色", + "emptyStateText": "此领域中没有任何领域角色。创建领域角色以开始。", + "saveRealmSuccess": "已成功创建领域", + "saveRealmError": "无法创建领域: {{error}}", + "deleteAttributeText": "删除属性", + "associatedRolesText": "关联的角色", + "addAssociatedRolesText": "添加关联角色", + "addAssociatedRolesSuccess": "已添加关联角色", + "addAssociatedRolesError": "无法关联角色{{error}}", + "associatedRolesModalTitle": "将角色添加到{{name}}", + "title": "身份验证", + "addRole": "添加角色", + "importRole": "导入角色", + "roleID": "角色 ID", + "roleExplain": "领域角色是您定义的用于当前领域的角色。", + "roleCreateExplain": "这是一些描述", + "roleName": "角色名称", + "roleDetails": "角色详细信息", + "composite": "复合", + "deleteRole": "删除此角色", + "inheritedFrom": "继承自", + "roleList": "角色列表", + "realmRolesList": "领域角色", + "roleImportError": "无法导入角色", + "roleCreated": "已创建角色", + "roleCreateError": "无法创建角色: {{error}}", + "roleImportSuccess": "角色导入成功", + "roleDeleteConfirm": "是否删除角色?", + "roleDeleteConfirmDialog": "此操作将永久删除角色“{{selectedRoleName}}”,并且无法撤消。", + "roleDeletedSuccess": "角色已删除", + "roleDeleteError": "无法删除角色: {{error}}", + "defaultRole": "此角色充当领域和客户端默认角色的容器。无法删除。", + "defaultRoleDeleteError": "无法删除默认角色。", + "roleSaveSuccess": "角色已保存", + "roleSaveError": "无法保存角色: {{error}}", + "roleAuthentication": "角色身份验证", + "removeAllAssociatedRoles": "移除所有关联角色", + "removeAssociatedRoles": "移除关联角色", + "removeRoles": "移除角色", + "removeAllAssociatedRolesConfirmDialog": "此操作将移除{{name}}的关联角色。拥有{{name}}权限的用户将不再有权访问这些角色。", + "roleRemoveAssociatedRoleConfirm": "是否移除关联角色?", + "roleRemoveAssociatedText": "此操作将从{{roleName}}中移除{{role}}。{{role}}的所有关联角色也将被移除。", + "compositeRoleOff": "复合角色已关闭", + "associatedRolesRemoved": "已移除关联的角色", + "compositesRemovedAlertDescription": "已移除所有关联角色", + "whoWillAppearLinkText": "谁将出现在此群组列表中?", + "whoWillAppearPopoverText": "群组是分层的。选择“直接群组成员资格”时,只会看到用户直接加入的子组,而不包括父级群组。", + "whoWillAppearPopoverFooterText": "无法在此选项卡上添加将此角色作为有效角色的用户。", + "usersInRole": "角色中的用户", + "addUser": "添加用户", + "removeUser": "移除用户", + "removeUserText": "是否要移除{{numSelected}}个用户?这些用户将不再具有角色{{role}}及其关联角色的权限。", + "noDirectUsers": "无直接用户", + "noUsersEmptyStateDescription": "只有直接分配了此角色的用户才会显示在此选项卡下。如果需要查找分配给此角色的角色,请转到", + "noUsersEmptyStateDescriptionContinued": "查找用户。无法在此添加已将此角色作为有效角色的用户。", + "or": "或", + "userName": "用户名", + "noRolesAssociated": "没有关联的角色", + "noRolesAssociatedInstructions": "要将角色复合到此角色,请按“添加角色”按钮", + "usersExplain": "用户是当前领域中的用户。", + "userList": "用户列表", + "searchForUser": "用户搜索", + "startBySearchingAUser": "从搜索用户开始", + "searchForUserDescription": "此领域可能具有联合提供程序。查看所有用户可能会导致系统变慢,但可以通过搜索来完成。请通过上面的搜索框搜索用户。", + "createUser": "创建用户", + "createNewUser": "创建新用户", + "noUsersFound": "未找到用户", + "noUsersFoundError": "由于{{error}},找不到用户", + "noUsersFoundErrorStorage": "找不到用户,可能是由于错误配置了联合提供程序{{error}}", + "noGroups": "没有群组", + "noGroupsText": "您尚未将此用户添加到任何群组。从加入一个群组开始。", + "joinGroup": "加入群组", + "joinGroups": "加入群组", + "join": "加入", + "joinGroupsFor": "将用户{{username}}添加到群组", + "selectGroups": "选择要加入的群组", + "leaveGroup_one": "离开群组{{name}}?", + "leaveGroup_other": "离开群组?", + "leaveGroupConfirmDialog_one": "是否要从群组{{groupname}}中移除{{username}}?", + "leaveGroupConfirmDialog_other": "是否要从{{count}}所选群组中移除{{username}}?", + "directMembership": "直接群组成员资格", + "groupMembership": "间接群组成员资格", + "addedGroupMembership": "已添加群组成员身份", + "addedGroupMembershipError": "添加群组成员身份时出错", + "removedGroupMembership": "已移除群组成员身份", + "removedGroupMembershipError": "移除群组成员身份时出错", + "emptyInstructions": "更改搜索条件或添加用户", + "createdAt": "创建时间", + "username": "用户名", + "emailVerified": "电子邮箱验证", + "status": "状态", + "temporaryLocked": "暂时锁定", + "unlockSuccess": "用户已成功解锁", + "unlockError": "由于{{error}},无法解锁用户", + "emailInvalid": "请输入有效的电子邮件。", + "notVerified": "未验证", + "requiredUserActions": "必需的用户操作", + "requiredActionPlaceholder": "选择", + "federationLink": "联盟链接", + "impersonate": "模拟", + "impersonateConfirm": "模拟用户?", + "impersonateConfirmDialog": "是否要以此用户身份登录?如果该用户与您处于同一领域,则在您以该用户身份登录之前,您当前的登录会话将被注销。", + "impersonateError": "无法模拟用户:{{error}}", + "deleteUser": "删除用户", + "deleteConfirmCurrentUser": "是否要永久删除此用户", + "deleteConfirmDialog_one": "是否要永久删除{{count}}用户", + "deleteConfirmDialog_other": "是否要永久删除{{count}}个选定用户", + "userID": "用户 ID", + "userCreated": "用户已创建", + "userSaved": "用户已保存", + "userDetails": "用户详细信息", + "userCreateError": "无法创建用户: {{error}}", + "userDeletedSuccess": "用户已被删除", + "userDeletedError": "无法删除用户: {{error}}", + "linkAccount": "关联帐号", + "unlink": "取消关联", + "unlinkAccount": "取消关联帐号", + "unlinkAccountTitle": "是否取消帐号与{{provider}}的关联?", + "unlinkAccountConfirm": "是否要永久取消此帐号与{{provider}}的关联?", + "link": "关联", + "linkAccountTitle": "将帐号关联到{{provider}}", + "idpLinkSuccess": "身份供应商已关联", + "idpUnlinkSuccess": "身份供应商关联已删除", + "idpType": { + "social": "社交账号登录", + "custom": "自定义" + }, + "couldNotLinkIdP": "无法关联身份供应商{{error}}", + "verifyEmail": "验证邮箱", + "updateUserLocale": "更新用户区域设置", + "consents": "许可", + "noConsents": "无许可", + "noConsentsText": "只有当用户尝试访问配置为需要被许可的客户端时,才会记录许可。在这种情况下,用户将获得一个许可授权页面,要求他们授予对客户端的访问权限。", + "identityProvider": "身份供应商", + "identityProviderLinks": "身份供应商链接", + "noProvidersLinked": "没有关联身份供应商。请从下面的列表中选择一个。", + "noAvailableIdentityProviders": "没有可用的身份供应商。", + "linkedIdPs": "关联的身份提供程序", + "linkedIdPsText": "已关联到此用户帐户的身份供应商", + "availableIdPs": "可用的身份供应商", + "availableIdPsText": "此处列出了此领域中所有配置的身份提供程序。您可以将用户帐户关联到任何IdP帐户。", + "revokeClientScopesTitle": "是否撤消所有已授予的客户端作用域?", + "revokeClientScopes": "是否要吊销{{clientId}}的所有已授予的客户端作用域?", + "deleteGrantsSuccess": "授权已成功撤销。", + "deleteGrantsError": "删除授权时出错。", + "unlockAllUsers": "解锁所有用户", + "unlockUsersConfirm": "所有临时锁定的用户将被解锁。", + "unlock": "解锁", + "unlockUsersSuccess": "所有临时锁定的用户现在都已解锁", + "unlockUsersError": "无法解锁所有用户{{error}}", + "noCredentials": "没有凭据", + "noCredentialsText": "此用户没有任何凭据。您可以为此用户设置密码。", + "setPassword": "设置密码", + "setPasswordFor": "设置{{username}}的密码", + "defaultPasswordLabel": "我的密码", + "savePasswordSuccess": "密码已成功设置。", + "savePasswordError": "保存密码时出错: {{error}}", + "confirmPasswordDoesNotMatch": "密码和验证不匹配。", + "credentialType": "类型", + "credentialUserLabel": "用户标签", + "credentialData": "数据", + "credentialsList": "凭据列表", + "setPasswordConfirm": "设置密码?", + "setPasswordConfirmText": "是否要为用户{{username}}设置密码?", + "resetPasswordConfirmation": "新密码确认", + "savePassword": "保存密码", + "deleteCredentialsConfirmTitle": "删除凭据?", + "deleteCredentialsConfirm": "是否要删除该用户凭据?", + "deleteCredentialsSuccess": "已成功删除凭据。", + "deleteCredentialsError": "删除用户凭据时出错: {{error}}", + "deleteBtn": "删除", + "updatedCredentialMoveSuccess": "用户凭据设置已保存", + "updatedCredentialMoveError": "尚未保存用户凭据设置", + "resetPasswordFor": "重置{{username}}的密码", + "resetPasswordConfirm": "重置密码?", + "resetPasswordConfirmText": "是否要重置用户{{username}}的密码?", + "resetPassword": "重置密码", + "resetCredentialsSuccess": "密码已成功重置。", + "resetCredentialsError": "重置用户凭据时出错: {{error}}", + "resetPasswordError": "重置密码时出错: {{error}}", + "resetPasswordBtn": "重置密码", + "showPasswordDataName": "名称", + "showPasswordDataValue": "值", + "showDataBtn": "显示数据", + "userCredentialsHelpText": "顶级处理程序允许您为用户转换凭据的优先级,最顶层的凭据具有最高优先级。一个可扩展面板中的处理程序允许您更改凭证的可视顺序,最上面的凭证将显示在最左侧。", + "userCredentialsHelpTextLabel": "用户凭据帮助文本", + "userLabel": "用户标签", + "data": "数据", + "providedBy": "提供方", + "passwordDataTitle": "密码数据", + "updateCredentialUserLabelSuccess": "已成功更改用户标签。", + "updateCredentialUserLabelError": "更改用户标签时出错: {{error}}", + "credentialReset": "重置凭据", + "credentialResetBtn": "重置凭据", + "VERIFY_EMAIL": "验证电子邮件 (VERIFY_EMAIL)", + "UPDATE_PASSWORD": "更新密码 (UPDATE_PASSWORD)", + "UPDATE_PROFILE": "更新配置文件 (UPDATE_PROFILE)", + "CONFIGURE_TOTP": "配置OTP (CONFIGURE_TOTP)", + "terms_and_conditions": "条款和条件 (terms_and_conditions)", + "hours": "小时", + "minutes": "分", + "seconds": "秒", + "credentialResetConfirm": "发送电子邮件", + "credentialResetConfirmText": "是否要向用户发送电子邮件", + "credentialResetEmailSuccess": "发送给用户的电子邮件。", + "credentialResetEmailError": "失败:{{error}}", + "editUserLabel": "编辑用户标签按钮", + "temporaryLockedHelp": "由于多次登录尝试失败,用户可能被锁定。", + "disabledHelp": "禁用的用户无法登录。", + "emailVerifiedHelp": "用户的电子邮件是否已验证?", + "requiredUserActionsHelp": "用户登录时需要执行操作。“验证电子邮件”将向用户发送电子邮件以验证其电子邮件地址。“更新个人资料”要求用户输入新的个人信息。“更新密码”要求用户输入新密码。“配置OTP”需要设置动态密码生成器。", + "groupsHelp": "群组是用户具有群组成员资格的群组。要离开群组,请选择该群组并单击“离开”。", + "userIdHelperText": "请输入此身份提供程序的用户的唯一ID。", + "usernameHelperText": "请为身份提供程序输入用户的用户名。", + "federationLinkHelp": "用户存储供应商。本地存储的用户由其中导入。", + "sessionExplain": "会话是指此领域中用户及其在会话中访问的客户端的会话。", + "searchForSession": "搜索会话", + "lastAccess": "最近访问", + "started": "开始", + "sessionsType": { + "allSessions": "所有会话类型", + "regularSSO": "常规 SSO", + "offline": "离线", + "directGrant": "直接授权", + "serviceAccount": "服务帐号" + }, + "revocationDescription": "这是一种撤销所有活动会话和访问令牌的方法。“不在某日期之前”意味着您可以撤销在该日期之前发行的令牌。", + "notBeforeSuccess": "成功! 为领域设置“不早于”", + "notBeforeError": "清除领域的“不早于”时出错: {{error}}", + "notBeforeClearedSuccess": "成功! “不早于”的设置被清除。", + "signOutAllActiveSessions": "注销所有活动会话", + "signOutAllActiveSessionsQuestion": "是否注销所有活动会话?", + "logoutAllSessions": "注销所有会话", + "logoutAllDescription": "如果您注销所有活动会话,此领域中的所有有效主体将被注销。", + "logoutAllSessionsError": "错误!无法注销所有会话: {{error}}.", + "setToNowError": "错误!无法设置为当前日期和时间。", + "noSessions": "无会话", + "noSessionsDescription": "此领域中当前没有活动会话。", + "noSessionsForUser": "此用户当前没有活动会话。", + "noSessionsForClient": "此客户端当前没有活动会话。", + "eventExplain": "事件是该领域中用户活动和管理员活动的记录。事件记录的配置请跳转至 <1>Event configs.", + "eventConfigs": "事件设置", + "userEvents": "用户事件", + "adminEvents": "管理员事件", + "searchForUserEvent": "搜索用户事件", + "searchForAdminEvent": "搜索管理员事件", + "refresh": "刷新", + "emptyEvents": "无可添加的事件", + "emptyEventsInstructions": "没有更多的事件类型可以添加", + "time": "时间", + "userId": "用户 ID", + "eventType": "被保存的事件类型", + "ipAddress": "IP 地址", + "dateFrom": "日期(开始时间)", + "dateTo": "日期(截止日期)", + "searchUserEventsBtn": "搜索用户事件", + "searchAdminEventsBtn": "搜索管理员事件", + "realm": "领域", + "resourcePath": "资源路径", + "resourceTypes": "资源类型", + "operationType": "操作类型", + "operationTypes": "操作类型", + "auth": "授权", + "attribute": "属性", + "representation": "表述", + "noUserDetails": "无用户详细信息", + "resetBtn": "重置", + "createGroupText": "创建属性组", + "editGroupText": "编辑属性组", + "tableTitle": "属性组", + "columnName": "名称", + "columnDisplayName": "展示名称", + "columnDisplayDescription": "展示说明", + "emptyStateMessage": "没有属性组", + "emptyStateInstructions": "如果你想添加一个属性组,请点击下面的按钮。", + "deleteDialogTitle": "删除属性组?", + "deleteDialogDescription": "您确定要永久删除属性组 <1>{{group}}} 吗?", + "deleteSuccess": "属性组已删除。", + "deleteAttributeGroupError": "无法删除用户属性组:{{error}}", + "nameField": "姓名", + "nameHint": "组的唯一名称。在将属性绑定到组时,此名称将用于引用组。", + "displayHeaderField": "展示名称", + "displayHeaderHint": "用于用户界面表单中呈现一组属性时应使用的用户友好名称,支持本地化值的键。例如:${profile.attribute.group.address} ", + "displayDescriptionField": "展示说明", + "displayDescriptionHint": "在用户界面表单中用于提示的文本。", + "annotationsText": "注释", + "removeAnnotationText": "删除注释", + "keyLabel": "键", + "valueLabel": "值", + "realmSettingsExplain": "领域设置用于控制当前领域中用户、应用程序、角色和群组的选项。", + "partialImport": "部分导入", + "partialExport": "部分导出", + "deleteRealm": "删除领域", + "deleteConfirmTitle": "删除领域?", + "dragInstruction": "通过点击并拖动从而改变优先级", + "deleteProviderTitle": "删除密钥提供商?", + "deleteProviderConfirm": "您确定要永久删除密钥供应商 {{provider}} 吗?", + "deleteProviderSuccess": "成功。密钥供应商已被删除。", + "deleteProviderError": "删除密钥供应商时出错", + "deleteConditionSuccess": "条件已删除", + "disablePolicyConfirmTitle": "禁用策略?", + "disablePolicyConfirm": "如果策略被禁用,用户和客户端将无法访问该策略。您确定要继续吗?", + "editProvider": "编辑供应者", + "editableRowsTable": "可编辑的行表", + "saveSuccess": "用户联盟供应商已成功保存", + "saveProviderSuccess": "供应者已成功保存。", + "saveProviderListSuccess": "供应商的优先级已成功更新。", + "saveProviderError": "保存供应商时出错:{{error}}", + "saveError": "由于:{{error}},无法保存用户联盟供应商", + "general": "常规设置", + "login": "登录", + "themes": "主题", + "eventListeners": "事件监听器", + "eventListenersHelpText": "配置哪些监听器接收该领域的事件。", + "saveEventListeners": "保存事件监听器", + "saveEventListenersSuccess": "事件侦听器已更新。", + "saveEventListenersError": "保存事件侦听器时出错:{{error}}", + "userEventsSettings": "用户事件设置", + "adminEventsSettings": "管理员事件设置", + "saveEvents": "保存事件", + "clearUserEvents": "清除用户事件", + "clearAdminEvents": "清除管理员事件", + "includeRepresentation": "是否包含表述文件", + "template": "模板", + "connectionAndAuthentication": "连接与认证", + "from": "发件人", + "fromDisplayName": "发件人展示名称", + "replyTo": "回复地址", + "replyToDisplayName": "回复地址展示名称", + "envelopeFrom": "信封发件人", + "host": "主机", + "port": "端口", + "encryption": "加密", + "enableSSL": "启用 SSL", + "enableStartTLS": "启用 StartTLS", + "keysList": "秘钥列表", + "searchKey": "搜索秘钥", + "keystore": "密钥库", + "keystorePassword": "密钥库密码", + "algorithm": "算法", + "use": "使用", + "aesGenerated": "aes-generated", + "ecdsaGenerated": "ecdsca-generated", + "hmacGenerated": "hmac-generated", + "javaKeystore": "java-keystore", + "RSA": "RSA", + "rsaGenerated": "rsa-generated", + "uiDisplayName": "界面显示的名称", + "AESKeySize": "AES 密钥大小", + "active": "活跃", + "privateRSAKey": "私有 RSA 密钥", + "filenamePlaceholder": "上传 PEM 文件或在下方粘贴密钥", + "x509Certificate": "X509证书", + "ellipticCurve": "椭圆曲线", + "secretSize": "秘钥大小", + "keySize": "秘钥大小", + "供应商 ID": "ID", + "kid": "KID", + "providerDescription": "供应者描述", + "addProvider": "添加供应商", + "publicKeys": "公钥", + "keysFilter": { + "ACTIVE": "活跃的秘钥", + "PASSIVE": "不活跃的密钥", + "DISABLED": "禁用的秘钥" + }, + "noKeys": "没有秘钥", + "noKeysDescription": "您还没有创建任何活跃的密钥", + "userRegistration": "用户注册", + "loginScreenCustomization": "登录页面定制", + "registrationAllowed": "用户注册", + "userRegistrationHelpText": "启用/禁用注册页面。若启用此设置,登陆页上也会展示注册链接。", + "resetPasswordAllowed": "忘记密码", + "forgotPassword": "忘记密码", + "forgotPasswordHelpText": "在登录页面上展示链接以允许用户忘记凭据时点击此链接。", + "rememberMe": "记住我", + "rememberMeHelpText": "在登录页面上展示复选框以允许用户在浏览器重新启动之前保持登录状态,直到会话过期。", + "emailSettings": "电子邮件设置", + "registrationEmailAsUsername": "以电子邮件作为用户名", + "emailAsUsernameHelpText": "允许用户将电子邮件设置为用户名。", + "loginWithEmailAllowed": "使用邮箱登录", + "loginWithEmailHelpText": "允许用户使用他们的电子邮件地址登录。", + "duplicateEmailsAllowed": "允许重复的电子邮件地址存在", + "duplicateEmailsHelpText": "允许多个用户拥有相同的电子邮件地址。更改此设置也会清除用户的缓存。建议在关闭对重复的电子邮件地址的支持后手动更新数据库中现有用户的电子邮件限制。", + "verifyEmailHelpText": "要求用户在首次登录后或提交地址更改后验证其电子邮件地址。", + "userInfoSettings": "用户信息设置", + "editUsernameAllowed": "允许编辑用户名", + "enableSwitchSuccess": "{{switch}} 更改成功", + "enableSwitchError": "由于{{error}},无法启用/禁用", + "testingConnection": "测试连接", + "testConnectionHint": { + "withEmail": "测试连接时,将向当前用户 ({{email}}) 发送一封电子邮件。", + "withoutEmail": "要测试连接,您必须首先为当前用户 ({{userName}}) 配置一个电子邮件地址。", + "withoutEmailAction": "配置电子邮件地址" + }, + "testConnectionSuccess": "成功!SMTP 连接成功。电子邮件已发送!", + "testConnectionError": "错误!{{error}}", + "realmId": "领域ID", + "htmlDisplayName": "HTML 展示名称", + "frontendUrl": "前端网址", + "requireSsl": "需要 SSL", + "sslType": { + "all": "所有请求", + "external": "外部请求", + "none": "无" + }, + "selectATheme": "选择主题", + "placeholderText": "点击并请从中选择一个", + "userManagedAccess": "用户自主访问", + "userProfileEnabled": "用户资料", + "endpoints": "终端", + "openIDendpointConfiguration": "OpenID 终端节点配置", + "samlIdentityProviderMetadata": "SAML 2.0 身份供应者元数据", + "accountTheme": "账户页面主题", + "adminTheme": "管理界面主题", + "emailTheme": "电子邮件主题", + "internationalization": "国际化", + "localization": "本地化", + "SSOSessionSettings": "SSO会话设置", + "SSOSessionIdle": "SSO会话空闲的时间", + "SSOSessionMax": "SSO会话最长的时间", + "SSOSessionIdleRememberMe": "“记住我”的SSO会话过期前的空闲时间", + "SSOSessionMaxRememberMe": "“记住我”的SSO会话的最长的时间", + "clientSessionSettings": "客户端会话设置", + "offlineSessionSettings": "离线会话设置", + "offlineSessionIdle": "离线会话空闲时间", + "offlineSessionMaxLimited": "离线会话最长时间的限制", + "offlineSessionMax": "离线会话最长时间", + "loginTimeout": "登录超时", + "loginActionTimeout": "登录操作超时", + "refreshTokens": "刷新令牌", + "accessTokens": "访问令牌", + "actionTokens": "操作令牌", + "overrideActionTokens": "覆盖操作令牌", + "defaultSigAlg": "默认签名算法", + "revokeRefreshToken": "撤销刷新令牌", + "refreshTokenMaxReuse": "刷新令牌重复使用的最大次数", + "accessTokenLifespanImplicitFlow": "隐式流程的访问令牌寿命", + "clientLoginTimeout": "客户端登录超时", + "userInitiatedActionLifespan": "由用户发起的操作的生命周期", + "defaultAdminInitiated": "由管理员发起的默认操作的生命周期", + "oAuthDeviceCodeLifespan": "OAuth 2.0 设备代码寿命", + "oAuthDevicePollingInterval": "OAuth 2.0 设备轮询间隔", + "shortVerificationUri": "设备授权流程中的短 verification_uri", + "emailVerification": "邮箱验证", + "idpAccountEmailVerification": "IdP 账户邮箱验证", + "executeActions": "执行操作", + "clientPolicies": "客户端策略", + "noClientPolicies": "无客户端策略", + "noClientPoliciesInstructions": "没有客户端策略。选择'创建客户端策略'来创建一个新的客户端策略。", + "createClientPolicy": "创建客户端策略", + "createClientPolicySuccess": "已创建新策略", + "updateClientPolicySuccess": "客户端策略已更新", + "createClientPolicyError": "无法创建策略,因为:{{error}}", + "createClientConditionSuccess": "条件创建成功。", + "createClientConditionError": "创建条件时出错:{{error}}", + "updateClientConditionSuccess": "条件更新成功。", + "deleteClientConditionSuccess": "条件删除成功。", + "deleteClientConditionError": "创建条件时出错:{{error}}", + "clientPolicySearch": "搜索客户端策略", + "policiesConfigType": "配置方式:", + "policiesConfigTypes": { + "formView": "表单视图", + "jsonEditor": "JSON 编辑器" + }, + "deleteClientPolicy": "删除策略", + "deleteClientPolicyConfirmTitle": "删除策略?", + "deleteClientPolicyConfirm": "此操作将永久删除策略 {{policyName}},并且无法撤消。", + "deleteClientPolicySuccess": "客户端策略已删除", + "deleteClientPolicyError": "无法删除策略:{{error}}", + "profiles": "配置文件", + "clientPoliciesProfilesHelpText": "客户端策略配置文件允许设置一组执行器,这些执行器将对与客户端相关的各种操作进行强制执行。这些操作可以是管理员操作,如创建或更新客户端,也可以是用户操作,如对客户端进行身份验证。", + "clientPoliciesProfiles": "客户端策略配置文件", + "clientPoliciesPoliciesHelpText": "客户端策略允许将客户端配置文件与各种条件绑定,以指定何时执行特定客户端配置文件中的执行器所规定的行为。", + "clientPoliciesPolicies": "客户端策略", + "clientPoliciesTab": "客户端策略标签", + "clientProfilesSubTab": "客户端配置子标签", + "clientPoliciesSubTab": "客户端策略子标签", + "profilesConfigType": "配置方式:", + "profilesConfigTypes": { + "formView": "表单视图", + "jsonEditor": "JSON 编辑器" + }, + "clientProfileSearch": "搜索", + "searchProfile": "搜索配置文件", + "clientProfileName": "客户端配置文件名称", + "clientProfileDescription": "描述", + "emptyClientProfiles": "没有配置文件", + "emptyClientProfilesInstructions": "没有配置文件,选择'创建客户端配置文件'来创建新的客户端配置文件", + "deleteClientProfileConfirmTitle": "删除配置文件?", + "deleteClientProfileConfirm": "此操作将永久删除配置文件 {{profileName}}。此操作无法撤消。", + "deleteClientSuccess": "配置文件已删除", + "deleteClientError": "无法删除配置文件:{{error}}", + "deleteClientPolicyProfileConfirmTitle": "删除配置文件?", + "deleteClientPolicyProfileConfirm": "此操作将从策略 {{policyName}} 中永久删除 {{profileName}}。并且此操作无法撤消。", + "deleteClientPolicyProfileSuccess": "配置文件已成功从策略中删除。", + "deleteClientPolicyProfileError": "无法从策略中删除配置文件:{{error}}", + "createClientProfile": "创建客户端配置文件", + "deleteClientProfile": "删除此客户端配置文件", + "createClientProfileSuccess": "已创建新的客户端配置文件", + "updateClientProfileSuccess": "客户端配置文件更新成功", + "createClientProfileError": "无法创建客户端配置文件:'{{error}}'", + "addClientProfileSuccess": "已添加新的客户端配置文件", + "addClientProfileError": "无法创建客户端配置文件:'{{error}}'", + "createClientProfileNameHelperText": "名称在领域内必须是唯一的", + "newClientProfile": "创建客户端配置文件", + "newClientProfileName": "客户端配置文件名称", + "clientProfile": "配置文件详情", + "executorDetails": "执行器详情", + "executors": "执行器", + "executorsHelpText": "执行器, 将应用于此客户端配置文件", + "executorsHelpItem": "执行器帮助项目", + "addExecutor": "添加执行器", + "executorType": "执行器类型", + "executorTypeSwitchHelpText": "执行器类型切换帮助文本", + "executorTypeSelectHelpText": "执行器类型选择帮助文本", + "executorTypeSelectAlgorithm": "执行器类型选择算法", + "executorTypeTextHelpText": "执行器类型文本帮助文本", + "executorAuthenticatorMultiSelectHelpText": "执行器验证多选的帮助文本", + "executorClientAuthenticator": "执行器客户端认证器", + "executorsTable": "执行器列表", + "executorName": "姓名", + "emptyExecutors": "没有配置执行器", + "addExecutorSuccess": "成功!执行器创建成功", + "addExecutorError": "未创建执行器", + "updateExecutorSuccess": "执行器更新成功", + "updateExecutorError": "执行器未更新", + "deleteExecutorProfileConfirmTitle": "删除执行器?", + "deleteExecutorProfileConfirm": "该操作将永久删除 {{executorName}}。且此操作无法撤消。", + "deleteExecutorSuccess": "成功!执行器被删除。", + "deleteExecutorError": "无法删除执行器:{{error}}", + "updateClientProfilesSuccess": "客户端配置文件配置已更新", + "updateClientProfilesError": "提供的 JSON 不正确: Unexpected token { in JSON", + "deleteClientPolicyConditionConfirmTitle": "删除条件?", + "deleteClientPolicyConditionConfirm": "此操作将永久删除{{condition}}。此操作无法撤消。", + "selectACondition": "选择条件", + "conditions": "条件", + "conditionType": "条件类型", + "anyClient": "任何客户端在任何事件中都满足该条件。", + "clientAccesstype": "客户端访问类型", + "clientScopesCondition": "预期范围", + "updateClientContext": "更新客户端环境", + "clientUpdaterSourceGroups": "群组", + "clientUpdaterTrustedHosts": "可信主机", + "clientUpdaterSourceRoles": "更新实体角色", + "conditionsHelpItem": "条件帮助项", + "addCondition": "添加条件", + "editCondition": "编辑条件", + "emptyConditions": "没有配置条件", + "updateClientPoliciesSuccess": "客户端策略配置已更新", + "updateClientPoliciesError": "提供的 JSON 不正确: Unexpected token { in JSON", + "clientProfiles": "客户端配置文件", + "clientProfilesHelpItem": "客户端配置文件帮助项", + "addClientProfile": "添加客户端配置文件", + "emptyProfiles": "没有配置客户端配置文件", + "tokens": "令牌", + "userProfile": "用户资料", + "jsonEditor": "JSON 编辑器", + "attributesGroup": "属性组", + "invalidJsonError": "无法保存用户配置文件,提供的信息不是有效的 JSON。", + "userProfileSuccess": "用户资料设置成功更新。", + "userProfileError": "无法更新用户资料设置:{{error}}", + "recommendedSsoTimeout": "建议此值小于 SSO 会话空闲时间:{{time}}", + "supportedLocales": "支持的语言环境", + "defaultLocale": "默认语言环境", + "selectLocales": "选择语言环境", + "searchForMessageBundle": "搜索消息包", + "addMessageBundle": "添加消息包", + "addMessageBundleSuccess": "成功!消息包已添加。", + "deleteMessageBundleSuccess": "已成功从包中删除消息", + "deleteMessageBundleError": "从包中删除消息时出错,{{error}}", + "rowEditBtnAriaLabel": "编辑 {{messageBundle}}", + "rowSaveBtnAriaLabel": "保存对 {{messageBundle}} 的编辑", + "rowCancelBtnAriaLabel": "取消对 {{messageBundle}} 的编辑", + "updateMessageBundleSuccess": "成功!消息包已更新。", + "updateMessageBundleError": "更新消息包时出错。", + "addMessageBundleError": "创建消息包时出错,{{error}}", + "allGroups": "所有组", + "attributeName": "属性 [名称]", + "attributeDisplayName": "展示名称", + "attributeGroup": "属性组", + "enabledWhen": "何时启用", + "requiredFor": "针对何人为必填项", + "requiredWhen": "何时为必填项", + "requiredForLabel": { + "both": "用户和管理员", + "users": "仅限用户", + "admins": "仅限管理员" + }, + "whoCanEdit": "谁可以编辑?", + "whoCanView": "谁可以查看?", + "admin": "管理员", + "addValidator": "添加验证器", + "validatorType": "验证器类型", + "addValidatorRole": "添加 {{validatorName}} 验证器", + "validatorDialogColNames": { + "colName": "角色名称", + "colDescription": "描述" + }, + "validatorColNames": { + "colName": "验证器名称", + "colConfig": "设置" + }, + "deleteValidatorConfirmTitle": "删除验证器?", + "deleteValidatorConfirmMsg": "您确定要永久删除验证器 {{validatorName}} 吗?", + "validatorDeletedSuccess": "用户资料配置已保存。", + "validatorDeletedError": "保存用户资料时出错:{{error}}", + "emptyValidators": "没有验证器。", + "updatedUserProfileSuccess": "用户资料的配置已保存", + "updatedUserProfileError": "用户资料的配置尚未保存", + "createAttribute": "创建属性", + "editAttribute": "编辑属性", + "createAttributeSubTitle": "创建新属性", + "createAttributeSuccess": "成功!用户资料的配置已保存。", + "createAttributeError": "错误!用户资料的配置尚未保存{{error}}。", + "attributesDropdown": "属性下拉框", + "deleteAttributeConfirmTitle": "删除属性?", + "deleteAttributeConfirm": "您确定要永久删除属性 {{attributeName}} 吗?", + "deleteAttributeSuccess": "属性已删除", + "deleteAttributeError": "属性未删除", + "always": "总是", + "scopesAsRequested": "在此范围内生效", + "validations": "验证", + "annotations": "注释", + "addAnnotationText": "添加注释", + "validateName": "您必须输入一个名字", + "searchEventType": "搜索被保存的事件类型", + "addSavedTypes": "添加被保存的事件类型", + "addTypes": "添加类型", + "eventTypes": { + "SEND_RESET_PASSWORD": { + "name": "发送重置的密码", + "description": "发送重置的密码" + }, + "UPDATE_CONSENT_ERROR": { + "name": "更新许可错误", + "description": "更新许可错误" + }, + "GRANT_CONSENT": { + "name": "授权许可", + "description": "授权许可" + }, + "REMOVE_TOTP": { + "name": "删除TOTP", + "description": "删除TOTP" + }, + "REVOKE_GRANT": { + "name": "撤销授权", + "description": "撤销授权" + }, + "UPDATE_TOTP": { + "name": "更新TOTP", + "description": "更新TOTP" + }, + "LOGIN_ERROR": { + "name": "登录错误", + "description": "登录错误" + }, + "CLIENT_LOGIN": { + "name": "客户端登录", + "description": "客户端登录" + }, + "RESET_PASSWORD_ERROR": { + "name": "重置密码错误", + "description": "重置密码错误" + }, + "IMPERSONATE_ERROR": { + "name": "角色扮演错误", + "description": "角色扮演错误" + }, + "CODE_TO_TOKEN_ERROR": { + "name": "用于交换令牌的代码错误", + "description": "用于交换令牌的代码错误" + }, + "CUSTOM_REQUIRED_ACTION": { + "name": "自定义所需操作", + "description": "自定义所需操作" + }, + "RESTART_AUTHENTICATION": { + "name": "重启认证", + "description": "重启认证" + }, + "IMPERSONATE": { + "name": "角色扮演", + "description": "角色扮演" + }, + "UPDATE_PROFILE_ERROR": { + "name": "更新配置文件错误", + "description": "更新配置文件错误" + }, + "LOGIN": { + "name": "登录", + "description": "登录" + }, + "UPDATE_PASSWORD_ERROR": { + "name": "更新密码错误", + "description": "更新密码错误" + }, + "CLIENT_INITIATED_ACCOUNT_LINKING": { + "name": "客户端发起的账号关联", + "description": "客户端发起的账号关联" + }, + "TOKEN_EXCHANGE": { + "name": "交换令牌", + "description": "交换令牌" + }, + "LOGOUT": { + "name": "登出", + "description": "登出" + }, + "REGISTER": { + "name": "注册", + "description": "注册" + }, + "DELETE_ACCOUNT_ERROR": { + "name": "删除账号错误", + "description": "删除账号错误" + }, + "CLIENT_REGISTER": { + "name": "客户端注册", + "description": "客户端注册" + }, + "IDENTITY_PROVIDER_LINK_ACCOUNT": { + "name": "身份提供商关联账号", + "description": "身份提供商关联账号" + }, + "DELETE_ACCOUNT": { + "name": "删除账号", + "description": "删除账号" + }, + "UPDATE_PASSWORD": { + "name": "更新密码", + "description": "更新密码" + }, + "CLIENT_DELETE": { + "name": "客户端删除", + "description": "客户端删除" + }, + "FEDERATED_IDENTITY_LINK_ERROR": { + "name": "联合身份链接错误", + "description": "联合身份链接错误" + }, + "IDENTITY_PROVIDER_FIRST_LOGIN": { + "name": "身份提供商首次登录", + "description": "身份供应商首次登录" + }, + "CLIENT_DELETE_ERROR": { + "name": "客户端删除错误", + "description": "客户端删除错误" + }, + "VERIFY_EMAIL": { + "name": "验证邮箱", + "description": "验证邮箱" + }, + "CLIENT_LOGIN_ERROR": { + "name": "客户端登录错误", + "description": "客户端登录错误" + }, + "RESTART_AUTHENTICATION_ERROR": { + "name": "重启认证错误", + "description": "重启认证错误" + }, + "EXECUTE_ACTIONS": { + "name": "执行动作", + "description": "执行动作" + }, + "REMOVE_FEDERATED_IDENTITY_ERROR": { + "name": "删除联合身份错误", + "description": "删除联合身份错误" + }, + "TOKEN_EXCHANGE_ERROR": { + "name": "令牌交换错误", + "description": "令牌交换错误" + }, + "PERMISSION_TOKEN": { + "name": "权限令牌", + "description": "权限令牌" + }, + "SEND_IDENTITY_PROVIDER_LINK_ERROR": { + "name": "发送身份供应者链接错误", + "description": "发送身份供应者链接错误" + }, + "EXECUTE_ACTION_TOKEN_ERROR": { + "name": "执行动作令牌错误", + "description": "执行动作令牌错误" + }, + "SEND_VERIFY_EMAIL": { + "name": "发送验证邮件", + "description": "发送验证邮件" + }, + "EXECUTE_ACTIONS_ERROR": { + "name": "执行动作错误", + "description": "执行动作错误" + }, + "REMOVE_FEDERATED_IDENTITY": { + "name": "删除联合身份", + "description": "删除联合身份" + }, + "IDENTITY_PROVIDER_POST_LOGIN": { + "name": "身份供应者非首次登录", + "description": "身份供应者非首次登录" + }, + "IDENTITY_PROVIDER_LINK_ACCOUNT_ERROR": { + "name": "身份提供商关联账号错误", + "description": "身份提供商关联账号错误" + }, + "UPDATE_EMAIL": { + "name": "更新邮箱", + "description": "更新邮箱" + }, + "REGISTER_ERROR": { + "name": "注册错误", + "description": "注册错误" + }, + "REVOKE_GRANT_ERROR": { + "name": "撤销授权错误", + "description": "撤销授权错误" + }, + "EXECUTE_ACTION_TOKEN": { + "name": "执行动作令牌", + "description": "执行动作令牌" + }, + "LOGOUT_ERROR": { + "name": "登出错误", + "description": "登出错误" + }, + "UPDATE_EMAIL_ERROR": { + "name": "更新邮箱错误", + "description": "更新邮箱错误" + }, + "CLIENT_UPDATE_ERROR": { + "name": "客户端更新错误", + "description": "客户端更新错误" + }, + "UPDATE_PROFILE": { + "name": "更新资料", + "description": "更新资料" + }, + "CLIENT_REGISTER_ERROR": { + "name": "客户端注册错误", + "description": "客户端注册错误" + }, + "FEDERATED_IDENTITY_LINK": { + "name": "联合身份链接", + "description": "联合身份链接" + }, + "SEND_IDENTITY_PROVIDER_LINK": { + "name": "发送身份供应商链接", + "description": "发送身份供应商链接" + }, + "SEND_VERIFY_EMAIL_ERROR": { + "name": "发送验证邮件错误", + "description": "发送验证邮件错误" + }, + "RESET_PASSWORD": { + "name": "重置密码", + "description": "重置密码" + }, + "CLIENT_INITIATED_ACCOUNT_LINKING_ERROR": { + "name": "客户端发起的账号关联错误", + "description": "客户端发起的账号关联错误" + }, + "UPDATE_CONSENT": { + "name": "更新许可", + "description": "更新许可" + }, + "REMOVE_TOTP_ERROR": { + "name": "移除totp错误", + "description": "移除totp错误" + }, + "VERIFY_EMAIL_ERROR": { + "name": "邮箱验证错误", + "description": "邮箱验证错误" + }, + "SEND_RESET_PASSWORD_ERROR": { + "name": "发送重置密码错误", + "description": "发送重置密码错误" + }, + "CLIENT_UPDATE": { + "name": "客户端更新", + "description": "客户端更新" + }, + "CUSTOM_REQUIRED_ACTION_ERROR": { + "name": "自定义必要操作错误", + "description": "自定义必要操作错误" + }, + "IDENTITY_PROVIDER_POST_LOGIN_ERROR": { + "name": "身份供应者非首次登录错误", + "description": "身份供应者非首次登录错误" + }, + "UPDATE_TOTP_ERROR": { + "name": "更新totp错误", + "description": "更新totp错误" + }, + "CODE_TO_TOKEN": { + "name": "用于交换令牌的代码", + "description": "用于交换令牌的代码" + }, + "GRANT_CONSENT_ERROR": { + "name": "授权许可错误", + "description": "授权许可错误" + }, + "IDENTITY_PROVIDER_FIRST_LOGIN_ERROR": { + "name": "身份供应商首次登录错误", + "description": "身份供应商首次登录错误" + }, + "REGISTER_NODE_ERROR": { + "name": "注册节点错误", + "description": "注册节点错误" + }, + "PERMISSION_TOKEN_ERROR": { + "name": "权限令牌错误", + "description": "权限令牌错误" + }, + "IDENTITY_PROVIDER_RETRIEVE_TOKEN_ERROR": { + "name": "身份供应者检索令牌错误", + "description": "身份供应者检索令牌错误" + }, + "CLIENT_INFO": { + "name": "客户端信息", + "description": "客户端信息" + }, + "VALIDATE_ACCESS_TOKEN": { + "name": "验证访问令牌", + "description": "验证访问令牌" + }, + "IDENTITY_PROVIDER_LOGIN": { + "name": "身份供应者登录", + "description": "身份供应者登录" + }, + "CLIENT_INFO_ERROR": { + "name": "客户端信息错误", + "description": "客户端信息错误" + }, + "INTROSPECT_TOKEN_ERROR": { + "name": "令牌内部检查错误", + "description": "令牌内部检查错误" + }, + "INTROSPECT_TOKEN": { + "name": "令牌内部检查", + "description": "令牌内部检查" + }, + "UNREGISTER_NODE": { + "name": "注销节点", + "description": "注销节点" + }, + "REGISTER_NODE": { + "name": "注册节点", + "description": "注册节点" + }, + "INVALID_SIGNATURE": { + "name": "无效签名", + "description": "无效签名" + }, + "USER_INFO_REQUEST_ERROR": { + "name": "用户信息请求错误", + "description": "用户信息请求错误" + }, + "REFRESH_TOKEN": { + "name": "刷新令牌", + "description": "刷新令牌" + }, + "IDENTITY_PROVIDER_RESPONSE": { + "name": "身份供应者响应", + "description": "身份供应者响应" + }, + "IDENTITY_PROVIDER_RETRIEVE_TOKEN": { + "name": "身份供应者检索令牌", + "description": "身份供应者检索令牌" + }, + "UNREGISTER_NODE_ERROR": { + "name": "注销节点错误", + "description": "注销节点错误" + }, + "VALIDATE_ACCESS_TOKEN_ERROR": { + "name": "验证访问令牌错误", + "description": "验证访问令牌错误" + }, + "INVALID_SIGNATURE_ERROR": { + "name": "无效签名错误", + "description": "无效签名错误" + }, + "USER_INFO_REQUEST": { + "name": "用户信息请求", + "description": "用户信息请求" + }, + "IDENTITY_PROVIDER_RESPONSE_ERROR": { + "name": "身份供应者响应错误", + "description": "身份供应者响应错误" + }, + "IDENTITY_PROVIDER_LOGIN_ERROR": { + "name": "身份供应者登录错误", + "description": "身份供应者登录错误" + }, + "REFRESH_TOKEN_ERROR": { + "name": "刷新令牌错误", + "description": "刷新令牌错误" + }, + "VERIFY_PROFILE": { + "name": "验证配置文件", + "description": "验证配置文件" + }, + "VERIFY_PROFILE_ERROR": { + "name": "验证配置文件错误", + "description": "验证配置文件错误" + }, + "OAUTH2_DEVICE_CODE_TO_TOKEN": { + "name": "Oauth2设备用于交换令牌的代码", + "description": "Oauth2设备用于交换令牌的代码" + }, + "OAUTH2_DEVICE_CODE_TO_TOKEN_ERROR": { + "name": "Oauth2设备用于交换令牌的代码错误", + "description": "Oauth2设备用于交换令牌的代码错误" + }, + "OAUTH2_DEVICE_VERIFY_USER_CODE": { + "name": "Oauth2设备验证用户代码", + "description": "Oauth2 设备验证用户代码" + }, + "OAUTH2_DEVICE_VERIFY_USER_CODE_ERROR": { + "name": "Oauth2设备验证用户代码错误", + "description": "Oauth2设备验证用户代码错误" + }, + "AUTHREQID_TO_TOKEN": { + "name": "认证令牌", + "description": "认证令牌" + }, + "AUTHREQID_TO_TOKEN_ERROR": { + "name": "认证令牌错误", + "description": "认证令牌错误" + }, + "OAUTH2_DEVICE_AUTH": { + "name": "Oauth2设备认证", + "description": "Oauth2设备认证" + }, + "OAUTH2_DEVICE_AUTH_ERROR": { + "name": "Oauth2设备认证错误", + "description": "Oauth2设备认证错误" + } + }, + "eventConfigSuccessfully": "成功保存配置", + "eventConfigError": "无法保存事件配置{{error}}", + "deleteEvents": "清除事件", + "deleteEventsConfirm": "如果清除该领域的所有事件,数据库中的所有记录将被永久清除", + "admin-events-cleared": "管理员事件已清除", + "admin-events-cleared-error": "无法清除管理员事件{{error}}", + "user-events-cleared": "用户事件已清除", + "user-events-cleared-error": "无法清除用户事件 {{error}}", + "events-disable-title": "取消保存事件?", + "events-disable-confirm": "如果禁用“保存事件”,后续事件将不会展示在“事件”菜单中。", + "noMessageBundles": "没有消息包", + "noMessageBundlesInstructions": "添加消息包以开始使用。", + "messageBundleDescription": "您可以编辑支持的语言环境。如果您还没有选择支持的语言环境,您只能编辑英文语言环境。", + "defaultRoles": "默认角色", + "defaultGroups": "默认群组", + "whatIsDefaultGroups": "默认群组的作用是什么?", + "addDefaultGroups": "添加默认群组", + "removeConfirmTitle_one": "移除群组?", + "removeConfirmTitle_other": "移除群组?", + "removeConfirm_one": "您确定要移除这个群组吗?", + "removeConfirm_other": "您确定要移除这些组吗?", + "groupRemove_one": "群组已移除", + "groupRemove_other": "群组已移除", + "groupRemoveError": "移除群组 {error} 时出错", + "defaultGroupAdded_one": "新群组已被添加到默认群组", + "defaultGroupAdded_other": "{{count}} 个新群组已被添加到默认群组", + "defaultGroupAddedError": "将群组添加到默认群组时出错 {error}。", + "noDefaultGroups": "没有默认群组", + "noDefaultGroupsInstructions": "设置默认组将允许您在<1>identity brokering过程中创建或导入新用户时自动分配群组。添加默认组以开始使用这一功能。", + "securityDefences": "安全防御", + "headers": "标题", + "bruteForceDetection": "暴力破解检测", + "xFrameOptions": "X-Frame-Options", + "contentSecurityPolicy": "内容安全策略", + "contentSecurityPolicyReportOnly": "仅限内容安全策略报告", + "xContentTypeOptions": "X-Content-Type-Options", + "xRobotsTag": "X-机器人标签", + "xXSSProtection": "X-XSS-保护", + "strictTransportSecurity": "HTTP 严格传输安全 (HSTS)", + "failureFactor": "登录失败最多次数", + "permanentLockout": "永久锁定", + "waitIncrementSeconds": "等待增量", + "maxFailureWaitSeconds": "最长等待时间", + "maxDeltaTimeSeconds": "失败复位时间", + "quickLoginCheckMilliSeconds": "快速登录检查毫秒数", + "minimumQuickLoginWaitSeconds": "最小快速登录等待秒数", + "partialExportHeaderText": "部分导出允许您将领域配置和其他相关资源导出到 json 文件中。", + "includeGroupsAndRoles": "包含群组和角色", + "includeClients": "包含客户端", + "exportWarningTitle": "谨慎导出", + "exportWarningDescription": "如果您的领域中有大量群组、角色或客户端,该操作可能会使服务器暂时无响应。", + "exportSuccess": "领域成功导出。", + "exportFail": "无法导出领域:'{{error}}'", + "partialImportHeaderText": "部分导入允许您从之前导出的 json 文件中导入用户、客户端和其他资源。", + "selectRealm": "选择领域", + "chooseResources": "选择要导入的资源", + "selectIfResourceExists": "如果资源已存在,请指定应采取的操作", + "resourcesToImport": "要导入的资源", + "importFail": "导入失败:{{error}}", + "FAIL": "导入失败", + "SKIP": "跳过", + "OVERWRITE": "覆写", + "added": "已添加", + "skipped": "已跳过", + "overwritten": "已被覆写", + "importAdded_zero": "没有添加记录。", + "importAdded_one": "添加了一条记录。", + "importAdded_other": "已添加 {{count}} 条记录。", + "importOverwritten_zero": "没有记录被覆写。", + "importOverwritten_one": "覆写一条记录。", + "importOverwritten_other": "{{count}} 条记录被覆写。", + "importSkipped_zero": "没有记录被跳过。", + "importSkipped_one": "跳过一条记录。", + "importSkipped_other": "跳过 {{count}} 条记录。", + "fromDisplayNameHelp": "“发件人”地址的用户友好名称(可选)。", + "replyToDisplayNameHelp": "“回复”地址的用户友好名称(可选)。", + "envelopeFromHelp": "用于退回的电子邮件地址(非必需)。", + "passwordHelp": "SMTP 密码。该字段可以从 vault 中获取其值,使用 ${vault.ID} 格式。", + "frontendUrlHelp": "设置领域的前端 URL。与默认主机名提供程序结合使用以覆盖特定领域前端请求的基本 URL。", + "requireSslHelp": "是否需要HTTPS?'无'表示任何客户端IP地址都不需要HTTPS。'外部请求'表示本地主机和私有IP地址无需HTTPS即可访问。'所有请求'表示所有IP地址都需要HTTPS。 ", + "userManagedAccessHelp": "如果启用,用户可以使用账户管理 UI 管理他们的资源和权限。", + "userProfileEnabledHelp": "如果启用,允许管理用户配置文件。", + "endpointsHelp": "显示服务提供商终端节点(Endpoint)的配置", + "accountThemeHelp": "为用户账户管理页面选择主题。", + "adminThemeHelp": "为管理界面选择主题。", + "emailThemeHelp": "为服务器发送的电子邮件选择主题。", + "priorityHelp": "供应商的优先级", + "enabledHelp": "设置按键是否启用", + "activeHelp": "设置密钥是否可用于签名", + "AESKeySizeHelp": "生成的 AES 密钥的大小(以字节为单位)。16 用于 AES-128, 24 用于 AES-192,32 用于 AES-256。请注意,某些 JDK 实现不允许大于 128 的密钥。", + "save-user-events": "如果启用,用户事件将保存到数据库中,从而使事件可用于管理员和帐户的管理页面中。", + "save-admin-events": "如果启用,管理员事件将保存到数据库中,从而使事件可用于管理员页面。", + "admin-clearEvents": "清除数据库中的所有管理事件。", + "includeRepresentationHelp": "包括创建和更新请求的 JSON 表示。", + "user-clearEvents": "清除数据库中的所有用户事件。", + "ellipticCurveHelp": "ECDSA 中使用的椭圆曲线", + "secretSizeHelp": "生成的密码的字节大小", + "keySizeHelp": "生成密钥的大小", + "algorithmHelp": "密钥的预期算法", + "keystoreHelp": "密钥文件路径", + "keystorePasswordHelp": "密钥的密码", + "privateRSAKeyHelp": "以 PEM 格式编码的私有 RSA 密钥", + "x509CertificateHelp": "以 PEM 格式编码的 X509 证书", + "xFrameOptionsHelp": "默认值防止页面被非来源 iframe 包含<1>了解更多", + "contentSecurityPolicyHelp": "默认值防止页面被非来源 iframe 包含<1>了解更多", + "contentSecurityPolicyReportOnlyHelp": "用于测试内容安全策略<1>了解更多", + "xContentTypeOptionsHelp": "默认值阻止 Internet Explorer 和谷歌浏览器从 MIME 嗅探远离声明的内容类型的响应<1>了解更多", + "xRobotsTagHelp": "防止页面出现在搜索引擎中<1>了解更多", + "xXSSProtectionHelp": "此标头在您的浏览器中配置跨站点脚本 (XSS) 过滤器。使用默认行为,浏览器将在检测到 XSS 攻击时阻止呈现页面。<1>了解更多 ", + "strictTransportSecurityHelp": "Strict-Transport-Security HTTP 标头告诉浏览器始终使用 HTTPS。一旦浏览器看到此标头,它只会在指定的时间(1 年)内通过 HTTPS 访问站点,包括子域。<1>了解更多", + "failureFactorHelp": "在等待触发之前有多少次失败。", + "permanentLockoutHelp": "当用户超过最大登录失败次数时,将永久锁定用户。", + "waitIncrementSecondsHelp": "当达到失败阈值时,用户应该被锁定多长时间?", + "maxFailureWaitSecondsHelp": "用户被锁定的最长时间。", + "maxDeltaTimeSecondsHelp": "失败次数的统计数量何时重置?", + "quickLoginCheckMilliSecondsHelp": "如果故障并发发生得太快,将会锁定用户。", + "minimumQuickLoginWaitSecondsHelp": "快速登录失败后等待多长时间。", + "ssoSessionIdle": "允许会话在到期前空闲的时间。令牌和浏览器会话在会话到期时失效。", + "ssoSessionMax": "会话过期前的最长时间。令牌和浏览器会话在会话过期时失效。", + "ssoSessionIdleRememberMe": "在到期之前“记住我”的会话的空闲的时间。令牌和浏览器会话在会话到期时失效。如果未设置,它将使用标准的 SSO 会话空闲值。", + "ssoSessionMaxRememberMe": "当用户设置了“记住我”选项时,会话过期前的最长时间。当会话过期时,令牌和浏览器会话将失效。如果未设置,它将使用标准 SSO 会话最大值。", + "offlineSessionIdleHelp": "离线会话过期前允许空闲的时间。在此期间内至少需要使用离线令牌刷新一次,否则离线会话将过期。", + "offlineSessionMaxLimitedHelp": "启用最大离线会话", + "offlineSessionMaxHelp": "无论活动如何,离线会话过期前的最长时间。", + "loginTimeoutHelp": "用户完成一次登录的最长时间。建议这个时间比较长,比如30分钟或者更长", + "loginActionTimeoutHelp": "用户必须完成登录相关操作(如更新密码或配置 totp)的最长时间。建议相对较长,例如 5 分钟或更长时间", + "defaultSigAlgHelp": "用于为领域签署令牌的默认算法", + "revokeRefreshTokenHelp": "如果启用刷新令牌最多只能使用'刷新令牌最大重用',并且在使用不同的令牌时被撤销。否则刷新令牌在使用时不会被撤销并且可以多次使用。", + "refreshTokenMaxReuseHelp": "刷新令牌可以重复使用的最大次数。当使用不同的令牌时,立即撤销。", + "accessTokenLifespanImplicitFlowHelp": "在 OpenID Connect 隐式流期间颁发的访问令牌到期之前的最长时间。建议此值短于 SSO 超时设置。在隐式流期间不可能刷新令牌,这就是为什么有一个单独的超时不同于“访问令牌生命周期”", + "clientLoginTimeoutHelp": "客户端必须完成访问令牌协议的最长时间。这通常应该是 1 分钟。", + "userInitiatedActionLifespanHelp": "用户发送的操作许可(例如忘记密码的电子邮件)过期之前的最长时间。建议该值较短,因为预计用户会对自己创建的操作做出快速反应。 ", + "defaultAdminInitiatedActionLifespan": "管理员发送给用户的操作许可过期前的最长时间。建议将该值设置得较长,以允许管理员为当前离线的用户发送电子邮件。默认超时可以在紧接之前被覆盖发行令牌。", + "oAuthDeviceCodeLifespanHelp": "设备代码和用户代码过期前的最长时间。这个值需要足够长的生命周期才能使用(允许用户检索他们的辅助设备、导航到验证 URI、登录等) , 但也应该足够短以限制为网络钓鱼获得的代码的可用性。", + "oAuthDevicePollingIntervalHelp": "客户端在对令牌端点的轮询请求之间应等待的最短时间(以秒为单位)。", + "shortVerificationUriTooltip": "如果设置,此值将在设备授权流程中作为 verification_uri 返回。此 uri 需要重定向到 {server-root}/realms/{realm}/device", + "overrideActionTokensHelp": "在用户发送的操作许可(例如忘记密码的电子邮件)针对特定操作过期之前覆盖默认设置的最长时间。建议该值较短,因为预计用户会做出反应快速进行自我创建的动作。", + "internationalizationHelp": "如果启用,您可以选择您支持该领域的语言环境以及默认语言环境。", + "supportedLocalesHelp": "该领域支持的语言环境。用户在登录屏幕上选择这些语言环境之一。", + "defaultLocaleHelp": "要使用的初始语言环境。它用于登录页面和管理员界面和帐户界面中的其他页面。", + "conditionsHelp": "条件,将对其进行评估以确定是否应在特定操作期间应用客户端策略。", + "clientProfilesHelp": "应用此策略的客户端配置文件。", + "clientAccessType": "它使用客户端的访问类型(机密、公共、仅承载)来确定是否应用策略。在大多数 OpenID Connect 请求(授权请求、令牌请求、内省端点请求等)期间检查条件。 )", + "clientAccesstypeTooltip": "客户端的访问类型,这是针对将被应用的条件的。", + "clientRolesHelp": "该条件检查客户端上是否存在指定的客户端角色,以确定是否应用该策略。这有效地允许客户端管理员在客户端上创建指定名称的客户端角色,以确保特定的客户端策略将应用于此客户端的请求。在大多数 OpenID Connect 请求(授权请求、令牌请求、内省端点请求等)期间检查条件。", + "clientRolesConditionTooltip": "客户端角色,将在此条件评估期间检查。如果客户端至少有一个客户端角色名称与配置中指定的客户端角色相同,则条件评估为真。", + "clientScopesHelp": "它使用预先请求或分配给客户端的范围来确定策略是否应用于此客户端。在 OpenID Connect 授权请求和/或令牌请求期间评估条件。", + "clientScopesConditionTooltip": "预期客户端范围的列表。如果指定的客户端请求匹配某些客户端范围,则条件评估为真。它还取决于配置的'范围类型',就是它应该是默认的还是可选的客户端范围。", + "clientUpdaterContext": "条件检查上下文如何创建/更新客户端以确定是否应用策略。例如,它检查客户端是否使用管理 REST API 或 OIDC 动态客户端注册创建。并且根据大小写判断是否是匿名客户端注册或使用已被验证的初始访问权限的客户端注册。", + "clientUpdaterSourceGroupsHelp": "条件检查尝试创建/更新客户端的实体组以确定是否应用了策略。", + "clientUpdaterSourceGroupsTooltip": "要检查的组的名称。如果创建/更新客户端的实体是某些指定组的成员,则条件评估为真。配置的组由它们的简单名称指定,必须与名称匹配Keycloak 组。此处不支持组层次结构。", + "clientUpdaterSourceHost": "条件检查尝试创建/更新客户端的实体的主机/域以确定是否应用了策略。", + "clientUpdaterTrustedHostsTooltip": "受信任的主机列表。如果客户端注册/更新请求来自此配置中指定的主机/域,则条件评估为真。您可以使用主机名或 IP 地址。如果您在开头(例如 '*.example.com' )然后整个域 example.com 将被信任。", + "clientUpdaterSourceRolesHelp": "条件检查尝试创建/更新客户端的实体的角色以确定是否应用策略。", + "clientUpdaterSourceRolesTooltip": "在客户端注册/更新请求期间检查条件,如果正在创建/更新客户端的实体(通常是用户)是指定角色的成员,则它评估为真。要参考领域角色,您可以使用领域角色名称,如“my_realm_role”。对于参考客户端角色,您可以使用 client_id.role_name 例如“my_client.my_client_role”引用客户端“my_client”的客户端角色“my_client_role”。", + "defaultGroupsHelp": "默认群组允许您在通过<1>identity brokering创建或导入任何新用户时自动分配组成员资格。", + "attributeGeneralSettingsDescription": "此部分包含一些对所有属性通用的基本设置。", + "attributeNameHelp": "要在断言中搜索的属性名称。您可以将此留空并指定一个友好的名称。", + "attributeDisplayNameHelp": "属性的显示名称。它也支持本地化值的键,例如:${profile.attribute.phoneNumber}。", + "attributeGroupHelp": "user.profile.attribute.group.tooltip", + "requiredHelp": "根据需要设置属性。如果启用,该属性必须由用户和管理员设置。否则,该属性是非必需的。", + "attributePermissionDescription": "这部分包含谁可以编辑和谁可以查看属性的权限。", + "whoCanEditHelp": "如果启用,用户或管理员可以查看和编辑属性。否则,用户或管理员无权写入属性。", + "whoCanViewHelp": "如果启用,用户或管理员可以查看该属性。否则,用户或管理员无权访问该属性。", + "editUsername": "如果启用,用户名字段是可编辑的,否则用户名字是只读的。", + "authenticationExplain": "身份验证是您可以配置和管理不同凭证类型的区域。", + "flows": "流程", + "requiredActions": "必需的操作", + "passwordPolicy": "密码策略", + "otpPolicy": "一次性密码策略", + "webauthnPolicy": "Webauthn 策略", + "webauthnPasswordlessPolicy": "Webauthn 无密码策略", + "noPasswordPolicies": "无密码策略", + "noPasswordPoliciesInstructions": "您尚未向该领域添加任何密码策略。添加一个策略以开始。", + "updatePasswordPolicySuccess": "密码策略更新成功", + "updatePasswordPolicyError": "无法更新密码策略:'{{error}}'", + "webAuthnPolicyRpEntityName": "依赖方的名称", + "addPolicy": "添加策略", + "otpType": "一次性密码类型", + "policyType": { + "totp": "基于时间", + "hotp": "基于计数器" + }, + "otpHashAlgorithm": "OTP哈希算法", + "otpPolicyDigits": "位数", + "otpPolicyPeriod": "OTP 令牌周期", + "otpPolicyPeriodErrorHint": "时间需要在 1 秒到 2 分钟之间", + "otpPolicyCodeReusable": "可重复使用的令牌", + "initialCounter": "初始计数器", + "initialCounterErrorHint": "数值需要在 1 到 120 之间", + "supportedApplications": "支持的应用程序", + "otpSupportedApplications": { + "totpAppFreeOTPName": "FreeOTP", + "totpAppGoogleName": "谷歌验证器", + "totpAppMicrosoftAuthenticatorName": "Microsoft 身份验证器" + }, + "updateOtpSuccess": "OTP 策略成功更新", + "updateOtpError": "无法更新 OTP 策略:{{error}}", + "cibaPolicy": "CIBA策略", + "cibaBackchannelTokenDeliveryMode": "反向通道令牌交付模式", + "cibaBackhannelTokenDeliveryModes": { + "poll": "计票", + "ping": "发送回显信息" + }, + "cibaExpiresIn": "过期时间", + "cibaInterval": "间隔", + "cibaAuthRequestedUserHint": "身份验证请求的用户提示", + "updateCibaSuccess": "CIBA 策略更新成功", + "updateCibaError": "无法更新 CIBA 策略:{{error}}", + "webAuthnPolicySignatureAlgorithms": "签名算法", + "webAuthnPolicyRpId": "依赖方ID", + "webAuthnPolicyAttestationConveyancePreference": "证明传输偏好", + "attestationPreference": { + "not specified": "未指定", + "none": "无", + "indirect": "间接", + "direct": "直接" + }, + "webAuthnPolicyAuthenticatorAttachment": "身份验证器附件", + "authenticatorAttachment": { + "not specified": "未指定", + "platform": "平台", + "cross-platform": "跨平台" + }, + "webAuthnPolicyRequireResidentKey": "需要常驻密钥", + "residentKey": { + "not specified": "未指定", + "Yes": "是", + "No": "否" + }, + "webAuthnPolicyUserVerificationRequirement": "用户验证要求", + "userVerify": { + "not specified": "未指定", + "required": "必需", + "preferred": "首选", + "discouraged": "不建议" + }, + "webAuthnPolicyCreateTimeout": "超时", + "webAuthnPolicyCreateTimeoutHint": "超时时间需要在 0 秒到 8 小时之间", + "webAuthnPolicyAvoidSameAuthenticatorRegister": "避免相同的身份验证器注册", + "webAuthnPolicyAcceptableAaguids": "可接受的 AAGUID", + "addAaguids": "添加 AAGUID", + "webAuthnUpdateSuccess": "已成功更新 webauthn 策略", + "webAuthnUpdateError": "由于{{error}},无法更新 webauthn 策略", + "flowName": "流程名称", + "searchForFlow": "搜索流程", + "usedBy": "使用者", + "flowUsedBy": "使用这个流程", + "flowUsedByDescription": "此流程由以下 {{value}} 使用", + "buildIn": "内置", + "appliedByProviders": "由以下提供商应用", + "appliedByClients": "由以下客户应用", + "used": { + "SPECIFIC_PROVIDERS": "特定供应商", + "SPECIFIC_CLIENTS": "特定客户", + "DEFAULT": "默认", + "notInUse": "未使用" + }, + "duplicate": "复制", + "bindFlow": "绑定流程", + "chooseBindingType": "选择绑定的类型", + "flow": { + "browser": "浏览器流程", + "registration": "注册流程", + "direct grant": "直接授权流程", + "reset credentials": "重置凭据流程", + "clients": "客户端认证流程", + "docker auth": "Docker 认证流程" + }, + "editInfo": "编辑信息", + "editFlow": "编辑流程", + "deleteConfirmFlow": "删除流程?", + "deleteConfirmFlowMessage": "您确定要永久删除流程 \"<1>{{flow}}}\"。", + "deleteFlowSuccess": "流程成功删除", + "deleteFlowError": "无法删除流程:{{error}}", + "duplicateFlow": "复制流程", + "deleteConfirmExecution": "删除执行器?", + "deleteConfirmExecutionMessage": "您确定要永久删除执行器\"<1>{{name}}}\"。", + "deleteExecutionSuccess": "执行器成功删除", + "deleteExecutionError": "无法删除执行器:{{error}}", + "updateFlowSuccess": "流程更新成功", + "updateFlowError": "无法更新流程:{{error}}", + "copyOf": "{{name}} 的副本", + "copyFlowSuccess": "流程复制成功", + "copyFlowError": "无法复制流程:{{error}}", + "createFlow": "创建流程", + "flowType": "流程类型", + "flow-type": { + "basic-flow": "通用型", + "form-flow": "表单型" + }, + "top-level-flow-type": { + "basic-flow": "基本流程", + "client-flow": "客户端流程" + }, + "flowCreatedSuccess": "流程已创建", + "flowCreateError": "无法创建流程:{{error}}", + "flowDetails": "流程详情", + "tableView": "表格视图", + "diagramView": "图表视图", + "emptyExecution": "无执行器", + "emptyExecutionInstructions": "您可以通过添加子流程或执行器来开始定义此流程", + "addExecutionTitle": "添加执行器", + "addExecution": "添加执行器", + "addSubFlowTitle": "添加子流程", + "addSubFlow": "添加子流程", + "addStep": "添加步骤", + "addStepTo": "向 {{name}} 添加步骤", + "steps": "步骤", + "requirement": "需求", + "requirements": { + "REQUIRED": "必需", + "ALTERNATIVE": "非必需", + "DISABLED": "禁用", + "CONDITIONAL": "基于一定条件" + }, + "executionConfig": "{{name}} 配置", + "alias": "别名", + "configSaveSuccess": "成功保存执行器的配置", + "configSaveError": "无法保存执行器的配置:{{error}}", + "setAsDefaultAction": "设置为默认操作", + "disabledOff": "禁用状态的关闭", + "updatedRequiredActionSuccess": "必需操作,更新成功", + "updatedRequiredActionError": "无法更新必需的操作:{{error}}", + "createFlowHelp": "您可以在此表单中创建顶级流程", + "flowTypeHelp": "它是一种什么样的形式?", + "topLevelFlowType": "它是什么类型的顶级流程?客户端类型用于客户端(应用程序)的身份验证,而通用型流程用于用户和其他所有内容的验证。", + "addExecutionHelp": "执行可以有多种操作,从发送重置电子邮件到验证 OTP。", + "addSubFlowHelp": "子级流程可以是一般形式的,也可以是表单形式的。表单类型用于构造子流,为用户生成单个流程。子级流程是一种特殊类型的执行,根据它们包含的执行的评估方式评估流程成功与否。", + "aliasHelp": "别名唯一标识身份供应商,它也用于构建重定向 uri。", + "authDefaultActionTooltip": "如果启用,此项操作对于任何新用户都将是必需的操作。", + "otpTypeHelp": "totp 是基于时间的一次性密码。'hotp' 是一种基于计数器的一次性密码,服务器在其中保留一个用于哈希的计数器。", + "webAuthnPolicyRpEntityNameHelp": "便于阅读的 WebAuthn依赖方的服务器名称", + "otpHashAlgorithmHelp": "应该使用什么哈希算法来生成 OTP。", + "otpPolicyDigitsHelp": "OTP 应该有多少位数?", + "otpPolicyPeriodHelp": "OTP 令牌应该多少秒有效?默认为 30 秒。", + "otpPolicyCodeReusableHelp": "验证成功后可以再次使用相同的 OTP 代码。", + "supportedApplicationsHelp": "已知适用于当前 OTP 策略的应用程序", + "webauthnIntro": "这个表格是做什么用的?", + "webAuthnPolicyFormHelp": "WebAuthn 身份验证策略。'WebAuthn Register' 所需操作和'WebAuthn Authenticator' 身份验证器将使用此策略。典型用法是,当 WebAuthn 用于双因素身份验证时。", + "webAuthnPolicyPasswordlessFormHelp": "无密码 WebAuthn 身份验证策略。'Webauthn Register Passwordless' 所需操作和'WebAuthn Passwordless Authenticator' 身份验证器将使用此策略。典型用法是,当 WebAuthn 用作第一因素身份验证时。同时具有 ' WebAuthn Policy' 和 'WebAuthn Passwordless Policy' 允许在同一领域中将 WebAuthn 用作第一因素和第二因素身份验证器。", + "webAuthnPolicySignatureAlgorithmsHelp": "身份验证断言应该使用什么签名算法。", + "webAuthnPolicyRpIdHelp": "这是作为 WebAuthn 依赖方的 ID。它必须是源的有效域。", + "webAuthnPolicyAttestationConveyancePreferenceHelp": "向身份验证者传达如何生成证明声明的偏好。", + "webAuthnPolicyAuthenticatorAttachmentHelp": "向身份验证者传达可接受的附件模式。", + "webAuthnPolicyRequireResidentKeyHelp": "它告诉验证者是否创建公钥凭证作为常驻密钥。", + "webAuthnPolicyUserVerificationRequirementHelp": "与身份验证器通信以确认实际验证用户。", + "webAuthnPolicyCreateTimeoutHelp": "以秒为单位创建用户公钥凭证的超时值。如果设置为 0,则不适应此超时选项。", + "webAuthnPolicyAvoidSameAuthenticatorRegisterHelp": "避免注册已经被注册过的验证器。", + "webAuthnPolicyAcceptableAaguidsHelp": "AAGUID 列表,其中可以注册验证者。", + "密码策略": { + "forceExpiredPasswordChange": "在需要新密码之前,当前密码的有效天数。", + "hashIterations": "密码在存储或验证之前被散列的次数。默认值:27,500。", + "passwordHistory": "防止最近使用的密码被重复使用。", + "passwordBlacklist": "防止使用黑名单文件中的密码。", + "regexPattern": "要求密码匹配一个或多个已定义的正则表达式模式。", + "length": "密码所需的最少字符数。", + "notUsername": "密码不能与用户名相同。", + "notEmail": "密码不能与用户邮箱地址相同。", + "specialChars": "密码字符串中需要的特殊字符的个数。", + "upperCase": "密码字符串中要求的大写字母的个数。", + "lowerCase": "密码字符串中要求的小写字母的个数。", + "digits": "密码字符串中要求的数字的位数。", + "hashAlgorithm": "应用哈希算法的密码不会以明文形式存储。", + "maxLength": "密码中允许的最大字符数。" + }, + "cibaBackchannelTokenDeliveryModeHelp": "指定 CD(消费设备)如何获取身份验证结果和相关令牌。默认情况下,如果没有明确设置其他模式,则 CIBA 客户端将默认使用此模式。", + "cibaExpiresInHelp": "自收到身份验证请求以来 \"auth_req_id\" 的过期时间,时间单位为秒。", + "cibaIntervalHelp": "CD(消费设备)必须在令牌端点的轮询请求之间等待的最短时间(以秒为单位)。如果设置为 0,CD 必须根据 CIBA 规范使用 5 作为默认值。", + "cibaAuthRequestedUserHintHelp": "识别请求身份验证的最终用户的方式。目前仅支持 \"login_hint\"。", + "descriptionLanding": "这是用户联盟登​​陆页面的描述", + "userFederationExplain": "用户联盟提供对外部数据库和目录的访问,例如 LDAP 和 Active Directory。", + "getStarted": "要开始,请从下面的列表中选择一个供应商。", + "addProvider_one": "添加 {{provider}} 身份供应商", + "addProvider_other": "添加 {{provider}} 身份供应商", + "addKerberosWizardTitle": "添加 Kerberos 用户联盟供应商", + "addLdapWizardTitle": "添加 LDAP 用户联盟供应商", + "syncChangedUsers": "同步更改的用户", + "syncAllUsers": "同步所有用户", + "syncLDAPGroupsToKeycloak": "将 LDAP 组同步到 Keycloak", + "syncKeycloakGroupsToLDAP": "将 Keycloak 组同步到 LDAP", + "syncLDAPGroupsSuccessful": "数据已成功同步 {{result}}", + "syncLDAPGroupsError": "由于{{error}},无法同步数据", + "unlinkUsers": "取消链接用户", + "removeImported": "移除导入的数据", + "deleteProvider": "删除供应商?", + "generalOptions": "通用选项", + "vendor": "供应商", + "connectionAndAuthenticationSettings": "连接和身份验证设置", + "connectionURL": "连接地址", + "enableStartTls": "启用 StartTLS", + "useTruststoreSpi": "使用信任库 SPI", + "connectionPooling": "连接池", + "connectionTimeout": "连接超时", + "bindType": "绑定类型", + "bindDn": "绑定 DN", + "bindCredentials": "绑定凭据", + "ldapSearchingAndUpdatingSettings": "LDAP 搜索和更新", + "editMode": "编辑模式", + "usersDN": "用户DN", + "usernameLdapAttribute": "用户名 LDAP 属性", + "rdnLdapAttribute": "RDN LDAP 属性", + "uuidLdapAttribute": "UUID LDAP 属性", + "userObjectClasses": "用户对象类", + "userLdapFilter": "用户 LDAP 过滤器", + "searchScope": "搜索范围", + "readTimeout": "读取超时", + "pagination": "分页", + "synchronizationSettings": "同步设置", + "syncRegistrations": "同步注册", + "importUsers": "导入用户", + "batchSize": "批量处理的数量", + "periodicFullSync": "周期性完全同步", + "fullSyncPeriod": "全同步周期", + "periodicChangedUsersSync": "定期更改用户同步", + "changedUsersSyncPeriod": "更改用户同步周期", + "kerberosIntegration": "Kerberos 集成", + "allowKerberosAuthentication": "允许 Kerberos 身份验证", + "useKerberosForPasswordAuthentication": "使用 Kerberos 进行密码验证", + "cacheSettings": "缓存设置", + "cachePolicy": "缓存策略", + "evictionDay": "清除的日期", + "evictionHour": "清除的时间(小时)", + "evictionMinute": "清除的时间(分钟)", + "maxLifespan": "最大寿命", + "ms": "毫秒", + "enableLdapv3Password": "启用 LDAPv3 密码修改扩展操作", + "validatePasswordPolicy": "验证密码策略", + "trustEmail": "信任邮箱", + "requiredSettings": "所需设置", + "kerberosRealm": "Kerberos 领域", + "serverPrincipal": "服务器主体", + "keyTab": "按键标签", + "debug": "调试", + "allowPasswordAuthentication": "允许密码验证", + "updateFirstLogin": "首次登录时更新用户档案", + "never": "从不", + "onlyLdaps": "仅适用于 ldaps", + "oneLevel": "一级", + "subtree": "子数", + "queryExtensions": "查询支持的扩展", + "testAuthentication": "测试认证", + "testSuccess": "成功连接到 LDAP", + "testError": "尝试连接到 LDAP 时出错。有关详细信息,请参阅 server.log.{{error}}", + "managePriorities": "管理优先级", + "managePriorityOrder": "管理优先顺序", + "managePriorityInfo": "优先级是供应商在进行用户查找时的顺序。您可以拖动用户联盟供应商所在的行来更改优先级。", + "orderChangeSuccess": "成功更改身份供应商的显示顺序", + "orderChangeError": "无法更改身份供应商的显示顺序 {{error}}", + "addNewProvider": "添加新供应商", + "addCustomProvider": "添加自定义供应商", + "providerDetails": "供应商详情", + "userFedDeletedSuccess": "用户联盟供应商已被删除。", + "userFedDeleteError": "无法删除用户联盟供应商,因为:'{{error}}'", + "userFedDeleteConfirmTitle": "删除用户联盟供应商?", + "userFedDeleteConfirm": "如果您删除此用户联盟供应商,所有相关数据都将被删除。", + "userFedDisableConfirmTitle": "禁用用户联盟供应商?", + "userFedDisableConfirm": "如果您禁用此用户联盟供应商,它将不会被考虑用于查询,导入的用户将被禁用且只读,直到再次启用该供应商。", + "userFedUnlinkUsersConfirmTitle": "取消链接所有用户?", + "userFedUnlinkUsersConfirm": "您想取消所有用户的链接吗?数据库中没有密码的用户将无法再进行身份验证。", + "removeImportedUsers": "移除导入的用户?", + "removeImportedUsersMessage": "您真的要移除所有导入的用户吗?选项\"取消链接用户\"仅对编辑模式\"未同步\"有意义,Keycloak 数据库中的密码将无法进行身份验证。", + "removeImportedUsersSuccess": "导入的用户已被移除。", + "removeImportedUsersError": "由于:'{{error}}',无法移除导入的用户。", + "syncUsersSuccess": "用户同步成功完成。", + "syncUsersError": "无法同步用户:'{{error}}'", + "unlinkUsersSuccess": "取消用户链接成功完成。", + "unlinkUsersError": "无法取消链接用户:'{{error}}'", + "validateRealm": "您必须进入一个领域", + "validateServerPrincipal": "您必须输入服务器主体", + "validateKeyTab": "您必须输入一个键位", + "validateConnectionUrl": "您必须输入连接 URL", + "validateBindDn": "您必须输入 LDAP 管理员的 DN", + "validateBindCredentials": "您必须输入 LDAP 管理员的密码", + "validateUuidLDAPAttribute": "您必须输入 UUID LDAP 属性", + "validateUserObjectClasses": "您必须输入一个或多个用户对象类", + "validateEditMode": "您必须选择一种编辑模式", + "validateUsersDn": "您必须输入用户DN", + "validateUsernameLDAPAttribute": "您必须输入用户名 LDAP 属性", + "validateRdnLdapAttribute": "您必须输入 RDN LDAP 属性", + "validateCustomUserSearchFilter": "过滤器必须用英文括号括起来,例如:(filter)", + "mapperTypeMsadUserAccountControlManager": "msad-user-account-control-mapper", + "mapperTypeMsadLdsUserAccountControlMapper": "msad-user-account-control-mapper", + "mapperTypeGroupLdapMapper": "group-ldap-mapper", + "mapperTypeUserAttributeLdapMapper": "user-attribute-ldap-mapper", + "mapperTypeRoleLdapMapper": "role-ldap-mapper", + "mapperTypeHardcodedAttributeMapper": "hardcoded-attribute-mapper", + "mapperTypeHardcodedLdapRoleMapper": "hardcoded-ldap-role-mapper", + "mapperTypeCertificateLdapMapper": "certificate-ldap-mapper", + "mapperTypeFullNameLdapMapper": "fullname-ldap-mapper", + "mapperTypeHardcodedLdapGroupMapper": "hardcoded-ldap-group-mapper", + "mapperTypeLdapAttributeMapper": "hardcoded-ldap-attribute-mapper", + "ldapMappersList": "LDAP 映射器", + "ldapFullNameAttribute": "LDAP 全名属性", + "writeOnly": "只写", + "ldapGroupsDn": "LDAP 群组的DN", + "groupNameLdapAttribute": "群组名称的 LDAP 属性", + "groupObjectClasses": "分组对象类", + "preserveGroupInheritance": "保留群组继承", + "ignoreMissingGroups": "忽略缺失的群组", + "userGroupsRetrieveStrategy": "用户群组检索策略", + "mappedGroupAttributes": "映射组属性", + "dropNoexistingGroupsDuringSync": "在同步期间删除不存在的群组", + "groupsPath": "群组路径", + "membershipLdapAttribute": "成员身份的 LDAP 属性", + "membershipAttributeType": "成员属性类型", + "membershipUserLdapAttribute": "会员用户的 LDAP 属性", + "ldapFilter": "LDAP 过滤器", + "mode": "模式", + "memberofLdapAttribute": "LDAP 成员属性", + "ldapRolesDn": "LDAP 角色的 DN", + "roleNameLdapAttribute": "角色名称的 LDAP 属性", + "roleObjectClasses": "角色对象类", + "userRolesRetrieveStrategy": "用户角色检索策略", + "useRealmRolesMapping": "使用领域角色映射", + "ldapAttributeName": "LDAP 属性名称", + "ldapAttributeValue": "LDAP 属性值", + "userModelAttribute": "用户模型属性", + "ldapAttribute": "LDAP 属性", + "readOnly": "只读", + "alwaysReadValueFromLdap": "始终从 LDAP 读取值", + "isMandatoryInLdap": "在 LDAP 中是强制性的", + "attributeDefaultValue": "属性默认值", + "isBinaryAttribute": "这是二进制属性", + "derFormatted": "DER 格式", + "passwordPolicyHintsEnabled": "已启用密码策略提示", + "userModelAttributeName": "用户模型属性名", + "attributeValue": "属性值", + "selectRole": { + "label": "选择角色", + "tooltip": "在左侧的文本框中输入角色,或单击此按钮浏览并选择所需的角色。" + }, + "group": "群组", + "providerType": "供应商类型", + "parentId": "父级ID", + "kerberosPrincipal": "Kerberos 主体", + "kerberosKeyTab": "Kerberos 密钥选项卡", + "addKerberosWizardDescription": "此处需要文本", + "addLdapWizardDescription": "此处需要文本", + "ldapGeneralOptionsSettingsDescription": "此部分包含一些对所有用户存储供应商通用的基本选项。", + "uiDisplayNameHelp": "在管理 UI 中链接时显示供应商的名称", + "vendorHelp": "LDAP 供应商(供应商)", + "ldapConnectionAndAuthorizationSettingsDescription": "此部分包含与 LDAP 服务器连接配置相关的选项。它还包含与 LDAP 服务器的 LDAP 连接身份验证相关的选项。", + "consoleDisplayConnectionUrlHelp": "您的 LDAP 服务器的连接 URL", + "enableStartTlsHelp": "使用 STARTTLS 加密与 LDAP 的连接,这将禁用连接池", + "useTruststoreSpiHelp": "指定 LDAP 连接是否将使用 Truststore SPI 以及在 standalone.xml/domain.sml 中配置的信任库。'始终' 表示它将始终使用它。'始终不' 表示它不会使用它。' 仅适用于ldaps' 意味着如果您的连接 URL 使用 ldaps,它将使用它。请注意,即使未配置 standalone.xml/domain.xml,'javax.net.ssl.trustStore' 属性指定的默认 java cacerts 或证书将会被使用。", + "connectionPoolingHelp": "确定 Keycloak 是否应该使用连接池来访问 LDAP 服务器。", + "connectionTimeoutHelp": "LDAP 连接超时毫秒数", + "bindTypeHelp": "在 LDAP 绑定操作期间使用的身份验证方法的类型。它用于发送到 LDAP 服务器的大多数请求。目前只有'无'(匿名 LDAP 身份验证)或'简单'(绑定凭据+绑定密码身份验证)机制可用。", + "bindDnHelp": "LDAP 管理员的 DN,Keycloak 将使用它来访问 LDAP 服务器", + "bindCredentialsHelp": "LDAP 管理员的密码。该字段可以从保险库中获取其值,使用 ${vault.ID} 格式。", + "ldapSearchingAndUpdatingSettingsDescription": "此部分包含与在 LDAP 服务器中搜索可用用户相关的选项。", + "editModeLdapHelp": "READ_ONLY 是一个只读的 LDAP 存储。WRITABLE 意味着数据将按需同步回 LDAP。UNSYNCED 意味着用户数据将被导入,但不会同步回 LDAP。", + "usersDNHelp": "您的用户所在的 LDAP 树的完整 DN。此 DN 是 LDAP 用户的父级。它可能是例如 'ou=users,dc=example,dc=com' 假设您的典型用户将具有 DN像 'uid='john',ou=users,dc=example,dc=com'。", + "usernameLdapAttributeHelp": "LDAP 属性的名称,映射为 Keycloak 用户名。对于许多 LDAP 服务器供应商,它可以是 'uid'。对于 Active directory,它可以是 'sAMAccountName' 或 'cn'。应该为您要从 LDAP 导入 Keycloak 的所有 LDAP 用户记录。", + "rdnLdapAttributeHelp": "LDAP 属性的名称,用作典型用户 DN 的 RDN(顶级属性)。通常它与用户名 LDAP 属性相同,但不是必需的。例如对于 Active directory,它很常见当用户名属性可能是“sAMAccountName”时使用“cn”作为 RDN 属性。", + "uuidLdapAttributeHelp": "LDAP 属性的名称,用作 LDAP 中对象的唯一对象标识符 (UUID)。对于许多 LDAP 服务器供应商,它是 'entryUUID';但有些是不同的。例如,对于 Active directory它应该是“objectGUID”。如果您的 LDAP 服务器不支持 UUID 的概念,您可以使用任何其他应该在树中的 LDAP 用户中唯一的属性。例如“uid”或“entryDN”。", + "userObjectClassesHelp": "LDAP 中用户的 LDAP objectClass 属性的所有值,以英文逗号分隔。例如:'inetOrgPerson,organizationalPerson'。新创建的 Keycloak 用户将与所有这些对象类一起写入 L​​DAP,并找到现有的 LDAP 用户记录只要它们包含所有这些对象类。", + "userLdapFilterHelp": "额外的 LDAP 过滤器,用于过滤搜索到的用户。如果您不需要额外的过滤器,请将此留空。确保它以 '(' 开头并以 ')' 结尾。", + "searchScopeHelp": "对于一个级别,搜索仅适用于用户 DN 指定的 DN 中的用户。对于子树,搜索适用于整个子树。有关更多详细信息,请参阅 LDAP 文档。", + "readTimeoutHelp": "LDAP 读取超时,以毫秒为单位。此超时适用于 LDAP 读取操作。", + "paginationHelp": "LDAP服务器是否支持分页", + "ldapSynchronizationSettingsDescription": "此部分包含与用户从 LDAP 同步到 Keycloak 数据库相关的选项。", + "syncRegistrationsHelp": "新创建的用户应该在 LDAP 存储中创建吗?优先影响选择哪个供应商来同步新用户。此设置仅适用于可写的编辑模式。", + "importUsersHelp": "如果为真,LDAP 用户将被导入 Keycloak 数据库并通过配置的同步策略进行同步。", + "batchSizeHelp": "在单个事务中从 LDAP 导入 Keycloak 的 LDAP 用户数", + "periodicFullSyncHelp": "是否应启用 LDAP 用户与 Keycloak 的定期完全同步", + "fullSyncPeriodHelp": "以秒为单位的完全同步周期", + "periodicChangedUsersSyncHelp": "是否应启用将已更改或新创建的 LDAP 用户定期同步到 Keycloak", + "changedUsersSyncHelp": "以秒为单位同步更改或新创建的 LDAP 用户的周期", + "ldapKerberosSettingsDescription": "此部分包含对 Kerberos 集成有用的选项。这仅在 LDAP 服务器与 Kerberos/SPNEGO 一起用于用户身份验证时使用。", + "allowKerberosAuthenticationHelp": "使用 SPNEGO/Kerberos 令牌启用/禁用用户的 HTTP 身份验证。有关经过身份验证的用户的数据将从该 LDAP 服务器提供。", + "useKerberosForPasswordAuthenticationHelp": "用户 Kerberos 登录模块用于根据 Kerberos 服务器验证用户名/密码,而不是使用目录服务 API 验证 LDAP 服务器", + "cacheSettingsDescription": "此部分包含对缓存用户有用的选项,这些选项是从此用户存储提供程序加载的。", + "cachePolicyHelp": "此存储提供程序的缓存策略。'DEFAULT' 是全局缓存的默认设置。'EVICT_DAILY' 是每天缓存失效的时间。'EVICT_WEEKLY' 是一天缓存将失效的星期和时间。'MAX_LIFESPAN' 是以毫秒为单位的时间,它将成为缓存条目的生命周期。", + "evictionDayHelp": "准入许可将在星期几失效", + "evictionHourHelp": "准入许可将在几点失效", + "evictionMinuteHelp": "准入许可将在哪一分钟失效", + "maxLifespanHelp": "缓存条目的最大寿命(以毫秒为单位)", + "ldapAdvancedSettingsDescription": "此部分包含用于更精细地配置 LDAP 存储提供程序的所有其他选项。", + "enableLdapv3PasswordHelp": "使用 LDAPv3 密码修改扩展操作 (RFC-3062)。密码修改扩展操作通常要求 LDAP 用户已经在 LDAP 服务器中拥有密码。因此当它与“同步注册”一起使用时,它可以是还可以添加带有随机生成的初始密码的“硬编码 LDAP 属性映射器”。", + "validatePasswordPolicyHelp": "确定 Keycloak 是否应该在更新之前使用领域密码策略验证密码", + "trustEmailHelp": "如果启用,即使为领域启用了验证,也不会验证此提供商提供的电子邮件。", + "IDK-periodicChangedUsersSyncHelp": "新创建的用户应该在 LDAP 存储中创建吗?优先级会影响选择哪个提供商来同步新用户。", + "kerberosWizardDescription": "此处需要文本。", + "kerberosRequiredSettingsDescription": "此部分包含一些对所有用户存储提供商通用的基本选项。", + "kerberosRealmHelp": "kerberos 领域的名称。例如,FOO.ORG", + "serverPrincipalHelp": "HTTP 服务的服务器主体全名,包括服务器和域名。例如,HTTP/host.foo.org@FOO.ORG", + "keyTabHelp": "包含服务器主体凭据的 Kerberos KeyTab 文件的位置。例如,/etc/krb5.keytab", + "debugHelp": "为 Krb5LoginModule 启用/禁用调试日志记录到标准输出。", + "allowPasswordAuthenticationHelp": "启用/禁用针对 Kerberos 数据库的用户名/密码身份验证的可能性", + "editModeKerberosHelp": "“只读”表示不允许更新密码,用户始终使用 Kerberos 密码进行身份验证。“未同步”表示用户可以更改 Keycloak 数据库中的密码,并且将使用此密码代替 Kerberos 密码。", + "updateFirstLoginHelp": "首次登录时更新配置文件", + "mapperTypeMsadUserAccountControlManagerHelp": "映射器特定于 MSAD。它能够将 MSAD 用户帐户状态集成到 Keycloak 帐户状态(帐户已启用,密码已过期等)。它为此使用 userAccountControl 和 pwdLastSet MSAD 属性。例如,如果 pwdLastSet 为 0, Keycloak 用户需要更新密码;如果 userAccountControl 为 514(禁用帐户),则 Keycloak 用户也被禁用等。Mapper 还能够处理来自 LDAP 用户身份验证的异常代码。", + "mapperTypeMsadLdsUserAccountControlMapperHelp": "特定于 MSAD LDS 的映射器。它能够将 MSAD LDS 用户帐户状态集成到 Keycloak 帐户状态(帐户已启用,密码已过期等)。它使用 msDS-UserAccountDisabled 并且 pwdLastSet 为 0,需要 Keycloak 用户更新密码,如果 msDS-UserAccountDisabled 为“TRUE”,则 Keycloak 用户也被禁用等。Mapper 还能够处理来自 LDAP 用户身份验证的异常代码。", + "mapperTypeGroupLdapMapperHelp": "用于将群组的组映射从一些 LDAP DN 映射到 Keycloak 群组映射", + "mapperTypeRoleLdapMapperHelp": "用于将角色的角色映射从某些 LDAP DN 映射到领域角色或特定客户端的客户端角色的 Keycloak 角色映射", + "mapperTypeHardcodedAttributeMapperHelp": "当从 LDAP 导入用户时,此映射器将对任何模型用户属性和某些属性(如 emailVerified 或启用)进行硬编码。", + "mapperTypeHardcodedLdapRoleMapperHelp": "从 LDAP 导入的用户将自动添加到这个配置的角色中。", + "mapperTypeCertificateLdapMapperHelp": "用于将包含来自 LDAP 用户的证书的单个属性映射到 Keycloak DB 中 UserModel 的属性", + "mapperTypeFullNameLdapMapperHelp": "用于将用户的全名从 LDAP 中的单个属性(通常是 'cn' 属性)映射到 Keycloak DB 中 UserModel 的 firstName 和 lastName 属性", + "mapperTypeHardcodedLdapGroupMapperHelp": "从 LDAP 导入的用户将自动添加到这个配置的组中。", + "mapperTypeLdapAttributeMapperHelp": "仅当启用了 syncRegistrations 时才支持此映射器。在 Keycloak 中注册的新用户将使用某些指定属性的硬编码值写入 LDAP。", + "passwordPolicyHintsEnabledHelp": "仅适用于可写 MSAD。如果打开,则更新 MSAD 用户的密码将使用 LDAP_SERVER_POLICY_HINTS_OID 扩展,这意味着将应用高级 MSAD 密码策略,如“密码历史”或“最小密码使用期限”。此扩展有效仅适用于 MSAD 2008 R2 或更新版本。", + "nameHelpHelp": "映射器名称", + "mapperTypeHelp": "用于将 LDAP 用户的单个属性映射到 Keycloak DB 中 UserModel 的属性", + "userModelAttributeHelp": "UserModel 属性的名称或要将 LDAP 属性映射到的属性。例如'firstName'、'lastName、'email'、'street' 等。", + "ldapAttributeHelp": "LDAP 对象上映射属性的名称。例如 'cn'、'sn'、'mail'、'street' 等。", + "readOnlyHelp": "只读属性从 LDAP 导入到 UserModel,但当用户在 Keycloak 中更新时,它不会保存回 LDAP。", + "alwaysReadValueFromLdapHelp": "如果启用,那么在读取 LDAP 属性值期间将始终使用而不是来自 Keycloak DB 的值。", + "isMandatoryInLdapHelp": "如果为真,属性在 LDAP 中是强制性的。因此,如果 Keycloak DB 中没有值,则传播到LDAP的值将被设置为空值。", + "attributeDefaultValueHelp": "如果 Keycloak 数据库中没有值并且属性在 LDAP 中是强制性的,则该值将传播到 LDAP。", + "isBinaryAttributeHelp": "二进制 LDAP 属性应为真。", + "derFormattedHelp": "如果证书在 LDAP 中是 DER 格式而不是 PEM 格式,请激活它。", + "ldapFullNameAttributeHelp": "LDAP 属性的名称,包含用户的全名。通常为'cn'。", + "fullNameLdapReadOnlyHelp": "对于只读条目,数据从 LDAP 导入到 Keycloak 数据库,但当用户在 Keycloak 中更新时,数据不会保存回 LDAP。", + "fullNameLdapWriteOnlyHelp": "对于只写条目,当在 Keycloak 中创建或更新用户时,数据将传播到 LDAP。但此映射器不用于将数据从 LDAP 传播回 Keycloak。如果您配置了单独的 firstName 和lastName 属性映射器,您想使用它们将 LDAP 中的属性读入 Keycloak。", + "ldapGroupsDnHelp": "保存此树的群组的 LDAP DN。例如 'ou=groups,dc=example,dc=org'", + "groupNameLdapAttributeHelp": "LDAP 属性的名称,在组对象中用于组的名称和 RDN。通常为 'cn'。在这种情况下,典型的组/角色对象可能具有 DN,如 'cn=Group1,ouu=组,dc=example,dc=org'。", + "groupObjectClassesHelp": "群组对象的对象类(或多个类)。如果需要更多类,则用英文逗号分隔。在典型的 LDAP 部署中,它可能是'groupOfNames'。在 Active Directory 中,它通常是'组'。", + "preserveGroupInheritanceHelp": "标记从LDAP继承的群组是否应该传播到Keycloak?如果为假,那么所有LDAP组将被映射为Keycloak中的顶级群组。否则,群组继承将保留到Keycloak中。但如果LDAP结构包含递归或每个子组包含多个父组,则组同步可能会失败。 但组同步可能会失败如果 LDAP 结构包含递归或每个子组包含多个父组。", + "ignoreMissingGroupsHelp": "忽略群组层次结构中缺失的群组。", + "userGroupsRetrieveStrategyHelp": "指定如何检索用户组。LOAD_GROUPS_BY_MEMBER_ATTRIBUTE 表示将通过发送 LDAP 查询来检索用户角色,以检索“成员”是否是用户的所有群组。GET_GROUPS_FROM_USER_MEMBEROF_ATTRIBUTE 表示将从“memberOf”检索用户组'我们用户的属性或来自'Member-Of LDAP Attribute'指定的其他属性。", + "mappedGroupAttributesHelp": "以英文逗号分隔的属性名称列表。这指向 LDAP 中组的属性列表,它将在 Keycloak 中映射为群组的属性。如果不需要额外的组属性映射,请在Keycloak留空。", + "dropNonexistingGroupsDuringSyncHelp": "如果这个标志为真,那么在从 LDAP 到 Keycloak 的群组同步期间,我们将只保留那些仍然存在于 LDAP 中的 Keycloak 组。其余的将被删除。", + "groupsPathHelp": "将 LDAP 组添加到的 Keycloak 组路径。例如,如果使用值 '/Applications/App1',则 LDAP 组将在组 'App1' 下的 Keycloak 中可用,该组是顶级组'Applications'的子级 。默认值为“/”,因此 LDAP 组将映射到顶层的 Keycloak 组。创建此映射器时,配置的组路径必须已经存在于 Keycloak 中。", + "ldapRolesDnHelp": "保存此树的角色的 LDAP DN。例如,'ou=finance,dc=example,dc=org'", + "roleNameLdapAttributeHelp": "LDAP 属性的名称,在角色对象中用于角色的名称和 RDN。通常为 'cn'。在这种情况下,典型的组/角色对象可能具有 DN,如 'cn=role1,ou=finance,dc=example,dc=org'。", + "roleObjectClassesHelp": "角色对象的对象类(或多个类)。如果需要更多类,则用英文逗号分隔。在典型的 LDAP 部署中,它可能是 'groupOfNames'。在 Active Directory 中,它通常是 'group'。", + "userRolesRetrieveStrategyHelp": "指定如何检索用户的角色。LOAD_ROLES_BY_MEMBER_ATTRIBUTE 表示将通过发送 LDAP 查询来检索用户的角色,以检索 'member' 是否是我们用户的所有角色。GET_ROLES_FROM_USER_MEMBEROF 表示将从 'memberOf' 检索用户的角色' 我们用户的属性。或来自“LDAP 成员属性”指定的其他属性。LOAD_ROLES_BY_MEMBER_ATTRIBUTE 仅适用于 Active Directory,这意味着将使用 LDAP_MATCHING_RULE_IN_CHAIN LDAP 扩展递归检索用户角色。", + "useRealmRolesMappingHelp": "如果为真,则 LDAP 角色映射将映射到 Keycloak 中的领域角色映射。否则它将映射到客户端角色映射。", + "clientIdHelpHelp": "LDAP 角色映射将映射到的客户端的客户端ID。仅当'使用领域角色映射'为假时适用。", + "membershipLdapAttributeHelp": "组上 LDAP 属性的名称,用于成员映射。通常它将是 'member'。但是当'Membership Attribute Type' 是 'UID' 时,'Membership LDAP Attribute' 通常可以是 'memberUid ',", + "membershipAttributeTypeHelp": "DN 表示 LDAP 组以其完整 DN 的形式声明其成员。例如'member: uid=john,ou=users,dc=example,dc=com'。UID 表示 LDAP 组具有它的成员以纯用户 uid 的形式声明。例如 'memberUid: john'。", + "membershipUserLdapAttributeHelp": "仅在成员身份属性类型为 UID 时使用。它是用户的 LDAP 属性的名称,用于成员身份映射。通常为“uid”。例如,如果“成员身份用户 LDAP”的值属性'是'uid',LDAP 组有'memberUid: john',那么预计特定的LDAP 用户将有属性'uid: john'。", + "ldapFilterHelp": "LDAP Filter 为检索 LDAP 组的整个查询添加了一个额外的自定义过滤器。如果不需要额外的过滤并且您想从 LDAP 中检索所有组,请将此留空。否则请确保过滤器以'('开头并以 ')' 结尾。", + "modeHelp": "LDAP_ONLY 表示用户的所有组映射都从 LDAP 检索并保存到 LDAP。READ_ONLY 是只读 LDAP 模式,其中组映射从 LDAP 和数据库检索并合并在一起。新的组加入不会保存到LDAP 但到 DB。IMPORT 是只读 LDAP 模式,其中在从 LDAP 导入用户时从 LDAP 检索组映射,然后将它们保存到本地 keycloak DB。", + "memberofLdapAttributeHelp": "仅在“用户角色检索策略”为 GET_GROUPS_FROM_USER_MEMBEROF_ATTRIBUTE 时使用。它指定 LDAP 用户的 LDAP 属性名称,其中包含用户所属的组。通常它将是默认的“memberOf” ',", + "userModelAttributeNameHelp": "从 LDAP 导入用户时要添加的模型属性的名称", + "attributeValueHelp": "属性必须具有的值。如果属性是列表,则该值必须包含在列表中。", + "roleHelpHelp": "授予用户的角色。单击“选择角色”按钮浏览角色,或直接在文本框中键入。要引用应用程序角色,语法为 appname.approle,即 myapp.myrole。", + "groupHelp": "要添加用户的群组。填写群组的完整路径,包括路径。例如:'/root-group/child-group'。", + "ldapAttributeNameHelp": "LDAP 属性的名称,将在注册期间添加到新用户", + "ldapAttributeValueHelp": "LDAP 属性的值,将在注册期间添加到新用户。您可以硬编码任何值,如 'foo',但您也可以使用一些特殊标记。目前唯一支持的标记是 '${ RANDOM}',它将被一些随机生成的字符串替换。", + "listExplain": "身份供应商是允许用户向 Keycloak 进行身份验证的社交网络或身份代理。", + "searchForProvider": "搜索供应商", + "addIdPMapper": "添加身份供应商映射器", + "editIdPMapper": "编辑身份供应商映射器", + "mappersList": "映射器列表", + "noMappers": "没有映射器", + "noMappersInstructions": "目前没有此身份供应商的映射器。", + "addKeycloakOpenIdProvider": "添加 Keycloak OpenID Connect 供应商", + "addOpenIdProvider": "添加 OpenID Connect 供应商", + "addSamlProvider": "添加 SAML 供应商", + "manageDisplayOrder": "管理显示顺序", + "deleteProviderMapper": "删除映射器?", + "deleteMapperConfirm": "您确定要永久删除映射器 {{mapper}} 吗?", + "deleteMapperSuccess": "映射器成功删除。", + "disableProvider": "禁用供应商?", + "disableSuccess": "供应商已成功禁用", + "disableError": "无法禁用供应商 {{error}}", + "addIdentityProvider": "添加 {{provider}} 供应商", + "redirectURI": "重定向 URI", + "samlEndpointsLabel": "SAML 2.0 服务供应商元数据", + "orderDialogIntro": "供应商在登录页面或帐户 UI 中的排列顺序。您可以拖动行句柄来更改顺序。", + "manageOrderTableAria": "按照登录页面列出的顺序排列的身份供应商列表", + "useDiscoveryEndpoint": "使用发现端点", + "discoveryEndpoint": "发现端点", + "useEntityDescriptor": "使用实体描述符", + "samlEntityDescriptor": "SAML 实体描述符", + "ssoServiceUrl": "单点登录服务 URL", + "singleLogoutServiceUrl": "单一注销服务URL", + "nameIdPolicyFormat": "NameID 策略格式", + "persistent": "持续", + "transient": "瞬时", + "x509": "X.509 主题名称", + "windowsDomainQN": "窗口域名限定名", + "unspecified": "未指定", + "principalType": "主体类型", + "principalAttribute": "主体属性", + "allowCreate": "允许创建", + "subjectNameId": "主题名称ID​​", + "attributeFriendlyName": "属性 [友好名称]", + "claim": "声明", + "claimValue": "声明价值", + "claims": "声明", + "socialProfileJSONFieldPath": "社交资料 JSON 字段路径", + "mapperAttributeName": "属性名称", + "mapperUserAttributeName": "用户属性名称", + "mapperAttributeFriendlyName": "友好名称", + "httpPostBindingResponse": "HTTP-POST 绑定响应", + "httpPostBindingAuthnRequest": "验证请求的 HTTP-POST 绑定", + "httpPostBindingLogout": "HTTP-POST 绑定注销", + "wantAuthnRequestsSigned": "需要签名的验证请求", + "encryptionAlgorithm": "加密算法", + "samlSignatureKeyName": "SAML 签名密钥名称", + "wantAssertionsSigned": "需要签名的声明", + "wantAssertionsEncrypted": "需要声明加密", + "forceAuthentication": "强制认证", + "validatingX509Certs": "验证 X509 证书", + "signServiceProviderMetadata": "签署服务提供商元数据", + "passSubject": "传递主题", + "serviceProviderEntityId": "服务供应商实体ID", + "identityProviderEntityId": "身份供应商实体 ID", + "importConfig": "从文件导入配置", + "showMetaData": "显示元数据", + "hideMetaData": "隐藏元数据", + "noValidMetaDataFound": "在此 URL 中未找到有效的元数据:'{{error}}'", + "metadataOfDiscoveryEndpoint": "发现终端节点的元数据", + "authorizationUrl": "授权地址", + "passLoginHint": "传递登录提示", + "passMaxAge": "通过 max_age", + "passCurrentLocale": "传递当前语言环境", + "tokenUrl": "令牌网址", + "logoutUrl": "注销地址", + "backchannelLogout": "后台注销", + "disableUserInfo": "禁用用户信息", + "userInfoUrl": "用户信息网址", + "issuer": "发行人", + "prompt": "提示", + "prompts": { + "unspecified": "未指定", + "none": "无", + "consent": "许可", + "login": "登录", + "select_account": "选择账户" + }, + "clientAuthentications": { + "client_secret_post": "客户机密作为邮件发送", + "client_secret_basic": "作为基本身份验证发送的客户端机密", + "client_secret_jwt": "作为 jwt 的客户端秘密", + "private_key_jwt": "用私钥签名的 JWT" + }, + "clientAssertionSigningAlg": "客户端断言签名算法", + "algorithmNotSpecified": "未指定算法", + "acceptsPromptNone": "接受来自客户端的提示,相当于无转发。", + "validateSignature": "验证签名", + "validatingPublicKey": "验证公钥", + "validatingPublicKeyId": "验证公钥 ID", + "pkceEnabled": "使用 PKCE", + "pkceMethod": "PKCE 方法", + "allowedClockSkew": "允许的时间偏差", + "attributeConsumingServiceIndex": "属性消费服务指数", + "attributeConsumingServiceName": "属性消费服务名称", + "forwardParameters": "转发查询参数", + "oidcSettings": "OpenID 连接设置", + "samlSettings": "SAML 设置", + "reqAuthnConstraints": "请求的上下文约束", + "keyID": "KEY_ID", + "NONE": "无", + "certSubject": "CERT_SUBJECT", + "storeTokens": "存储代币", + "storedTokensReadable": "存储的令牌可读", + "comparison": "对比", + "authnContextClassRefs": "验证上下文类参考", + "addAuthnContextClassRef": "添加验证上下文类参考", + "authnContextDeclRefs": "验证上下文的否定参考", + "addAuthnContextDeclRef": "添加验证上下文的否定参考", + "accountLinkingOnly": "仅账户链接", + "hideOnLoginPage": "在登录页面隐藏", + "firstBrokerLoginFlowAlias": "首次登录流程", + "postBrokerLoginFlowAlias": "登录后流程", + "syncMode": "同步模式", + "syncModes": { + "inherit": "继承", + "import": "导入", + "legacy": "引用", + "force": "强制" + }, + "syncModeOverride": "同步模式覆盖", + "regexAttributeValues": "正则表达式属性值", + "regexClaimValues": "正则表达式声明值", + "mapperSaveSuccess": "映射器保存成功。", + "mapperSaveError": "保存映射器时出错:{{error}}", + "userAttribute": "用户属性", + "userAttributeValue": "用户属性值", + "userSessionAttribute": "用户会话属性", + "userSessionAttributeValue": "用户会话属性值", + "target": "目标", + "targetOptions": { + "local": "本地", + "brokerId": "BROKER_ID", + "brokerUsername": "BROKER_USERNAME" + }, + "baseUrl": "基本网址", + "apiUrl": "API 网址", + "facebook": { + "fetchedFields": "其他用户的个人资料字段" + }, + "google": { + "hostedDomain": "托管域", + "userIp": "使用 userIp 参数", + "offlineAccess": "请求刷新令牌" + }, + "paypal": { + "sandbox": "目标沙箱" + }, + "stackoverflow": { + "key": "密钥" + }, + "linkedin": { + "profileProjection": "开放用户资料" + }, + "redirectURIHelp": "配置身份供应商时使用的重定向 uri。", + "clientSecretHelp": "向身份供应商注册的客户端密码。该字段可以从保险库中获取其值,使用 ${vault.ID} 格式。", + "displayOrderHelp": "数字定义供应商在 GUI 中的顺序(例如,在登录页面上)。最小的数字将首先被应用。", + "useDiscoveryEndpointHelp": "如果启用此设置,发现端点将用于获取供应商配置。Keycloak 可以从终端节点加载配置并在源有任何更新时自动更新配置", + "discoveryEndpointHelp": "从远程 IDP 发现描述符导入元数据。", + "importConfigHelp": "从下载的 IDP 发现描述符中导入元数据。", + "passLoginHintHelp": "将 login_hint 传递给身份供应商。", + "passMaxAgeHelp": "将 max_age 传递给身份供应商。", + "passCurrentLocaleHelp": "将当前语言环境作为 ui_locales 参数传递给身份供应商。", + "logoutUrlHelp": "结束用于从外部 IDP 注销用户的会话端点。", + "backchannelLogoutHelp": "外部 IDP 是否支持后台注销?", + "disableUserInfoHelp": "禁止使用用户信息服务来获取额外的用户信息?默认是使用这个 OIDC 服务。", + "userInfoUrlHelp": "用户信息 Url。这是可选的。", + "issuerHelp": "响应发布者的发布者标识符。如果未提供,则不会执行任何验证。", + "promptHelp": "指定授权服务器是否提示最终用户重新验证和授权。", + "acceptsPromptNoneHelp": "这只是与身份供应商验证器一起使用,或者当kc_idp_hint指向这个身份供应商时。如果客户端发送一个prompt=none的请求并且用户还没有被认证,错误将不会直接返回给客户端, 但带有 prompt=none 的请求将被转发给这个身份供应商。", + "validateSignatureHelp": "启用/禁用外部 IDP 签名的签名验证。", + "validatingPublicKeyHelp": "必须用于验证外部 IDP 签名的 PEM 格式的公钥。", + "validatingPublicKeyIdHelp": "如果是密钥 ID,则上面给出的验证公钥的显式 ID。如果上面的密钥被始终使用,则可以留空,不管外部 IDP 指定的密钥 ID。如果密钥仅用于验证,则设置它如果来自外部 IDP 的密钥 ID 匹配。", + "pkceEnabledHelp": "使用 PKCE(密钥代码交换证明)进行 IdP 代理", + "pkceMethodHelp": "使用的 PKCE 方法", + "allowedClockSkewHelp": "验证身份供应商令牌时可以允许的时钟偏差秒数。默认值为零。", + "attributeConsumingServiceIndexHelp": "在身份验证期间请求的属性消费服务配置文件的索引。", + "attributeConsumingServiceNameHelp": "要在 SP 元数据中通告的属性消费服务配置文件的名称。", + "forwardParametersHelp": "非 OpenID Connect/OAuth 标准查询参数,从初始应用请求到授权端点转发到外部 IDP。可以输入多个参数,以英文逗号 (,) 分隔。", + "clientAuthenticationHelp": "客户端身份验证方法(参见 https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication)。如果 JWT 使用私钥签名,则使用领域私钥。", + "clientAssertionSigningAlgHelp": "签名算法创建JWT断言作为客户端身份验证。需要使用私钥或客户端秘密作为JWT签名的JWT。如果没有指定算法,则适配以下算法。在RS256中适配RS256使用私钥签名的 JWT 的情况。HS256 适用于客户端机密作为 jwt 的情况。", + "storeTokensHelp": "如果必须在验证用户身份后存储令牌,则可以启用/禁用。", + "storedTokensReadableHelp": "如果新用户可以读取任何存储的令牌,则启用/禁用。这会分配 broker.read-token 角色。", + "accountLinkingOnlyHelp": "如果为真,则用户无法通过此提供程序登录。他们只能链接到此提供程序。当不想允许从提供程序登录,但想与提供程序集成时,这会很有用", + "hideOnLoginPageHelp": "如果隐藏,只有在明确请求时才能使用此提供程序登录,例如使用'kc_idp_hint'参数。", + "firstBrokerLoginFlowAliasHelp": "身份验证流程的别名,在首次使用此身份供应商登录后触发。术语“首次登录”表示当前没有 Keycloak 帐户链接到经过身份验证的身份供应商帐户。", + "postBrokerLoginFlowAliasHelp": "身份验证流程的别名,在每次使用此身份供应商登录后触发。如果您希望对使用此身份供应商(例如 OTP)进行身份验证的每个用户进行额外验证,则很有用。将此设置为“无”,如果使用此身份供应商登录后,您不需要触发任何其他身份验证器。另请注意,身份验证器实现必须假定用户已在用户会话中设置,因为身份供应商已对其进行设置。", + "syncModeHelp": "所有映射器的默认同步模式。同步模式决定何时使用映射器同步用户数据。可能的值是:'引用' 保持引入此选项之前的行为,'导入' 仅导入在用户首次使用此身份供应商登录期间,用户一次,“强制”在每次使用此身份供应商登录期间始终更新用户。", + "serviceProviderEntityIdHelp": "将用于唯一标识此 SAML 服务提供商的实体 ID。", + "identityProviderEntityIdHelp": "实体 ID 用于验证收到的 SAML 断言的颁发者。如果为空,则不执行颁发者验证。", + "useEntityDescriptorHelp": "从远程 IDP SAML 实体描述符导入元数据。", + "samlEntityDescriptorHelp": "允许您从配置文件加载外部 IDP 元数据或从 URL 下载它。", + "ssoServiceUrlHelp": "必须用于发送身份验证请求 (SAML验证请求) 的 Url。", + "singleLogoutServiceUrlHelp": "必须用于发送注销请求的 Url。", + "nameIdPolicyFormatHelp": "指定与名称标识符格式对应的 URI 引用。", + "principalTypeHelp": "从断言中识别和跟踪外部用户的方法。默认使用 Subject NameID,或者您可以设置识别属性。", + "principalAttributeHelp": "用于识别外部用户属性的名称或友好的名称。", + "allowCreateHelp": "允许外部身份供应商创建一个新的标识符来代表委托人。", + "httpPostBindingResponseHelp": "指示是否响应使用 HTTP-POST 绑定的请求。如果为否,将使用 HTTP-REDIRECT 绑定。", + "httpPostBindingAuthnRequestHelp": "指示是否必须使用 HTTP-POST 绑定发送验证请求。如果为否,将使用 HTTP-REDIRECT 绑定。", + "httpPostBindingLogoutHelp": "指示是否使用 HTTP-POST 绑定响应请求。如果为否,将使用 HTTP-REDIRECT 绑定。", + "wantAuthnRequestsSignedHelp": "指示身份供应商是否需要签名的验证请求。", + "encryptionAlgorithmHelp": "SAML IDP 用于加密 SAML 文档、断言或 ID 的加密算法。解密 SAML 文档部分的相应解密密钥将根据此配置的算法选择,并且应该在领域密钥中可用加密 (ENC) 使用。如果未配置算法,则允许使用任何支持的算法,并且将根据 SAML 文档本身配置的算法选择解密密钥。", + "samlSignatureKeyNameHelp": "已签名的 SAML 文档在 KeyName 元素中包含签名密钥的标识。对于 Keycloak / RH-SSO 对方,使用 KEY_ID,对于 MS AD FS 使用 CERT_SUBJECT,对于其他人,如果没有其他有效的选项,请查看并使用 NONE。", + "wantAssertionsSignedHelp": "表明该服务供应商是否需要一个已签名的断言。", + "wantAssertionsEncryptedHelp": "表明此服务提供商是否需要加密断言。", + "forceAuthenticationHelp": "指示身份供应商是否必须直接验证呈现者而不是依赖先前的安全上下文。", + "validateSignatures": "启用/禁用 SAML 响应的签名验证。", + "validatingX509CertsHelp": "必须用于检查签名的PEM格式的证书。可以输入多个证书,以英文逗号(,)分隔。", + "signServiceProviderMetadataHelp": "启用/禁用提供商 SAML 元数据的签名。", + "passSubjectHelp": "在登录阶段,将可选的 login_hint 查询参数转发给 SAML 验证请求的主题。", + "comparisonHelp": "指定用于评估请求的上下文类或语句的比较方法。默认为\"Exact\"。", + "authnContextClassRefsHelp": "请求的 AuthnContext ClassRefs 的有序列表。", + "authnContextDeclRefsHelp": "请求的 AuthnContext DeclRefs 的有序列表。", + "addIdpMapperName": "映射器的名称。", + "syncModeOverrideHelp": "覆盖此映射器的 IDP 的默认同步模式。值是:'引用' 以保持引入此选项之前的行为,'导入' 仅在用户首次登录时导入用户一次身份供应商,“强制”在每次使用此身份供应商登录期间始终更新用户,并“继承”使用身份供应商中为此映射器定义的同步模式。", + "advancedAttributeToRole": "如果属性集存在并且可以匹配,则授予用户指定的领域或客户端角色。", + "usernameTemplateImporter": "格式化要导入的用户名。", + "hardcodedUserSessionAttribute": "当用户从供应商导入时,将一个值硬编码到特定的用户会话属性。", + "externalRoleToRole": "在 keycloak 访问令牌中寻找外部角色。如果存在外部角色,则授予用户指定的领域或客户端角色。", + "advancedClaimToRole": "如果所有声明都存在,则授予用户指定的领域或客户端角色。", + "claimToRole": "如果存在声明,则授予用户指定的领域或客户端角色。", + "oidcAttributeImporter": "将声明的声明(如果存在于 ID、访问令牌或用户配置文件端点返回的声明集中)导入到指定的用户属性或属性中。", + "attributeImporter": "如果断言中存在声明的 SAML 属性,则将其导入指定的用户属性或属性。", + "hardcodedRole": "当用户从供应商导入时,为它硬编码一个角色映射。", + "hardcodedAttribute": "当用户从供应商导入时,将一个值硬编码到特定的用户属性。", + "samlAttributeToRole": "如果属性存在,则授予用户指定的领域或客户端角色。", + "templateHelp": "用于格式化要导入的用户名的模板。替换包含在 ${} 中。例如:'${ALIAS}.${CLAIM.sub}'。ALIAS 是供应商别名。CLAIM. 引用 ID 或访问令牌声明。可以通过将 |uppercase 或 |lowercase 附加到替换值来将替换转换为大写或小写,例如“${CLAIM.sub | lowercase}”。", + "targetHelp": "映射器的目标字段。LOCAL(默认)表示更改应用于用户导入时存储在本地数据库中的用户名。BROKER_ID 和 BROKER_USERNAME 表示更改存储在用于联合用户的 ID 或用户名中分别查找。", + "userSessionAttributeHelp": "您要硬编码的用户会话属性的名称", + "userAttributeHelp": "您要硬编码的用户属性的名称", + "claimHelp": "要在令牌中搜索的声明名称。您可以使用'.'引用嵌套声明,即'address.locality'。要按字面意思使用点 (.),请使用反斜杠将其转义。(\\. )", + "socialProfileJSONFieldPathHelp": "从社交供应商用户配置文件 JSON 数据中获取值的字段路径。您可以使用圆点表示法进行嵌套,使用方括号表示数组索引。例如 'contact.address[0].country'。", + "userAttributeValueHelp": "你想要硬编码的值", + "friendlyName": "断言中要搜索的属性的友好名称。您可以将此留空并指定一个名称。", + "userAttributeName": "用于存储 SAML 属性的用户属性名称。使用电子邮件、姓氏和名字映射到那些预定义的用户属性。", + "socialUserAttributeName": "存储信息的用户属性名。", + "attributesHelp": "要在令牌中搜索的属性的名称和(正则表达式)值。在 SAML 属性名称和属性友好名称字段中搜索属性的配置名称。必须满足每个给定的属性描述才能设置角色。如果属性是一个数组,那么这个值必须包含在数组中。如果一个属性可以多次找到,那么一次匹配就足够了。", + "regexAttributeValuesHelp": "如果启用的属性值被解释为正则表达式。", + "baseUrlHelp": "覆写此身份供应商的默认基本 URL。", + "apiUrlHelp": "覆写此身份供应商的默认 API URL。", + "facebookHelp": { + "fetchedFields": "提供将使用配置文件请求获取的附加字段。这将附加到默认的 'id,name,email,first_name,last_name' 集合。" + }, + "googleHelp": { + "hostedDomain": "使用 Google 登录时设置‘hd’查询参数。Google 将仅列出该域的帐户。Keycloak 验证返回的身份令牌是否具有该域的声明。输入‘*’时,任何托管帐户可以使用。支持英文逗号 ',' 分隔域列表。", + "userIp": "在调用 Google 的用户信息服务时设置 'userIp' 查询参数。这将使用用户的 IP 地址。如果 Google 正在限制对用户信息服务的访问,这很有用。", + "offlineAccess": "在重定向到谷歌授权端点时将‘access_type’查询参数设置为‘离线’,以获取刷新令牌。如果计划在用户离线时使用令牌交换检索谷歌令牌以访问谷歌 API,则将很有用。" + }, + "openshift": { + "baseUrl": "OpenShift Online API 的基本 Url" + }, + "paypalHelp": { + "sandbox": "目标 PayPal 的沙箱环境" + }, + "stackoverflowHelp": { + "key": "从 Stack Overflow 客户端注册获得的 Key。" + }, + "linkedinHelp": { + "profileProjection": "配置文件请求的开放参数。默认无任何开放。" + }, + "addMultivaluedLabel": "添加 {{fieldLabel}}", + "selectGroup": "选择群组", + "usermodel": { + "prop": { + "label": "特性", + "tooltip": "用户模块接口中属性方法的名字. 例如, 'email' 会引用UserModel.getEmail() 方法." + }, + "attr": { + "label": "用户属性", + "tooltip": "在UserModel.attribute映射中定义的存储用户属性的名称。" + }, + "clientRoleMapping": { + "clientId": { + "label": "客户端ID", + "tooltip": "用于角色映射的客户端ID。只有该客户端的客户端角色会被添加到令牌中。如果该项没有被设置,则来自所有客户端的角色都将被添加到令牌中。" + }, + "rolePrefix": { + "label": "客户端角色前缀", + "tooltip": "每个客户端角色的前缀(非必需)." + }, + "tokenClaimName": { + "tooltip": "插入到令牌中的声明名称。这可以是一个完全限定的名称,如“address.street”。在这种情况下,将创建一个嵌套的json对象。为了防止嵌套并直接使用点,请使用反斜杠(\\.)转义点。可以使用特殊的令牌${client_id},它将被实际的客户端ID替换,例如:“resource_access.${client_id}.roles”。这是有用的,特别是当您从所有客户端添加角色(当然'客户端ID'开关并未设置),并且您想要每个客户端单独存储的客户端角色。 " + } + }, + "realmRoleMapping": { + "rolePrefix": { + "label": "领域角色前缀", + "tooltip": "每个领域角色的前缀(非必需)。" + } + } + }, + "userSession": { + "modelNote": { + "label": "用户会话说明", + "tooltip": "在UserSessionModel.note映射中存储的用户会话注释的名称。" + } + }, + "multivalued": { + "label": "支持多值", + "tooltip": "指示某属性是否支持多个值。如果为是,则此属性的所有值的列表将设置为声明。如果为否,则只将第一个值设置为声明。" + }, + "aggregate": { + "attrs": { + "label": "聚合属性值", + "tooltip": "指示属性值是否应该与组属性聚合。如果使用OpenID连接映射器,多值选项也需要启用,以便获得所有值。重复的值将被丢弃,并且该选项不能保证值的顺序。" + } + }, + "jsonType": { + "label": "声明的 JSON 类型", + "tooltip": "应该用于在令牌中填充JSON声明的JSON类型。long, int, boolean, String和JSON是有效的值。" + }, + "includeInIdToken": { + "label": "添加到ID令牌", + "tooltip": "是否应将声明加入到ID令牌?" + }, + "includeInAccessToken": { + "label": "添加到访问令牌", + "tooltip": "是否应将声明加入到访问令牌?" + }, + "includeInAccessTokenResponse": { + "label": "添加到访问令牌响应", + "tooltip": "是否应该将声明添加到访问令牌响应中?应该只用于信息性和非敏感数据吗?" + }, + "includeInUserInfo": { + "label": "添加到用户信息", + "tooltip": "是否应将声明加入用户信息中?" + }, + "sectorIdentifierUri": { + "label": "部分标识 URI", + "tooltip": "使用成对子值并支持动态客户端注册的提供程序应该使用sector_identifier_uri参数。它为在共同管理控制下的一组网站提供了一种方法,使其具有独立于单个域名的一致的成对子值。它还为客户端提供了一种无需重新注册所有用户即可更改redirect_uri域的方法。" + }, + "pairwiseSubAlgorithmSalt": { + "label": "盐值", + "tooltip": "计算成对主题标识符时使用的盐值。如果留空,将自动生成一个盐值。" + }, + "addressClaim": { + "street": { + "label": "街道的用户属性名称", + "tooltip": "用户属性的名称,将用于映射到'address'令牌声明中的'street_address'子声明。默认为'street'。" + }, + "locality": { + "label": "地区的用户属性名称", + "tooltip": "用户属性的名称,将用于映射到“address”令牌声明中的“locality”子声明。默认为'locality'。" + }, + "region": { + "label": "区域的用户属性名称", + "tooltip": "用户属性的名称,将用于映射到“地址”令牌声明中的“区域”子声明。默认为'region'。" + }, + "postal_code": { + "label": "邮政编码的用户属性名称", + "tooltip": "用户属性的名称,将用于映射到'address'令牌声明中的'postal_code'子声明。默认为'postal_code'。" + }, + "country": { + "label": "国家的用户属性名称", + "tooltip": "用户属性的名称,将用于映射到“地址”令牌声明中的“国家”子声明。默认为'country'。" + }, + "formatted": { + "label": "格式化地址的用户属性名称", + "tooltip": "用户属性的名称,将用于映射到'address'令牌声明中的'格式化'子声明。默认为'formatted'。" + } + }, + "included": { + "client": { + "audience": { + "label": "包括客户端受众", + "tooltip": "指定受众客户端的客户端ID将包含在令牌的受众(aud)字段中。如果令牌中存在现有受众,则只向其添加指定的值。它不会覆盖现有的受众。" + } + }, + "custom": { + "audience": { + "label": "包括自定义受众", + "tooltip": "这只在“包含的客户端受众”未填充时使用。指定的值将包含在令牌的受众(aud)字段中。如果令牌中存在现有受众,则只向其添加指定的值。它不会覆盖现有的用户。" + } + } + }, + "name-id-format": "名称ID格式", + "mapper": { + "nameid": { + "format": { + "tooltip": "名称ID使用映射格式" + } + } + }, + "client-scopes-condition": { + "label": "预期范围", + "tooltip": "预期的客户端范围列表。如果指定的客户端请求与某些客户端范围匹配,则条件计算为“真”。它还取决于它应该是默认的还是可选的客户端作用域,这取决于所配置的“作用域类型”。" + }, + "client-accesstype": { + "label": "客户端访问类型", + "tooltip": "将会应用该条件的客户端的访问类型。" + }, + "client-roles": { + "label": "客户端角色" + }, + "client-roles-condition": { + "tooltip": "客户端角色,将在此条件评估期间检查。如果客户端至少有一个客户端角色,其名称与配置中指定的客户端角色相同,则条件求值为“真”。" + }, + "client-updater-source-groups": { + "label": "群组", + "tooltip": "需要检查的组名。如果创建/更新客户端的实体是某些指定组的成员,则条件求值为“真”。配置的群组由其简单名称指定,该名称必须与Keycloak组的名称匹配。这里不支持群组层级。" + }, + "client-updater-trusted-hosts": { + "label": "受信任的主机", + "tooltip": "受信任的主机列表。如果客户端注册/更新请求来自此配置中指定的主机/域,则条件计算为“真”。您可以使用主机名或IP地址。如果您在开头使用*(例如'*.example.com'),那么整个域名example.com将被信任。" + }, + "client-updater-source-roles": { + "label": "更新实体角色", + "tooltip": "在客户端注册/更新请求期间检查该条件,如果创建/更新客户端的实体(通常是用户)是指定角色的成员,则该条件计算为“真”。要引用领域角色,您可以使用领域角色名称,如'my_realm_role'。对于引用客户端角色,可以使用client_id.Role_name,例如“my_client.My_client_role”将引用客户端'my_client'的客户端角色' My_client_role'。" + }, + "allowed-client-scopes": { + "label": "允许的客户端范围", + "tooltip": "客户端作用域白名单,可用于新注册的客户端。尝试向未被列入白名单的客户端范围注册客户端将被拒绝。默认情况下,白名单要么为空,要么只包含域默认客户端作用域(基于“允许默认作用域”配置属性)。" + }, + "allow-default-scopes": { + "label": "允许默认范围", + "tooltip": "如果开启,新注册的客户端将被允许拥有在领域默认客户端范围或领域可选客户端范围中提到的客户端范围。" + }, + "allowed-protocol-mappers": { + "label": "允许的协议映射器", + "tooltip": "允许的协议映射程序提供商白名单。如果尝试注册客户端,其中包含一些未被列入白名单的协议映射器,则注册请求将被拒绝。" + }, + "max-clients": { + "label": "每个领域最大客户端数量", + "tooltip": "如果领域中现有客户端的数量等于或大于配置数量的限制,将不允许注册新客户端。" + }, + "trusted-hosts": { + "label": "受信任的主机", + "tooltip": "受信任的主机列表,允许调用客户端注册服务和/或用作客户端uri的值。您可以使用主机名或IP地址。如果您在开头使用*(例如'*.example.com'),那么整个域名example.com将被信任。" + }, + "host-sending-registration-request-must-match": { + "label": "主机发送客户端注册请求必须匹配", + "tooltip": "如果开启,只要它是从一些受信任的主机或域发送的,任何对客户端注册服务的请求都是允许的。" + }, + "client-uris-must-match": { + "label": "客户端uri必须匹配", + "tooltip": "如果开启,所有客户端uri(重定向uri和其他)都是允许的,只要它们匹配了某个受信任的主机或域。" + }, + "clientScopeType": { "default": "默认", "optional": "非必需", "none": "无" }, + "createIdentityProviderSuccess": "身份供应商已成功创建", + "createIdentityProviderError": "无法创建身份供应商:{{error}}", + "createClientError": "无法创建客户端:'{{error}}'", + "createClientSuccess": "客户端创建成功", + "createUserProviderSuccess": "用户联盟供应商已成功创建", + "createUserProviderError": "由于{{error}},无法创建用户联盟供应商。", + "flowNameHelp": "新流程命名的帮助文本", + "flowDescriptionHelp": "新流程描述的帮助文本", + "noRoles-clientScopes": "此客户端作用域没有角色", + "noRolesInstructions-clientScopes": "您尚未为此客户端作用域创建任何角色。请创建角色以开始。", + "noRoles-user": "此用户没有角色", + "noRolesInstructions-user": "您尚未为此用户分配任何角色。分配角色以开始。", + "noRoles-client": "此客户端没有角色", + "noRolesInstructions-client": "您还没有为这个客户创建任何角色。创建一个角色以开始。", + "noRoles-groups": "此群组没有角色", + "noRolesInstructions-groups": "尚未为此群组创建任何角色。请创建角色后开始管理群组。", + "noRoles-roles": "此领域中没有角色", + "noRolesInstructions-roles": "您尚未在此领域中创建任何角色。创建角色以开始。", + "realmNameField": "领域名称", + "searchForClientScope": "搜索客户端作用域", + "searchForRoles": "按名称搜索角色", + "titleAuthentication": "身份验证", + "titleEvents": "事件", + "titleRoles": "领域角色", + "titleUsers": "用户管理", + "titleSessions": "会话管理", + "deleteConfirmClientScopes": "是否要删除此客户端作用域?", + "deleteConfirmUsers": "删除用户?", + "deleteConfirmGroup_one": "是否要删除此群组“{{groupName}}”。", + "deleteConfirmGroup_other": "是否要删除这些群组?", + "deleteConfirmIdentityProvider": "您确定要永久删除供应商'{{provider}}'吗?", + "deleteConfirmRealmSetting": "如果你删除这个领域,所有关联的数据都将被删除。", + "whoWillAppearLinkTextRoles": "谁将出现在此用户列表中?", + "whoWillAppearLinkTextUsers": "谁将出现在此群组列表中?", + "whoWillAppearPopoverTextRoles": "此选项卡仅显示直接分配给此角色的用户。要查看作为关联角色或通过组分配此角色的用户,请转到", + "whoWillAppearPopoverTextUsers": "群组是分层的。选择“直接群组成员资格”时,只会看到用户直接加入的子组,而不包括父级群组。", + "deletedSuccessClientScope": "客户端作用域已删除", + "deletedSuccessIdentityProvider": "供应商已成功删除。", + "deletedSuccessRealmSetting": "属性组已删除。", + "deletedErrorClientScope": "无法删除客户端作用域: {{error}}", + "deletedErrorIdentityProvider": "无法删除供应商 {{error}}", + "deletedErrorRealmSetting": "无法删除领域:{{error}}", + "realmSaveSuccess": "领域更新成功", + "userProviderSaveSuccess": "用户联盟供应商已成功保存", + "realmSaveError": "领域无法更新:{{error}}", + "userProviderSaveError": "由于:{{error}},无法保存用户联盟供应商", + "validateAttributeName": "不允许未命名的属性配置。", + "disableConfirmIdentityProvider": "您确定要禁用供应商'{{provider}}'", + "disableConfirmRealm": "如果领域被禁用,用户和客户端将无法访问它。您确定要继续吗?", + "updateSuccessClientScope": "客户端作用域已更新", + "updateErrorClientScope": "无法更新客户端作用域: '{{error}}'", + "updateSuccessIdentityProvider": "供应商更新成功", + "updateErrorIdentityProvider": "无法更新供应商 {{error}}", + "orderChangeSuccessUserFed": "成功更改用户联盟供应商的优先顺序", + "orderChangeErrorUserFed": "由于{{error}},无法更改用户联盟供应商的优先顺序。" +} diff --git a/js/apps/admin-ui/src/ForbiddenSection.tsx b/js/apps/admin-ui/src/ForbiddenSection.tsx index 2755182d5f..0b55ac9db7 100644 --- a/js/apps/admin-ui/src/ForbiddenSection.tsx +++ b/js/apps/admin-ui/src/ForbiddenSection.tsx @@ -10,7 +10,7 @@ type ForbiddenSectionProps = { export const ForbiddenSection = ({ permissionNeeded, }: ForbiddenSectionProps) => { - const { t } = useTranslation("common"); + const { t } = useTranslation(); const count = Array.isArray(permissionNeeded) ? permissionNeeded.length : 1; return ( diff --git a/js/apps/admin-ui/src/PageNav.tsx b/js/apps/admin-ui/src/PageNav.tsx index bf70e84acf..af28026954 100644 --- a/js/apps/admin-ui/src/PageNav.tsx +++ b/js/apps/admin-ui/src/PageNav.tsx @@ -21,7 +21,7 @@ import "./page-nav.css"; type LeftNavProps = { title: string; path: string }; const LeftNav = ({ title, path }: LeftNavProps) => { - const { t } = useTranslation("common"); + const { t } = useTranslation(); const { hasAccess } = useAccess(); const { realm } = useRealm(); const route = routes.find( @@ -54,7 +54,7 @@ const LeftNav = ({ title, path }: LeftNavProps) => { }; export const PageNav = () => { - const { t } = useTranslation("common"); + const { t } = useTranslation(); const { hasSomeAccess } = useAccess(); const navigate = useNavigate(); diff --git a/js/apps/admin-ui/src/authentication/AuthenticationSection.tsx b/js/apps/admin-ui/src/authentication/AuthenticationSection.tsx index c9b0c2da9c..79118da0a1 100644 --- a/js/apps/admin-ui/src/authentication/AuthenticationSection.tsx +++ b/js/apps/admin-ui/src/authentication/AuthenticationSection.tsx @@ -59,7 +59,7 @@ export const REALM_FLOWS = new Map([ ]); const AliasRenderer = ({ id, alias, usedBy, builtIn }: AuthenticationType) => { - const { t } = useTranslation("authentication"); + const { t } = useTranslation(); const { realm } = useRealm(); return ( @@ -81,7 +81,7 @@ const AliasRenderer = ({ id, alias, usedBy, builtIn }: AuthenticationType) => { }; export default function AuthenticationSection() { - const { t } = useTranslation("authentication"); + const { t } = useTranslation(); const { realm: realmName } = useRealm(); const [key, setKey] = useState(0); const refresh = () => { @@ -178,7 +178,7 @@ export default function AuthenticationSection() { /> )} diff --git a/js/apps/admin-ui/src/authentication/BindFlowDialog.tsx b/js/apps/admin-ui/src/authentication/BindFlowDialog.tsx index 8b480d5c75..59e5a0876f 100644 --- a/js/apps/admin-ui/src/authentication/BindFlowDialog.tsx +++ b/js/apps/admin-ui/src/authentication/BindFlowDialog.tsx @@ -29,7 +29,7 @@ type BindFlowDialogProps = { }; export const BindFlowDialog = ({ flowAlias, onClose }: BindFlowDialogProps) => { - const { t } = useTranslation("authentication"); + const { t } = useTranslation(); const { control, handleSubmit } = useForm(); const { addAlert, addError } = useAlerts(); const { realm } = useRealm(); diff --git a/js/apps/admin-ui/src/authentication/BuildInLabel.tsx b/js/apps/admin-ui/src/authentication/BuildInLabel.tsx index 86c986c8ee..7d0f1f794d 100644 --- a/js/apps/admin-ui/src/authentication/BuildInLabel.tsx +++ b/js/apps/admin-ui/src/authentication/BuildInLabel.tsx @@ -5,7 +5,7 @@ import { useTranslation } from "react-i18next"; import style from "./build-in-label.module.css"; export const BuildInLabel = () => { - const { t } = useTranslation("authentication"); + const { t } = useTranslation(); return (