|
|
|
|
@ -91,11 +91,11 @@ realm-cache-clear.tooltip=Clears all entries from the realm cache (this will cle
|
|
|
|
|
user-cache-clear=User Cache
|
|
|
|
|
user-cache-clear.tooltip=Clears all entries from the user cache (this will clear entries for all realms)
|
|
|
|
|
keys-cache-clear=Keys Cache
|
|
|
|
|
keys-cache-clear.tooltip=Clears all entries from the cache of external public keys. These are keys of external clients or identity providers. (this wil clear entries for all realms)
|
|
|
|
|
keys-cache-clear.tooltip=Clears all entries from the cache of external public keys. These are keys of external clients or identity providers. (this will clear entries for all realms)
|
|
|
|
|
revoke-refresh-token=Revoke Refresh Token
|
|
|
|
|
revoke-refresh-token.tooltip=If enabled a refresh token can only be used up to 'Refresh Token Max Reuse' and is revoked when a different token is used. Otherwise refresh tokens are not revoked when used and can be used multiple times.
|
|
|
|
|
refresh-token-max-reuse=Refresh Token Max Reuse
|
|
|
|
|
refresh-token-max-reuse.tooltip=Maximum number of times a refresh token can be reused. When a different token is used, revokation is immediate.
|
|
|
|
|
refresh-token-max-reuse.tooltip=Maximum number of times a refresh token can be reused. When a different token is used, revocation is immediate.
|
|
|
|
|
sso-session-idle=SSO Session Idle
|
|
|
|
|
seconds=Seconds
|
|
|
|
|
minutes=Minutes
|
|
|
|
|
@ -124,7 +124,7 @@ action-token-generated-by-user.reset=Reset
|
|
|
|
|
action-token-generated-by-user.operation=Override User-Initiated Action Lifespan
|
|
|
|
|
|
|
|
|
|
client-login-timeout=Client login timeout
|
|
|
|
|
client-login-timeout.tooltip=Max time an client has to finish the access token protocol. This should normally be 1 minute.
|
|
|
|
|
client-login-timeout.tooltip=Max time a client has to finish the access token protocol. This should normally be 1 minute.
|
|
|
|
|
login-timeout=Login timeout
|
|
|
|
|
login-timeout.tooltip=Max time a user has to complete a login. This is recommended to be relatively long. 30 minutes or more.
|
|
|
|
|
login-action-timeout=Login action timeout
|
|
|
|
|
@ -291,7 +291,7 @@ valid-redirect-uris=Valid Redirect URIs
|
|
|
|
|
valid-redirect-uris.tooltip=Valid URI pattern a browser can redirect to after a successful login or logout. Simple wildcards are allowed i.e. 'http://example.com/*'. Relative path can be specified too i.e. /my/relative/path/*. Relative paths are relative to the client root URL, or if none is specified the auth server root URL is used. For SAML, you must set valid URI patterns if you are relying on the consumer service URL embedded with the login request.
|
|
|
|
|
base-url.tooltip=Default URL to use when the auth server needs to redirect or link back to the client.
|
|
|
|
|
admin-url=Admin URL
|
|
|
|
|
admin-url.tooltip=URL to the admin interface of the client. Set this if the client supports the adapter REST API. This REST API allows the auth server to push revocation policies and other adminstrative tasks. Usually this is set to the base URL of the client.
|
|
|
|
|
admin-url.tooltip=URL to the admin interface of the client. Set this if the client supports the adapter REST API. This REST API allows the auth server to push revocation policies and other administrative tasks. Usually this is set to the base URL of the client.
|
|
|
|
|
master-saml-processing-url=Master SAML Processing URL
|
|
|
|
|
master-saml-processing-url.tooltip=If configured, this URL will be used for every binding to both the SP's Assertion Consumer and Single Logout Services. This can be individually overiden for each binding and service in the Fine Grain SAML Endpoint Configuration.
|
|
|
|
|
idp-sso-url-ref=IDP Initiated SSO URL Name
|
|
|
|
|
@ -363,7 +363,7 @@ kid.tooltip=KID (Key ID) of the client public key from imported JWKS.
|
|
|
|
|
use-jwks-url=Use JWKS URL
|
|
|
|
|
use-jwks-url.tooltip=If the switch is on, then client public keys will be downloaded from given JWKS URL. This allows great flexibility because new keys will be always re-downloaded again when client generates new keypair. If the switch is off, then public key (or certificate) from the Keycloak DB is used, so when client keypair changes, you always need to import new key (or certificate) to the Keycloak DB as well.
|
|
|
|
|
jwks-url=JWKS URL
|
|
|
|
|
jwks-url.tooltip=URL where client keys in JWK format are stored. See JWK specification for more details. If you use keycloak client adapter with "jwt" credential, then you can use URL of your app with '/k_jwks' suffix. For example 'http://www.myhost.com/myapp/k_jwks' .
|
|
|
|
|
jwks-url.tooltip=URL where client keys in JWK format are stored. See JWK specification for more details. If you use Keycloak client adapter with "jwt" credential, then you can use URL of your app with '/k_jwks' suffix. For example 'http://www.myhost.com/myapp/k_jwks' .
|
|
|
|
|
archive-format=Archive Format
|
|
|
|
|
archive-format.tooltip=Java keystore or PKCS12 archive format.
|
|
|
|
|
key-alias=Key Alias
|
|
|
|
|
@ -551,8 +551,8 @@ select-account.option=select_account
|
|
|
|
|
prompt.tooltip=Specifies whether the Authorization Server prompts the End-User for reauthentication and consent.
|
|
|
|
|
validate-signatures=Validate Signatures
|
|
|
|
|
identity-provider.validate-signatures.tooltip=Enable/disable signature validation of external IDP signatures.
|
|
|
|
|
identity-provider.use-jwks-url.tooltip=If the switch is on, then identity provider public keys will be downloaded from given JWKS URL. This allows great flexibility because new keys will be always re-downloaded again when identity provider generates new keypair. If the switch is off, then public key (or certificate) from the Keycloak DB is used, so when identity provider keypair changes, you always need to import new key to the Keycloak DB as well.
|
|
|
|
|
identity-provider.jwks-url.tooltip=URL where identity provider keys in JWK format are stored. See JWK specification for more details. If you use external keycloak identity provider, then you can use URL like 'http://broker-keycloak:8180/auth/realms/test/protocol/openid-connect/certs' assuming your brokered keycloak is running on 'http://broker-keycloak:8180' and it's realm is 'test' .
|
|
|
|
|
identity-provider.use-jwks-url.tooltip=If the switch is on, then identity provider public keys will be downloaded from given JWKS URL. This allows great flexibility because new keys will be always re-downloaded again when identity provider generates new keypair. If the switch is off, then public key (or certificate) from the Keycloak DB is used, so when identity provider keypair changes, you always need to import new key to the Keycloak DB as well.
|
|
|
|
|
identity-provider.jwks-url.tooltip=URL where identity provider keys in JWK format are stored. See JWK specification for more details. If you use external Keycloak identity provider, then you can use URL like 'http://broker-keycloak:8180/auth/realms/test/protocol/openid-connect/certs' assuming your brokered Keycloak is running on 'http://broker-keycloak:8180' and its realm is 'test' .
|
|
|
|
|
validating-public-key=Validating Public Key
|
|
|
|
|
identity-provider.validating-public-key.tooltip=The public key in PEM format that must be used to verify external IDP signatures.
|
|
|
|
|
validating-public-key-id=Validating Public Key Id
|
|
|
|
|
@ -596,7 +596,7 @@ social.default-scopes.tooltip=The scopes to be sent when asking for authorizatio
|
|
|
|
|
key=Key
|
|
|
|
|
stackoverflow.key.tooltip=The Key obtained from Stack Overflow client registration.
|
|
|
|
|
openshift.base-url=Base Url
|
|
|
|
|
openshift.base-url.tooltip=Base Url to Openshift Online API
|
|
|
|
|
openshift.base-url.tooltip=Base Url to OpenShift Online API
|
|
|
|
|
gitlab-application-id=Application Id
|
|
|
|
|
gitlab-application-secret=Application Secret
|
|
|
|
|
gitlab.application-id.tooltip=Application Id for the application you created in your GitLab Applications account menu
|
|
|
|
|
@ -634,7 +634,7 @@ back=Back
|
|
|
|
|
initial-access-tokens=Initial Access Tokens
|
|
|
|
|
add-initial-access-tokens=Add Initial Access Token
|
|
|
|
|
initial-access-token=Initial Access Token
|
|
|
|
|
initial-access.copyPaste.tooltip=Copy/paste the initial access token before navigating away from this page as it's not posible to retrieve later
|
|
|
|
|
initial-access.copyPaste.tooltip=Copy/paste the initial access token before navigating away from this page as it's not possible to retrieve later
|
|
|
|
|
continue=Continue
|
|
|
|
|
initial-access-token.confirm.title=Copy Initial Access Token
|
|
|
|
|
initial-access-token.confirm.text=Please copy and paste the initial access token before confirming as it can't be retrieved later
|
|
|
|
|
@ -871,7 +871,7 @@ reset-credentials.tooltip=Select the flow you want to use when the user has forg
|
|
|
|
|
client-authentication=Client Authentication
|
|
|
|
|
client-authentication.tooltip=Select the flow you want to use for authentication of clients.
|
|
|
|
|
docker-auth=Docker Authentication
|
|
|
|
|
docker-auth.tooptip=Select the flow you want to use for authenticatoin against a docker client.
|
|
|
|
|
docker-auth.tooptip=Select the flow you want to use for authentication against a docker client.
|
|
|
|
|
new=New
|
|
|
|
|
copy=Copy
|
|
|
|
|
add-execution=Add execution
|
|
|
|
|
@ -1128,7 +1128,7 @@ authz-any-scope=Any scope
|
|
|
|
|
authz-any-role=Any role
|
|
|
|
|
authz-policy-evaluation=Policy Evaluation
|
|
|
|
|
authz-select-client=Select a client
|
|
|
|
|
authz-select-user=Select an user
|
|
|
|
|
authz-select-user=Select a user
|
|
|
|
|
authz-entitlements=Entitlements
|
|
|
|
|
authz-no-resources=No resources
|
|
|
|
|
authz-result=Result
|
|
|
|
|
@ -1166,7 +1166,7 @@ authz-create-permission=Create Permission
|
|
|
|
|
|
|
|
|
|
# Authz Resource Detail
|
|
|
|
|
authz-add-resource=Add Resource
|
|
|
|
|
authz-resource-name.tooltip=An unique name for this resource. The name can be used to uniquely identify a resource, useful when querying for a specific resource.
|
|
|
|
|
authz-resource-name.tooltip=A unique name for this resource. The name can be used to uniquely identify a resource, useful when querying for a specific resource.
|
|
|
|
|
authz-resource-owner.tooltip=The owner of this resource.
|
|
|
|
|
authz-resource-type.tooltip=The type of this resource. It can be used to group different resource instances with the same type.
|
|
|
|
|
authz-resource-uri.tooltip=An URI that can also be used to uniquely identify this resource.
|
|
|
|
|
@ -1177,7 +1177,7 @@ authz-add-scope=Add Scope
|
|
|
|
|
authz-no-scopes-available=No scopes available.
|
|
|
|
|
|
|
|
|
|
# Authz Scope Detail
|
|
|
|
|
authz-scope-name.tooltip=An unique name for this scope. The name can be used to uniquely identify a scope, useful when querying for a specific scope.
|
|
|
|
|
authz-scope-name.tooltip=A unique name for this scope. The name can be used to uniquely identify a scope, useful when querying for a specific scope.
|
|
|
|
|
|
|
|
|
|
# Authz Policy List
|
|
|
|
|
authz-all-types=All types
|
|
|
|
|
@ -1286,7 +1286,7 @@ authz-permission-scope-scope.tooltip=Specifies that this permission must be appl
|
|
|
|
|
authz-evaluation-identity-information=Identity Information
|
|
|
|
|
authz-evaluation-identity-information.tooltip=The available options to configure the identity information that will be used when evaluating policies.
|
|
|
|
|
authz-evaluation-client.tooltip=Select the client making this authorization request. If not provided, authorization requests would be done based on the client you are in.
|
|
|
|
|
authz-evaluation-user.tooltip=Select an user whose identity is going to be used to query permissions from the server.
|
|
|
|
|
authz-evaluation-user.tooltip=Select a user whose identity is going to be used to query permissions from the server.
|
|
|
|
|
authz-evaluation-role.tooltip=Select the roles you want to associate with the selected user.
|
|
|
|
|
authz-evaluation-new=New Evaluation
|
|
|
|
|
authz-evaluation-re-evaluate=Re-Evaluate
|
|
|
|
|
@ -1368,11 +1368,11 @@ permissions-enabled-role=Permissions Enabled
|
|
|
|
|
permissions-enabled-role.tooltip=Whether or not to enable fine grain permissions for managing this role. Disabling will delete all current permissions that have been set up.
|
|
|
|
|
manage-permissions-role.tooltip=Fine grain permissions for managing roles. For example, you can define different policies for who is allowed to map a role.
|
|
|
|
|
lookup=Lookup
|
|
|
|
|
manage-permissions-users.tooltip=Fine grain permssions for managing all users in realm. You can define different policies for who is allowed to manage users in the realm.
|
|
|
|
|
manage-permissions-users.tooltip=Fine grain permissions for managing all users in realm. You can define different policies for who is allowed to manage users in the realm.
|
|
|
|
|
permissions-enabled-users=Permissions Enabled
|
|
|
|
|
permissions-enabled-users.tooltip=Whether or not to enable fine grain permissions for managing users. Disabling will delete all current permissions that have been set up.
|
|
|
|
|
manage-permissions-client.tooltip=Fine grain permssions for admins that want to manage this client or apply roles defined by this client.
|
|
|
|
|
manage-permissions-group.tooltip=Fine grain permssions for admins that want to manage this group or the members of this group.
|
|
|
|
|
manage-permissions-client.tooltip=Fine grain permissions for admins that want to manage this client or apply roles defined by this client.
|
|
|
|
|
manage-permissions-group.tooltip=Fine grain permissions for admins that want to manage this group or the members of this group.
|
|
|
|
|
manage-authz-group-scope-description=Policies that decide if an admin can manage this group
|
|
|
|
|
view-authz-group-scope-description=Policies that decide if an admin can view this group
|
|
|
|
|
view-members-authz-group-scope-description=Policies that decide if an admin can manage the members of this group
|
|
|
|
|
|
Kohei Tamura