diff --git a/js/apps/admin-ui/maven-resources/theme/keycloak.v2/admin/messages/messages_en.properties b/js/apps/admin-ui/maven-resources/theme/keycloak.v2/admin/messages/messages_en.properties index 9e448416ee..a1b3a48636 100644 --- a/js/apps/admin-ui/maven-resources/theme/keycloak.v2/admin/messages/messages_en.properties +++ b/js/apps/admin-ui/maven-resources/theme/keycloak.v2/admin/messages/messages_en.properties @@ -231,7 +231,7 @@ eventTypes.USER_DISABLED_BY_TEMPORARY_LOCKOUT_ERROR.name=User disabled by tempor deleteUser=Delete user addedNodeSuccess=Node successfully added eventTypes.INTROSPECT_TOKEN_ERROR.description=Introspect token error -webAuthnPolicyUserVerificationRequirementHelp=Communicates to an authenticator to confirm actually verifying a user. +webAuthnPolicyUserVerificationRequirementHelp=Communicates to an authenticator whether to require to verify a user. syncModes.import=Import realmSaveError=Realm could not be updated\: {{error}} authDataDescription=Represents a token carrying authorization data as a result of the processing of an authorization request. This representation is basically what Keycloak issues to clients asking for permission. Check the `authorization` claim for the permissions that where granted based on the current authorization request. @@ -418,7 +418,7 @@ x509CertificateHelp=X509 Certificate encoded in PEM format samlEndpointsLabel=SAML 2.0 Service Provider Metadata passCurrentLocaleHelp=Pass the current locale to the identity provider as a ui_locales parameter. lessThan=Must be less than {{value}} -webAuthnPolicyRequireResidentKeyHelp=It tells an authenticator create a public key credential as Discoverable Credential or not. +webAuthnPolicyRequireResidentKeyHelp=It tells an authenticator whether to create a public key credential as a Discoverable Credential. logoutServiceRedirectBindingURL=Logout Service Redirect Binding URL createIdentityProviderSuccess=Identity provider successfully created emptyMappersInstructions=If you want to add mappers, please click the button below to add some predefined mappers or to configure a new mapper. @@ -689,7 +689,7 @@ clientPolicySearch=Search client policy refreshTokens=Refresh tokens eventTypes.UPDATE_EMAIL_ERROR.description=Update email error credentials=Credentials -webAuthnPolicyCreateTimeoutHelp=Timeout value for creating user's public key credential in seconds. if set to 0, this timeout option is not adapted. +webAuthnPolicyCreateTimeoutHelp=The timeout value for creating the user's public key credential in seconds. If set to 0, this timeout option is not adapted. policyType.hotp=Counter based claimFilterValue=Essential claim value eventTypes.REGISTER_ERROR.name=Register error @@ -1250,7 +1250,7 @@ realmRoles=Realm roles fineGrainOpenIdConnectConfigurationHelp=This section is used to configure advanced settings of this client related to OpenID Connect protocol. searchForUserDescription=This realm may have a federated provider. Viewing all users may cause the system to slow down, but it can be done by searching for "*". Please search for a user above. expirationHelp=Sets the expiration for events. Expired events are periodically deleted from the database. -webAuthnPolicySignatureAlgorithmsHelp=What signature algorithms should be used for Authentication Assertion. +webAuthnPolicySignatureAlgorithmsHelp=The signature algorithms that should be used for the Authentication Assertion. setToNowError=Error\! Failed to set notBefore to current date and time: {{error}} eventTypes.UNREGISTER_NODE_ERROR.description=Unregister node error clientScopeTypes.optional=Optional @@ -1272,7 +1272,7 @@ revoke=Revoke admin=Admin syncUsersError=Could not sync users\: '{{error}}' generatedAccessTokenHelp=See the example access token, which will be generated and sent to the client when selected user is authenticated. You can see claims and roles that the token will contain based on the effective protocol mappers and role scope mappings and also based on the claims/roles assigned to user himself -webAuthnPolicyAcceptableAaguidsHelp=The list of AAGUID of which an authenticator can be registered. +webAuthnPolicyAcceptableAaguidsHelp=The list of allowed AAGUIDs of which an authenticator can be registered. An AAGUID is a 128-bit identifier indicating the authenticator's type (e.g., make and model). keyPasswordHelp=Password for the private key frontchannelLogout=Front channel logout clientUpdaterTrustedHostsTooltip=List of Hosts, which are trusted. In case that client registration/update request comes from the host/domain specified in this configuration, condition evaluates to true. You can use hostnames or IP addresses. If you use star at the beginning (for example '*.example.com' ) then whole domain example.com will be trusted. @@ -1721,7 +1721,7 @@ mappedGroupAttributes=Mapped group attributes localization=Localization importConfig=Import config from file replyToDisplayNameHelp=A user-friendly name for the 'Reply-To' address (optional). -webAuthnPolicyRpIdHelp=This is ID as WebAuthn Relying Party. It must be origin's effective domain. +webAuthnPolicyRpIdHelp=The WebAuthn Relying Party ID (RpID). It must be the origin's effective domain, e.g. 'company.com' or 'auth.company.com'. signingKeysConfigExplain=If you enable the "Client signature required" below, you must configure the signing keys by generating or importing keys, and the client will sign their saml requests and responses. The signature will be validated. newClientProfile=Create client profile consoleDisplayConnectionUrlHelp=Connection URL to your LDAP server @@ -2853,7 +2853,7 @@ credentialData=Data clientRolesConditionTooltip=Client roles, which will be checked during this condition evaluation. Condition evaluates to true if client has at least one client role with the name as the client roles specified in the configuration. invalidateSecret=Invalidate emptyPermissionInstructions=If you want to create a permission, please click the button below to create a resource-based or scope-based permission. -webAuthnPolicyAvoidSameAuthenticatorRegisterHelp=Avoid registering the authenticator that has already been registered. +webAuthnPolicyAvoidSameAuthenticatorRegisterHelp=Avoid registering an authenticator that has already been registered. memberofLdapAttribute=Member-of LDAP attribute supportedLocales=Supported locales showPasswordDataValue=Value @@ -2936,7 +2936,7 @@ clientSecretHelp=The client secret registered with the identity provider. This f offlineSessionMax=Offline Session Max generatedUserInfoHelp=See the example User Info, which will be provided by the User Info Endpoint dynamicScopeFormat=Dynamic scope format -webAuthnPolicyExtraOriginsHelp=The list of extra origin for non-web application. +webAuthnPolicyExtraOriginsHelp=The list of extra origins for non-web applications. updatePermissionSuccess=Successfully updated the permission idpLinkSuccess=Identity provider has been linked removeAnnotationText=Remove annotation diff --git a/js/apps/admin-ui/src/authentication/policies/WebauthnPolicy.tsx b/js/apps/admin-ui/src/authentication/policies/WebauthnPolicy.tsx index efbe54f2f5..9407811c12 100644 --- a/js/apps/admin-ui/src/authentication/policies/WebauthnPolicy.tsx +++ b/js/apps/admin-ui/src/authentication/policies/WebauthnPolicy.tsx @@ -66,6 +66,7 @@ const USER_VERIFY = [ type WeauthnSelectProps = { name: string; label: string; + labelIcon?: string; options: readonly string[]; labelPrefix?: string; isMultiSelect?: boolean; @@ -74,6 +75,7 @@ type WeauthnSelectProps = { const WebauthnSelect = ({ name, label, + labelIcon, options, labelPrefix, isMultiSelect = false, @@ -82,7 +84,8 @@ const WebauthnSelect = ({ return ( ({ @@ -165,7 +168,8 @@ export const WebauthnPolicy = ({ /> @@ -176,32 +180,36 @@ export const WebauthnPolicy = ({ />