diff --git a/js/apps/admin-ui/maven-resources/theme-resources/messages/messages_ca.properties b/js/apps/admin-ui/maven-resources/theme-resources/messages/messages_ca.properties new file mode 100644 index 0000000000..c052bd879c --- /dev/null +++ b/js/apps/admin-ui/maven-resources/theme-resources/messages/messages_ca.properties @@ -0,0 +1,273 @@ +storePassword=Contrasenya del magatzem +logoutServiceRedirectBindingURLHelp=URL d''enllaç SAML de redirecció per a la desconnexió única del client. Pots deixar-ho en blanc si estàs fent servir un enllaç diferent. +themes=Temes +password=Contrasenya +clientType=''OpenID connect'' permet als clients verificar la identitat de l''usuari final basat en l''autenticació realitzada per un servidor d''autorització. ''SAML'' habilita l''autenticació i autorització d''escenaris basats en web incloent cross-domain i single sign-on (SSO) i utilitza tokens de seguretat que contenen afirmacions per passar informació. +composite=Compost +clientSignature=Signatura de Client requerida +waitIncrementSecondsHelp=Quan s''ha arribat al llindar d''error, quant de temps ha d''estar un usuari bloquejat? +nodeHost=Host del node +mapperType=Tipus d''assignador +quickLoginCheckMilliSeconds=Si ocorren errors de forma concurrent i molt ràpida, bloquejar a l''usuari. +edit=Edita +unspecified=no especificat +archiveFormat=Format d''Arxiu +validatorDialogColNames.colName=Nom de rol +associatedRolesText=Rols Associats +certificateHelp=Certificat de client per validar els JWT emesos per aquest client i signats amb la clau privada del client del teu magatzem de claus. +credentialType=Tipus +defaultLocale=Idioma per defecte +clientIdHelp=L''identificador del client registrat amb el proveïdor d''identitat. +forcePostBindingHelp=Fer servir sempre POST per a les respostes +authorizationUrl=URL d''autorització +roleName=Nom de rol +httpPostBindingAuthnRequestHelp=Indica si AuthnRequest ha de ser enviat usant HTTP-POST. Si no està activat es fa HTTP-REDIRECT. +securityDefences=Defenses de seguretat +accessTokenLifespanHelp=Temps màxim abans que un token d''accés expiri. Es recomana que aquest valor sigui curt en relació al temps màxim de SSO +includeInAccessToken.tooltip=S''hauria d'afegir la identitat reclamada al token d''accés? +redirectURIHelp=L''URI de redirecció usada per configurar el proveïdor d''identitat. +idpInitiatedSsoRelayStateHelp=Estat de retransmissió que vols enviar amb una petició SAML quan s''inicia un SSO iniciat per l''IDP +attestationPreference.none=cap +revocation=Revocació +clientDescriptionHelp=Indica la descripció del client. Per exemple ''My Client for TimeSheets''. També suporta claus per a valors localitzats. Per exemple\: ${my_client_description} +clientAuthenticator=Client autenticador +useEntityDescriptor=Importar metadades des d''un descriptor d'entitat remot d''un IDP de SAML +logoutServiceRedirectBindingURL=URL d''enllaç SAML de redirecció per a la desconnexió +loginActionTimeout=Temps màxim d''acció en l''inici de sessió +idpInitiatedSsoRelayState=Estat de retransmissió d''un SSO iniciat per l''IDP +validatingX509Certs=Validant certificat X509 +masterSamlProcessingUrl=URL principal de processament SAML +key=Clau +validRedirectURIs=Patró d''URI vàlida per a la qual un navegador pot sol·licitar la redirecció després d''un inici o tancament de sessió completat. Es permeten comodins simples p.ex. ''http\://example.com/*''. També es poden indicar rutes relatives p.ex. ''/my/relative/path/*''. Les rutes relatives generaran un URI de redirecció fent servir el host i port de la petició. Per SAML, s''han de fixar patrons d''URI vàlids si vols confiar en l''URL del servei del consumidor indicada en la petició d''inici de sessió. +userInfoUrl=URL d''informació d''usuari +assertionConsumerServicePostBindingURL=Assertion Consumer Service POST Binding URL +usermodel.clientRoleMapping.clientId.label=ID Client +identityProviders=Proveïdors d''identitat +clientId=ID Client +nameIdPolicyFormat=Format de política NameID +idpInitiatedSsoUrlName=Nom del fragment de l''URL per referenciar al client quan vols un SSO iniciat per l''IDP. Deixant això buit desactiva els SSO iniciats per l''IDP. L''URL referenciada des del navegador serà\: {server-root}/realms/{realm}/protocol/saml/clients/{client-url-name} +validatingX509CertsHelp=El certificat en format PEM que ha de fer-se servir per comprovar les signatures. +importFile=Arxiu d''Importació +clientLoginTimeoutHelp=Temps màxim que un client té per finalitzar el protocol d''obtenció del token d''accés. Hauria de ser normalment de l''ordre d''1 minut. +lastAccess=Últim Accés +ssoSessionIdle=Temps màxim que una sessió pot estar inactiva abans que expiri. Els tokens i sessions de navegador són invalidades quan la sessió expira. +xFrameOptions=X-Frame-Options +prompts.none=cap +emailTheme=Tema d''email +times.minutes=Minuts +nameIdFormatHelp=El format de NameID que es farà servir per al títol +forcePostBinding=Forçar enllaços POST +discoveryEndpoint=Importa metadades des d''un descriptor d''un proveïdor d''identitat (IDP) remot. +registerNodeManually=Registrar node manualment +redirectURI=URI de redirecció +signDocuments=Signar documents +tokenUrl=Token URL +consentRequired=Si està habilitat, els usuaris han de consentir l''accés del client. +notBefore=No abans de +editUsername=Edita el nom d''usuari +lastRegistration=Últim registre +requireSsl=Sol·licitar SSL +samlEntityDescriptor=Et permet carregar metadades d''un proveïdor d''identitat (IDP) extern d''un arxiu de coniguración o descarregar des d''una URL. +addIdpMapperName=Nom de l''assignador. +wantAuthnRequestsSigned=Signar AuthnRequests +usermodel.attr.tooltip=Nom de l''atribut d''usuari emmagatzemat que és el nom de l''atribut dins el map UserModel.attribute. +export=Exporta +generateNewKeys=Generar noves claus +offlineSessionIdle=Inactivitat de sessió sense connexió +backchannelLogout=Backchannel Logout +userRegistrationHelpText=Habilitar/deshabilitar la pàgina de registre. Un enllaç per al registre es mostrarà també a la pàgina d''inici de sessió. +revokeRefreshToken=Revocar el token d''actualització +minimumQuickLoginWaitSeconds=Temps mínim entre errors de connexió ràpids +prompts.login=login +offlineSessionIdleHelp=Temps màxim inactiu d''una sessió sense connexió abans que expiri. Necessites fer servi un token sense connexió per refrescar almenys una vegada dins d'aquest període, en un altre cas la sessió sense connexió expirarà. +forceNameIdFormatHelp=Ignorar la petició de subjecte NameID i fer servir la configurada a la consola d''administració. +realmRoles=Rols de domini +port=Port +adminThemeHelp=Selecciona el tema per a la consola d''administració. +nameIdFormat=Format de NameID +validRedirectUri=URIs de redirecció vàlides +clientList=Clients +userSession.modelNote.label=Nota sessió usuari +logoutServicePostBindingURL=URL d''enllaç SAML POST per a la desconnexió +assertionConsumerServicePostBindingURLHelp=SAML POST Binding URL for the client''s assertion consumer service (login responses). You can leave this blank if you do not have a URL for this binding. +singleLogoutServiceUrl=URL de servei de desconnexió únic +userAttribute=Atribut d''usuari +roles=Rols +description=Descripció +validateSignatureHelp=Habilitar/deshabilitar la validació de signatures de proveïdors d''identitat (IDP) externs +clientSignatureHelp=Signarà el client les seves peticions i respostes SAML? I haurien de ser validades? +title=Sessions +keyPasswordHelp=Contrasenya per accedir a la clau privada continguda en l''arxiu +verifyEmail=Verificar email +frontchannelLogout=Desconnexió en primer pla (Front Channel) +formatOption=Format +loginTheme=Tema d''inici de sessió +provider=Proveïdor +providerId=ID +titleRoles=Rols de domini +nodeReRegistrationTimeout=Temps d''espera de re-registre de node +loginTimeout=Temps màxim de desconnexió +accessTokenLifespan=Durada del token d''accés +setToNow=Fixar a ara +signAssertionsHelp=Haurien de signar-se les assercions en documents SAML? Aquest ajust no és necessari si el document ja s''està signant. +validateSignature=Validar signatures +headers=Capçaleres +fineGrainSamlEndpointConfig=Fine Grain SAML Endpoint Configuration +hours=Hores +encryptAssertions=Xifrar afirmacions +keyAliasHelp=Àlies de l''arxiu de la teva clau privada i certificat. +aliasHelp=L''àlies que identifica de forma única un proveïdor d''identitat, es far servir també per construir la URI de redirecció. +tokenClaimName.tooltip=Nom del reclam a inserir en el testimoni. Pot ser un nom complet com ''address.street''. En aquest cas, es crearà un objecte JSON niat. +maxFailureWaitSeconds=Espera màxima +userName=Usuari +clientProfileDescription=Descripció +ssoSessionMax=Temps màxim abans que una sessió expiri. Els tokens i sessions de navegador són invalidats quan una sessió expira. +protocolMapper=Protocol. +times.hours=Hores +sslType.none=cap +webOrigins=Orígens web +realm=Domini +prompt=Prompt +username=Usuari +importConfig=Importa metadades des d''un descriptor d''un proveïdor d''identitat (IDP) descarregat. +bruteForceDetection=Detecció d''atacs per força bruta +archiveFormatHelp=Format d''arxiu Java keystore o PKCS12 +keyAlias=Àlies de clau +revokeRefreshTokenHelp=Si està activat els tokens d''actualització només poden usar-se una vegada. En un altre cas els tokens d''actualització no es revoquen quan s''utilitzen i poden ser usat múltiples vegades. +storedTokensReadableHelp=Habilitar/deshabilitar si els nous usuaris poden llegir els tokens emmagatzemats. Això assigna el rol ''broker.read-token''. +none=cap +sslType.all=totes les peticions +type=Tipus +httpPostBindingResponse=HTTP-POST enllaç de resposta +issuer=Emissor +seconds=Segons +editUsernameHelp=Si està habilitat, el nom d''usuari és editable, altrament és de només lectura. +id=ID +accountThemeHelp=Selecciona el tema per a les pàgines de gestió del compte d''usuari. +fullScopeAllowedHelp=Permet deshabilitar totes les restriccions. +canonicalizationHelp=Mètode de canonicalització per a les signatures XML +sessions=Sessions +includeAuthnStatement=Incloure AuthnStatement +jsonType.tooltip=El tipus de JSON que hauria de fer-se servir per omplir la petició de JSON en el token. long, int, boolean i String són valors vàlids +multivalued.tooltip=Indica si l''atribut suporta múltiples valors. Si està habilitat, la llista de tots els valors d''aquest atribut es fixarà com a reclamació. Si està deshabilitat, només el primer valor serà fixat com a reclamació. +enableStartTLS=Habilitar StartTLS +enableStartTls=Habilitar StartTLS +addIdPMapper=Afegeix assignador de proveïdor d''identitat +trustEmail=Confiar en l''email +jsonType.label=Tipus JSON de reclamació +fullScopeAllowed=Permet tots els àmbits +push=Push +homeURL=URL per defecte per utilitzar quan el servidor d''autorització necessita redirigir o enviar de tornada al client. +masterSamlProcessingUrlHelp=Si està configurada, aquesta URL es fara servir per a cada enllaç al proveïdor del servei del consumidor d''assercions i serveis de desconnexió únics. Pot ser sobreescrit de forma individual per a cada enllaç i servei en el punt final de configuració fina de SAML. +usermodel.attr.label=Atribut d''usuari +claimJsonType=El tipus de JSON que hauria de fer-se servir per omplir la petició de JSON en el token. long, int, boolean i String són valors vàlids +forceAuthenticationHelp=Indica si el proveïdor d''identitat ha d'autenticar en presentar directament les credencials en lloc de dependre d''un context de seguretat previ. +testClusterAvailability=Provar disponibilitat del clúster +forceNameIdFormat=Forçar format NameID +rememberMeHelpText=Mostra la casella de selecció en la pàgina d''inici de sessió per a permetre a l''usuari estar connectat entre reinicis del navegador fins que la sessió expiri. +sslType.external=peticions externes +multiValued=Indica si l''atribut suporta múltiples valors. Si està habilitat, la llista de tots els valors d''aquest atribut es fixarà com a reclamació. Si està deshabilitat, només el primer valor serà fixat com a reclamació. +addRole=Afegir rol +ssoServiceUrl=URL de servei de connexió únic (SSO) +clients=Clients +clientName=Nom +userRegistration=Registre d''usuari +save=Desar +wantAuthnRequestsSignedHelp=Indica si el proveïdor d''identitat espera rebre signades les AuthnRequest. +login=login +enabled=Habilitat +maxDeltaTimeSeconds=Reinici del comptador d''errors +keyPassword=Contrasenya de la clau +backchannelLogoutHelp=Does the external IDP support backchannel logout? +SSOSessionIdle=Sessions SSO inactives +ssoServiceUrlHelp=L''URL que s''ha de fer servir per enviar peticions d''autenticació (SAML AuthnRequest). +trustEmailHelp=Si està habilitat, l''email rebut d''aquest proveïdor no es verificarà encara que la verificació estigui habilitada per al domini. +supportedLocales=Idiomes suportats +maxFailureWaitSecondsHelp=Temps màxim que un usuari queda bloquejat. +issuerHelp=L''identificador de l''emissor per a l''emissor de la resposta. Si no s''indica, no es realitzarà cap validació. +titleSessions=Sessions +clientNameHelp=Indica el nom visible del client. Per exemple ''My Client''. També suporta claus per valors localitzats. Per exemple\: ${my_client} +maxDeltaTimeSecondsHelp=Quan s''ha de reiniciar el comptador d''errors? +adminURLHelp=URL a la interfície d''administració del client. Fixa aquest valor si el client suporta l''adaptador de REST. Aquesta API REST permet al servidor d''autenticació enviar al client polítiques de revocació i altres tasques administratives. Normalment es fixa a l''URL base del client. +contentSecurityPolicy=Content-Security-Policy +rootUrl=URL arrel +rootURL=URL arrel afegida a les URL relatives +storePasswordHelp=Contrasenya per accedir a l''arxiu +frontchannelLogoutHelp=Quan està activat, la desconnexió requereix una redirecció del navegador cap al client. Quan no està activat, el servidor realitza una invovación de desconnexió en segon pla. +clientLoginTimeout=Temps màxim d''autenticació +nodeReRegistrationTimeoutHelp=Indica el màxim interval de temps perquè els nodes del clúster registrats es tornin a registrar. Si el node del clúster no envia una petició de re-registre a Keycloak dins d''aquest interval, serà desregistrat de Keycloak +logoutServicePostBindingURLHelp=URL d''enllaç SAML POST per a la desconnexió única del client. Pots deixar-ho en blanc si estàs fent servir un enllaç diferent. +registrationEmailAsUsername=Email com a nom d''usuari +scopes=Els àmbits que s''enviaran quan es sol·liciti autorització. Pot ser una llista d''àmbits separats per espais. El valor per defecte és ''openid''. +signDocumentsHelp=Hauria el domini de signar els documents SAML? +requireSslHelp=És HTTP obligatori? ''cap'' significa que HTTPS no és obligatori per cap direcicón IP de client, ''peticions externes'' indica que localhost i les adreces IP privades poden accedir sense HTTPS, ''totes les peticions'' vol dir que HTTPS és obligatori per a totes les adreces IP. +userInfoUrlHelp=L''URL d''informació d''usuari. Opcional. +includeAuthnStatementHelp=Hauria d''incloure''s una declaració especificant el mètode i la marca de temps en la resposta d''inici de sessió? +client-authenticator-type=Client autenticador usat per autenticar aquest client contra el servidor Keycloak +kc.realm.name=Domini +download=Descarrega +protocol=Protocol +tokenClaimName.label=Nom de reclam del token +host=Host +create=Crea +clientSecret=Secret de Client +from=Des de +httpPostBindingAuthnRequest=HTTP-POST per AuthnRequest +includeInAccessToken.label=Afegir al token d''accés +adminURL=URL d''administració +settings=Ajustos +failureFactorHelp=Indica quants errors es permeten abans que es dispari una espera. +minutes=Minuts +storeTokensHelp=Habilitar/deshabilitar si els tokens han de ser emmagatzemats després d''autenticar als usuaris. +singleLogoutServiceUrlHelp=L''URL que ha de fer-se servir per enviar peticions de desconnexió. +userSession.modelNote.tooltip=Nom de la nota emmagatzemada en la sessió d''usuari dins del mapa UserSessionModel.note +clientsClientTypeHelp=''OpenID connect'' permet als clients verificar la identitat de l''usuari final basat en l''autenticació realitzada per un servidor d''autorització. ''SAML'' habilita l''autenticació i autorització d''escenaris basats en web incloent cross-domain i single sign-on (SSO) i utilitza tokens de seguretat que contenen afirmacions per passar informació. +storeTokens=Emmagatzemar tokens +includeInIdToken.label=Afegir al token d''ID +webOriginsHelp=Orígens CORS permesos. Per permetre tots els orígens d''URIs de redirecció vàlides afegeix ''+''. Per permetre tots els orígens afegeix ''*''. +emailThemeHelp=Selecciona el tema per als correus electrònics que són enviats pel servidor. +logoutUrl=URL de desconnexió +canonicalization=Mètode de canonicalització +storedTokensReadable=Tokens emmagatzemats llegibles +SSOSessionMax=Temps màxim sessió SSO +minimumQuickLoginWaitSecondsHelp=Quant de temps s''ha d''esperar després d''un error en un intent ràpid d''identificació +mappers=Assignadors +waitIncrementSeconds=Increment d''espera +usermodel.prop.label=Propietat +name-id-format=Format de NameID +addNode=Afegir Node +credentials=Credencials +certificate=Certificat +importClient=Importar Client +selectRole.label=Selecciona rol +prompts.consent=consentiment +enableSSL=Habilitar SSL +general=General +failureFactor=Nombre màxim d''errors d''inici de sessió +signAssertions=Signar assercions +adminTheme=Tema de consola d''administració +alias=Àlies +tokens=Tokens +encryptAssertionsHelp=Haurien de xifrar-se les afirmacions SAML amb la clau pública del client fent servir AES? +clientSecretHelp=El secret del client registrat amb el proveïdor d''identitat. +validateSignatures=Habilitar/deshabilitar la validació de signatura en respostes SAML. +on=Activat +descriptionHelp=Indica la descripció del client. Per exemple ''My Client for TimeSheets''. També suporta claus per a valors localitzats. Per exemple\: ${my_client_description} +logoutUrlHelp=Punt de tancament de sessió per utilitzar en la desconnexió d''usuaris des d''un proveïdor d''identitat (IDP) extern. +times.seconds=Segons +clear=Neteja +serviceAccount=Permetre autenticar aquest client contra Keycloak i rebre un token d''accés dedicat per a aquest client. +assertionConsumerServiceRedirectBindingURL=Assertion Consumer Service Redirect Binding URL +loginThemeHelp=Selecciona el tema per a les pàgines d''inici de sessió, OTP, permisos, registre i recordatori de contrasenya. +signatureAlgorithm=L''algorisme de signatura usat per signar els documents. +multivalued.label=Valors múltiples +accountTheme=Tema de compte +forceAuthentication=Forçar autenticació +clustering=Clustering +rememberMe=Mantenir connectat +category=Categoria +usermodel.prop.tooltip=Nom del mètode de propietat en la interfície UserModel. Per exemple, un valor de ''email'' faria referència al mètode UserModel.getEmail(). +times.days=Dies +user=Usuari +registeredClusterNodes=Registrar nodes de clúster +selectRole.tooltip=Introdueix el rol a la caixa de text de l''esquerra, o fes clic a aquest botó per navegar i buscar el rol que vols. diff --git a/js/apps/admin-ui/maven-resources/theme-resources/messages/messages_de.properties b/js/apps/admin-ui/maven-resources/theme-resources/messages/messages_de.properties new file mode 100644 index 0000000000..889c63300b --- /dev/null +++ b/js/apps/admin-ui/maven-resources/theme-resources/messages/messages_de.properties @@ -0,0 +1,179 @@ +cancel=Abbrechen +localization=Internationalisierung +unlinkUsers=Benutzer entsperren +groupsDescription=Eine Gruppe ist eine Sammlung von Attributen und Rollenzuordnungen, die auf einen Benutzer angewendet werden können. Du kannst Gruppen erstellen, bearbeiten und löschen sowie deren Hierarchie von Kind- und Elterngruppen verwalten. +lifespan=Läuft ab in +defaultGroups=Standardgruppen +type=Typ +Saturday=Samstag +lastUpdated=Zuletzt aktualisiert +credentialResetBtn=Zugang zurücksetzen +password=Passwort +seconds=Sekunden +editUsernameHelp=Wenn aktiv, kann der Benutzername editiert werden. +userList=Benutzerliste +learnMore=Mehr erfahren +eventTypes.RESET_PASSWORD.name=Passwort zurücksetzen +permissions=Berechtigungen +action=Aktion +join=Beitreten +events=Ereignisse +sessions=Sessions +edit=Bearbeiten +syncModeOverride=Überschriebene Synchronisation +credentialResetConfirm=E-Mail senden +signOut=Abmelden +permissionsEnabledHelp=Legt fest, ob feingranulare Berechtigungen für diese Rolle aktiv sein sollen. Wird diese Option deaktiviert, werden alle aktuell aufgesetzten Berechtigungen gelöscht. +active=Aktiv +validatorDialogColNames.colName=Rollenname +syncModes.inherit=Standard erben +usersPermissionsHint=Feingranulare Berechtigungen für alle Benutzer in diesem Realm. Es können verschiedene Einstellungen definiert werden, wer in diesem Realm berechtigt ist, Benutzer zu verwalten. +deleteBtn=Löschen +titleUsers=Benutzer +credentialType=Typ +clientIdHelp=Legt die Id fest, auf die in URI und Token verwiesen wird. Zum Beispiel 'my-client'. Bei SAML ist dies auch der erwartete Issuer-Wert von authn-Anfragen +htmlDisplayName=HTML-Anzeigename +groupName=Gruppenname +eventTypes.REGISTER.name=Registrieren +roleName=Rollenname +deleteUser=Benutzer löschen +rememberMeHelpText=Zeigt eine Auswahlbox auf der Loginseite, die es dem Benutzer erlaubt, zwischen Browser-Neustarts eingeloggt zu bleiben, bis die Session abläuft. +reset=Zurücksetzen +syncModes.import=Importieren +addRole=Rolle hinzufügen +requiredUserActionsHelp=Verlangt eine Aktion wenn sich der Benutzer einloggt. 'E-Mail Verifizieren' sendet eine E-Mail an den Benutzer, um die Gültigkeit seiner E-Mailadresse zu prüfen. 'Profil aktualisieren' verlangt, dass Benutzer ihre persönlichen Angaben eingeben. 'Passwort aktualisieren' zwingt Benutzer ein neues Passwort zu setzen. 'OTP konfigurieren' zwingt Benutzer einen mobilen Passwort-Generator einzurichten (i.e. Google Authenticator) +status=Status +realmSettings=Realm-Einstellungen +lastName=Nachname +clients=Clients +temporaryPasswordHelpText=Wenn eingeschaltet, ist der Benutzer beim nächsten Login aufgefordert, dass Passwort zu ändern. +clientName=Name +userRegistration=Benutzerregistrierung +syncModes.force=Erzwingen +permissionsEnabled=Berechtigungen aktiv +save=Speichern +enabled=Aktiv +search=Suche +searchUserByAttributeMissingValueError=Attributwert angeben +copy=Kopieren +deleteGroup=Gruppe löschen +key=Schlüssel +validRedirectURIs=Gültiges URI-Muster, zu dem ein Browser nach einer erfolgreichen An- oder Abmeldung umleiten kann. Einfache Platzhalter sind zulässig, z. B. "http\://example.com/*". Es kann auch ein relativer Pfad angegeben werden, z. B. /my/relative/path/*. Relative Pfade beziehen sich auf die Root URL des Clients, oder wenn keine angegeben ist, wird die Stamm-URL des Autorisierungsservers verwendet. Für SAML muss man gültige URI-Muster festlegen, wenn man sich auf die in die Anmeldeanforderung eingebettete URL des Verbraucherdienstes verlässt. +email=Email +deleteCredentialsConfirm=Sind Sie sicher, dass Sie die Zugangsdaten löschen möchten? +searchForUser=Benutzer suchen +selectAttribute=Wähle Attribut +endpoints=Endpoints +clientId=Client-ID +supportedLocales=Unterstützte Sprachen +showPasswordDataValue=Wert +titleSessions=Sessions +clientNameHelp=Legt den Anzeigenamen des Clients fest. Zum Beispiel 'My Client'. Unterstützt auch Keys für lokalisierte Werte. Zum Beispiel\: ${my_client} +lastAccess=Letzter Zugriff +passwordConfirmation=Passwort bestätigen +emailVerified=E-Mail verifiziert +Thursday=Donnerstag +addAttribute=Attribut hinzufügen +times.minutes=Minuten +disable=Deaktivieren +usersExplain=Benutzer in diesem Realm. +defaultRoles=Standardrollen +attributes=Attribute +registrationEmailAsUsername=E-Mail-Adresse als Benutzername +resetPassword=Passwort zurücksetzen +Monday=Montag +requiredUserActions=Verlangte Benutzeraktionen +grantedClientScopes=Gewährte Client-Scopes +addUser=Benutzer hinzufügen +syncModeOverrideHelp=Überschreibt den normalen Synchronisationsmodus des IDP für diesen Mapper. Werte sind 'Legacy' um das alte Verhalten beizubehalten, 'Importieren' um den Nutzer einmalig zu importieren, 'Erzwingen' um den Nutzer immer zu updaten. +searchUserByAttributeKeyAlreadyInUseError=Attributschlüssel bereits in Verwendung +selectMethodType.import=Importieren +searchUserByAttributeMissingKeyError=Attributschlüssel angeben +syncModes.legacy=Legacy +loginWithEmail=Anmeldung mit E-Mail +createdAt=Erstellt am +editUsername=Benutzername editierbar +titleEvents=Ereignisse +requireSsl=Ist HTTPS erforderlich? 'None' bedeutet, dass HTTPS für keine Client-IP-Adresse erforderlich ist. 'External requests' bedeutet, dass Localhost und private IP-Adressen ohne HTTPS zugreifen können. 'All requests' bedeutet, dass HTTPS für alle IP-Adressen erforderlich ist. +manageAccount=Konto verwalten +Friday=Freitag +leave=Verlassen +members=Mitglieder +host=Host +syncMode=Synchronisationsmodus +create=Erstellen +details=Details +from=Von +resetPasswordBtn=Passwort zurücksetzen +add=Hinzufügen +settings=Einstellungen +createGroup=Gruppe erstellen +created=Erstellt +minutes=Minuten +ipAddress=IP-Adresse +userRegistrationHelpText=Aktiviere/deaktiviere die Seite zur Benutzerregistrierung. Auf der Loginseite wird ein entsprechender Link angezeigt. +webOriginsHelp=Erlaubte CORS Origins. Um alle Origins der Valid Redirect URIs zu erlauben, fügen Sie ein '+' hinzu. Dabei wird der '*' Platzhalter nicht mit übernommen. Um alle Origins zu erlauben, geben Sie explizit einen Eintrag mit '*' an. +users=Benutzer +searchForGroups=Gruppen suchen +realmRoles=Realm-Rollen +firstName=Vorname +serverInfo=Server-Info +searchType.attribute=Attributsuche +port=Port +Sunday=Sonntag +logoutUrl=Logout-URL +Wednesday=Mittwoch +emailVerifiedHelp=Wurde die E-Mail des Benutzers verifiziert? +tokenLifespan.expires=Läuft ab in +valuePlaceholder=Wert eingeben +consents=Einwilligungen +clientList=Clients +groupMembership=Gruppen-Mitglied +removedGroupMembership=Aus Gruppe entfernt. +searchType.default=Standardsuche +credentials=Passwörter +keys=Keys +roles=Rollen +searchUserByAttributeDescription=Es unterstützt die Einstellung mehrerer Attribute als Suchfilter, indem verschiedene Schlüssel oder Werte festgelegt werden. Für einen Schlüssel kann nur ein Wert eingegeben werden. +certificate=Zertifikat +description=Beschreibung +revoke=Widerrufen +title=Authentifizierung +delete=Löschen +verifyEmail=E-Mail verifizieren +remove=Entfernen +enableSSL=SSL aktivieren +confirmPasswordDoesNotMatch=Die Passwörter stimmen nicht überein. +titleRoles=Realm-Rollen +Tuesday=Dienstag +loginWithEmailHelpText=Erlaubt Benutzern, sich mit ihrer E-Mail-Adresse anzumelden. +removeAttribute=Attribut entfernen +value=Wert +selectAttributes=Wähle Attribute +authentication=Authentifizierung +times.seconds=Sekunden +hours=Stunden +clear=Zurücksetzen +groups=Gruppen +configure=Konfigurieren +userName=Benutzername +clientProfileDescription=Beschreibung +addedGroupMembership=Zur Gruppe hinzugefügt. +eventTypes.LOGOUT.name=Ausloggen +usermodel.clientRoleMapping.client.label=Client-ID +manage=Verwalten +syncModeHelp=Standardsyncmodus für alle Mapper. Mögliche Werte sind\: 'Legacy' um das alte Verhalten beizubehalten, 'Importieren' um den Nutzer einmalig zu importieren, 'Erzwingen' um den Nutzer immer zu importieren. +temporaryPassword=Temporär +userManagedAccess=Wenn aktiviert, können Benutzer ihre Ressourcen und Berechtigungen über die Account Management UI verwalten. +times.hours=Stunden +temporaryLocked=Der Benutzer wurde vorübergehend wegen zuvieler ungültiger Loginversuche gesperrt. +keyPlaceholder=Schlüssel eingeben +webOrigins=Web Origins +resetActions=Zurücksetz-Aktionen +time=Zeit +rememberMe=Angemeldet bleiben +titleAuthentication=Authentifizierung +category=Kategorie +times.days=Tage +user=Benutzer +username=Benutzername diff --git a/js/apps/admin-ui/maven-resources/theme-resources/messages/messages_en.properties b/js/apps/admin-ui/maven-resources/theme-resources/messages/messages_en.properties new file mode 100644 index 0000000000..f07d20a788 --- /dev/null +++ b/js/apps/admin-ui/maven-resources/theme-resources/messages/messages_en.properties @@ -0,0 +1,2887 @@ +cancel=Cancel +deleteConfirm_other=Are you sure you want to delete these groups. +trusted-hosts.label=Trusted Hosts +deletedSuccess=Provider successfully deleted. +searchAttributes=Search attributes +userID=User ID +anyResource=Any resource +importAdded_zero=No records added. +createClientPolicy=Create client policy +clientSignature=Client signature required +persistent=Persistent +sync-ldap-roles-to-keycloak=Sync LDAP roles to Keycloak +eventTypes.PERMISSION_TOKEN.name=Permission token +permissionsDisable=Disable permissions? +eventTypes.FEDERATED_IDENTITY_LINK_ERROR.description=Federated identity link error +secretHasExpired=Secret has expired, please generate a new one by clicking the "Regenerate" button above +requiredRoles=Please add at least one role. +addLdapWizardTitle=Add LDAP user federation provider +wantAssertionsSignedHelp=Indicates whether this service provider expects a signed Assertion. +disableConfirm=Are you sure you want to disable the provider '{{provider}}' +eventTypes.CUSTOM_REQUIRED_ACTION.description=Custom required action +flowName=Flow name +userInfoResponseEncryptionContentEncryptionAlgorithm=User info response encryption content encryption algorithm +eventTypes.IDENTITY_PROVIDER_FIRST_LOGIN_ERROR.name=Identity provider first login error +searchByRoleName=Search by role name +credentialType=Type +passLoginHint=Pass login_hint +openIdConnectCompatibilityModesHelp=This section is used to configure settings for backward compatibility with older OpenID Connect / OAuth 2 adaptors. It's useful especially if your client uses older version of Keycloak / RH-SSO adapter. +emptyClientScopes=This client doesn't have any added client scopes +requiredGroups=Please add at least one group. +httpPostBindingAuthnRequestHelp=Indicates whether the AuthnRequest must be sent using HTTP-POST binding. If false, HTTP-REDIRECT binding will be used. +policyEnforcementMode=Policy enforcement mode +eventTypes.CLIENT_UPDATE.name=Client update +addMultivaluedLabel=Add {{fieldLabel}} +notRepeat=Not repeat +secretRotated=Secret rotated +userFedDeleteConfirmTitle=Delete user federation provider? +userCredentialsHelpTextLabel=User Credentials Help Text +role=Role +displayName=Display name +applyToResourceTypeHelp=Specifies if this permission should be applied to all resources with a given type. In this case, this permission will be evaluated for all instances of a given resource type. +cibaIntervalHelp=The minimum amount of time in seconds that the CD (Consumption Device) must wait between polling requests to the token endpoint. If set to 0, the CD must use 5 as the default value according to the CIBA specification. +envelopeFrom=Envelope from +eventTypes.UPDATE_TOTP.name=Update totp +updateCibaError=Could not update CIBA policy\: {{error}} +policyUrl=Policy URL +clientDescriptionHelp=Specifies description of the client. For example 'My Client for TimeSheets'. Supports keys for localized values as well. For example\: ${my_client_description} +rolesPermissionsHint=Determines if fine grained permissions are enabled for managing this role. Disabling will delete all current permissions that have been set up. +passwordPoliciesHelp.regexPattern=Requires that the password matches one or more defined Java regular expression patterns. +oAuthDPoP=OAuth 2.0 DPoP Bound Access Tokens Enabled +invalidRealmName=Realm name can't contain special characters +validRedirectURIsHelp=Valid URI pattern a browser can redirect to after a successful login. Simple wildcards are allowed such as 'http\://example.com/*'. Relative path can be specified too such as /my/relative/path/*. Relative paths are relative to the client root URL, or if none is specified the auth server root URL is used. For SAML, you must set valid URI patterns if you are relying on the consumer service URL embedded with the login request. +realmNameTitle={{name}} realm +subjectNameId=Subject NameID +credentialsList=Credentials List +usermodel.clientRoleMapping.clientId.label=Client ID +clientId=Client ID +serviceProviderEntityId=Service provider entity ID +internationalizationHelp=If enabled, you can choose which locales you support for this realm and which locale is the default. +managePriorityOrder=Manage priority order +contextualAttributesHelp=Any attribute provided by a running environment or execution context. +clientLoginTimeoutHelp=Max time a client has to finish the access token protocol. This should normally be 1 minute. +emptyMappers=No mappers +artifactBindingUrlHelp=URL to send the HTTP ARTIFACT messages to. You can leave this blank if you are using a different binding. This value should be set when forcing ARTIFACT binding together with IdP initiated login. +artifactBindingUrl=Artifact Binding URL +clientsList=Clients list +userId=User ID +eventTypes.CLIENT_UPDATE_ERROR.description=Client update error +eventTypes.UPDATE_EMAIL.description=Update email +eventTypes.VALIDATE_ACCESS_TOKEN.description=Validate access token +dedicatedScopeExplain=This is a client scope which includes the dedicated mappers and scope +updateOtpError=Could not update OTP policy\: {{error}} +addressClaim.postal_code.label=User Attribute Name for Postal Code +defaultRoles=Default roles +samlSignatureKeyNameHelp=Signed SAML documents contain identification of signing key in KeyName element. For Keycloak / RH-SSO counter-party, use KEY_ID, for MS AD FS use CERT_SUBJECT, for others check and use NONE if no other option works. +clientScopeTypes.default=Default +invalidateRotatedSecret=Invalidate rotated secret? +noDirectUsers=No direct users +whoCanEditHelp=If enabled, users or administrators can view and edit the attribute. Otherwise, users or administrators don't have access to write to the attribute. +eventTypes.LOGIN.name=Login +addressClaim.country.tooltip=Name of User Attribute, which will be used to map to 'country' subclaim inside 'address' token claim. Defaults to 'country' . +uuidLdapAttribute=UUID LDAP attribute +scopeNameHelp=Name of the client scope. Must be unique in the realm. Name should not contain space characters as it is used as value of scope parameter +requiredUserActions=Required user actions +noConsentsText=The consents will only be recorded when users try to access a client that is configured to require consent. In that case, users will get a consent page which asks them to grant access to the client. +addStep=Add step +clientAssertionAudience=Client assertion audience +permissionPoliciesHelp=Specifies all the policies that must be applied to the scopes defined by this policy or permission. +userInitiatedActionLifespanHelp=Maximum time before an action permit sent by a user (such as a forgot password e-mail) is expired. This value is recommended to be short because it's expected that the user would react to self-created action quickly. +clearFileExplain=Are you sure you want to clear this file? +userModelAttribute=User model attribute +eventTypes.LOGOUT_ERROR.name=Logout error +allowRemoteResourceManagement=Remote resource management +syncRegistrationsHelp=Should newly created users be created within LDAP store? Priority effects which provider is chosen to sync the new user. This setting is effectively appplied only with WRITABLE edit mode. +resetPasswordAllowed=Forgot password +emptyExecution=No steps +passwordPolicyHintsEnabledHelp=Applicable just for writable MSAD. If on, then updating password of MSAD user will use LDAP_SERVER_POLICY_HINTS_OID extension, which means that advanced MSAD password policies like 'password history' or 'minimal password age' will be applied. This extension works just for MSAD 2008 R2 or newer. +expirationValueNotValid=Value should should be greater or equal to 1 +eventTypes.UPDATE_CONSENT.name=Update consent +forceArtifactBinding=Force artifact binding +eventTypes.REFRESH_TOKEN_ERROR.description=Refresh token error +eventTypes.IMPERSONATE.name=Impersonate +updateFirstLogin=Update first login +columnDisplayDescription=Display description +flowUsedBy=Use of this flow +client-updater-trusted-hosts.label=Trusted hosts +updateExecutorSuccess=Executor updated successfully +ldapAttributeHelp=Name of mapped attribute on LDAP object. For example 'cn', 'sn', 'mail', 'street', etc. +assertionLifespan=Assertion Lifespan +export=Export +claimFilterNameHelp=Name of the essential claim +revocationDescription=This is a way to revoke all active sessions and access tokens. Not before means you can revoke any tokens issued before the date. +eventTypes.CODE_TO_TOKEN_ERROR.description=Code to token error +termsOfServiceUrl=Terms of service URL +requestObject.request_uri\ only=Request URI only +passwordPolicy=Password policy +backchannelLogout=Backchannel logout +addressClaim.street.label=User Attribute Name for Street +rolesScope=If there is no role scope mapping defined, each user is permitted to use this client scope. If there are role scope mappings defined, the user must be a member of at least one of the roles. +applyToResourceTypeFlag=Apply to resource type +offlineSessionIdleHelp=Time an offline session is allowed to be idle before it expires. You need to use offline token to refresh at least once within this period; otherwise offline session will expire. +eventTypes.UPDATE_TOTP.description=Update totp +testError=Error when trying to connect to LDAP\: '{{error}}' +groupObjectClassesHelp=Object class (or classes) of the group object. It's divided by commas if more classes needed. In typical LDAP deployment it could be 'groupOfNames'. In Active Directory it's usually 'group'. +filterByClients=Filter by clients +claims=Claims +createPolicyOfType=Create {{policyType}} policy +realmRolePrefix=Realm role prefix +flowUsedByDescription=This flow is used by the following {{value}} +createClientScope=Create client scope +includeRepresentation=Include representation +expireTimeHelp=Defines the time after which the policy MUST NOT be granted. Only granted if current date/time is before or equal to this value. +singleLogoutServiceUrl=Single logout service URL +noRolesInstructions-roles=You haven't created any roles in this realm. Create a role to get started. +editIdPMapper=Edit Identity Provider Mapper +representation=Representation +remove=Remove +userProfile=User profile +confirmPasswordDoesNotMatch=Password and confirmation does not match. +eventTypes.DELETE_ACCOUNT_ERROR.description=Delete account error +provider=Provider +flows=Flows +passwordPoliciesHelp.length=The minimum number of characters required for the password. +root=Root +removeImportedUsersSuccess=Imported users have been removed. +eventTypes.VERIFY_PROFILE_ERROR.name=Verify profile error +signAssertionsHelp=Should assertions inside SAML documents be signed? This setting is not needed if document is already being signed. +authnContextClassRefsHelp=Ordered list of requested AuthnContext ClassRefs. +sessionsType.directGrant=Direct grant +validateSignature=Validate Signatures +useLowerCaseBearerType=Use lower-case bearer type in token responses +headers=Headers +ldapAttributeNameHelp=Name of the LDAP attribute, which will be added to the new user during registration +createAGroup=Create a group +effectiveProtocolMappersHelp=Contains all default client scopes and selected optional scopes. All protocol mappers and role scope mappings of all those client scopes will be used when generating access token issued for your client +exportSuccess=Realm successfully exported. +scopePermissions.groups.manage-description=Policies that decide if an administrator can manage this group +testClusterFail=Failed verified availability for\: {{failedNodes}}. Fix or unregister failed cluster nodes and try again +eventExplain=Events are records of user and admin events in this realm. To configure the tracking of these events, go to <1>Event configs. +queryExtensions=Query Supported Extensions +signingKeysConfig=Signing keys config +validateBindDn=You must enter the DN of the LDAP admin +addedGroupMembership=Added group membership +resourceDeletedSuccess=The resource successfully deleted +userObjectClasses=User object classes +useRefreshTokensHelp=If this is on, a refresh_token will be created and added to the token response. If this is off then no refresh_token will be generated. +getStarted=To get started, select a provider from the list below. +times.hours=Hours +signedJWTConfirm=Generate a private key and certificate for the client from the Keys tab. +permit=Permit +webOrigins=Web origins +searchAdminEventsBtn=Search admin events +deleteDialogDescription=Are you sure you want to permanently delete the attributes group <1>{{group}}? +importResourceSuccess=The resource was successfully imported +inputTypeCols=Input cols +eventTypes.LOGOUT.description=Logout +deleteNodeBody=Are you sure you want to permanently delete the node "{{node}}" +lifespan=Expires In +storedTokensReadableHelp=Enable/disable if new users can read any stored tokens. This assigns the broker.read-token role. +authenticationFlowTypeHelp=What kind of form is it +usersAdded_one={{count}} user added to the group +resourcesAndScopes=Resources and Scopes +editUsernameHelp=If enabled, the username field is editable, readonly otherwise. +eventTypes.UPDATE_CONSENT_ERROR.description=Update consent error +overrideActionTokensHelp=Override default settings of maximum time before an action permit sent by a user (such as a forgot password e-mail) is expired for specific action. This value is recommended to be short because it's expected that the user would react to self-created action quickly. +searchByName=Search by name +executorTypeSwitchHelpText=Executor Type Switch Help Text +attributeConsumingServiceNameHelp=Name of the Attribute Consuming Service profile to advertise in the SP metadata. +overrideActionTokens=Override Action Tokens +deleteGrantsError=Error deleting grants. +defaultGroupAdded_other=Added {{count}} groups to the default groups +used.SPECIFIC_CLIENTS=Specific clients +freeMemory=Free memory +applyPolicy=Apply policy +userFedDeleteConfirm=If you delete this user federation provider, all associated data will be removed. +directGrantHelp=Select the flow you want to use for direct grant authentication. +unlockUsersSuccess=Any temporarily locked users are now unlocked +jsonType.tooltip=JSON type that should be used to populate the json claim in the token. long, int, boolean, String and JSON are valid values. +emptyPrimaryAction=Add predefined mapper +enableClientSignatureRequired=Enable "Client signature required"? +supportedApplicationsHelp=Applications that are known to work with the current OTP policy +enableStartTLS=Enable StartTLS +syncModeOverride=Sync mode override +addAssociatedRolesError=Could not associate roles {{error}} +removeUserText=Do you want to remove {{numSelected}} users?. These users will no longer have permissions of the role {{role}} and the associated roles of it. +diagramView=Diagram view +removeImportedUsers=Remove imported users? +conditionsHelpItem=Conditions help item +accountLinkingOnly=Account linking only +clientPoliciesPoliciesHelpText=Client Policy allows to bind client profiles with various conditions to specify when exactly is enforced behavior specified by executors of the particular client profile. +anyClient=The condition is satisfied by any client on any event. +editFlow=Edit flow +noDefaultGroupsInstructions=Default groups allow you to automatically assign group membership whenever any new user is created or imported throughout <1>identity brokering. Add default groups to get started +tokenSaveSuccess=New initial access token has been created +usermodel.attr.label=User Attribute +eventTypes.REGISTER.name=Register +eventTypes.USER_DISABLED_BY_PERMANENT_LOCKOUT.name=User disabled by permanent lockout +deleteUser=Delete user +addedNodeSuccess=Node successfully added +eventTypes.INTROSPECT_TOKEN_ERROR.description=Introspect token error +webAuthnPolicyUserVerificationRequirementHelp=Communicates to an authenticator to confirm actually verifying a user. +syncModes.import=Import +realmSaveError=Realm could not be updated\: {{error}} +authDataDescription=Represents a token carrying authorization data as a result of the processing of an authorization request. This representation is basically what Keycloak issues to clients asking for permission. Check the `authorization` claim for the permissions that where granted based on the current authorization request. +allowRemoteResourceManagementHelp=Should resources be managed remotely by the resource server? If false, resources can be managed only from this Admin UI. +generatedAccessTokenIsDisabled=Generated access token is disabled when no user is selected +addNewProvider=Add new provider +userInfoResponseEncryptionKeyManagementAlgorithm=User info response encryption key management algorithm +changedUsersSyncPeriod=Changed users sync period +keystoreHelp=Path to keys file +userRegistration=User registration +save=Save +helpFileUploadClient=Upload a JSON or XML file +generateSuccess=New key pair and certificate generated successfully +userAttributeValueHelp=Value you want to hardcode +whoCanViewHelp=If enabled, users or administrators can view the attribute. Otherwise, users or administrators don't have access to the attribute. +eventTypes.IDENTITY_PROVIDER_LOGIN.description=Identity provider login +includeClients=Include clients +copySuccess=Successfully copied to clipboard\! +eventTypes.LOGOUT_ERROR.description=Logout error +clientProfilesHelp=Client profiles applied on this policy. +deleteClientPolicyError=Could not delete policy\: {{error}} +selectAttribute=Select attribute +resourceAttributeHelp=The attributes associated wth the resource. +updateCredentialUserLabelSuccess=The user label has been changed successfully. +product=Product +credentialUserLabel=User Label +passwordPoliciesHelp.passwordBlacklist=Prevents the use of a password that is in a blacklist file. +bindTypeHelp=Type of the authentication method used during LDAP bind operation. It is used in most of the requests sent to the LDAP server. Currently only 'none' (anonymous LDAP authentication) or 'simple' (bind credential + bind password authentication) mechanisms are available. +whoWillAppearPopoverText=Groups are hierarchical. When you select Direct Membership, you see only the child group that the user joined. Ancestor groups are not included. +eventTypes.VERIFY_EMAIL.description=Verify email +eventTypes.REFRESH_TOKEN_ERROR.name=Refresh token error +partialImportHeaderText=Partial import allows you to import users, clients, and other resources from a previously exported json file. +disableSuccess=Provider successfully disabled +validatingPublicKeyIdHelp=Explicit ID of the validating public key given above if the key ID. Leave blank if the key above should be used always, regardless of key ID specified by external IDP; set it if the key should only be used for verifying if the key ID from external IDP matches. +eventTypes.IDENTITY_PROVIDER_LINK_ACCOUNT_ERROR.name=Identity provider link account error +subtree=Subtree +userFederation=User federation +effectiveRoleScopeMappingsHelp=Selected Optional Client Scopes, which will be used when issuing access token for this client. You can see above what value of OAuth Scope Parameter needs to be used when you want to have these optional client scopes applied when the initial OpenID Connect Authentication request will be sent from your client adapter +disable=Disable +membershipLdapAttribute=Membership LDAP attribute +availableIdPs=Available identity providers +updateClientConditionSuccess=Condition updated successfully. +attributes=Attributes +roleDeleteConfirmDialog=This action will permanently delete the role "{{selectedRoleName}}" and cannot be undone. +clientDelete=Delete {{clientId}} ? +userDeletedSuccess=The user has been deleted +revokeClientScopesTitle=Revoke all granted client scopes? +contentSecurityPolicyReportOnlyHelp=For testing Content Security Policies <1>Learn more +eventTypes.PERMISSION_TOKEN.description=Permission token +allow-default-scopes.label=Allow Default Scopes +minuteHelp=Defines the minute when the policy MUST be granted. You can also provide a range by filling the second field. In this case, permission is granted only if current minute is between or equal to the two values you provided. +updateCibaSuccess=CIBA policy successfully updated +newRoleNameHelp=The new role name. The new name format corresponds to where in the access token the role will be mapped to. So, a new name of 'myapp.newname' will map the role to that position in the access token. A new name of 'newname' will map the role to the realm roles in the token. +mapperTypeFullNameLdapMapper=full-name-ldap-mapper +searchUserByAttributeMissingKeyError=Specify a attribute key +eventTypes.INVALID_SIGNATURE.name=Invalid signature +topLevelFlowTypeHelp=What kind of top level flow is it? Type 'client' is used for authentication of clients (applications) when generic is for users and everything else +authDetailsHelp=Export and download all resource settings for this resource server. +policyProvider.regex=Define regex conditions for your permissions. +clientImportError=Could not import client\: {{error}} +members=Members +scopePermissions.clients.token-exchange-description=Policies that decide which clients are allowed exchange tokens for a token that is targeted to this client. +realmCertificateAliasHelp=Realm certificate is stored in archive too. This is the alias to it. +scopePermissions.roles.map-role-client-scope-description=Policies that decide if an administrator can apply this role to the client scope of a client +createIdentityProviderError=Could not create the identity provider\: {{error}} +eventTypes.SEND_VERIFY_EMAIL_ERROR.description=Send verify email error +deleteClientPolicyConfirm=This action will permanently delete the policy {{policyName}}. This cannot be undone. +cibaAuthRequestedUserHint=Authentication Requested User Hint +samlKeysExportError=Could not export keys due to\: {{error}} +webAuthnPolicyCreateTimeout=Timeout +comparison=Comparison +passwordPoliciesHelp.digits=The number of numerical digits required in the password string. +deletedSuccessClientScope=The client scope has been deleted +notBeforeError=Error clearing "Not Before" for realm\: {{error}} +columnDisplayName=Display name +noUsersFoundErrorStorage=No users found, could be due to wrongly configured federated provider {{error}} +lookAround=Look around window +storeTokensHelp=Enable/disable if tokens must be stored after authenticating users. +revert=Revert +eventTypes.IDENTITY_PROVIDER_RETRIEVE_TOKEN.description=Identity provider retrieve token +dependentPermission=Dependent permission +disableNonce=Disable nonce +addAssociatedRolesSuccess=Associated roles have been added +groupDeleted_one=Group deleted +userHelp=Optionally select user, for whom the example access token will be generated. If you do not select a user, example access token will not be generated during evaluation +loginScreenCustomization=Login screen customization +policiesConfigType=Configure via\: +exportWarningTitle=Export with caution +emailVerifiedHelp=Has the user's email been verified? +duplicateFlow=Duplicate flow +addExecution=Add execution +noSearchResultsInstructions=Click on the search bar above to search for groups +addedNodeFail=Could not add node\: '{{error}}' +groupMembership=Group membership +maxLength=Max length {{length}} +prompts.unspecified=Unspecified +revokeClientScopes=Are you sure you want to revoke all granted client scopes for {{clientId}}? +cibaBackhannelTokenDeliveryModes.poll=Poll +policies=Policies +parentClientScope=Parent client scope +reorder=Reorder +allTypes=All types +backchannelLogoutSessionRequired=Backchannel logout session required +ldapFilter=LDAP filter +eventTypes.PUSHED_AUTHORIZATION_REQUEST_ERROR.name=Pushed authorization request error +editAttribute=Edit attribute +webAuthnPolicyRpEntityNameHelp=Human-readable server name as WebAuthn Relying Party +postBrokerLoginFlowAlias=Post login flow +refreshTokenMaxReuse=Refresh Token Max Reuse +partialExportHeaderText=Partial export allows you to export realm configuration, and other associated resources into a json file. +clientScopes=Client scopes +loadingRealms=Loading realms… +eventTypes.SEND_RESET_PASSWORD_ERROR.description=Send reset password error +httpPostBindingLogout=HTTP-POST binding logout +updateMessageBundleSuccess=Success\! Message bundle updated. +permissionDescription=A description for this permission. +policyClientHelp=Specifies which client(s) are allowed by this policy. +multivalued.label=Multivalued +buildIn=Built-in +roleCreateExplain=This is some description +scopePermissions.identityProviders.token-exchange-description=Policies that decide which clients are allowed exchange tokens for an external token minted by this identity provider. +algorithmNotSpecified=Algorithm not specified +rememberMe=Remember me +flow.registration=Registration flow +showLess=Show less +registeredClusterNodes=Registered cluster nodes +connectionAndAuthenticationSettings=Connection and authentication settings +deleteConfirmUsers=Delete user? +storePassword=Store password +defaultGroups=Default groups +eventTypes.TOKEN_EXCHANGE_ERROR.name=Token exchange error +flow.browser=Browser flow +unlinkUsersSuccess=Unlink of users finished successfully. +addressClaim.street.tooltip=Name of User Attribute, which will be used to map to 'street_address' subclaim inside 'address' token claim. Defaults to 'street' . +webAuthnPolicyCreateTimeoutHint=Timeout needs to be between 0 seconds and 8 hours +addValidator=Add validator +attributeImporter=Import declared SAML attribute if it exists in assertion into the specified user property or attribute. +userInfoSettings=User info settings +createAttributeError=Error\! User Profile configuration has not been saved {{error}}. +password=Password +eventTypes.VERIFY_EMAIL.name=Verify email +httpPostBindingResponseHelp=Indicates whether to respond to requests using HTTP-POST binding. If false, HTTP-REDIRECT binding will be used. +mapperTypeHardcodedAttributeMapper=hardcoded-attribute-mapper +eventTypes.IMPERSONATE.description=Impersonate +forbidden_other=Forbidden, permissions needed\: +clientAuthorization=Authorization +identityProvidersPermissionsHint=Determines if fine grained permissions are enabled for managing this role. Disabling will delete all current permissions that have been set up. +removeMappingConfirm_other=Are you sure you want to remove {{count}} roles +kerberosWizardDescription=Text needed here. +welcome=Welcome to +events=Events +importHelp=Import a JSON file containing authorization settings for this resource server. +mapperType=Mapper type +importResources=The following settings and data will be imported\: +validateConnectionUrl=You must enter a connection URL +attributeConsumingServiceIndexHelp=Index of the Attribute Consuming Service profile to request during authentication. +clientSessionSettings=Client session settings +cibaAuthRequestedUserHintHelp=The way of identifying the end-user for whom authentication is being requested. Currently only "login_hint" is supported. +leaveGroupConfirmDialog_other=Are you sure you want to remove {{username}} from the {{count}} selected groups? +createTokenHelp=An initial access token can only be used to create clients +removeImportedUsersError=Could not remove imported users\: '{{error}}' +eventTypes.OAUTH2_DEVICE_CODE_TO_TOKEN_ERROR.description=Oauth2 device code to token error +typeHelp=Client scopes, which will be added as default scopes to each created client +linkedIdPs=Linked identity providers +htmlDisplayName=HTML Display name +groupObjectClasses=Group object classes +requiredActionPlaceholder=Select action +bindCredentials=Bind credentials +logoutSettings=Logout settings +validateServerPrincipal=You must enter a server principal +addMessageBundle=Add message bundle +realmName=Realm name +searchEventType=Search saved event type +idpInitiatedSsoRelayStateHelp=Relay state you want to send with SAML request when you want to do IDP Initiated SSO. +otpHashAlgorithmHelp=What hashing algorithm should be used to generate the OTP. +joinGroup=Join Group +eventTypes.REMOVE_TOTP_ERROR.description=Remove totp error +eventTypes.EXECUTE_ACTION_TOKEN_ERROR.description=Execute action token error +unlinkAccountConfirm=Are you sure you want to permanently unlink this account from {{provider}}? +x509CertificateHelp=X509 Certificate encoded in PEM format +samlEndpointsLabel=SAML 2.0 Service Provider Metadata +passCurrentLocaleHelp=Pass the current locale to the identity provider as a ui_locales parameter. +lessThan=Must be less than {{value}} +webAuthnPolicyRequireResidentKeyHelp=It tells an authenticator create a public key credential as Resident Key or not. +logoutServiceRedirectBindingURL=Logout Service Redirect Binding URL +createIdentityProviderSuccess=Identity provider successfully created +emptyMappersInstructions=If you want to add mappers, please click the button below to add some predefined mappers or to configure a new mapper. +dayMonth=Day +clientRolesHelp=The condition checks whether one of the specified client roles exists on the client to determine whether the policy is applied. This effectively allows client administrator to create client role of specified name on the client to make sure that particular client policy will be applied on requests of this client. Condition is checked during most of OpenID Connect requests (Authorization requests, token requests, introspection endpoint request, etc.) +validatingX509Certs=Validating X509 certificates +eventTypes.CLIENT_UPDATE.description=Client update +searchInitialAccessToken=Search token +guiOrder=Display Order +friendlyName=Friendly name of attribute to search for in assertion. You can leave this blank and specify a name instead. +testSuccess=Successfully connected to LDAP +userInfoUrl=User Info URL +displayOnConsentScreen=Display on consent screen +noClientPolicies=No client policies +defaultAdminInitiatedActionLifespanHelp=Maximum time before an action permit sent to a user by administrator is expired. This value is recommended to be long to allow administrators to send e-mails for users that are currently offline. The default timeout can be overridden immediately before issuing the token. +syncUsersSuccess=Sync of users finished successfully. +updatedCredentialMoveError=User Credential configuration hasn't been saved +searchForRoles=Search role by name +refresh=Refresh +roleDeletedSuccess=The role has been deleted +advancedClaimToRole=If all claims exist, grant the user the specified realm or client role. +directGrant=Direct Grant Flow +maxLifespanHelp=Max lifespan of cache entry in milliseconds +associatedRolesModalTitle=Add roles to {{name}} +nameIdFormatHelp=The name ID format to use for the subject. +detailsHelp=this is information about the details +adminEvents=Admin events +serviceAccountHelp=Allows you to authenticate this client to Keycloak and retrieve access token dedicated to this client. In terms of OAuth2 specification, this enables support of 'Client Credentials Grant' for this client. +urisHelp=Set of URIs which are protected by resource. +eventTypes.IDENTITY_PROVIDER_RESPONSE.name=Identity provider response +confirmClientSecretTitle=Regenerate secret for this client? +serverPrincipal=Server principal +deleteConfirmGroup_one=Are you sure you want to delete this group '{{groupName}}'. +signDocuments=Sign documents +noTokens=No initial access tokens +addMapper=Add mapper +webauthnPolicy=Webauthn Policy +userAttributeName=User attribute name to store SAML attribute. Use email, lastName, and firstName to map to those predefined user properties. +displayDescriptionField=Display description +eventTypes.DELETE_ACCOUNT.description=Delete account +eventTypes.RESTART_AUTHENTICATION_ERROR.description=Restart authentication error +evictionHour=Eviction hour +notBefore=Not before +onDragFinish=Dragging finished {{list}} +otpSupportedApplications.totpAppMicrosoftAuthenticatorName=Microsoft Authenticator +ldapMappersList=LDAP Mappers +bindDnHelp=DN of the LDAP admin, which will be used by Keycloak to access LDAP server +newClientProfileName=Client profile name +eventTypes.OAUTH2_DEVICE_CODE_TO_TOKEN_ERROR.name=Oauth2 device code to token error +eventTypes.TOKEN_EXCHANGE.description=Token exchange +continue=Continue +editProvider=Edit provider +included.client.audience.label=Included Client Audience +backchannelLogoutUrlHelp=URL that will cause the client to log itself out when a logout request is sent to this realm (via end_session_endpoint). If omitted, no logout request will be sent to the client is this case. +updateScopeSuccess=Authorization scope successfully updated +userInfoResponseEncryptionKeyManagementAlgorithmHelp=JWA Algorithm used for key management in encrypting User Info Endpoint responses. This option is needed if you want encrypted User Info Endpoint responses. If left empty, User Info Endpoint responses are not encrypted. +authnContextDeclRefsHelp=Ordered list of requested AuthnContext DeclRefs. +inherent=Inherited +tableTitle=Attributes groups +generateNewKeys=Generate new keys +updateClientPolicySuccess=Client policy updated +unlock=Unlock +validateRealm=You must enter a realm +attributeValue=Attribute Value +eventTypes.CLIENT_DELETE_ERROR.description=Client delete error +clientScopesHelp=It uses the scopes requested or assigned in advance to the client to determine whether the policy is applied to this client. Condition is evaluated during OpenID Connect authorization request and/or token request. +revokeRefreshToken=Revoke Refresh Token +mappingUpdatedSuccess=Mapping successfully updated +logoUrlHelp=URL that references a logo for the Client application +operationTypes=Operation types +loginWithEmailAllowed=Login with email +expireTime=Expire time +requestObject.request\ or\ request_uri=Request or Request URI +policyProvider.user=Define conditions for your permissions where a set of one or more users is permitted to access an object. +protocolTypes.openid-connect=OpenID Connect +clientTypeHelp='OpenID Connect' allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server.'SAML' enables web-based authentication and authorization scenarios including cross-domain single sign-on (SSO) and uses security tokens containing assertions to pass information. +addOpenIdProvider=Add OpenID Connect provider +memory=Memory +eventTypes.CLIENT_LOGIN.name=Client login +mapper.nameid.format.tooltip=Name ID Format using Mapper +hideOnLoginPageHelp=If hidden, login with this provider is possible only if requested explicitly, for example using the 'kc_idp_hint' parameter. +eventTypes.UPDATE_PROFILE.description=Update profile +assignRolesTo=Assign roles to {{client}} +orderChangeError=Could not change display order of identity providers {{error}} +policyProvider.client-scope=Define conditions for your permissions where a set of one or more client scopes is permitted to access an object. +secretExpiresOn=Secret expires on {{time}} +searchClientByName=Search client by name +loginTimeout=Login timeout +attributeName=Attribute [Name] +updateError=Could not update the provider {{error}} +importUsersHelp=If true, LDAP users will be imported into the Keycloak DB and synced by the configured sync policies. +emptyClientProfilesInstructions=There are no profiles, select 'Create client profile' to create a new client profile +policyProvider.js=Define conditions for your permissions using JavaScript. It is one of the rule-based policy types supported by Keycloak, and provides flexibility to write any policy based on the Evaluation API. +idpType.social=Social login +krbPrincipalAttribute=Kerberos principal attribute +fineGrainSamlEndpointConfig=Fine Grain SAML Endpoint Configuration +hours=Hours +eventTypes.RESET_PASSWORD_ERROR.name=Reset password error +yes=Yes +showRemaining=Show ${remaining} +searchProfile=Search profile +eventTypes.UPDATE_EMAIL_ERROR.name=Update email error +removeConfirm_other=Are you sure you want to remove these groups. +renameGroup=Rename group +configure=Configure +searchScopeHelp=For one level, the search applies only for users in the DNs specified by User DNs. For subtree, the search applies to the whole subtree. See LDAP documentation for more details. +jumpToSection=Jump to section +noUsersEmptyStateDescription=Only the users with this role directly assigned will appear under this tab. If you need to find users assigned to this role, go to +manage=Manage +searchForSession=Search session +temporaryLockedHelp=The user may be locked due to multiple failed attempts to log in. +kerberosIntegration=Kerberos integration +useEntityDescriptorHelp=Import metadata from a remote IDP SAML entity descriptor. +decisionStrategies.CONSENSUS=Consensus +saveProviderSuccess=The provider has been saved successfully. +dedicatedScopes=Dedicated scopes +noSessionsDescription=There are currently no active sessions in this realm. +createGroupText=Create attributes group +otpPolicyCodeReusable=Reusable token +addRedirectUri=Add valid redirect URIs +time=Time +disableSigningExplain=If you disable "{{key}}", the Keycloak database will be updated and you may need to download a new adapter for this client. +mapperTypeRoleLdapMapperHelp=Used to map role mappings of roles from some LDAP DN to Keycloak role mappings of either realm roles or client roles of particular client +used.DEFAULT=Default +authenticationCreateFlowHelp=Create flow +credentialResetEmailSuccess=Email sent to user. +sslType.all=All requests +discoveryEndpointHelp=Import metadata from a remote IDP discovery descriptor. +excludeSessionStateFromAuthenticationResponse=Exclude Session State From Authentication Response +required=Required field +linkedIdPsText=The identity providers which are already linked to this user account +lastUpdated=Last updated +credentialResetBtn=Credential Reset +socialProfileJSONFieldPathHelp=Path of field in Social Provider User Profile JSON data to get value from. You can use dot notation for nesting and square brackets for array index. E.g. 'contact.address[0].country'. +userModelAttributeHelp=Name of the UserModel property or attribute you want to map the LDAP attribute into. For example 'firstName', 'lastName, 'email', 'street' etc. +userList=User list +eventTypes.RESET_PASSWORD.name=Reset password +exportWarningDescription=If there is a great number of groups, roles or clients in your realm, the operation may make server unresponsive for a while. +importRole=Import role +deleteClientProfileConfirm=This action will permanently delete the profile {{profileName}}. This cannot be undone. +signServiceProviderMetadataHelp=Enable/disable signature of the provider SAML metadata. +oAuthMutual=OAuth 2.0 Mutual TLS Certificate Bound Access Tokens Enabled +keystore=Keystore +eventTypes.EXECUTE_ACTION_TOKEN.description=Execute action token +eventTypes.CLIENT_INFO.description=Client info +updateClientProfilesError=Provided JSON is incorrect\: Unexpected token { in JSON +canonicalizationHelp=Canonicalization Method for XML signatures. +authorizationHelp=Enable/Disable fine-grained authorization support for a client +sessions=Sessions +mapperCreateSuccess=Mapper created successfully. +fullSyncPeriodHelp=Period for full synchronization in seconds +resourceTypeHelp=Specifies that this permission must be applied to all resource instances of a given type. +encryptionAlgorithmHelp=Encryption algorithm, which is used by SAML IDP for encryption of SAML documents, assertions or IDs. The corresponding decryption key for decrypt SAML document parts will be chosen based on this configured algorithm and should be available in realm keys for the encryption (ENC) usage. If algorithm is not configured, then any supported algorithm is allowed and decryption key will be chosen based on the algorithm configured in SAML document itself. +socialUserAttributeName=User attribute name to store information. +priority=Priority +jsonType.label=Claim JSON Type +fullScopeAllowed=Full scope allowed +syncModes.inherit=Inherit +masterSamlProcessingUrlHelp=If configured, this URL will be used for every binding to both the SP's Assertion Consumer and Single Logout Services. This can be individually overridden for each binding and service in the Fine Grain SAML Endpoint Configuration. +addedGroupMembershipError=Error adding group membership +authenticatorAttachment.platform=Platform +configSaveSuccess=Successfully saved the execution config +regenerate=Regenerate +ignoreMissingGroups=Ignore missing groups +sslType.external=External requests +showMetaData=Show metadata +webAuthnPolicyAttestationConveyancePreferenceHelp=Communicates to an authenticator the preference of how to generate an attestation statement. +top-level-flow-type.basic-flow=Basic flow +groupRemoveError=Error removing group {error} +temporaryPasswordHelpText=If enabled, the user must change the password on next login +requestObjectEncryption=Request object encryption algorithm +exportAuthDetailsSuccess=Successfully exported authorization details. +connectionPooling=Connection pooling +wantAuthnRequestsSignedHelp=Indicates whether the identity provider expects a signed AuthnRequest. +policyCodeHelp=The JavaScript code providing the conditions for this policy. +eventTypes.IMPERSONATE_ERROR.description=Impersonate error +eventTypes.IDENTITY_PROVIDER_RESPONSE.description=Identity provider response +shouldBeANumber=Should be a number +validatorDialogColNames.colDescription=Description +requestObjectEncoding=Request object content encryption algorithm +idTokenEncryptionKeyManagementAlgorithmHelp=JWA Algorithm used for key management in encrypting ID tokens. This option is needed if you want encrypted ID tokens. If left empty, ID Tokens are just signed, but not encrypted. +idpInitiatedSsoUrlNameHelp=URL fragment name to reference client when you want to do IDP Initiated SSO. Leaving this empty will disable IDP Initiated SSO. The URL you will reference from your browser will be\: {server-root}/realms/{realm}/protocol/saml/clients/{client-url-name} +keyPassword=Key password +attributeFriendlyName=Attribute [Friendly Name] +clearAllFilters=Clear all filters +scopePermissions.clients.map-roles-composite-description=Policies that decide if an administrator can apply roles defined by this client as a composite to another role +roleObjectClassesHelp=Object class (or classes) of the role object. It's divided by commas if more classes are needed. In typical LDAP deployment it could be 'groupOfNames'. In Active Directory it's usually 'group'. +emptyAddClientScopes=No client scopes +changeTypeTo=Change type to +generateKeys=Generate keys? +searchForUser=Search user +groupRemove_one=Group removed +savePasswordError=Error saving password\: {{error}} +allGroups=All groups +deleteNode=Delete node? +rdnLdapAttributeHelp=Name of the LDAP attribute, which is used as RDN (top attribute) of typical user DN. Usually it's the same as the Username LDAP attribute, however it is not required. For example for Active directory, it is common to use 'cn' as RDN attribute when username attribute might be 'sAMAccountName'. +addAaguids=Add AAGUID +createPolicy=Create client policy +disablePolicyConfirm=Users and clients can't access the policy if it's disabled. Are you sure you want to continue? +useDiscoveryEndpoint=Use discovery endpoint +clearAdminEvents=Clear admin events +eventTypes.CLIENT_DELETE.name=Client delete +clientLoginTimeout=Client Login Timeout +mapperSaveSuccess=Mapper saved successfully. +noRolesAssociatedInstructions=To add roles to this role press the 'Add role' button +alwaysDisplayInUIHelp=Always list this client in the Account UI, even if the user does not have an active session. +eventTypes.UPDATE_PASSWORD.name=Update password +eventTypes.UPDATE_CONSENT.description=Update consent +realmSaveSuccess=Realm successfully updated +notBeforePushFail=Failed to push "not before" to\: {{failedNodes}} +executorTypeTextHelpText=Executor Type Text Help Text +eventTypes.IDENTITY_PROVIDER_LOGIN_ERROR.description=Identity provider login error +readTimeout=Read timeout +userInfoResponseEncryptionContentEncryptionAlgorithmHelp=JWA Algorithm used for content encryption in encrypting User Info Endpoint responses. If User Info response encryption key management algorithm is specified, the default for this value is A128CBC-HS256. +accessTokenSignatureAlgorithm=Access token signature algorithm +createUser=Create user +logoutAllDescription=If you sign out all active sessions, active subjects in this realm will be signed out. +credentialResetEmailError=Failed\: {{error}} +flow-type.form-flow=Form +useKerberosForPasswordAuthenticationHelp=User Kerberos login module for authenticating username/password against Kerberos server instead of authenticating against LDAP server with Directory Service API +guiOrderHelp=Specify order of the provider in GUI (such as in Consent page) as integer +signDocumentsHelp=Should SAML documents be signed by the realm? +resetPassword=Reset password +requireSslHelp=Is HTTPS required? 'None' means HTTPS is not required for any client IP address. 'External requests' means localhost and private IP addresses can access without HTTPS. 'All requests' means HTTPS is required for all IP addresses. +policyDeletedSuccess=The Policy successfully deleted +manageServiceAccountUser=To manage detail and group mappings, click on the username <1>{{link}} +addClientProfileSuccess=New client profile added +helpDisabled=Help off +deleteResource=Permanently delete resource? +validRequestURIsHelp=List of valid URIs, which can be used as values of 'request_uri' parameter during OpenID Connect authentication request. There is support for the same capabilities like for Valid Redirect URIs. For example wildcards or relative paths. +emptyAddClientScopesInstructions=There are no client scopes left to add +changeTypeIntro={{count}} selected client scopes will be changed to +secretSizeHelp=Size in bytes for the generated secret +clientSecret=Client Secret +inputType=Input type +claimHelp=Name of claim to search for in token. You can reference nested claims by using a '.', i.e. 'address.locality'. To use dot (.) literally, escape it with backslash. (\\.) +regexClaimValues=Regex Claim Values +iconUri=Icon URI +allowed-protocol-mappers.label=Allowed Protocol Mappers +group=Group +addAssociatedRolesText=Add associated roles +enabledFeatures=Enabled features +groupsClaimHelp=If defined, the policy will fetch user's groups from the given claim within an access token or ID token representing the identity asking permissions. If not defined, user's groups are obtained from your realm configuration. +createGroup=Create group +validatingPublicKeyId=Validating public key id +clientAuthentications.client_secret_jwt=JWT signed with client secret +created=Created +minutes=Minutes +displayOnClient=Display client on screen +certSubject=CERT_SUBJECT +userCredentialsHelpText=The top level handlers allow you to shift the priority of the credential for the user, the topmost credential having the highest priority. The handlers within one expandable panel allow you to change the visual order of the credentials, the topmost credential will show at the most left. +ldapAdvancedSettingsDescription=This section contains all the other options for more fine-grained configuration of the LDAP storage provider. +usersDN=Users DN +secretSize=Secret size +included.custom.audience.label=Included Custom Audience +max-clients.label=Max Clients Per Realm +requestObjectSignatureAlgorithm=Request object signature algorithm +searchForGroups=Search group +noRolesAssociated=No associated roles +eventTypes.IDENTITY_PROVIDER_POST_LOGIN_ERROR.name=Identity provider post login error +emptyStateMessage=No attributes groups +tokenLifespan.expires=Expires in +oidcAttributeImporter=Import declared claim if it exists in ID, access token, or the claim set returned by the user profile endpoint into the specified user property or attribute. +requestObject.request\ only=Request only +waitIncrementSeconds=Wait increment +requiredForLabel.admins=Only admins +clientScopeSuccess=Scope mapping updated +clientPolicySearch=Search client policy +refreshTokens=Refresh tokens +eventTypes.UPDATE_EMAIL_ERROR.description=Update email error +credentials=Credentials +webAuthnPolicyCreateTimeoutHelp=Timeout value for creating user's public key credential in seconds. if set to 0, this timeout option is not adapted. +policyType.hotp=Counter based +claimFilterValue=Essential claim value +eventTypes.REGISTER_ERROR.name=Register error +priorityHelp=Priority of the provider +emptyPolicies=No policies +manageOrderTableAria=List of identity providers in the order listed on the login page +disableError=Could not disable the provider {{error}} +anyAlgorithm=Any algorithm +enableSSL=Enable SSL +general=General +failureFactor=Max login failures +updateClientPoliciesSuccess=The client policies configuration was updated +advancedSettings=Advanced settings +attributeValueHelp=Value the attribute must have. If the attribute is a list, then the value must be contained in the list. +eventTypes.FEDERATED_IDENTITY_LINK.description=Federated identity link +adminTheme=Admin theme +alias=Alias +eventTypes.SEND_IDENTITY_PROVIDER_LINK_ERROR.name=Send identity provider link error +userEvents=User events +inputTypePlaceholder=Input placeholder +otpPolicyPeriodErrorHint=Value needs to be between 1 second and 2 minutes +introduction=If you want to leave this page and manage this realm, please click the corresponding menu items in the left navigation bar. +clearUserEvents=Clear user events +descriptionHelp=Help text for the description of the new flow +addCustomProvider=Add custom provider +permissionType=Specifies that this permission must be applied to all resources instances of a given type. +policyEnforcementModes.ENFORCING=Enforcing +rowSaveBtnAriaLabel=Save edits for {{messageBundle}} +permanentLockout=Permanent lockout +debug=Debug +webAuthnPolicyRequireResidentKey=Require resident key +notBeforePushSuccess=Successfully push "not before" to\: {{successNodes}} +unlockUsersConfirm=All the users that are temporarily locked will be unlocked. +clear=Clear +idpType.custom=Custom +eventTypes.LOGOUT.name=Logout +deletedErrorClientScope=Could not delete client scope\: {{error}} +groupsClaim=Groups claim +roleMappingUpdatedError=Could not update role mapping {{error}} +client-updater-source-groups.label=Groups +frontchannelLogoutUrlHelp=URL that will cause the client to log itself out when a logout request is sent to this realm (via end_session_endpoint). If not provided, it defaults to the base url. +authenticationOverridesHelp=Override realm authentication flow bindings. +requiredActions=Required actions +selectLocales=Select locales +policyDecisionStagey=The decision strategy dictates how the policies associated with a given permission are evaluated and how a final decision is obtained. 'Affirmative' means that at least one policy must evaluate to a positive decision in order for the final decision to be also positive. 'Unanimous' means that all policies must evaluate to a positive decision in order for the final decision to be also positive. 'Consensus' means that the number of positive decisions must be greater than the number of negative decisions. If the number of positive and negative is the same, the final decision will be negative. +usermodel.prop.tooltip=Name of the property method in the UserModel interface. For example, a value of 'email' would reference the UserModel.getEmail() method. +kc.identity.authc.method=Authentication Method +regexAttributeValues=Regex Attribute Values +otpTypeHelp=totp is Time-Based One Time Password. 'hotp' is a counter base one time password in which the server keeps a counter to hash against. +setAsDefaultAction=Set as default action +keyForCodeExchange=Proof Key for Code Exchange Code Challenge Method +clientProfiles=Client profiles +endpointsHelp=Shows the configuration of the Service Provider endpoint +mapperTypeLdapAttributeMapper=hardcoded-ldap-attribute-mapper +unlockAllUsers=Unlock all users +noGroupsText=You haven't added this user to any groups. Join a group to get started. +createClientPolicyError=Could not create policy due to\: {{error}} +eventTypes.EXECUTE_ACTIONS_ERROR.name=Execute actions error +path=Path +overwritten=Overwritten +mapperNameHelp=Name of the mapper +deleteProviderError=Error deleting the provider +supportedLocalesHelp=The locales to support for this realm. The user chooses one of these locales on the login screen. +comparisonHelp=Specifies the comparison method used to evaluate the requested context classes or statements. The default is "Exact". +generatedIdTokenIsDisabled=Generated id token is disabled when no user is selected +nodeHost=Node host +eventTypes.REGISTER_NODE_ERROR.description=Register node error +eventListenersHelpTextHelp=Configure what listeners receive events for the realm. +acrToLoAMapping=ACR to LoA Mapping +advancedSettingsSaml=This section is used to configure advanced settings of this client +resetCredentialsError=Error resetting users credentials\: {{error}} +eventTypes.INTROSPECT_TOKEN.name=Introspect token +unspecified=Unspecified +deleteMappingTitle=Delete mapping? +profile=Profile +active=Active +generateKeysDescription=If you generate new keys, you can download the keystore with the private key automatically and save it on your client's side. Keycloak server will save just the certificate and public key, but not the private key. +addSubFlowTitle=Add a sub-flow +useTruststoreSpiHelp=Specifies whether LDAP connection will use the Truststore SPI with the truststore configured in command-line options. 'Always' means that it will always use it. 'Never' means that it will not use it. Note that even if Keycloak truststore is not configured, the default java cacerts or certificate specified by 'javax.net.ssl.trustStore' property will be used. +forcePostBindingHelp=Always use POST binding for responses. +executorName=Name +VERIFY_EMAIL=Verify Email (VERIFY_EMAIL) +realmCertificateAlias=Realm certificate alias +roleName=Role name +addOrigins=Add Origin +evictionDayHelp=Day of the week the entry will become invalid +actionTokens=Action tokens +permissionResources=Specifies that this permission must be applied to a specific resource instance. +testConnectionHint.withoutEmail=To test the connection you must first configure an e-mail address for the current user ({{userName}}). +includeOneTimeUseConditionHelp=Should a OneTimeUse Condition be included in login responses? +availableIdPsText=All the configured identity providers in this realm are listed here. You can link the user account to any of the IdP accounts. +accessTokenLifespanHelp=Max time before an access token is expired. This value is recommended to be short relative to the SSO timeout +editableRowsTable=Editable rows table +redirectURIHelp=The redirect uri to use when configuring the identity provider. +permissionsEnabled=Permissions enabled +saveRealmError=Could not create realm {{error}} +attestationPreference.none=None +pairwiseSubAlgorithmSalt.label=Salt +addGroupsToGroupPolicy=Add groups to group policy +deniedScopes=Denied scopes +updateClientProfilesSuccess=The client profiles configuration was updated +flow.docker\ auth=Docker authentication flow +useEntityDescriptor=Use entity descriptor +loginActionTimeout=Login action timeout +windowsDomainQN=Windows Domain Qualified Name +deleteClientError=Could not delete profile\: {{error}} +validRedirectURIs=Valid URI pattern a browser can redirect to after a successful login. Simple wildcards are allowed such as 'http\://example.com/*'. Relative path can be specified too such as /my/relative/path/*. Relative paths are relative to the client root URL, or if none is specified the auth server root URL is used. For SAML, you must set valid URI patterns if you are relying on the consumer service URL embedded with the login request. +UPDATE_PROFILE=Update Profile (UPDATE_PROFILE) +assertionConsumerServicePostBindingURL=Assertion Consumer Service POST Binding URL +removeImported=Remove imported +endpoints=Endpoints +roleSaveError=Could not save role\: {{error}} +keySize=Key size +membershipUserLdapAttributeHelp=Used just if Membership Attribute Type is UID. It is the name of the LDAP attribute on user, which is used for membership mappings. Usually it will be 'uid'. For example if the value of 'Membership User LDAP Attribute' is 'uid' and LDAP group has 'memberUid\: john', then it is expected that particular LDAP user will have attribute 'uid\: john'. +validatingX509CertsHelp=The certificate in PEM format that must be used to check for signatures. Multiple certificates can be entered, separated by comma (,). +samlCapabilityConfig=SAML capabilities +accessTokenSignatureAlgorithmHelp=JWA algorithm used for signing access tokens. +derFormatted=DER formatted +periodicChangedUsersSyncHelp=Whether periodic synchronization of changed or newly created LDAP users to Keycloak should be enabled or not +signatureAlgorithmHelp=The signature algorithm to use to sign documents. Note that 'SHA1' based algorithms are deprecated and can be removed in the future. It is recommended to stick to some more secure algorithm instead of '*_SHA1' +allow-default-scopes.tooltip=If on, newly registered clients will be allowed to have client scopes mentioned in realm default client scopes or realm optional client scopes +emailVerified=Email verified +addExecutionHelp=Execution can have a wide range of actions, from sending a reset email to validating an OTP +requestObjectRequiredHelp=Specifies if the client needs to provide a request object with their authorization requests, and what method they can use for this. If set to "not required", providing a request object is optional. In all other cases, providing a request object is mandatory. If set to "request", the request object must be provided by value. If set to "request_uri", the request object must be provided by reference. If set to "request or request_uri", either method can be used. +clientScopesRolesScope=If there is no role scope mapping defined, each user is permitted to use this client scope. If there are role scope mappings defined, the user must be a member of at least one of the roles. +passwordPoliciesHelp.notUsername=The password cannot match the username. +removeConfirm_one=Are you sure you want to remove this group +createUserProviderSuccess=User federation provider successfully created +countHelp=Specifies how many clients can be created using the token +mapperTypeHardcodedLdapGroupMapper=hardcoded-ldap-group-mapper +Monday=Monday +resetCredentialsSuccess=The password has been reset successfully. +added=Added +authnContextDeclRefs=AuthnContext DeclRefs +clientAssertionAudienceHelp=The audience to use for the client assertion. The default value is the IDP's token endpoint URL. +externalRoleToRole=Looks for an external role in a keycloak access token. If external role exists, grant the user the specified realm or client role. +attributeGroup=Attribute group +deleteExecutionError=Could not delete execution\: {{error}} +hideInheritedRoles=Hide inherited roles +consentRequired=Consent required +selectMethodType.import=Import +standardFlow=Standard flow +votedToStatus=\ voted to {{status}} +credentialResetConfirmText=Are you sure you want to send email to user +clientScopeType.default=Default +helpFileUpload=Upload a JSON file +addProvider_one=Add {{provider}} provider +clientPoliciesPolicies=Client Policies Policies +editUSernameHelp=If enabled, the username is editable, otherwise it is read-only. +removeAllAssociatedRoles=Remove all associated roles +flowCreatedSuccess=Flow created +fineGrainOpenIdConnectConfiguration=Fine grain OpenID Connect configuration +flow.reset\ credentials=Reset credentials flow +eventTypes.DELETE_ACCOUNT_ERROR.name=Delete account error +eventTypes.CLIENT_DELETE_ERROR.name=Client delete error +noRolesInstructions-client=You haven't created any roles for this client. Create a role to get started. +test=Test +leaveGroup_one=Leave group {{name}}? +count=Count +noPasswordPoliciesInstructions=You haven't added any password policies to this realm. Add a policy to get started. +testAuthentication=Test authentication +groupNameLdapAttributeHelp=Name of LDAP attribute, which is used in group objects for name and RDN of group. Usually it will be 'cn'. In this case typical group/role object may have DN like 'cn\=Group1,ouu\=groups,dc\=example,dc\=org'. +deleteError=Could not delete the provider {{error}} +attributeDisplayName=Display name +pkceEnabled=Use PKCE +userProviderSaveSuccess=User federation provider successfully saved +month=Month +valueLabel=Value +dropNonexistingGroupsDuringSyncHelp=If this flag is true, then during sync of groups from LDAP to Keycloak, we will keep just those Keycloak groups that still exist in LDAP. The rest will be deleted. +expiration=Expiration +addKerberosWizardTitle=Add Kerberos user federation provider +noPasswordPolicies=No password policies +resourceTypes=Resource types +deleteConfirmTitle_one=Delete group? +eventTypes.UPDATE_PROFILE_ERROR.description=Update profile error +webAuthnUpdateSuccess=Updated webauthn policies successfully +authorizationSignedResponseAlg=Authorization response signature algorithm +mapperTypeFullNameLdapMapperHelp=Used to map the full-name of a user from single attribute in LDAP (usually 'cn' attribute) to firstName and lastName attributes of UserModel in Keycloak DB +includeInUserInfo.label=Add to userinfo +onDragMove=Dragging item {{item}} +back=Back +deleteScopeConfirm=If you delete this authorization scope, some permissions will be affected. +updateOtpSuccess=OTP policy successfully updated +title=Authentication +deleteAttributeError=Attribute not deleted +enableClientSignatureRequiredExplain=If you enable "Client signature required", the adapter of this client will be updated. You may need to download a new adapter for this client. You need to generate or import keys for this client otherwise the authentication will not work. +policiesConfigTypes.formView=Form view +residentKey.No=No +nodeReRegistrationTimeout=Node Re-registration timeout +fineGrainSamlEndpointConfigHelp=This section to configure exact URLs for Assertion Consumer and Single Logout Service. +connectionURL=Connection URL +validateCustomUserSearchFilter=Filter must be enclosed in parentheses, for example\: (filter) +accessTokenLifespan=Access Token Lifespan +loginWithEmailHelpText=Allow users to log in with their email address. +eventTypes.IDENTITY_PROVIDER_LINK_ACCOUNT.name=Identity provider link account +deleteMessageBundleSuccess=Successfully removed the message from the bundle +retry=Press here to refresh and continue +selectAttributes=Select attributes +firstBrokerLoginFlowAliasHelp=Alias of authentication flow, which is triggered after first login with this identity provider. Term 'First Login' means that no Keycloak account is currently linked to the authenticated identity provider account. +owner=Owner +eventTypes.VERIFY_PROFILE.description=Verify profile +executorAuthenticatorMultiSelectHelpText=Executor Authenticator MultiSelect Help Text +eventTypes.FEDERATED_IDENTITY_LINK_ERROR.name=Federated identity link error +eventTypes.EXECUTE_ACTIONS.name=Execute actions +encryptAssertions=Encrypt assertions +disableConfirmTitle=Disable realm? +custom=Custom Attribute... +keyTab=Key tab +addSamlProvider=Add SAML provider +permission=Permission +saveEventListeners=Save Event Listeners +capabilityConfig=Capability config +mapperTypeMsadUserAccountControlManagerHelp=Mapper specific to MSAD. It's able to integrate the MSAD user account state into Keycloak account state (account enabled, password is expired etc). It's using userAccountControl and pwdLastSet MSAD attributes for that. For example if pwdLastSet is 0, the Keycloak user is required to update the password; if userAccountControl is 514 (disabled account) the Keycloak user is disabled as well etc. Mapper is also able to handle the exception code from LDAP user authentication. +home=Home +bindFlow=Bind flow +userAttributeValue=User Attribute Value +browserFlowHelp=Select the flow you want to use for browser authentication. +tokenLifespan.never=Never expires +notFound=Could not find the resource that you are looking for +passMaxAge=Pass max_age +disablePolicyConfirmTitle=Disable policy? +eventTypes.LOGIN_ERROR.description=Login error +linkAccount=Link account +attestationPreference.direct=Direct +eventTypes.OAUTH2_DEVICE_AUTH_ERROR.description=Oauth2 device authentication error +unlinkUsers=Unlink users +userLdapFilter=User LDAP filter +emailVerification=Email Verification +configSaveError=Could not save the execution config\: {{error}} +clientAuthenticatorTypeHelp=Client Authenticator used for authentication of this client against Keycloak server +cachePolicyHelp=Cache Policy for this storage provider. 'DEFAULT' is whatever the default settings are for the global cache. 'EVICT_DAILY' is a time of day every day that the cache will be invalidated. 'EVICT_WEEKLY' is a day of the week and time the cache will be invalidated. 'MAX_LIFESPAN' is the time in milliseconds that will be the lifespan of a cache entry. +eventTypes.CUSTOM_REQUIRED_ACTION_ERROR.description=Custom required action error +eventTypes.SEND_RESET_PASSWORD.name=Send reset password +requiredFor=Required for +scopePermissions.users.map-roles-description=Policies that decide if administrator can map roles for all users +bindCredentialsHelp=Password of LDAP admin. This field is able to obtain its value from vault, use ${vault.ID} format. +searchForAdminEvent=Search admin event +unitLabel=Select a time unit +webAuthnPolicySignatureAlgorithms=Signature algorithms +eventTypes.GRANT_CONSENT_ERROR.name=Grant consent error +action=Action +shortVerificationUri=Short verification_uri in Device Authorization flow +placeholderText=Select one +deleteCredentialsError=Error deleting users credentials\: {{error}} +authDefaultActionTooltip=If enabled, any new user will have this required action assigned to it. +validateBindCredentials=You must enter the password of the LDAP admin +evictionMinuteHelp=Minute of the hour the entry will become invalid +includeAuthnStatement=Include AuthnStatement +validatorType=Validator type +attributesHelp=Name and (regex) value of the attributes to search for in token. The configured name of an attribute is searched in SAML attribute name and attribute friendly name fields. Every given attribute description must be met to set the role. If the attribute is an array, then the value must be contained in the array. If an attribute can be found several times, then one match is sufficient. +samlAttributeToRole=If an attribute exists, grant the user the specified realm or client role. +enableStartTls=Enable StartTLS +addIdPMapper=Add Identity Provider Mapper +createPermissionSuccess=Successfully created the permission +roleAuthentication=Role authentication +homeURL=Home URL +eventTypes.REVOKE_GRANT_ERROR.name=Revoke grant error +contentSecurityPolicyReportOnly=Content-Security-Policy-Report-Only +firstBrokerLoginFlowAlias=First login flow +missingAttributes=No attributes have been defined yet. Click the below button to add attributes, key and value are required for a key pair. +testConnectionError=Error\! {{error}} +authenticatedAccessPoliciesHelp=Those Policies are used when Client Registration Service is invoked by authenticated request. This means that the request contains Initial Access Token or Bearer Token. +deleteClientPolicyProfileSuccess=Profile successfully removed from the policy. +reGenerateSigningExplain=If you regenerate signing key for client, the Keycloak database will be updated and you may need to download a new adapter for this client. +evaluate=Evaluate +enableLdapv3Password=Enable the LDAPv3 password modify extended operation +status=Status +dragInstruction=Click and drag to change priority +clients=Clients +clientName=Name +syncModes.force=Force +deleteMappingConfirm=Are you sure you want to delete this mapping? +createClientProfileSuccess=New client profile created +eventTypes.CLIENT_LOGIN_ERROR.description=Client login error +explainBearerOnly=This is a special OIDC type. This client only allows bearer token requests and cannot participate in browser logins. +noMessageBundlesInstructions=Add a message bundle to get started. +clearFile=Clear this file +allowCreate=Allow create +providerUpdatedError=Could not update client policy due to {{error}} +usersAddedError=Could not add users to the group\: {{error}} +orderChangeErrorUserFed=Could not change the priority order of user federation providers {{error}} +scopeParameterPlaceholder=Select scope parameters +deleteClientPolicyConfirmTitle=Delete policy? +validateRdnLdapAttribute=You must enter an RDN LDAP attribute +policyUrlHelp=URL that the Relying Party Client provides to the End-User to read about the how the profile data will be used +fromDisplayName=From display name +affirmative=Affirmative +clientRoles=Client roles +removeRoles=Remove roles +flowNameDescriptionHelp=Help text for the name description of the new flow +maxFailureWaitSecondsHelp=Max time a user will be locked out. +groupsPath=Groups path +useRealmRolesMapping=Use realm roles mapping +identityProviderEntityId=Identity provider entity ID +userInfoSignedResponseAlgorithm=User info signed response algorithm +selectGroup=Select group +scopePermissions.groups.view-members-description=Policies that decide if an administrator can view the members of this group +tableOfGroups=Table of groups +allowed-protocol-mappers.tooltip=Whitelist of allowed protocol mapper providers. If there is an attempt to register client, which contains some protocol mappers, which were not whitelisted, registration request will be rejected. +policyProvider.role=Define conditions for your permissions where a set of one or more roles is permitted to access an object. +targetOptions.brokerId=BROKER_ID +eventTypes.VERIFY_PROFILE.name=Verify profile +useRealmRolesMappingHelp=If true, then LDAP role mappings will be mapped to realm role mappings in Keycloak. Otherwise it will be mapped to client role mappings. +forwardParameters=Forwarded query parameters +isAccessTokenJWTHelp=The Access Token received from the Identity Provider is a JWT and its claims will be accessible for mappers. +frontchannelLogoutUrl=Front-channel logout URL +testConnectionHint.withoutEmailAction=Configure e-mail address +webAuthnUpdateError=Could not update webauthn policies due to {{error}} +paginationHelp=Whether the LDAP server supports pagination +oAuthMutualHelp=This enables support for OAuth 2.0 Mutual TLS Certificate Bound Access Tokens, which means that keycloak bind an access token and a refresh token with a X.509 certificate of a token requesting client exchanged in mutual TLS between keycloak's Token Endpoint and this client. These tokens can be treated as Holder-of-Key tokens instead of bearer tokens. +deleteProviderTitle=Delete key provider? +scopes=Scopes +accessTokens=Access tokens +columnName=Name +flowType=Flow type +syncLDAPGroupsSuccessful=Data successfully synced {{result}} +policyEnforcementModes.PERMISSIVE=Permissive +subject=Subject DN +use=Use +defaultAdminInitiated=Default Admin-Initiated Action Lifespan +chooseAMapperType=Choose a mapper type +startTimeHelp=Defines the time before which the policy MUST NOT be granted. Only granted if current date/time is after or equal to this value. +noGroupsInThisRealm=No groups in this realm +searchUserByAttributeKeyAlreadyInUseError=Attribute key already in use +executorClientAuthenticator=Executor Client Authenticator +addWebOrigins=Add web origins +clientScopeExplain=Client scopes are a common set of protocol mappers and roles that are shared between multiple clients. +attributeNameHelp=Name of attribute to search for in assertion. You can leave this blank and specify a friendly name instead. +linkAccountTitle=Link account to {{provider}} +invalidateRotatedSuccess=Rotated secret successfully removed +userSessionAttributeHelp=Name of user session attribute you want to hardcode +updateSuccessIdentityProvider=Provider successfully updated +host=Host +forbidden_one=Forbidden, permission needed\: +backchannelLogoutRevokeOfflineSessions=Backchannel logout revoke offline sessions +supportedApplications=Supported applications +shortVerificationUriTooltipHelp=If set, this value will be return as verification_uri in Device Authorization flow. This uri need to redirect to {server-root}/realms/{realm}/device +kerberosPrincipal=Kerberos Principal +resourceAttribute=Resource attribute +addressClaim.region.label=User Attribute Name for Region +applyToResourceTypeFlagHelp=Specifies if this permission should be applied to all resources with a given type. In this case, this permission will be evaluated for all instances of a given resource type. +managePriorityInfo=Priority is the order of providers when doing a user lookup. You can drag the row handlers to change the priorities. +deletedErrorIdentityProvider=Could not delete the provider {{error}} +included.custom.audience.tooltip=This is used just if 'Included Client Audience' is not filled. The specified value will be included in audience (aud) field of the token. If there are existing audiences in the token, the specified value is just added to them. It won't override existing audiences. +includeInIdToken.label=Add to ID token +steps=Steps +tokenDeleteConfirm=Are you sure you want to permanently delete the initial access token {{id}} +flowCreateError=Could not create flow\: {{error}} +readTimeoutHelp=LDAP read timeout in milliseconds. This timeout applies for LDAP read operations. +registrationAccessTokenHelp=The registration access token provides access for clients to the client registration service. +host-sending-registration-request-must-match.tooltip=If on, any request to Client Registration Service is allowed just if it was sent from some trusted host or domain. +profilesConfigTypes.formView=Form view +validatorDeletedSuccess=Success\! User Profile configuration has been saved. +canonicalization=Canonicalization method +deleteConfirmTitle=Delete realm? +includeInAccessTokenResponse.label=Add to access token response +SSOSessionMax=SSO Session Max +clientScope=Client scope +inheritedFrom=Inherited from +clientScopeSearch.name=Name +deleteConditionSuccess=The condition has been deleted +clientProfile=Client profile details +syncAllUsers=Sync all users +allowedClockSkewHelp=Clock skew in seconds that is tolerated when validating identity provider tokens. Default value is zero. +disableConfirmIdentityProvider=Are you sure you want to disable the provider '{{provider}}' +clientSaveError=Client could not be updated\: {{error}} +tokenSaveError=Could not create initial access token {{error}} +certificate=Certificate +deleteConfirmExecutionMessage=Are you sure you want to permanently delete the execution "<1>{{name}}". +offlineSessionMaxLimitedHelp=Enable offline session max +delete=Delete +userGroupsRetrieveStrategyHelp=Specify how to retrieve groups of user. LOAD_GROUPS_BY_MEMBER_ATTRIBUTE means that roles of user will be retrieved by sending LDAP query to retrieve all groups where 'member' is our user. GET_GROUPS_FROM_USER_MEMBEROF_ATTRIBUTE means that groups of user will be retrieved from 'memberOf' attribute of our user or from the other attribute specified by 'Member-Of LDAP Attribute'. +hour=Hour +connectionTimeoutHelp=LDAP connection timeout in milliseconds +repeat=Repeat +defaultSigAlgHelp=Default algorithm used to sign tokens for the realm +save-admin-events=If enabled, admin events are saved to the database, which makes events available to the Admin UI. +policyGroups=Specifies which user(s) are allowed by this policy. +searchForProtocol=Search protocol mapper +eventTypes.CLIENT_INFO.name=Client info +eventTypes.OAUTH2_DEVICE_CODE_TO_TOKEN.description=Oauth2 device code to token +eventTypes.UPDATE_TOTP_ERROR.name=Update totp error +client-updater-source-groups.tooltip=Name of groups to check. Condition evaluates to true if the entity, who creates/updates client is member of some of the specified groups. Configured groups are specified by their simple name, which must match to the name of the Keycloak group. No support for group hierarchy is used here. +webAuthnPolicyRpId=Relying party ID +ldapRolesDnHelp=LDAP DN where roles of this tree are saved. For example, 'ou\=finance,dc\=example,dc\=org' +serviceAccount=Service accounts roles +providerUpdatedSuccess=Client policy updated successfully +assertionConsumerServiceRedirectBindingURL=Assertion Consumer Service Redirect Binding URL +createClientScopeError=Could not create client scope\: '{{error}}' +deleteRole=Delete this role +SSOSessionSettings=SSO Session Settings +directAccessHelp=This enables support for Direct Access Grants, which means that client has access to username/password of user and exchange it directly with Keycloak server for access token. In terms of OAuth2 specification, this enables support of 'Resource Owner Password Credentials Grant' for this client. +groupHelp=Group to add the user in. Fill the full path of the group including path. For example\: '/root-group/child-group'. +clientPolicyNameHelp=Display name of the policy +addressClaim.country.label=User Attribute Name for Country +downloadType=this is information about the download type +clustering=Clustering +createSuccess=Identity provider successfully created +mapperAttributeName=Attribute Name +setPassword=Set password +client-updater-source-roles.tooltip=The condition is checked during client registration/update requests and it evaluates to true if the entity (usually user), who is creating/updating client is member of the specified role. For reference the realm role, you can use the realm role name like 'my_realm_role' . For reference client role, you can use the client_id.role_name for example 'my_client.my_client_role' will refer to client role 'my_client_role' of client 'my_client'. +createRole=Create role +clientDeletedSuccess=The client has been deleted +eventTypes.IDENTITY_PROVIDER_RESPONSE_ERROR.description=Identity provider response error +editModeLdapHelp=READ_ONLY is a read-only LDAP store. WRITABLE means data will be synced back to LDAP on demand. UNSYNCED means user data will be imported, but not synced back to LDAP. +enableServiceAccount=Enable service account roles +signOutAllActiveSessionsQuestion=Sign out all active sessions? +addPostLogoutRedirectUri=Add valid post logout redirect URIs +SSOSessionMaxRememberMe=SSO Session Max Remember Me +pkceMethod=PKCE Method +noRoles-user=No roles for this user +moveGroupEmptyInstructions=There are no sub groups, select 'Move here' to move the selected group as a subgroup of this group +hmacGenerated=hmac-generated +unlockSuccess=User successfully unlocked +unlockError=Could not unlock user due to {{error}} +hourHelp=Defines the hour when the policy MUST be granted. You can also provide a range by filling the second field. In this case, permission is granted only if current hour is between or equal to the two values you provided. +deleteClientProfileConfirmTitle=Delete profile? +syncLDAPGroupsError=Data could not be synced due {{error}} +saveSuccess=User federation provider successfully saved +generatedAccessToken=Generated access token +resetPasswordConfirmation=New password confirmation +testConnection=Test connection +archiveFormat=Archive format +requestObjectEncryptionHelp=JWE algorithm, which client needs to use when sending OIDC request object specified by 'request' or 'request_uri' parameters. If set to 'any', encryption is optional and any algorithm is allowed. +importSuccess=New certificate imported +attributeConsumingServiceName=Attribute Consuming Service Name +invalidJsonError=Unable to save user profile, the provided information is not valid JSON. +promptHelp=Specifies whether the Authorization Server prompts the End-User for re-authentication and consent. +deleteBtn=Delete +defaultLocale=Default locale +addLdapWizardDescription=Text needed here +aggregate.attrs.label=Aggregate attribute values +removedGroupMembershipError=Error removing group membership +allowPasswordAuthenticationHelp=Enable/disable possibility of username/password authentication against Kerberos database +deleteExecutorSuccess=Success\! The executor was deleted. +eventTypes.SEND_RESET_PASSWORD_ERROR.name=Send reset password error +eventTypes.IDENTITY_PROVIDER_FIRST_LOGIN.name=Identity provider first login +noRoles-groups=No roles for this group +enableSwitchSuccess={{switch}} changed successfully +eventTypes.INTROSPECT_TOKEN_ERROR.name=Introspect token error +usernameHelperText=Enter the username of the user for this identity provider. +includeInAccessToken.tooltip=Should the claim be added to the access token? +noScopeCreateHint=You'll need to create an authorization scope first. +eventTypes.CLIENT_INITIATED_ACCOUNT_LINKING_ERROR.name=Client initiated account linking error +clientScopesCondition=Expected Scopes +backchannelLogoutSessionRequiredHelp=Specifying whether a sid (session ID) Claim is included in the Logout Token when the Backchannel Logout URL is used. +global=Global +userAttributeHelp=Name of user attribute you want to hardcode +searchForMapper=Search for mapper +oidcCibaGrantHelp=This enables support for OIDC CIBA Grant, which means that the user is authenticated via some external authentication device instead of the user's browser. +includeOneTimeUseCondition=Include OneTimeUse Condition +clientUpdaterSourceRoles=Updating entity role +enableSwitchError=Could not enable / disable due to {{error}} +deleteClientPolicyProfileConfirm=This action will permanently delete {{profileName}} from the policy {{policyName}}. This cannot be undone. +deleteExecutorProfileConfirm=The action will permanently delete {{executorName}}. This cannot be undone. +confirmClientSecretBody=If you regenerate secret, the Keycloak database will be updated and you will need to download a new adapter for this client. +keysList=Keys list +generatedUserInfo=Generated user info +clientRegistration=Client registration +masterSamlProcessingUrl=Master SAML Processing URL +samlIdentityProviderMetadata=SAML 2.0 Identity Provider Metadata +importParseError=Could not parse the file {{error}} +validTo=Valid to +addMember=Add member +eventTypes.CLIENT_INFO_ERROR.name=Client info error +scopeParameterHelp=You can copy/paste this value of scope parameter and use it in initial OpenID Connect Authentication Request sent from this client adapter. Default client scopes and selected optional client scopes will be used when generating token issued for this client +idTokenEncryptionKeyManagementAlgorithm=ID token encryption key management algorithm +authenticatorAttachment.not\ specified=Not specified +oidcCibaGrant=OIDC CIBA Grant +displayDescriptionHintHelp=A text that should be used as a tooltip when rendering user-facing forms. +ssoSessionIdle=Time a session is allowed to be idle before it expires. Tokens and browser sessions are invalidated when a session is expired. +searchKey=Search key +deleteClientSuccess=Client profile deleted +emptyClientScopesPrimaryAction=Add client scopes +addStepTo=Add step to {{name}} +eventTypes.AUTHREQID_TO_TOKEN_ERROR.description=Authreqid to token error +deleteAttributeConfirm=Are you sure you want to permanently delete the attribute {{attributeName}}? +chooseResources=Choose the resources you want to import +selectOne=Select an option +emailTheme=Email theme +eventTypes.UPDATE_PASSWORD.description=Update password +policiesConfigTypes.jsonEditor=JSON editor +eventConfigSuccessfully=Successfully saved configuration +scopePermissions.users.impersonate-description=Policies that decide if administrator can impersonate other users +deleteResourceWarning=The permissions below will be removed when they are no longer used by other resources\: +permissionScopesHelp=Specifies that this permission must be applied to one or more scopes. +moveTo=Move to +registerNodeManually=Register node manually +redirectURI=Redirect URI +publicKeys=Public keys +emptyEventsInstructions=There are no more events types left to add +periodicFullSync=Periodic full sync +removeConfirmTitle_other=Remove groups? +clientAccesstypeTooltip=Access Type of the client, for which the condition will be applied. +emptyBuiltInMappersInstructions=All built in mappers were added to this client +assertionLifespanHelp=Lifespan set in the SAML assertion conditions. After that time the assertion will be invalid. The "SessionNotOnOrAfter" attribute is not modified and continue using the "SSO Session Max" time defined at realm level. +noTokensInstructions=You haven't created any initial access tokens. Create an initial access token by clicking "Create". +editUsername=If enabled, the username field is editable, readonly otherwise. +ldapAttributeValueHelp=Value of the LDAP attribute, which will be added to the new user during registration. You can either hardcode any value like 'foo' but you can also use some special tokens. Only supported token right now is '${RANDOM}', which will be replaced with some randomly generated string. +lastRegistration=Last registration +advancedSettingsOpenid-connect=This section is used to configure advanced settings of this client related to OpenID Connect protocol +requireSsl=Require SSL +reevaluate=Re-evaluate +clientOfflineSessionMax=Client Offline Session Max +eventTypes.SEND_VERIFY_EMAIL.description=Send verify email +eventTypes.REVOKE_GRANT_ERROR.description=Revoke grant error +descriptionLanding=This is the description for the user federation landing page +moveHere=Move here +noKeys=No keys +batchSizeHelp=Count of LDAP users to be imported from LDAP to Keycloak within a single transaction +createClientConditionSuccess=Condition created successfully. +kerberosKeyTab=Kerberos Key Tab +principalAttribute=Principal attribute +mapperTypeLdapAttributeMapperHelp=This mapper is supported just if syncRegistrations is enabled. New users registered in Keycloak will be written to the LDAP with the hardcoded value of some specified attribute. +userRegistrationHelpText=Enable/disable the registration page. A link for registration will show on login page too. +activeHelp=Set if the keys can be used for signing +addMapperExplain=If you want more fine-grain control, you can create protocol mapper on this client +realmRoles=Realm roles +fineGrainOpenIdConnectConfigurationHelp=This section is used to configure advanced settings of this client related to OpenID Connect protocol. +searchForUserDescription=This realm may have a federated provider. Viewing all users may cause the system to slow down, but it can be done by searching for "*". Please search for a user above. +expirationHelp=Sets the expiration for events. Expired events are periodically deleted from the database. +webAuthnPolicySignatureAlgorithmsHelp=What signature algorithms should be used for Authentication Assertion. +setToNowError=Error\! Failed to set notBefore to current date and time. +eventTypes.UNREGISTER_NODE_ERROR.description=Unregister node error +clientScopeTypes.optional=Optional +nameIdFormat=Name ID format +eventTypes.SEND_VERIFY_EMAIL_ERROR.name=Send verify email error +addMessageBundleSuccess=Success\! The message bundle has been added. +validRedirectUri=Valid redirect URIs +webauthnIntro=What is this form used for? +wantAssertionsEncryptedHelp=Indicates whether this service provider expects an encrypted Assertion. +roleObjectClasses=Role object classes +deleteClientScope_other=Delete {{count}} client scopes +deleteCredentialsConfirmTitle=Delete credentials? +expires=Expires +OVERWRITE=Overwrite +user-clearEvents=Deletes all user events in the database. +eventTypes.REFRESH_TOKEN.name=Refresh token +userAttribute=User Attribute +revoke=Revoke +admin=Admin +syncUsersError=Could not sync users\: '{{error}}' +generatedAccessTokenHelp=See the example access token, which will be generated and sent to the client when selected user is authenticated. You can see claims and roles that the token will contain based on the effective protocol mappers and role scope mappings and also based on the claims/roles assigned to user himself +webAuthnPolicyAcceptableAaguidsHelp=The list of AAGUID of which an authenticator can be registered. +keyPasswordHelp=Password for the private key +frontchannelLogout=Front channel logout +clientUpdaterTrustedHostsTooltip=List of Hosts, which are trusted. In case that client registration/update request comes from the host/domain specified in this configuration, condition evaluates to true. You can use hostnames or IP addresses. If you use star at the beginning (for example '*.example.com' ) then whole domain example.com will be trusted. +titleRoles=Realm roles +mapperTypeGroupLdapMapperHelp=Used to map group mappings of groups from some LDAP DN to Keycloak group mappings +sectorIdentifierUri.tooltip=Providers that use pairwise sub values and support Dynamic Client Registration SHOULD use the sector_identifier_uri parameter. It provides a way for a group of websites under common administrative control to have consistent pairwise sub values independent of the individual domain names. It also provides a way for Clients to change redirect_uri domains without having to reregister all their users. +eventTypes.REVOKE_GRANT.name=Revoke grant +rdnLdapAttribute=RDN LDAP attribute +usedBy=Used by +replyToDisplayName=Reply to display name +xRobotsTag=X-Robots-Tag +bindType=Bind type +tokenDeleteSuccess=Initial access token deleted successfully +contextualInfo=Contextual Information +syncModeHelp=Default sync mode for all mappers. The sync mode determines when user data will be synced using the mappers. Possible values are\: 'legacy' to keep the behaviour before this option was introduced, 'import' to only import the user once during first login of the user with this identity provider, 'force' to always update the user during every login with this identity provider. +temporaryPassword=Temporary +applyPolicyHelp=Specifies all the policies that must be applied to the scopes defined by this policy or permission. +addKerberosWizardDescription=Text needed here +sslType.none=None +dateTo=Date(to) +eventTypes.REVOKE_GRANT.description=Revoke grant +keyPlaceholder=Type a key +eventTypes.OAUTH2_DEVICE_VERIFY_USER_CODE_ERROR.name=Oauth2 device verify user code error +addAuthnContextDeclRef=Add AuthnContext DeclRef +eventTypes.SEND_IDENTITY_PROVIDER_LINK.description=Send identity provider link +eventTypes.IDENTITY_PROVIDER_RETRIEVE_TOKEN.name=Identity provider retrieve token +userInfo=User info +consentScreenText=Consent screen text +addRoles=Add roles +clientPoliciesProfilesHelpText=Client Profile allows to setup set of executors, which are enforced for various actions done with the client. Actions can be admin actions like creating or updating client, or user actions like authentication to the client. +archiveFormatHelp=Java keystore or PKCS12 archive format. +xContentTypeOptions=X-Content-Type-Options +groupsDescription=A group is a set of attributes and role mappings that can be applied to a user. You can create, edit, and delete groups and manage their child-parent organization. +addValidatorRole=Add {{validatorName}} validator +protocolTypes.all=All +keyAlias=Key alias +prefix=A prefix for each Realm Role (optional). +xContentTypeOptionsHelp=Default value prevents Internet Explorer and Google Chrome from MIME-sniffing a response away from the declared content-type <1>Learn more +privateKeyMask=PRIVATE KEY NOT SET UP OR KNOWN +signOutAllActiveSessions=Sign out all active sessions +addExecutorSuccess=Success\! Executor created successfully +executorTypeSelectHelpText=Executor Type Select Help Text +useDiscoveryEndpointHelp=If this setting is enabled, the discovery endpoint will be used to fetch the provider config. Keycloak can load the config from the endpoint and automatically update the config if the source has any updates +eventTypes.USER_INFO_REQUEST_ERROR.name=User info request error +createUserProviderError=User federation provider could not be created\: {{error}} +learnMore=Learn more +onDragCancel=Dragging cancelled. List is unchanged. +removeUser=Remove users +ownerManagedAccess=User-Managed access enabled +eventTypes.USER_DISABLED_BY_PERMANENT_LOCKOUT.description=User disabled by permanent lockout +userModelAttributeNameHelp=Name of the model attribute to be added when importing user from LDAP +templateHelp=Template to use to format the username to import. Substitutions are enclosed in ${}. For example\: '${ALIAS}.${CLAIM.sub}'. ALIAS is the provider alias. CLAIM. references an ID or Access token claim. The substitution can be converted to upper or lower case by appending |uppercase or |lowercase to the substituted value, e.g. '${CLAIM.sub | lowercase} +permissions=Permissions +emptyExecutionInstructions=You can start defining this flow by adding a sub-flow or an execution +offlineSessionSettings=Offline session settings +unAssignRole=Unassign +deleteScope=Permanently delete authorization scope? +eventTypes.CODE_TO_TOKEN.description=Code to token +oAuthDevicePollingIntervalHelp=The minimum amount of time in seconds that the client should wait between polling requests to the token endpoint. +passwordDataTitle=Password data +accountThemeHelp=Select a theme for the user account management console. +clientPolicies=Client policies +NONE=NONE +keystorePasswordHelp=Password for the keys +clientSettings=Client details +deleteClientPolicyConditionConfirm=This action will permanently delete {{condition}}. This cannot be undone. +selectATheme=Select a theme +permissionsList=Permission list +attributeGroupHelp=user.profile.attribute.group.tooltip +createRealm=Create realm +eventTypes.VALIDATE_ACCESS_TOKEN_ERROR.description=Validate access token error +mapperSaveError=Error saving mapper\: {{error}} +eventTypes.CLIENT_LOGIN_ERROR.name=Client login error +passwordPoliciesHelp.passwordHistory=Prevents a recently used password from being reused. +displayOnConsentScreenHelp=If on, and this client scope is added to some client with consent required, the text specified by 'Consent Screen Text' will be displayed on consent screen. If off, this client scope will not be displayed on the consent screen +requirements.DISABLED=Disabled +mapperTypeHardcodedLdapGroupMapperHelp=Users imported from LDAP will be automatically added into this configured group. +titleUsers=Users +whoWillAppearLinkText=Who will appear in this group list? +ldapFullNameAttribute=LDAP full name attribute +createClientError=Could not create client\: '{{error}}' +deleteConfirmClientScopes=Are you sure you want to delete this client scope +forceAuthenticationHelp=Indicates whether the identity provider must authenticate the presenter directly rather than rely on a previous security context. +testClusterAvailability=Test cluster availability +reGenerateSigning=Regenerate signing key for this client +authorizationEncryptedResponseAlgHelp=JWA Algorithm used for key management in encrypting the authorization response when the response mode is jwt. This option is needed if you want encrypted authorization response. If left empty, the authorization response is just signed, but not encrypted. +deleteConfirmGroup_other=Are you sure you want to delete these groups. +scopePermissions.users.manage-description=Policies that decide if an administrator can manage all users in the realm +defaultACRValuesHelp=Default values to be used as voluntary ACR in case that there is no explicit ACR requested by 'claims' or 'acr_values' parameter in the OIDC request. +membershipAttributeType=Membership attribute type +eventTypes.PUSHED_AUTHORIZATION_REQUEST.name=Pushed authorization request +included.client.audience.tooltip=The Client ID of the specified audience client will be included in audience (aud) field of the token. If there are existing audiences in the token, the specified value is just added to them. It won't override existing audiences. +searchGroup=Search group +allowCreateHelp=Allow the external identity provider to create a new identifier to represent the principal. +allResults=All results +addressClaim.locality.tooltip=Name of User Attribute, which will be used to map to 'locality' subclaim inside 'address' token claim. Defaults to 'locality' . +keyForCodeExchangeHelp=Choose which code challenge method for PKCE is used. If not specified, keycloak does not applies PKCE to a client unless the client sends an authorization request with appropriate code challenge and code exchange method. +includeInAccessTokenResponse.tooltip=Should the claim be added to the access token response? Should only be used for informative and non-sensitive data +removeMappingConfirm_one=Are you sure you want to remove this role? +oidcSettings=OpenID Connect settings +otpPolicyDigitsHelp=How many digits should the OTP have? +clientAuthentications.client_secret_post=Client secret sent as post +prompts.select_account=Select account +defaultACRValues=Default ACR Values +valueError=A value must be provided. +noConsents=No consents +orderChangeSuccessUserFed=Successfully changed the priority order of user federation providers +noUsersEmptyStateDescriptionContinued=to find them. Users that already have this role as an effective role cannot be added here. +userProviderSaveError=User federation provider could not be saved\: {{error}} +executorsHelpText=Executors, which will be applied for this client profile +ldapSearchingAndUpdatingSettings=LDAP searching and updating +authenticationAliasHelp=Name of the configuration +SSOSessionIdle=SSO Session Idle +deleteClientPolicyConditionConfirmTitle=Delete condition? +initialCounterErrorHint=Value needs to be between 1 and 120 +connectionTimeout=Connection timeout +passLoginHintHelp=Pass login_hint to identity provider. +monthHelp=Defines the month which the policy MUST be granted. You can also provide a range by filling the second field. In this case, permission is granted only if current month is between or equal to the two values you provided. +eventTypes.CLIENT_LOGIN.description=Client login +registrationAccessToken=Registration access token +headerName=header name +issuerHelp=The issuer identifier for the issuer of the response. If not provided, no validation will be performed. +uiDisplayNameHelp=Display name of provider when linked in the Admin UI +titleSessions=Sessions +dedicatedScopeName={{clientName}}-dedicated +mapperTypeUserAttributeLdapMapper=user-attribute-ldap-mapper +deleteAttributeConfirmTitle=Delete attribute? +importSkipped_zero=No records skipped. +rootURL=Root URL appended to relative URLs +contentSecurityPolicyHelp=Default value prevents pages from being included by non-origin iframes <1>Learn more +policyUsers=Specifies which user(s) are allowed by this policy. +logoutServicePostBindingURLHelp=SAML POST Binding URL for the client's single logout service. You can leave this blank if you are using a different binding +generatedIdTokenNo=No generated id token +byConfiguration=By configuration +usersAdded_other={{count}} users added to the group +userFedUnlinkUsersConfirmTitle=Unlink all users? +passCurrentLocale=Pass current locale +realmNameField=Realm name +roleCreated=Role created +socialProfileJSONFieldPath=Social Profile JSON Field Path +noViewRights=You do not have rights to view this group. +eventTypes.SEND_RESET_PASSWORD.description=Send reset password +eventTypes.CLIENT_INITIATED_ACCOUNT_LINKING.name=Client initiated account linking +resourceScopeError=Could not remove the authorization scope due to {{error}} +identityInformation=Identity Information +usermodel.clientRoleMapping.rolePrefix.label=Client Role prefix +partialImport=Partial import +cibaBackhannelTokenDeliveryModes.ping=Ping +includeInTokenScopeHelp=If on, the name of this client scope will be added to the access token property 'scope' as well as to the Token Introspection Endpoint response. If off, this client scope will be omitted from the token and from the Token Introspection Endpoint response. +savePassword=Save password +noRolesInstructions-user=You haven't assigned any roles to this user. Assign a role to get started. +signatureKeyNameHelp=Signed SAML documents contain identification of signing key in KeyName element. For Keycloak / RH-SSO counterparty, use KEY_ID, for MS AD FS use CERT_SUBJECT, for others check and use NONE if no other option works. +sync-keycloak-roles-to-ldap=Sync Keycloak roles to LDAP +decisionStrategies.UNANIMOUS=Unanimous +cacheSettingsDescription=This section contains options useful for caching users, which were loaded from this user storage provider. +groupsPathHelp=Keycloak group path the LDAP groups are added to. For example if value '/Applications/App1' is used, then LDAP groups will be available in Keycloak under group 'App1', which is child of top level group 'Applications'. The default value is '/' so LDAP groups will be mapped to the Keycloak groups at the top level. The configured group path must already exist in the Keycloak when creating this mapper. +aesGenerated=aes-generated +addPolicy=Add policy +tokenClaimName.label=Token Claim Name +executorsTable=Executors table +extendToChildren=Extend to children +from=From +decisionStrategyHelp=The decision strategy dictates how permissions are evaluated and how a final decision is obtained. 'Affirmative' means that at least one permission must evaluate to a positive decision in order to grant access to a resource and its scopes. 'Unanimous' means that all permissions must evaluate to a positive decision in order for the final decision to be also positive. +deleteClientPolicyProfileError=Could not delete profile from the policy\: {{error}} +greaterThan=Must be greater than {{value}} +hideOnLoginPage=Hide on login page +couldNotCreateGroup=Could not create group {{error}} +defaultRole=This role serves as a container for both realm and client default roles. It cannot be removed. +eventConfigs=Event configs +conditionsHelp=Conditions, which will be evaluated to determine if client policy should be applied during particular action or not. +disableProvider=Disable provider? +eventTypes.UNREGISTER_NODE.name=Unregister node +anonymousAccessPoliciesHelp=Those Policies are used when the Client Registration Service is invoked by unauthenticated request. This means that the request does not contain Initial Access Token nor Bearer Token. +clientScopeError=Could not update scope mapping {{error}} +saveRealmSuccess=Realm created successfully +createToken=Create initial access token +clientsClientTypeHelp='OpenID Connect' allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server.'SAML' enables web-based authentication and authorization scenarios including cross-domain single sign-on (SSO) and uses security tokens containing assertions to pass information. +orderChangeSuccess=Successfully changed display order of identity providers +emptyPoliciesInstructions=If you want to create a policy, please click the button below to create the policy. +createScopeSuccess=Authorization scope created successfully +logoUrl=Logo URL +accessTokenLifespanImplicitFlowHelp=Max time before an access token issued during OpenID Connect Implicit Flow is expired. This value is recommended to be shorter than the SSO timeout. There is no possibility to refresh token during implicit flow, that's why there is a separate timeout different to 'Access Token Lifespan' +noRealmRolesToAssign=There are no realm roles to assign +logoutUrl=Logout URL +regexPatternHelp=Specifies the regex pattern. +searchForUserEvent=Search user event +usernameLdapAttributeHelp=Name of the LDAP attribute, which is mapped as Keycloak username. For many LDAP server vendors it can be 'uid'. For Active directory it can be 'sAMAccountName' or 'cn'. The attribute should be filled for all LDAP user records you want to import from LDAP to Keycloak. +federationLink=Federation link +webAuthnPolicyPasswordlessFormHelp=Policy for passwordless WebAuthn authentication. This one will be used by 'Webauthn Register Passwordless' required action and 'WebAuthn Passwordless Authenticator' authenticator. Typical usage is, when WebAuthn will be used as first-factor authentication. Having both 'WebAuthn Policy' and 'WebAuthn Passwordless Policy' allows to use WebAuthn as both first factor and second factor authenticator in the same realm. +unlinkUsersError=Could not unlink users\: '{{error}}' +roleHelpHelp=Role to grant to user. Click 'Select Role' button to browse roles, or just type it in the textbox. To reference an application role the syntax is appname.approle, i.e. myapp.myrole. +storedTokensReadable=Stored tokens readable +defaultRoleDeleteError=You cannot delete a default role. +unknownUser=Anonymous +displayHeaderField=Display name +userVerify.not\ specified=Not specified +usermodel.prop.label=Property +userFedUnlinkUsersConfirm=Do you want to unlink all the users? Any users without a password in the database will not be able to authenticate anymore. +searchUserByAttributeDescription=It supports setting multiple attributes as the search filter by setting different keys or values. Only one value can be typed for a key. +eventTypes.REMOVE_FEDERATED_IDENTITY.name=Remove federated identity +membership=Membership +eventTypes.RESET_PASSWORD.description=Reset password +authenticationOverrides=Authentication flow overrides +client-scopes-condition.label=Expected Scopes +deleteAttributeSuccess=Attribute deleted +artifactResolutionService=Artifact Resolution Service +clientProfilesSubTab=Client profiles subtab +selectEncryptionType=Select Encryption type +mapperTypeMsadLdsUserAccountControlMapper=msad-user-account-control-mapper +realmSettingsExplain=Realm settings are settings that control the options for users, applications, roles, and groups in the current realm. +mappingUpdatedError=Could not update mapping\: '{{error}}' +manageDisplayOrder=Manage display order +exactSearch=Exact search +value=Value +filenamePlaceholder=Upload a PEM file or paste key below +deleteConfirm_one=Are you sure you want to delete this group '{{groupName}}'. +userProfileEnabledHelp=If enabled, allows managing user profiles. +scopeDisplayNameHelp=A unique name for this scope. The name can be used to uniquely identify a scope, useful when querying for a specific scope. +times.seconds=Seconds +removeMappingTitle=Remove role? +executorTypeSelectAlgorithm=Executor Type Select Algorithm +resources=Resources +userRolesRetrieveStrategy=User roles retrieve strategy +importKey=Import key +events-disable-title=Unsave events? +ellipticCurve=Elliptic Curve +forceArtifactBindingHelp=Should response messages be returned to the client through the SAML ARTIFACT binding system? +forceAuthentication=Force authentication +connectionPoolingHelp=Determines if Keycloak should use connection pooling for accessing LDAP server. +unlink=Unlink +groupRemove_other=Groups removed +claimFilterName=Essential claim +deletePolicy=Permanently delete policy? +assertionConsumerServiceRedirectBindingURLHelp=SAML Redirect Binding URL for the client's assertion consumer service (login responses). You can leave this blank if you do not have a URL for this binding. +searchFor=Search role by name +providers=Add providers +writeOnly=Write only +noRolesInstructions-clientScopes=You haven't created any roles for this client scope. Create a role to get started. +removeImportedUsersMessage=Do you really want to remove all imported users? The option "Unlink users" makes sense just for the Edit Mode "Unsynced" and there should be a warning that "unlinked" users without the password in Keycloak database won't be able to authenticate. +noGroupsInThisSubGroup=No groups in this sub group +validateUserObjectClasses=You must enter one or more user object classes +encryptionAlgorithm=Encryption Algorithm +requiredForLabel.users=Only users +groupUpdated=Group updated +hideMetaData=Hide metadata +customAttribute=Custom Attribute… +themes=Themes +clientType=Client type +addClientScope=Add client scope +notBeforeSuccess=Success\! "Not before" set for realm +clientPoliciesSubTab=Client policies subtab +quickLoginCheckMilliSecondsHelp=If a failure happens concurrently too quickly, lock out the user. +unanimous=Unanimous +policy-name=The name of this policy. +syncRegistrations=Sync Registrations +eventTypes.REMOVE_TOTP.name=Remove totp +clientHelp=Select the client making this authorization request. If not provided, authorization requests would be done based on the client you are in. +eventTypes.CLIENT_REGISTER_ERROR.name=Client register error +unlockUsersError=Could not unlock all users {{error}} +serviceProviderEntityIdHelp=The Entity ID that will be used to uniquely identify this SAML Service Provider. +disabledFeatures=Disabled features +eventTypes.UPDATE_CONSENT_ERROR.name=Update consent error +noAdminUrlSet=No push sent. No admin URI configured or no registered cluster nodes available +authData=Authorization data +realmInfo=Realm info +chooseAPolicyType=Choose a policy type +signOut=Sign out +deleteExecutorError=Could not delete executor\: {{error}} +userProfileError=Could not update user profile settings\: {{error}} +validatorDialogColNames.colName=Role name +clientUpdaterSourceRolesTooltip=The condition is checked during client registration/update requests and it evaluates to true if the entity (usually user), who is creating/updating client is member of the specified role. For reference the realm role, you can use the realm role name like 'my_realm_role' . For reference client role, you can use the client_id.role_name for example 'my_client.my_client_role' will refer to client role 'my_client_role' of client 'my_client'. +UPDATE_PASSWORD=Update password (UPDATE_PASSWORD) +version=Version +synchronizationSettings=Synchronization settings +certificateHelp=Client Certificate for validate JWT issued by client and signed by Client private key from your keystore. +resetPasswordError=Error resetting password\: {{error}} +associatedPermissions=Associated permission +encryptionKeysConfigExplain=If you enable the "Encryption assertions" below, you must configure the encryption keys by generating or importing keys, and the SAML assertions will be encrypted with the client's public key using AES. +preserveGroupInheritanceHelp=Flag whether group inheritance from LDAP should be propagated to Keycloak. If false, then all LDAP groups will be mapped as flat top-level groups in Keycloak. Otherwise group inheritance is preserved into Keycloak, but the group sync might fail if LDAP structure contains recursions or multiple parent groups per child groups. +createScopeBasedPermission=Create scope-based permission +showMore=Show more +operationType=Operation type +userInitiatedActionLifespan=User-Initiated Action Lifespan +decisionStrategy=Decision strategy +roleMappingUpdatedSuccess=Role mapping updated +securityDefences=Security defenses +realmSettings=Realm settings +emptyStateInstructions=If you want to add an attributes group click the button below. +logoutAllSessionsError=Error\! Failed to log out of all sessions\: {{error}}. +eventTypes.VERIFY_EMAIL_ERROR.name=Verify email error +partialExport=Partial export +eventTypes.CLIENT_REGISTER.description=Client register +generalOptions=General options +decisionStrategies.AFFIRMATIVE=Affirmative +helpEnabled=Help on +defaultGroupsHelp=Default groups allow you to automatically assign groups membership whenever any new user is created or imported through <1>identity brokering. +times.years=Years +userLdapFilterHelp=Additional LDAP filter for filtering searched users. Leave this empty if you don't need an additional filter. Make sure that it starts with '(' and ends with ')'. +generatedIdToken=Generated ID token +effectiveRoleScopeMappings=Effective role scope mappings +clientAuthenticator=Client Authenticator +importAdded_other={{count}} records added. +oAuthDeviceCodeLifespanHelp=Max time before the device code and user code are expired. This value needs to be a long enough lifetime to be usable (allowing the user to retrieve their secondary device, navigate to the verification URI, login, etc.), but should be sufficiently short to limit the usability of a code obtained for phishing. +dynamicScopeHelp=If on, this scope will be considered a Dynamic Scope, which will be comprised of a static and a variable portion. +attributePermissionDescription=This section contains permissions for who can edit and who can view the attribute. +providerDetails=Provider details +groupDeleteError=Error deleting group {{error}} +editGroupText=Edit attributes group +updateFirstLoginHelp=Update profile on first login +deleteGroup=Delete group +eventTypes.VERIFY_EMAIL_ERROR.description=Verify email error +close=Close +usersDNHelp=Full DN of LDAP tree where your users are. This DN is the parent of LDAP users. It could be for example 'ou\=users,dc\=example,dc\=com' assuming that your typical user will have DN like 'uid\='john',ou\=users,dc\=example,dc\=com'. +addKeycloakOpenIdProvider=Add Keycloak OpenID Connect provider +clientSessionMax=Client Session Max +deleteClientPolicy=Delete client policy +authenticatorAttachment.cross-platform=Cross platform +whoCanView=Who can view? +lastAccess=Last access +emptyClientScopesInstructions=There are currently no client scopes linked to this client. You can add existing client scopes to this client to share protocol mappers and roles. +clientAuthentications.private_key_jwt=JWT signed with private key +uiDisplayName=UI display name +createClientSuccess=Client created successfully +adminEventsSettings=Admin events settings +cibaInterval=Interval +totalMemory=Total memory +usernameTemplateImporter=Format the username to import. +resourceNameHelp=A unique name for this resource. The name can be used to uniquely identify a resource, useful when querying for a specific resource. +times.minutes=Minutes +disableUserInfo=Disable user info +authorizationEncryptedResponseEnc=Authorization response encryption content encryption algorithm +editCondition=Edit condition +ssoSessionMaxRememberMe=Max time before a session is expired when a user has set the remember me option. Tokens and browser sessions are invalidated when a session is expired. If not set it uses the standard SSO Session Max value. +forcePostBinding=Force POST binding +usersExplain=Users are the users in the current realm. +passMaxAgeHelp=Pass max_age to identity provider. +exportFail=Could not export realm\: '{{error}}' +flowTypeHelp=What kind of form is it +targetHelp=Destination field for the mapper. LOCAL (default) means that the changes are applied to the username stored in local database upon user import. BROKER_ID and BROKER_USERNAME means that the changes are stored into the ID or username used for federation user lookup, respectively. +setPasswordConfirm=Set password? +attributeDisplayNameHelp=Display name for the attribute. Supports keys for localized values as well. For example\: ${profile.attribute.phoneNumber}. +assignedType=Assigned type +modeHelp=LDAP_ONLY means that all group mappings of users are retrieved from LDAP and saved into LDAP. READ_ONLY is Read-only LDAP mode where group mappings are retrieved from both LDAP and DB and merged together. New group joins are not saved to LDAP but to DB. IMPORT is Read-only LDAP mode where group mappings are retrieved from LDAP just at the time when user is imported from LDAP and then they are saved to local keycloak DB. +identityProvider=Identity provider +forgotPasswordHelpText=Show a link on login page for user to click when they have forgotten their credentials. +identityProviderLinks=Identity provider links +mapperTypeMsadLdsUserAccountControlMapperHelp=Mapper specific to MSAD LDS. It's able to integrate the MSAD LDS user account state into Keycloak account state (account enabled, password is expired etc). It's using msDS-UserAccountDisabled and pwdLastSet is 0, the Keycloak user is required to update password, if msDS-UserAccountDisabled is 'TRUE' the Keycloak user is disabled as well etc. Mapper is also able to handle exception code from LDAP user authentication. +leave=Leave +loginSettings=Login settings +deleteMessageBundleError=Error removing the message from the bundle, {{error}} +finish=Finish +eventTypes.LOGIN_ERROR.name=Login error +validations=Validations +updatedRequiredActionError=Could not update required action\: {{error}} +createChildGroup=Create child group +x509Certificate=X509 Certificate +addressClaim.formatted.label=User Attribute Name for Formatted Address +metadataOfDiscoveryEndpoint=Metadata of the discovery endpoint +add=Add +createPolicySuccess=Successfully created the policy +notVerified=Not verified +encryptionKeysConfig=Encryption keys config +updateClientProfileSuccess=Client profile updated successfully +openIDEndpointConfiguration=OpenID Endpoint Configuration +prompts.login=Login +users=Users +keyTabHelp=Location of Kerberos KeyTab file containing the credentials of server principal. For example, /etc/krb5.keytab +wantAssertionsEncrypted=Want Assertions encrypted +noClientPoliciesInstructions=There are no client policies. Select 'Create client policy' to create a new client policy. +deleteValidatorConfirmMsg=Are you sure you want to permanently delete the validator {{validatorName}}? +uris=URIs +jwksUrlConfig=JWKS URL configs +forceNameIdFormatHelp=Ignore requested NameID subject format and use Admin UI configured one. +validateKeyTab=You must enter a key tab +editUsernameAllowed=Edit username +searchType.attribute=Attribute search +saveProviderError=Error saving provider\: {{error}} +port=Port +searchForPermission=Search for permission +ldapFilterHelp=LDAP Filter adds an additional custom filter to the whole query for retrieve LDAP groups. Leave this empty if no additional filtering is needed and you want to retrieve all groups from LDAP. Otherwise make sure that filter starts with '(' and ends with ')'. +clientUpdaterSourceGroupsTooltip=Name of groups to check. Condition evaluates to true if the entity, who creates/updates client is member of some of the specified groups. Configured groups are specified by their simple name, which must match to the name of the Keycloak group. No support for group hierarchy is used here. +addRequestUri=Add valid request URIs +selectACondition=Select a condition +ldapAttributeValue=LDAP attribute value +jwksUrlHelp=URL where identity provider keys in JWK format are stored. See JWK specification for more details. If you use external Keycloak identity provider, you can use URL like 'http\://broker-keycloak\:8180/realms/test/protocol/openid-connect/certs' assuming your brokered Keycloak is running on 'http\://broker-keycloak\:8180' and its realm is 'test' . +eventTypes.CLIENT_DELETE.description=Client delete +emptyResources=No resources +roleHelp=Role to grant to user if all attributes are present. Click 'Select Role' button to browse roles, or just type it in the textbox. To reference a client role the syntax is clientname.clientrole, i.e. myclient.myrole +ldapSynchronizationSettingsDescription=This section contains options related to synchronization of users from LDAP to the Keycloak database. +addPredefinedMappers=Add predefined mappers +updatedRequiredActionSuccess=Updated required action successfully +roles=Roles +displayOrder=Display order +registrationAllowed=User registration +choose=Choose... +appliedByProviders=Applied by the following providers +saveEventListenersSuccess=Event listener has been updated. +eventTypes.IDENTITY_PROVIDER_LINK_ACCOUNT.description=Identity provider link account +eventTypes.TOKEN_EXCHANGE.name=Token exchange +skipped=Skipped +eventTypes.RESTART_AUTHENTICATION.description=Restart authentication +scopePermissions.users.manage-group-membership-description=Policies that decide if an administrator can manage group membership for all users in the realm. This is used in conjunction with specific group policy +loginTheme=Login theme +eventTypes.UPDATE_PASSWORD_ERROR.description=Update password error +deleteConfirmRealmSetting=If you delete this realm, all associated data will be removed. +scope=Scope +evaluateExplain=This page allows you to see all protocol mappers and role scope mappings +providerCreateError=Could not create client policy due to {{error}} +includeRepresentationHelp=Include JSON representation for create and update requests. +searchForClientScope=Search for client scope +removeAttribute=Remove attribute +deleteProviderSuccess=Success. The provider has been deleted. +sessionsType.offline=Offline +validatorDeletedError=Error saving User Profile\: {{error}} +preserveGroupInheritance=Preserve group inheritance +createClientScopeSuccess=Client scope created +selectOrTypeAKey=Select or type a key +resourceDetails=Resource details +authorizationScopes=Authorization scopes +fromDisplayNameHelp=A user-friendly name for the 'From' address (optional). +identityProviderEntityIdHelp=The Entity ID used to validate the Issuer for received SAML assertions. If empty, no Issuer validation is performed. +noRoles-client=No roles for this client +eventTypes.EXECUTE_ACTION_TOKEN_ERROR.name=Execute action token error +eventTypes.USER_INFO_REQUEST_ERROR.description=User info request error +policyRoles=Specifies the client roles allowed by this policy. +roleMapping=Role mapping +accountLinkingOnlyHelp=If true, users cannot log in through this provider. They can only link to this provider. This is useful if you don't want to allow login from the provider, but want to integrate with a provider +refreshTokenMaxReuseHelp=Maximum number of times a refresh token can be reused. When a different token is used, revocation is immediate. +eventTypes.REMOVE_FEDERATED_IDENTITY.description=Remove federated identity +childGroups=Child groups +eventTypes.IDENTITY_PROVIDER_LOGIN.name=Identity provider login +exportAuthDetailsError=Error exporting authorization details\: {{error}} +clientOfflineSessionIdleHelp=Time a client offline session is allowed to be idle before it expires. Offline tokens are invalidated when a client offline session is expired. The option does not affect the global user SSO session. If not set, it uses the realm Offline Session Idle value. +selectGroups=Select groups to join +webAuthnPolicyAuthenticatorAttachmentHelp=Communicates to an authenticator an acceptable attachment pattern. +username=Username +mappedGroupAttributes=Mapped group attributes +localization=Localization +importConfig=Import config from file +replyToDisplayNameHelp=A user-friendly name for the 'Reply-To' address (optional). +webAuthnPolicyRpIdHelp=This is ID as WebAuthn Relying Party. It must be origin's effective domain. +signingKeysConfigExplain=If you enable the "Client signature required" below, you must configure the signing keys by generating or importing keys, and the client will sign their saml requests and responses. The signature will be validated. +newClientProfile=Create client profile +consoleDisplayConnectionUrlHelp=Connection URL to your LDAP server +enabledWhen=Enabled when +clientAssertionSigningAlg=Client assertion signature algorithm +homeURLHelp=Default URL to use when the auth server needs to redirect or link back to the client. +ldapAttribute=LDAP attribute +fullScopeAllowedHelp=Allows you to disable all restrictions. +eventTypes.SEND_IDENTITY_PROVIDER_LINK_ERROR.description=Send identity provider link error +otpType=OTP type +algorithm=Algorithm +grantedScopes=Granted scopes +groupNameLdapAttribute=Group name LDAP attribute +deleteProviderConfirm=Are you sure you want to permanently delete the key provider {{provider}}? +removeConfirmTitle_one=Remove group? +eventTypes.PUSHED_AUTHORIZATION_REQUEST_ERROR.description=Pushed authorization request error +includeInTokenScope=Include in token scope +eventType=Event saved type +tokenDeleteConfirmTitle=Delete initial access token? +useRefreshTokenForClientCredentialsGrant=Use refresh tokens for client credentials grant +userDetails=User details +sectorIdentifierUri.label=Sector Identifier URI +inputTypeStep=Input step size +mapperTypeHelp=Used to map single attribute from LDAP user to attribute of UserModel in Keycloak DB +importWarning=The data and settings imported above may overwrite the data and settings that already exist. +kerberosRequiredSettingsDescription=This section contains a few basic options common to all user storage providers. +resetPasswordFor=Reset password for {{username}} +duplicateEmailsAllowed=Duplicate emails +deleteEventsConfirm=If you clear all events of this realm, all records will be permanently cleared in the database +noGroupsInThisRealmInstructions=You haven't created any groups in this realm. Create a group to get started. +eventTypes.REMOVE_TOTP_ERROR.name=Remove totp error +groupUpdateError=Error updating group {{error}} +logoutAllSessions=Logout all sessions +membershipUserLdapAttribute=Membership user LDAP attribute +noKeysDescription=You haven't created any active keys +rememberMeHelpText=Show checkbox on login page to allow user to remain logged in between browser restarts until session expires. +eventTypes.UPDATE_EMAIL.name=Update email +notBeforeHelp=Revoke any tokens issued before this time for this client. To push the policy, you should set an effective admin URL in the Settings tab first. +protocolTypes.saml=SAML +idTokenSignatureAlgorithm=ID token signature algorithm +displayHeaderHintHelp=A user-friendly name for the group that should be used when rendering a group of attributes in user-facing forms. Supports keys for localized values as well. For example\: ${profile.attribute.group.address}. +providerInfo=Provider info +ssoServiceUrl=Single Sign-On service URL +inputHelperTextAfter=Helper text (under) the input field +appliedByClients=Applied by the following clients +createFlowHelp=You can create a top level flow within this from +defaultLocaleHelp=The initial locale to use. It is used on the login screen and other screens in the Admin UI and Account UI. +deleteConfirmFlowMessage=Are you sure you want to permanently delete the flow "<1>{{flow}}". +webAuthnPolicyAuthenticatorAttachment=Authenticator Attachment +logoutServiceSoapBindingUrlHelp=SAML SOAP Binding URL for the client's single logout service. You can leave this blank if you are using a different binding. +kerberos=Kerberos +noNodesInstructions=There are no nodes registered, you can add one manually. +login=Login +eventTypes.IDENTITY_PROVIDER_RETRIEVE_TOKEN_ERROR.name=Identity provider retrieve token error +local=Local +noGroupsInThisSubGroupInstructions=You haven't created any groups in this sub group. +validatorColNames.colName=Validator name +userVerify.required=Required +searchMembers=Search members +keySizeHelp=Size for the generated keys +otpSupportedApplications.totpAppGoogleName=Google Authenticator +clientDeleteConfirmTitle=Delete client? +policyDetails=Policy details +changedUsersSyncHelp=Period for synchronization of changed or newly created LDAP users in seconds +trustEmailHelp=If enabled, email provided by this provider is not verified even if verification is enabled for the realm. +editModeKerberosHelp=READ_ONLY means that password updates are not allowed and user always authenticates with Kerberos password. UNSYNCED means that the user can change the password in the Keycloak database and this one will be used instead of the Kerberos password. +invalidateRotatedSecretExplain=After invalidating rotated secret, the rotated secret will be removed automatically +clientSessionMaxHelp=Max time before a client session is expired. Tokens are invalidated when a session is expired. The option does not affect the global user SSO session. If not set, it uses the standard SSO Session Max value. +clientScopeDetails=Client scope details +requiredHelp=Set the attribute as required. If enabled, the attribute must be set by users and administrators. Otherwise, the attribute is optional. +clientScopeRemoveError=Could not remove the scope mapping {{error}} +mapperTypeRoleLdapMapper=role-ldap-mapper +testConnectionHint.withEmail=When testing the connection an e-mail will be sent to the current user ({{email}}). +adminURLHelp=URL to the admin interface of the client. Set this if the client supports the adapter REST API. This REST API allows the auth server to push revocation policies and other administrative tasks. Usually this is set to the base URL of the client. +otpPolicyPeriodHelp=How many seconds should an OTP token be valid? Defaults to 30 seconds. +otpPolicyCodeReusableHelp=Possibility to use the same OTP code again after successful authentication. +parentId=Parent ID +storePasswordHelp=Password to access the archive itself +directAccess=Direct access grants +logoutServiceSoapBindingUrl=Logout Service SOAP Binding URL +userFedDeletedSuccess=The user federation provider has been deleted. +eventTypes.UNREGISTER_NODE.description=Unregister node +whoWillAppearPopoverTextRoles=This tab shows only the users who are assigned directly to this role. To see users who are assigned this role as an associated role or through a group, go to +showPassword=Show password field in clear text +logic=Logic +clientScopeSearch.type=Assigned type +scopePermissions.groups.manage-membership-description=Policies that decide if an administrator can add or remove users from this group +resourceType=Resource type +copied=Authorization details copied. +scopeName=A unique name for this scope. The name can be used to uniquely identify a scope, useful when querying for a specific scope. +userObjectClassesHelp=All values of LDAP objectClass attribute for users in LDAP, divided by commas. For example\: 'inetOrgPerson, organizationalPerson'. Newly created Keycloak users will be written to LDAP with all those object classes and existing LDAP user records are found just if they contain all those object classes. +userInfoUrlHelp=The User Info Url. This is optional. +clientProfileSearch=Search +addSavedTypes=Add saved types +setPasswordFor=Set password for {{username}} +eventTypes.CODE_TO_TOKEN.name=Code to token +updateUserLocale=Update User Locale +whoWillAppearPopoverTextUsers=Groups are hierarchical. When you select Direct Membership, you see only the child group that the user joined. Ancestor groups are not included. +mapperCreateError=Error creating mapper. +resetBtn=Reset +mode=Mode +kc.realm.name=Realm +userFedDisableConfirmTitle=Disable user federation provider? +impersonate=Impersonate +eventTypes.CLIENT_REGISTER.name=Client register +mappingTable=Table with predefined mapping +requestObject.not\ required=Not required +adminURL=Admin URL +generatedAccessTokenNo=No generated access token +always=Always +pkceEnabledHelp=Use PKCE (Proof of Key-code exchange) for IdP Brokering +settings=Settings +webAuthnPolicyUserVerificationRequirement=User verification requirement +failureFactorHelp=How many failures before wait is triggered. +unlinkAccountTitle=Unlink account from {{provider}}? +noNodes=No nodes registered +singleLogoutServiceUrlHelp=The Url that must be used to send logout requests. +authorizationEncryptedResponseAlg=Authorization response encryption key management algorithm +useTruststoreSpi=Use Truststore SPI +allowEcpFlowHelp=This client is allowed to use ECP flow for authenticating users. +noSessions=No sessions +clipboardCopyError=Error copying to clipboard. +storeTokens=Store tokens +usermodel.clientRoleMapping.rolePrefix.tooltip=A prefix for each client role (optional). +deleteConfirmCurrentUser=Are you sure you want to permanently delete this user +eventTypes.CLIENT_REGISTER_ERROR.description=Client register error +addClientScopesTo=Add client scopes to {{clientName}} +x509=X.509 Subject Name +showDataBtn=Show data +dedicatedScopeDescription=Dedicated scope and mappers for this client +Sunday=Sunday +editMode=Edit mode +updatePasswordPolicySuccess=Password policies successfully updated +passwordHelp=SMTP password. This field is able to obtain its value from vault, use ${vault.ID} format. +clientUpdaterContext=The condition checks the context how is client created/updated to determine whether the policy is applied. For example it checks if client is created with admin REST API or OIDC dynamic client registration. And for the letter case if it is ANONYMOUS client registration or AUTHENTICATED client registration with Initial access token or Registration access token and so on. +removedGroupMembership=Removed group membership +deleteScopeWarning=The permissions below will be removed when they are no longer used by other authorization scopes\: +compositeRoleOff=Composite role turned off +fullSyncPeriod=Full sync period +clientsExplain=Clients are applications and services that can request authentication of a user. +addNode=Add node +jwksUrl=JWKS URL +policy-description=A description for this policy. +defaultPasswordLabel=My password +mapperUserAttributeName=User Attribute Name +importClient=Import client +deleteMapperSuccess=Mapper successfully deleted. +scopeSaveError=Could not persist authorization scope due to {{error}} +used.SPECIFIC_PROVIDERS=Specific providers +deletedSuccessIdentityProvider=Provider successfully deleted. +reload=Reload +eventTypes.CLIENT_INITIATED_ACCOUNT_LINKING_ERROR.description=Client initiated account linking error +eventTypes.IDENTITY_PROVIDER_LOGIN_ERROR.name=Identity provider login error +scopePermissions.groups.view-description=Policies that decide if an administrator can view this group +tokens=Tokens +createFlow=Create flow +encryptAssertionsHelp=Should SAML assertions be encrypted with client's public key using AES? +oAuthDPoPHelp=This enables support for Demonstrating Proof-of-Possession (DPoP) bound tokens. The access and refresh tokens are bound to the key stored on the user agent. In order to prove the possession of the key, the user agent must send a signed proof alongside the token. +unsavedChangesConfirm=You have unsaved changes. Do you really want to leave the page? +disabledOff=Disabled off +membershipLdapAttributeHelp=Name of LDAP attribute on group, which is used for membership mappings. Usually it will be 'member'. However when 'Membership Attribute Type' is 'UID', then 'Membership LDAP Attribute' could be typically 'memberUid'. +usersLeftError=Could not remove users from the group\: {{error}} +addTypes=Add types +pushedAuthorizationRequestRequiredHelp=Boolean parameter indicating whether the authorization server accepts authorization request data only via the pushed authorization request method. +requirement=Requirement +any=Any +minute=Minute +useJwksUrl=Use JWKS URL +wantAssertionsSigned=Want Assertions signed +roleSaveSuccess=The role has been saved +scopeParameter=Scope parameter +unsigned=Unsigned +userGroupsRetrieveStrategy=User groups retrieve strategy +addSubFlow=Add sub-flow +validatingPublicKeyHelp=The public key in PEM format that must be used to verify external IDP signatures. +client-uris-must-match.label=Client URIs Must Match +webAuthnPolicyAcceptableAaguids=Acceptable AAGUIDs +noRoles-roles=No roles in this realm +logoutServiceRedirectBindingURLHelp=SAML Redirect Binding URL for the client's single logout service. You can leave this blank if you are using a different binding. +deleteMapperConfirm=Are you sure you want to permanently delete the mapper {{mapper}}? +scopePermissions.roles.map-role-description=Policies that decide if an administrator can map this role to a user or group +backchannelUrlInvalid=Backchannel logout URL is not a valid URL +eventTypes.LOGIN.description=Login +impersonateConfirm=Impersonate user? +scopePermissions.clients.map-roles-client-scope-description=Policies that decide if an administrator can apply roles defined by this client to the client scope of another client +accessTokenSuccess=Access token regenerated +includeInIdToken.tooltip=Should the claim be added to the ID token? +validRequestURIs=Valid request URIs +allowPasswordAuthentication=Allow password authentication +federationLinkHelp=UserStorageProvider this locally stored user was imported from. +validateUsernameLDAPAttribute=You must enter a username LDAP attribute +pairwiseSubAlgorithmSalt.tooltip=Salt used when calculating the pairwise subject identifier. If left blank, a salt will be generated. +waitIncrementSecondsHelp=When failure threshold has been met, how much time should the user be locked out? +allowKerberosAuthentication=Allow Kerberos authentication +addressClaim.formatted.tooltip=Name of User Attribute, which will be used to map to 'formatted' subclaim inside 'address' token claim. Defaults to 'formatted' . +predefinedMappingDescription=Choose any of the predefined mappings from this table +allowedClockSkew=Allowed clock skew +privateRSAKey=Private RSA Key +createPermission=Create permission +moveToGroup=Move {{group1}} to {{group2}} +noRealmRoles=No realm roles +events-disable-confirm=If "Save events" is disabled, subsequent events will not be displayed in the "Events" menu +reqAuthnConstraints=Requested AuthnContext Constraints +userProfileEnabled=User Profile Enabled +eventTypes.PUSHED_AUTHORIZATION_REQUEST.description=Pushed authorization request +addIdpMapperNameHelp=Name of the mapper. +requirements.ALTERNATIVE=Alternative +claimFilterValueHelp=Value of the essential claim (with regex support) +credentialResetConfirm=Send Email +permissionsEnabledHelp=Determines if fine grained permissions are enabled for managing this role. Disabling will delete all current permissions that have been set up. +consentScreenTextHelp=Text that will be shown on the consent screen when this client scope is added to some client with consent required. Defaults to name of client scope if it is not filled +realmRolesList=Realm roles +roleList=Role list +kerberosRealm=Kerberos realm +scopePermissions.groups.manage-members-description=Policies that decide if an administrator can manage the members of this group +consentRequiredHelp=If enabled, users have to consent to client access. +flow.direct\ grant=Direct grant flow +eventTypes.EXECUTE_ACTION_TOKEN.name=Execute action token +groupName=Group name +eventTypes.RESTART_AUTHENTICATION.name=Restart authentication +authorizationUrl=Authorization URL +eventTypes.VALIDATE_ACCESS_TOKEN.name=Validate access token +contextualAttributes=Contextual Attributes +replyTo=Reply to +providerDescription=Provider description +downloadAdapterConfig=Download adapter config +scopePermissions.clients.view-description=Policies that decide if an administrator can view this client +allowEcpFlow=Allow ECP flow +rsa=rsa +setPasswordConfirmText=Are you sure you want to set the password for the user {{username}}? +updateErrorIdentityProvider=Could not update the provider {{error}} +emptyProfiles=No client profiles configured +createClientProfileError=Could not create client profile\: '{{error}}' +usermodel.clientRoleMapping.clientId.tooltip=Client ID for role mappings. Just client roles of this client will be added to the token. If this is unset, client roles of all clients will be added to the token. +targetOptions.local=LOCAL +addMessageBundleError=Error creating message bundle, {{error}} +pkceMethodHelp=PKCE Method to use +encryption=Encryption +addExecutorError=Executor not created +scopePermissions.clients.manage-description=Policies that decide if an administrator can manage this client +vendor=Vendor +roleRemoveAssociatedText=This action will remove {{role}} from {{roleName}}. All the associated roles of {{role}} will also be removed. +disabled=Disabled +idpInitiatedSsoRelayState=IDP Initiated SSO Relay State +attribute=Attribute +clientScopesConditionTooltip=The list of expected client scopes. Condition evaluates to true if specified client request matches some of the client scopes. It depends also whether it should be default or optional client scope based on the 'Scope Type' configured. +timestamp=Created date +principalAttributeHelp=Name or Friendly Name of the attribute used to identify external users. +nameIdPolicyFormat=NameID policy format +idpInitiatedSsoUrlName=IDP-Initiated SSO URL name +selectMethod=Select method +deleteConfirmExecution=Delete execution? +eventTypes.VALIDATE_ACCESS_TOKEN_ERROR.name=Validate access token error +xFrameOptions=X-Frame-Options +scopeDescriptionHelp=Description of the client scope +deletedErrorRealmSetting=Could not delete realm\: {{error}} +copyInitialAccessToken=Please copy and paste the initial access token before closing as it can not be retrieved later. +consensus=Consensus +scopePermissions.roles.map-role-composite-description=Policies that decide if an administrator can apply this role as a composite to another role +emptyEvents=Nothing to add +residentKey.Yes=Yes +eventTypes.SEND_IDENTITY_PROVIDER_LINK.name=Send identity provider link +ssoSessionIdleRememberMe=Time a remember me session is allowed to be idle before it expires. Tokens and browser sessions are invalidated when a session is expired. If not set it uses the standard SSO Session Idle value. +SSOSessionIdleRememberMe=SSO Session Idle Remember Me +cibaBackchannelTokenDeliveryModeHelp=Specifies how the CD (Consumption Device) gets the authentication result and related tokens. This mode will be used by default for the CIBA clients, which do not have other mode explicitly set. +eventTypes.REGISTER_NODE.description=Register node +supported=Supported +deleteAttributeText=Delete an attribute +deleteNodeSuccess=Node successfully removed +includeInIntrospection.label=Add to token introspection +roleImportSuccess=Role import successful +tokenUrl=Token URL +executionConfig={{name}} config +grantedClientScopes=Granted client scopes +keyError=A key must be provided. +addAnnotationText=Add annotation +helpToggleInfo=This toggle will enable / disable part of the help info in the UI. Includes any help text, links and popovers. +clientProfileName=Client profile name +effectiveProtocolMappers=Effective protocol mappers +userVerify.preferred=Preferred +syncModes.legacy=Legacy +allowRegexComparisonHelp=If OFF, then the Subject DN from given client certificate must exactly match the given DN from the 'Subject DN' property as described in the RFC8705 specification. The Subject DN can be in the RFC2553 or RFC1779 format. If ON, then the Subject DN from given client certificate should match regex specified by 'Subject DN' property. +eventTypes.UPDATE_TOTP_ERROR.description=Update totp error +titleEvents=Events +signServiceProviderMetadata=Sign service provider metadata +updateClientPoliciesError=Provided JSON is incorrect\: Unexpected token { in JSON +acceptsPromptNoneHelp=This is just used together with Identity Provider Authenticator or when kc_idp_hint points to this identity provider. In case that client sends a request with prompt\=none and user is not yet authenticated, the error will not be directly returned to client, but the request with prompt\=none will be forwarded to this identity provider. +roleDetails=Role details +eventTypes.USER_INFO_REQUEST.name=User info request +clientScopeType.none=None +results=Results +userRolesRetrieveStrategyHelp=Specify how to retrieve roles of user. LOAD_ROLES_BY_MEMBER_ATTRIBUTE means that roles fo user will be retrieved by sending LDAP query to retrieve all roles where 'member' is our user. GET_ROLES_FROM_USER_MEMBEROF means that roles of user will be retrieved from 'memberOf' attribute of our user. Or from the other attributes specified by 'Member-Of LDAP Attribute'. LOAD_ROLES_BY_MEMBER_ATTRIBUTE is applicable just in Active Directory and it means that roles of user will be retrieved recursively with usage of LDAP_MATCHING_RULE_IN_CHAIN LDAP extension. +roleDeleteError=Could not delete role\: {{error}} +selectScope=Select a scope +attributeDefaultValue=Attribute default value +eventTypes.UPDATE_PASSWORD_ERROR.name=Update password error +addGroups=Add groups +offlineSessionIdle=Offline Session Idle +mapperAttributeFriendlyName=Friendly name +addProvider=Add provider +readOnlyHelp=Read-only attribute is imported from LDAP to UserModel, but it's not saved back to LDAP when user is updated in Keycloak. +resourceDeletedError=Could not remove the resource {{error}} +backchannelLogoutUrl=Backchannel logout URL +requestObjectEncodingHelp=JWE algorithm, which client needs to use when encrypting the content of the OIDC request object specified by 'request' or 'request_uri' parameters. If set to 'any', any algorithm is allowed. +minimumQuickLoginWaitSeconds=Minimum quick login wait +duplicate=Duplicate +clientAccesstype=Client Access Type +roleDeleteConfirm=Delete role? +createClientProfileNameHelperText=The name must be unique within the realm +disabledHelp=A disabled user cannot log in. +eventTypes.UPDATE_PROFILE_ERROR.name=Update profile error +adminThemeHelp=Select a theme for administration console. +name=Name +deleteConfirmDialog_other=Are you sure you want to permanently delete {{count}} selected users +targetOptions.brokerUsername=BROKER_USERNAME +clientList=Clients +eventTypes.REGISTER_ERROR.description=Register error +infoDisabledFeatures=Shows all disabled features. +userSession.modelNote.label=User Session Note +next=Next +userLabel=User label +pagination=Pagination +changeAuthenticatorConfirm=If you change authenticator to {{clientAuthenticatorType}}, the Keycloak database will be updated and you may need to download a new adapter configuration for this client. +import=Import +otpHashAlgorithm=OTP hash algorithm +importFail=Import failed\: {{error}} +show=Show +description=Description +alwaysReadValueFromLdap=Always read value from LDAP +searchUserEventsBtn=Search events +addressClaim.postal_code.tooltip=Name of User Attribute, which will be used to map to 'postal_code' subclaim inside 'address' token claim. Defaults to 'postal_code' . +generatedUserInfoNo=No generated user info +allowed-client-scopes.label=Allowed Client Scopes +providerId=Provider ID +assignedClientScope=Assigned client scope +savePasswordSuccess=The password has been set successfully. +Tuesday=Tuesday +idTokenEncryptionContentEncryptionAlgorithm=ID token encryption content encryption algorithm +newRoleName=New role name +listExplain=Identity providers are social networks or identity brokers that allow users to authenticate to Keycloak. +emptyInstructions=Change your search criteria or add a user +tableView=Table view +addClientProfile=Add client profile +maxFailureWaitSeconds=Max wait +userEventsRegistered=User events registered +renameAGroup=Rename group +eventConfigError=Could not save event configuration {{error}} +confirmAccessTokenTitle=Regenerate registration access token? +target=Target +impersonateConfirmDialog=Are you sure you want to log in as this user? If this user is in the same realm with you, your current login session will be logged out before you log in as this user. +alwaysDisplayInUI=Always display in UI +protocolMapper=Protocol... +requiredSettings=Required Settings +oneLevel=One Level +userSaved=The user has been saved +useRefreshTokens=Use refresh tokens +standardFlowHelp=This enables standard OpenID Connect redirect based authentication with authorization code. In terms of OpenID Connect or OAuth2 specifications, this enables support of 'Authorization Code Flow' for this client. +clientDeleteConfirm=If you delete this client, all associated data will be removed. +derFormattedHelp=Activate this if the certificate is DER formatted in LDAP and not PEM formatted. +eventTypes.IDENTITY_PROVIDER_POST_LOGIN.name=Identity provider post login +scopePermissions.users.view-description=Policies that decide if an administrator can view all users in realm +ldapGeneralOptionsSettingsDescription=This section contains a few basic options common to all user storage providers. +importSkipped_one=One record skipped. +eventTypes.OAUTH2_DEVICE_AUTH.description=Oauth2 device authentication +notBeforeClearedSuccess=Success\! "Not Before" cleared for realm. +policySaveError=Could not update the policy due to {{error}} +experimental=Experimental +idTokenSignatureAlgorithmHelp=JWA algorithm used for signing ID tokens. +deleteResourceConfirm=If you delete this resource, some permissions will be affected. +httpPostBindingResponse=HTTP-POST binding response +tokenLifespan.inherited=Inherits from realm settings +saveEvents=Save events +issuer=Issuer +policyEnforcementModeHelp=The policy enforcement mode dictates how policies are enforced when evaluating authorization requests. 'Enforcing' means requests are denied by default even when there is no policy associated with a given resource. 'Permissive' means requests are allowed even when there is no policy associated with a given resource. 'Disabled' completely disables the evaluation of policies and allows access to any resource. +selectAUser=Select a user +groupCreated=Group created +generateError=Could not generate new key pair and certificate {{error}} +testClusterSuccess=Successfully verified availability for\: {{successNodes}} +whoWillAppearLinkTextRoles=Who will appear in this user list? +attestationPreference.not\ specified=Not specified +importConfigHelp=Import metadata from a downloaded IDP discovery descriptor. +targetClaim=Target claim +assignRole=Assign role +accessSettings=Access settings +updateFlowSuccess=Flow successfully updated +xXSSProtectionHelp=This header configures the Cross-site scripting (XSS) filter in your browser. Using the default behaviour, the browser will prevent rendering of the page when a XSS attack is detected. <1>Learn more +authenticatedAccessPolicies=Authenticated access polices +addExecutor=Add executor +selectIfResourceExists=If a resource already exists, specify what should be done +passwordPoliciesHelp.notEmail=The password cannot match the email address of the user. +deleteAttributeGroupError=Could not delete user attributes group\: {{error}} +trustEmail=Trust Email +credentialReset=Credentials Reset +eventTypes.CUSTOM_REQUIRED_ACTION_ERROR.name=Custom required action error +deleteValidatorConfirmTitle=Delete validator? +claimJsonType=JSON type that should be used to populate the json claim in the token. long, int, boolean, String and JSON are valid values. +kc.client.network.ip_address=Client IPv4 Address +signatureAndEncryption=Signature and Encryption +reset=Reset +hardcodedUserSessionAttribute=When a user is imported from a provider, hardcode a value to a specific user session attribute. +conditionType=Condition type +multiValued=Indicates if attribute supports multiple values. If true, the list of all values of this attribute will be set as claim. If false, just first value will be set as claim +browse=Browse +duplicateEmailsHelpText=Allow multiple users to have the same email address. Changing this setting will also clear the user's cache. It is recommended to manually update email constraints of existing users in the database after switching off support for duplicate email addresses. +importOverwritten_zero=No records overwritten. +usermodel.realmRoleMapping.rolePrefix.label=Realm Role prefix +eventTypes.GRANT_CONSENT.name=Grant consent +noProvidersLinked=No identity providers linked. Choose one from the list below. +testConnectionSuccess=Success\! SMTP connection successful. E-mail was sent\! +samlSettings=SAML settings +userFedDisableConfirm=If you disable this user federation provider, it will not be considered for queries and imported users will be disabled and read-only until the provider is enabled again. +userSessionAttribute=User Session Attribute +enabled=Enabled +forgotPassword=Forgot password +searchUserByAttributeMissingValueError=Specify a attribute value +passwordPoliciesHelp.maxLength=The maximum number of characters allowed in the password. +moveGroupError=Could not move group {{error}} +clientImportSuccess=Client imported successfully +dragHelp=Press space or enter to begin dragging, and use the arrow keys to navigate up or down. Press enter to confirm the drag, or any other key to cancel the drag operation. +startTime=Start time +logicHelp=The logic dictates how the policy decision should be made. If 'Positive', the resulting effect (permit or deny) obtained during the evaluation of this policy will be used to perform a decision. If 'Negative', the resulting effect will be negated, in other words, a permit becomes a deny and vice-versa. +allowRegexComparison=Allow regex pattern comparison +noSessionsForUser=There are currently no active sessions for this user. +eventTypes.IDENTITY_PROVIDER_LINK_ACCOUNT_ERROR.description=Identity provider link account error +implicitFlowHelp=This enables support for OpenID Connect redirect based authentication without authorization code. In terms of OpenID Connect or OAuth2 specifications, this enables support of 'Implicit Flow' for this client. +user-events-cleared-error=Could not clear the user events {{error}} +eventTypes.IMPERSONATE_ERROR.name=Impersonate error +executorType=Executor type +configureMappingDescription=Choose any of the mappings from this table +keystorePassword=Keystore password +mapperTypeHardcodedLdapRoleMapperHelp=Users imported from LDAP will be automatically added into this configured role. +more={{count}} more +clientNameHelp=Specifies display name of the client. For example 'My Client'. Supports keys for localized values as well. For example\: ${my_client} +mappersList=Mappers list +rootUrl=Root URL +realmExplain=A realm manages a set of users, credentials, roles, and groups. A user belongs to and logs into a realm. Realms are isolated from one another and can only manage and authenticate the users that they control. +inputHelperTextBefore=Helper text (above) the input field +webAuthnPolicyExtraOrigins=Extra Origins +samlSignatureKeyName=SAML signature key name +validateUsersDn=You must enter users DN +importError=Could not import certificate {{error}} +logicType.negative=Negative +otpPolicy=OTP Policy +noRolesInstructions-groups=You haven't created any roles for this group. Create a role to get started. +cibaBackchannelTokenDeliveryMode=Backchannel Token Delivery Mode +validateAttributeName=Attribute configuration without name is not allowed. +eventTypes.RESET_PASSWORD_ERROR.description=Reset password error +addUser=Add user +eventTypes.REGISTER.description=Register +includeAuthnStatementHelp=Should a statement specifying the method and timestamp be included in login responses? +evaluateError=Could not evaluate due to\: {{error}} +iconUriHelp=A URI pointing to an icon. +eventTypes.OAUTH2_DEVICE_VERIFY_USER_CODE.name=Oauth2 device verify user code +protocol=Protocol +permissionsScopeName=Scope-name +validPostLogoutRedirectURIsHelp=Valid URI pattern a browser can redirect to after a successful logout. A value of '+' or an empty field will use the list of valid redirect uris. A value of '-' will not allow any post logout redirect uris. Simple wildcards are allowed such as 'http\://example.com/*'. Relative path can be specified too such as /my/relative/path/*. Relative paths are relative to the client root URL, or if none is specified the auth server root URL is used. +manageAccount=Manage account +oauthDeviceAuthorizationGrant=OAuth 2.0 Device Authorization Grant +copyFlowError=Could not duplicate flow\: {{error}} +roleRemoveAssociatedRoleConfirm=Remove associated role? +httpPostBindingAuthnRequest=HTTP-POST binding for AuthnRequest +includeInAccessToken.label=Add to access token +samlKeysExportSuccess=Successfully exported keys +usersInRole=Users in role +policyProvider.group=Define conditions for your permissions where a set of one or more groups (and their hierarchies) is permitted to access an object. +updatedUserProfileError=User Profile configuration hasn't been saved +emptyPermissions=No permissions +deletePermission=Permanently delete permission? +selectUser=Select a user whose identity is going to be used to query permissions from the server. +resultPermit=Result-Permit +userFederationExplain=User federation provides access to external databases and directories, such as LDAP and Active Directory. +emptyAuthorizationScopes=No authorization scopes +noDefaultGroups=No default groups +policyProvider.time=Define time conditions for your permissions. +updateFlowError=Could not update flow\: {{error}} +valuePlaceholder=Type a value +usersLeft_other={{count}} users left the group +updateClientContext=Update Client Context +removeAssociatedRoles=Remove associated roles +nameIdPolicyFormatHelp=Specifies the URI reference corresponding to a name identifier format. +mappers=Mappers +attributeGeneralSettingsDescription=This section contains a few basic settings common to all attributes. +name-id-format=Name ID Format +deleteRealm=Delete realm +noRoles-clientScopes=No roles for this client scope +deleteFlowError=Could not delete flow\: {{error}} +eventTypes.IDENTITY_PROVIDER_POST_LOGIN.description=Identity provider post login +roleImportError=Could not import role +regexAttributeValuesHelp=If enabled attribute values are interpreted as regular expressions. +userCreated=The user has been created +residentKey.not\ specified=Not specified +clientUpdaterSourceHost=The condition checks the host/domain of the entity who tries to create/update the client to determine whether the policy is applied. +alwaysReadValueFromLdapHelp=If on, then during reading of the LDAP attribute value will always used instead of the value from Keycloak DB. +usermodel.clientRoleMapping.tokenClaimName.tooltip=Name of the claim to insert into the token. This can be a fully qualified name like 'address.street'. In this case, a nested json object will be created. To prevent nesting and use dot literally, escape the dot with backslash (\\.). The special token ${client_id} can be used and this will be replaced by the actual client ID. Example usage is 'resource_access.${client_id}.roles'. This is useful especially when you are adding roles from all the clients (Hence 'Client ID' switch is unset) and you want client roles of each client stored separately. +scopePermissions.clients.map-roles-description=Policies that decide if an administrator can map roles defined by this client +signAssertions=Sign assertions +disableUserInfoHelp=Disable usage of User Info service to obtain additional user information? Default is to use this OIDC service. +xFrameOptionsHelp=Default value prevents pages from being included by non-origin iframes <1>Learn more +copyError=Error copying authorization details\: {{error}} +validateSignatures=Enable/disable signature validation of SAML responses. +authentication=Authentication +eventTypes.DELETE_ACCOUNT.name=Delete account +logoutUrlHelp=End session endpoint to use to logout user from external IDP. +noUserDetails=No user details +sync-ldap-groups-to-keycloak=Sync LDAP groups to Keycloak +attestationPreference.indirect=Indirect +frontchannelUrlInvalid=Front-channel logout URL is not a valid URL +noCredentialsText=This user does not have any credentials. You can set password for this user. +deletePolicyWarning=The aggregated polices below will be removed automatically\: +validatingPublicKey=Validating public key +permissionsListIntro=Edit the permission list by clicking the scope-name. It then redirects to the permission details page of the client named <1>{{realm}} +deleteClientConditionSuccess=Condition deleted successfully. +signatureAlgorithm=Signature algorithm +deleteConfirmIdentityProvider=Are you sure you want to permanently delete the provider '{{provider}}'? +resetActions=Reset Actions +cibaExpiresInHelp=The expiration time of the "auth_req_id" in seconds since the authentication request was received. +eventTypes.CLIENT_INFO_ERROR.description=Client info error +batchSize=Batch size +user=User +scopesAsRequested=Scopes are requested +updateErrorClientScope=Could not update client scope\: '{{error}}' +eventTypes.OAUTH2_DEVICE_VERIFY_USER_CODE.description=Oauth2 device verify user code +useKerberosForPasswordAuthentication=Use Kerberos for password authentication +validateUuidLDAPAttribute=You must enter a UUID LDAP attribute +client-scopes-condition.tooltip=The list of expected client scopes. Condition evaluates to true if specified client request matches some of the client scopes. It depends also whether it should be default or optional client scope based on the 'Scope Type' configured. +rootURLHelp=Root URL appended to relative URLs +anonymousAccessPolicies=Anonymous access polices +createResourceBasedPermission=Create resource-based permission +searchForRole=Search role +xXSSProtection=X-XSS-Protection +debugHelp=Enable/disable debug logging to standard output for Krb5LoginModule. +validatorColNames.colConfig=Config +createClient=Create client +inputTypeRows=Input rows +eventTypes.IDENTITY_PROVIDER_FIRST_LOGIN.description=Identity provider first login +usedMemory=Used memory +validatePasswordPolicyHelp=Determines if Keycloak should validate the password with the realm password policy before updating it. For the case when user's password is saved in LDAP, some Keycloak password policies will not work (Not Recently Used, Expire Password, Hashing Iterations, Hashing Algorithm) due the fact that Keycloak does not have direct control over the password storage. It is needed to enable password policies at the LDAP server layer if you want to leverage those password policies. +quickLoginCheckMilliSeconds=Quick login check milliseconds +createResourceSuccess=Resource created successfully +documentation=Documentation +fullNameLdapReadOnlyHelp=For Read-only, data is imported from LDAP to Keycloak DB, but it's not saved back to LDAP when the user is updated in Keycloak. +roleExplain=Realm roles are the roles that you define for use in the current realm. +whatIsDefaultGroups=What is the function of default groups? +transient=Transient +generalSettings=General settings +addClientProfileError=Could not create client profile\: '{{error}}' +overallResults=Overall Results +requiredUserActionsHelp=Require an action when the user logs in. 'Verify email' sends an email to the user to verify their email address. 'Update profile' requires user to enter in new personal information. 'Update password' requires user to enter in a new password. 'Configure OTP' requires setup of a mobile password generator. +requestObjectSignatureAlgorithmHelp=JWA algorithm, which client needs to use when sending OIDC request object specified by 'request' or 'request_uri' parameters. If set to 'any', Request object can be signed by any algorithm (including 'none' ). +ldapKerberosSettingsDescription=This section contains options useful for the Kerberos integration. This is used only when the LDAP server is used together with Kerberos/SPNEGO for user authentication. +deleteEvents=Clear events +termsOfServiceUrlHelp=URL that the Relying Party Client provides to the End-User to read about the Relying Party's terms of service +clientSecretError=Could not regenerate client secret due to\: {{error}} +resourcePath=Resource path +useJwksUrlHelp=If the switch is on, identity provider public keys will be downloaded from given JWKS URL. This allows great flexibility because new keys will be always re-downloaded again when identity provider generates new keypair. If the switch is off, public key (or certificate) from the Keycloak DB is used, so when the identity provider keypair changes, you always need to import the new key to the Keycloak DB as well. +mapperTypeHardcodedAttributeMapperHelp=This mapper will hardcode any model user attribute and some property (like emailVerified or enabled) when importing user from LDAP. +downloadAdaptorTitle=Download adaptor configs +client-roles.label=Client Roles +keysFilter.PASSIVE=Passive keys +revocation=Revocation +scopeTypeHelp=Client scopes, which will be added as default scopes to each created client +search=Search +validateEditMode=You must select an edit mode +copyFlowSuccess=Flow successfully duplicated +cacheSettings=Cache settings +searchForClient=Search for client +permissionDeletedError=Could not delete permission due to {{error}} +eventTypes.UPDATE_PROFILE.name=Update profile +realmId=Realm ID +eventTypes.PERMISSION_TOKEN_ERROR.description=Permission token error +algorithmHelp=Intended algorithm for the key +importFile=Import file +userVerify.discouraged=Discouraged +ldapRolesDn=LDAP roles DN +displayOnClientHelp=Applicable only if 'Consent Required' is on for this client. If this switch is off, the consent screen will contain just the consents corresponding to configured client scopes. If on, there will be also one item on the consent screen about this client itself. +requestObjectRequired=Request object required +protocolHelp=Which SSO protocol configuration is being supplied by this client scope +prompts.none=None +resourcesHelp=Specifies that this permission must be applied to a specific resource instance. +passwordConfirmation=Password confirmation +aggregate.attrs.tooltip=Indicates if attribute values should be aggregated with the group attributes. If using OpenID Connect mapper the multivalued option needs to be enabled too in order to get all the values. Duplicated values are discarded and the order of values is not guaranteed with this option. +helpLabel=More help for '{{label}}' +noRoles=No roles for this user +createAttribute=Create attribute +Thursday=Thursday +importOverwritten_one=One record overwritten. +tokenDeleteError=Could not delete initial access token\: '{{error}}' +eventTypes.REGISTER_NODE_ERROR.name=Register node error +isMandatoryInLdap=Is mandatory in LDAP +discoveryEndpoint=Discovery endpoint +claimValue=Claim Value +eventTypes.FEDERATED_IDENTITY_LINK.name=Federated identity link +authenticationHelp=This defines the type of the OIDC client. When it's ON, the OIDC type is set to confidential access type. When it's OFF, it is set to public access type +deleteClientConditionError=Error creating condition\: {{error}} +noMappers=No Mappers +couldNotLinkIdP=Could not link identity provider {{error}} +otpPolicyPeriod=OTP Token period +managePriorities=Manage priorities +createClientPolicySuccess=New policy created +frontendUrlHelp=Set the frontend URL for the realm. Use in combination with the default hostname provider to override the base URL for frontend requests for a specific realm. +used.notInUse=Not in use +emailSettings=Email settings +samlEntityDescriptorHelp=Allows you to load external IDP metadata from a config file or to download it from a URL. +generatedIdTokenHelp=See the example ID Token, which will be generated and sent to the client when selected user is authenticated. You can see claims and roles that the token will contain based on the effective protocol mappers and role scope mappings and also based on the claims/roles assigned to user himself +createClientProfile=Create client profile +passwordPoliciesHelp.specialChars=The number of special characters required in the password string. +cachePolicy=Cache policy +noCredentials=No credentials +clientOfflineSessionIdle=Client Offline Session Idle +eventListeners=Event listeners +bindDn=Bind DN +evictionHourHelp=Hour of the day the entry will become invalid +permissionDetails=Permission details +clipboardCopyDenied=Your browser is blocking access to the clipboard. +Friday=Friday +saveProviderListSuccess=The priority of the provider has been updated successfully. +copyToClipboard=Copy to clipboard +wantAuthnRequestsSigned=Want AuthnRequests signed +usermodel.attr.tooltip=Name of stored user attribute which is the name of an attribute within the UserModel.attribute map. +clientPoliciesProfiles=Client Policies Profiles +eventTypes.SEND_VERIFY_EMAIL.name=Send verify email +requiredForLabel.both=Both users and admins +eventTypes.REGISTER_NODE.name=Register node +addToFilter=Add to filter +CONFIGURE_TOTP=Configure OTP (CONFIGURE_TOTP) +eventTypes.EXECUTE_ACTIONS.description=Execute actions +clientUpdaterSourceRolesHelp=The condition checks the role of the entity who tries to create/update the client to determine whether the policy is applied. +userModelAttributeName=User model attribute name +importResourceError=Could not import the resource due to {{error}} +dynamicScope=Dynamic scope +mapperTypeHardcodedLdapRoleMapper=hardcoded-ldap-role-mapper +validateName=You must enter a name +flowDetails=Flow details +never=Never +includeInIntrospection.tooltip=Should the claim be added to the token introspection? +addressClaim.region.tooltip=Name of User Attribute, which will be used to map to 'region' subclaim inside 'address' token claim. Defaults to 'region' . +IDK-periodicChangedUsersSyncHelp=Should newly created users be created within LDAP store? Priority affects which provider is chosen to sync the new user. +logoutServiceArtifactBindingUrlHelp=SAML ARTIFACT Binding URL for the client's single logout service. You can leave this blank if you are using a different binding. +claimToRole=If a claim exists, grant the user the specified realm or client role. +logoutServicePostBindingURL=Logout Service POST Binding URL +eventTypes.REMOVE_FEDERATED_IDENTITY_ERROR.name=Remove federated identity error +assertionConsumerServicePostBindingURLHelp=SAML POST Binding URL for the client's assertion consumer service (login responses). You can leave this blank if you do not have a URL for this binding. +createAuthorizationScope=Create authorization scope +noGroups=No groups +backchannelLogoutRevokeOfflineSessionsHelp=Specifying whether a "revoke_offline_access" event is included in the Logout Token when the Backchannel Logout URL is used. Keycloak will revoke offline sessions when receiving a Logout Token with this event. +roleID=Role ID +roleNameLdapAttributeHelp=Name of LDAP attribute, which is used in role objects for name and RDN of role. Usually it will be 'cn'. In this case typical group/role object may have DN like 'cn\=role1,ou\=finance,dc\=example,dc\=org'. +origin=Origin +regexPattern=Regex pattern +filteredByClaim=Verify essential claim +rowCancelBtnAriaLabel=Cancel edits for {{messageBundle}} +validateSignatureHelp=Enable/disable signature validation of external IDP signatures. +searchForFlow=Search for flow +verifyEmail=Verify email +notBeforeIntro=In order to successfully push a revocation policy to the client, you need to set an Admin URL under the <1>Settings tab for this client first +addressClaim.locality.label=User Attribute Name for Locality +formatOption=Format option +addAuthnContextClassRef=Add AuthnContext ClassRef +showPasswordDataName=Name +clientScopeTypes.none=None +whoCanEdit=Who can edit? +mappingCreatedSuccess=Mapping successfully created +eventTypes.GRANT_CONSENT.description=Grant consent +client=Client +setToNow=Set to now +eventTypes.OAUTH2_DEVICE_AUTH_ERROR.name=Oauth2 device authentication error +addSubFlowHelp=Sub-Flows can be either generic or form. The form type is used to construct a sub-flow that generates a single flow for the user. Sub-flows are a special type of execution that evaluate as successful depending on how the executions they contain evaluate. +implicitFlow=Implicit flow +authorizationSignedResponseAlgHelp=JWA algorithm used for signing authorization response tokens when the response mode is jwt. +associatedRolesRemoved=Associated roles have been removed +keyAliasHelp=Alias for the private key +whoWillAppearLinkTextUsers=Who will appear in this group list? +tokenClaimName.tooltip=Name of the claim to insert into the token. This can be a fully qualified name like 'address.street'. In this case, a nested json object will be created. To prevent nesting and use dot literally, escape the dot with backslash (\\.). +userName=Username +clientProfileDescription=Description +ellipticCurveHelp=Elliptic curve used in ECDSA +fromPredefinedMapper=From predefined mappers +attributesGroup=Attributes group +ssoSessionMax=Max time before a session is expired. Tokens and browser sessions are invalidated when a session is expired. +clientDeleteError=Could not delete client\: {{error}} +optimizeLookup=Optimize REDIRECT signing key lookup +joinGroupsFor=Join groups for user {{username}} +temporaryLocked=Temporarily locked +setup=Setup +unlinkAccount=Unlink account +executors=Executors +eventTypes.CLIENT_UPDATE_ERROR.name=Client update error +realm=Realm +attributeConsumingServiceIndex=Attribute Consuming Service Index +prompt=Prompt +assign=Assign +disableConfirmRealm=User and clients can't access the realm if it's disabled. Are you sure you want to continue? +showAuthData=Show authorization data +includeInUserInfo.tooltip=Should the claim be added to the userinfo? +select=Select +signature-algorithm=JWA algorithm, which the client needs to use when signing a JWT for authentication. If left blank, the client is allowed to use any appropriate algorithm for the particular client authenticator. +advanced=Advanced +initialCounter=Initial counter +revokeRefreshTokenHelp=If enabled a refresh token can only be used up to 'Refresh Token Max Reuse' and is revoked when a different token is used. Otherwise refresh tokens are not revoked when used and can be used multiple times. +nameField=Name +ownerManagedAccessHelp=If enabled, the access to this resource can be managed by the resource owner. +useLowerCaseBearerTypeHelp=If this is on, token responses will be set the with the type "bearer" in lower-case. By default, the server sets the type as "Bearer" as defined by RFC6750. +addCondition=Add condition +updateSuccessClientScope=Client scope updated +connectionAndAuthentication=Connection & Authentication +clientScopeType.optional=Optional +permissionsDisableConfirm=If you disable the permissions, all the permissions in the list below will be delete automatically. In addition, the resources and scopes that are related will be removed +eventTypes.REFRESH_TOKEN.description=Refresh token +authorization=Authorization +clientProfilesHelpItem=Client profiles help item +userSessionAttributeValue=User Session Attribute Value +dayMonthHelp=Defines the day of month when the policy MUST be granted. You can also provide a range by filling the second field. In this case, permission is granted only if current day of month is between or equal to the two values you provided. +fullNameLdapWriteOnlyHelp=For Write-only, data is propagated to LDAP when a user is created or updated in Keycloak. But this mapper is not used to propagate data from LDAP back into Keycloak. This setting is useful if you configured separate firstName and lastName attribute mappers and you want to use those to read the attribute from LDAP into Keycloak. +userFedDeleteError=Could not delete user federation provider\: '{{error}}' +id=ID +join=Join +clientUpdaterSourceGroupsHelp=The condition checks the group of the entity who tries to create/update the client to determine whether the policy is applied. +idTokenEncryptionContentEncryptionAlgorithmHelp=JWA Algorithm used for content encryption in encrypting ID tokens. This option is needed just if you want encrypted ID tokens. If left empty, ID Tokens are just signed, but not encrypted. +messageBundleDescription=You can edit the supported locales. If you haven't selected supported locales yet, you can only edit the English locale. +saveEventListenersError=Error saving event listener\: {{error}} +scopesHelp=The scopes to be sent when asking for authorization. It can be a space-separated list of scopes. Defaults to 'openid'. +multivalued.tooltip=Indicates if attribute supports multiple values. If true, the list of all values of this attribute will be set as claim. If false, just first value will be set as claim +inputOptionLabelsI18nPrefix=Internationalization key prefix +enabledHelp=Set if the keys are enabled +nameHintHelp=A unique name for the group. This name will be used to reference the group when binding an attribute to a group. +admin-events-cleared-error=Could not clear the admin events {{error}} +usersPermissionsHint=Fine grained permissions for managing all users in realm. You can define different policies for who is allowed to manage users in the realm. +isBinaryAttribute=Is binary attribute +clientScopeList=Client scopes +noValidMetaDataFound=No valid metadata was found at this URL\: '{{error}}' +eventTypes.IDENTITY_PROVIDER_RETRIEVE_TOKEN_ERROR.description=Identity provider retrieve token error +usernameLdapAttribute=Username LDAP attribute +updateResourceSuccess=Resource successfully updated +displayNameHelp=Friendly name for Identity Providers. +idpAccountEmailVerification=IdP account email verification +template=Template +deleteExecutionSuccess=Execution successfully deleted +deleteConfirmTitle_other=Delete groups? +profilesConfigTypes.jsonEditor=JSON editor +testingConnection=Testing connection +noUsersFoundError=No users found due to {{error}} +clientUpdaterSourceGroups=Groups +executorDetails=Executor details +maxDeltaTimeSeconds=Failure reset time +backchannelLogoutHelp=Does the external IDP support backchannel logout? +eventTypes.REMOVE_FEDERATED_IDENTITY_ERROR.description=Remove federated identity error +usermodel.realmRoleMapping.rolePrefix.tooltip=A prefix for each Realm Role (optional). +exportSamlKeyTitle=Export SAML Keys +eventTypes.OAUTH2_DEVICE_VERIFY_USER_CODE_ERROR.description=Oauth2 device verify user code error +eventTypes.EXECUTE_ACTIONS_ERROR.description=Execute actions error +SKIP=Skip +eventTypes.INTROSPECT_TOKEN.description=Introspect token +infoEnabledFeatures=Shows enabled preview and experimental features. +displayOrderHelp=Number defining the order of the providers in GUI (for example, on the Login page). The lowest number will be applied first. +deleteCredentialsConfirm=Are you sure you want to delete these users credentials? +requiredClientScope=Please add at least one client scope. +keysIntro=If "Use JWKS URL switch" is on, you need to fill a valid JWKS URL. After saving, admin can download keys from the JWKS URL or keys will be downloaded automatically by Keycloak server when an unknown KID is seen during client authentication. +logoutServiceArtifactBindingUrl=Logout Service ARTIFACT Binding URL +passwordPoliciesHelp.lowerCase=The number of lowercase letters required in the password string. +searchForProvider=Search for provider +ldapSearchingAndUpdatingSettingsDescription=This section contains options related to searching the LDAP server for the available users. +sessionsType.regularSSO=Regular SSO +allowed-client-scopes.tooltip=Whitelist of the client scopes, which can be used on a newly registered client. Attempt to register client with some client scope, which is not whitelisted, will be rejected. By default, the whitelist is either empty or contains just realm default client scopes (based on 'Allow Default Scopes' configuration property) +maxDeltaTimeSecondsHelp=When will failure count be reset? +executorsHelpItem=Executors help item +contentSecurityPolicy=Content-Security-Policy +client-uris-must-match.tooltip=If on, all Client URIs (Redirect URIs and others) are allowed just if they match some trusted host or domain. +off=Off +frontchannelLogoutHelp=When true, logout requires a browser redirect to client. When false, server performs a background invocation for logout. +updateSuccess=Provider successfully updated +hide=Hide +isMandatoryInLdapHelp=If true, attribute is mandatory in LDAP. Hence if there is no value in Keycloak DB, the empty value will be set to be propagated to LDAP. +client-accesstype.label=Client Access Type +eventTypes.IDENTITY_PROVIDER_POST_LOGIN_ERROR.description=Identity provider post login error +skipCustomizationAndFinish=Skip customization and finish +mappingDeletedSuccess=Mapping successfully deleted +addIdentityProvider=Add {{provider}} provider +flowDescriptionHelp=Help text for the description of the new flow +kc.time.date_time=Date/Time (MM/dd/yyyy hh\:mm\:ss) +principalType=Principal type +ignoreMissingGroupsHelp=Ignore missing groups in the group hierarchy. +updatedCredentialMoveSuccess=User Credential configuration has been saved +deleteExecutorProfileConfirmTitle=Delete executor? +auth=Auth +accessTokenLifespanImplicitFlow=Access Token Lifespan For Implicit Flow +createAttributeSuccess=Success\! User Profile configuration has been saved. +annotations=Annotations +confirmAccessTokenBody=If you regenerate registration access token, the access data regarding the client registration service will be updated. +remainingCount=Remaining count +eventTypes.INVALID_SIGNATURE.description=Invalid signature +download=Download +authScopes=Authorization scopes +requiredWhen=Required when +updatePasswordPolicyError=Could not update the password policies\: '{{error}}' +max-clients.tooltip=It will not be allowed to register a new client if count of existing clients in realm is same or bigger than the configured limit. +uuidLdapAttributeHelp=Name of the LDAP attribute, which is used as a unique object identifier (UUID) for objects in LDAP. For many LDAP server vendors, it is 'entryUUID'; however some are different. For example, for Active directory it should be 'objectGUID'. If your LDAP server does not support the notion of UUID, you can use any other attribute that is supposed to be unique among LDAP users in tree. For example 'uid' or 'entryDN'. +mappingDetails=Mapper details +top-level-flow-type.client-flow=Client flow +eventTypes.GRANT_CONSENT_ERROR.description=Grant consent error +claim=Claim +hardcodedAttribute=When user is imported from provider, hardcode a value to a specific user attribute. +permissionSaveError=Could not update the permission due to {{error}} +optimizeLookupHelp=When signing SAML documents in REDIRECT binding for SP that is secured by Keycloak adapter, should the ID of the signing key be included in SAML protocol message in element? This optimizes validation of the signature as the validating party uses a single key instead of trying every known key for validation. +deleteClientScope_one=Delete client scope {{name}} +accessTokenError=Could not regenerate access token due to\: {{error}} +joinGroups=Join Groups +scopePermissions.clients.configure-description=Reduced management permissions for administrator. Cannot set scope, template, or protocol mappers. +providedBy=Provided by +doNotStoreUsers=Do not store users +ms=milliseconds +ipAddress=IP address +keyID=KEY_ID +spi=SPI +emptyValidators=No validators. +plus=Plus +browserFlow=Browser Flow +anyScope=Any scope +enableDisable=Disabled clients cannot initiate a login or have obtained access tokens. +noUsersFound=No users found +serverInfo=Server info +chooseAPolicyTypeInstructions=Choose one policy type from the list below and then you can configure a new policy for authorization. There are some types and description. +emailThemeHelp=Select a theme for emails that are sent by the server. +principalTypeHelp=Way to identify and track external users from the assertion. Default is using Subject NameID, alternatively you can set up identifying attribute. +Wednesday=Wednesday +consents=Consents +authDetails=Authorization details +mappingDeletedError=Could not delete mapping\: '{{error}}' +minimumQuickLoginWaitSecondsHelp=How long to wait after a quick login failure. +mappedGroupAttributesHelp=List of names of attributes divided by commas. This points to the list of attributes on LDAP group, which will be mapped as attributes of Group in Keycloak. Leave this empty if no additional group attributes are required to be mapped in Keycloak. +deleteGrantsSuccess=Grants successfully revoked. +mapperTypeGroupLdapMapper=group-ldap-mapper +policyEnforcementModes.DISABLED=Disabled +openIdConnectCompatibilityModes=Open ID Connect Compatibility Modes +no=No +code=Code +nameHelp=Help text for the name of the new flow +keys=Keys +defaultSigAlg=Default Signature Algorithm +signatureKeyName=SAML signature key name +notBeforeTooltip=The admin URL should be set in the Settings tab first. +resourcesToImport=Resources to import +selectRole.label=Select Role +isBinaryAttributeHelp=Should be true for binary LDAP attributes. +whoWillAppearPopoverFooterText=Users who have this role as an effective role cannot be added on this tab. +eventTypes.RESTART_AUTHENTICATION_ERROR.name=Restart authentication error +generatedUserInfoIsDisabled=Generated user info is disabled when no user is selected +nameHelpHelp=Name of the mapper +prompts.consent=Consent +flowNameHelp=Help text for the name of the new flow +webAuthnPolicyRpEntityName=Relying party entity name +lastEvaluation=Last Evaluation +createClientConditionError=Error creating condition\: {{error}} +serverPrincipalHelp=Full name of server principal for HTTP service including server and domain name. For example, HTTP/host.foo.org@FOO.ORG +enableStartTlsHelp=Encrypts the connection to LDAP using STARTTLS, which will disable connection pooling +resourceScopeSuccess=The authorization scope successfully deleted +userIdHelperText=Enter the unique ID of the user for this identity provider. +forwardParametersHelp=Non OpenID Connect/OAuth standard query parameters to be forwarded to external IDP from the initial application request to Authorization Endpoint. Multiple parameters can be entered, separated by comma (,). +on=On +changeAuthenticatorConfirmTitle=Change to {{clientAuthenticatorType}}? +eventTypes.OAUTH2_DEVICE_AUTH.name=Oauth2 device authentication +admin-events-cleared=The admin events have been cleared +or=or +deleteDialogTitle=Delete attribute group? +eventTypes.CLIENT_INITIATED_ACCOUNT_LINKING.description=Client initiated account linking +annotationsText=Annotations +ldapAttributeName=LDAP attribute name +acceptsPromptNone=Accepts prompt\=none forward from client +loginThemeHelp=Select theme for login, OTP, grant, registration and forgot password pages. +AESKeySizeHelp=Size in bytes for the generated AES key. Size 16 is for AES-128, Size 24 for AES-192, and Size 32 for AES-256. WARN\: Bigger keys than 128 are not allowed on some JDK implementations. +client-accesstype.tooltip=Access Type of the client, for which the condition will be applied. Confidential client has enabled client authentication when public client has disabled client authentication. Bearer-only is a deprecated client type. +oneTimePassword=One-Time Password +invalidateRotatedError=Could not remove rotated secret\: {{error}} +excludeSessionStateFromAuthenticationResponseHelp=If this is on, the parameter 'session_state' will not be included in OpenID Connect Authentication Response. It is useful if the client uses an older OIDC / OAuth2 adapter, which does not support the 'session_state' parameter. +useRefreshTokenForClientCredentialsGrantHelp=If this is on, a refresh_token will be created and added to the token response if the client_credentials grant is used. The OAuth 2.0 RFC6749 Section 4.4.3 states that a refresh_token should not be generated when client_credentials grant is used. If this is off then no refresh_token will be generated and the associated user session will be removed. +userManagedAccess=User-managed access +initialAccessToken=Initial access token +rowEditBtnAriaLabel=Edit {{messageBundle}} +evictionDay=Eviction day +vendorHelp=LDAP vendor (provider) +applyToResourceType=Apply to Resource Type +addDefaultGroups=Add default groups +selectRole.tooltip=Enter role in the textbox to the left, or click this button to browse and select the role you want. +filterGroups=Filter groups +validPostLogoutRedirectUri=Valid post logout redirect URIs +authnContextClassRefs=AuthnContext ClassRefs +deleteCredentialsSuccess=The credentials has been deleted successfully. +eventTypes.PERMISSION_TOKEN_ERROR.name=Permission token error +userProfileSuccess=User profile settings successfully updated. +attributeDefaultValueHelp=If there is no value in Keycloak DB and attribute is mandatory in LDAP, this value will be propagated to LDAP. +cibaPolicy=CIBA Policy +Saturday=Saturday +importSkipped_other={{count}} records skipped. +membershipAttributeTypeHelp=DN means that LDAP group has it's members declared in form of their full DN. For example 'member\: uid\=john,ou\=users,dc\=example,dc\=com'. UID means that LDAP group has it's members declared in form of pure user uids. For example 'memberUid\: john'. +unsavedChangesTitle=Unsaved changes +emptyResourcesInstructions=If you want to create a resource, please click the button below. +save-user-events=If enabled, user events are saved to the database, which makes events available to the admin and account management UIs. +otpSupportedApplications.totpAppFreeOTPName=FreeOTP +validPostLogoutRedirectURIs=Valid URI pattern a browser can redirect to after a successful logout. A value of '+' or an empty field will use the list of valid redirect uris. A value of '-' will not allow any post logout redirect uris. Simple wildcards are allowed such as 'http\://example.com/*'. Relative path can be specified too such as /my/relative/path/*. Relative paths are relative to the client root URL, or if none is specified the auth server root URL is used. +composite=Composite +recommendedSsoTimeout=It is recommended for this value to be shorter than the SSO session idle timeout\: {{time}} +sessionExplain=Sessions are sessions of users in this realm and the clients that they access within the session. +noSearchResults=No search results +eventTypes.AUTHREQID_TO_TOKEN.description=Authreqid to token +recent=Recent +executeActions=Execute actions +policyProvider.aggregate=Reuse existing policies to build more complex ones and keep your permissions even more decoupled from the policies that are evaluated during the processing of authorization requests. +advancedAttributeToRole=If the set of attributes exists and can be matched, grant the user the specified realm or client role. +userEventsSettings=User events settings +deny=Deny +moveGroupSuccess=Group moved +eventTypes.USER_INFO_REQUEST.description=User info request +userDeletedError=The user could not be deleted {{error}} +edit=Edit +authorizationScopeDetails=Authorization scope details +ldapGroupsDnHelp=LDAP DN where groups of this tree are saved. For example 'ou\=groups,dc\=example,dc\=org' +readOnly=Read only +client-updater-trusted-hosts.tooltip=List of Hosts, which are trusted. In case that client registration/update request comes from the host/domain specified in this configuration, condition evaluates to true. You can use hostnames or IP addresses. If you use star at the beginning (for example '*.example.com' ) then whole domain example.com will be trusted. +resultDeny=Result-Deny +kc.client.network.host=Client Host +noResourceCreateHint=There are no resources you can't create resource-based permission +directMembership=Direct membership +addExecutionTitle=Add an execution +associatedRolesText=Associated roles +clientIdHelp=The client identifier registered with the identity provider. +eventTypes.INVALID_SIGNATURE_ERROR.name=Invalid signature error +clientSecretSuccess=Client secret regenerated +oAuthDeviceCodeLifespan=OAuth 2.0 Device Code Lifespan +ldapConnectionAndAuthorizationSettingsDescription=This section contains options related to the configuration of the connection to the LDAP server. It also contains options related to authentication of the LDAP connection to the LDAP server. +clientSaveSuccess=Client successfully updated +ecdsaGenerated=ecdsca-generated +flow-type.basic-flow=Generic +oAuthDevicePollingInterval=OAuth 2.0 Device Polling Interval +deletedSuccessRealmSetting=The realm has been deleted +webauthnPasswordlessPolicy=Webauthn Passwordless Policy +editUserLabel=Edit User Label Button +conditions=Conditions +addUri=Add URI +excludeIssuerFromAuthenticationResponse=Exclude Issuer From Authentication Response +minus=Minus +groupsHelp=Groups where the user has membership. To leave a group, select it and click Leave. +includeGroupsAndRoles=Include groups and roles +groupsPermissionsHint=Determines if fine grained permissions are enabled for managing this role. Disabling will delete all current permissions that have been set up. +searchForMessageBundle=Search for message bundle +offlineSessionMaxHelp=Max time before an offline session is expired regardless of activity. +resourceSaveError=Could not persist resource due to {{error}} +clientsClientScopesHelp=The scopes associated with this resource. +updateCredentialUserLabelError=Error changing user label\: {{error}} +enableHelpMode=Enable help mode +clientPoliciesTab=Client policies tab +ldapGroupsDn=LDAP groups DN +ldapFullNameAttributeHelp=Name of the LDAP attribute, which contains the fullName of the user. Usually it will be 'cn'. +clientRegisterPolicyDeleteConfirm=Are you sure you want to permanently delete the client registration policy {{name}} +jsonEditor=JSON editor +chooseBindingType=Choose binding type +mappingCreatedError=Could not create mapping\: '{{error}}' +deleteClientPolicyProfileConfirmTitle=Delete profile? +passwordPoliciesHelp.forceExpiredPasswordChange=The number of days the password is valid before a new password is required. +envelopeFromHelp=An email address used for bounces (optional). +passwordPoliciesHelp.upperCase=The number of uppercase letters required in the password string. +policyDeletedError=Could not remove the resource {{error}} +key=Key +email=Email +groupDeleted_other=Groups deleted +acrToLoAMappingHelp=Define which ACR (Authentication Context Class Reference) value is mapped to which LoA (Level of Authentication). The ACR can be any value, whereas the LoA must be numeric. +uploadFile=Upload JSON file +loginActionTimeoutHelp=Max time a user has to complete login related actions like update password or configure totp. This is recommended to be relatively long, such as 5 minutes or more +identityProviders=Identity providers +importUsers=Import users +authenticationFlow=Authentication flow +leaveGroup_other=Leave groups? +deleteClientPolicySuccess=Client policy deleted +mapperTypeCertificateLdapMapper=certificate-ldap-mapper +clientAuthentications.client_secret_basic=Client secret sent as basic auth +started=Started +filteredByClaimHelp=If true, ID tokens issued by the identity provider must have a specific claim. Otherwise, the user can not authenticate through this broker. +mapperTypeCertificateLdapMapperHelp=Used to map single attribute which contains a certificate from LDAP user to attribute of UserModel in Keycloak DB +permissionDecisionStrategyHelp=The decision strategy dictates how the policies associated with a given permission are evaluated and how a final decision is obtained. 'Affirmative' means that at least one policy must evaluate to a positive decision in order for the final decision to be also positive. 'Unanimous' means that all policies must evaluate to a positive decision in order for the final decision to be also positive. 'Consensus' means that the number of positive decisions must be greater than the number of negative decisions. If the number of positive and negative is the same, the final decision will be negative. +userManagedAccessHelp=If enabled, users are allowed to manage their resources and permissions using the Account Management UI. +confirm=Confirm +policyType.totp=Time based +addAttribute=Add an attribute +clientScopeSearch.protocol=Protocol +initialAccessTokenDetails=Initial access token details +noMessageBundles=No message bundles +deleteProvider=Delete provider? +inputTypeSize=Input size +createAttributeSubTitle=Create a new attribute +eventTypes.CODE_TO_TOKEN_ERROR.name=Code to token error +emptyAuthorizationInstructions=If you want to create authorization scopes, please click the button below to create the authorization scope +subjectHelp=A regular expression for validating Subject DN in the Client Certificate. Use "(.*?)(?\:$)" to match all kind of expressions. +updatePolicySuccess=Successfully updated the policy +eventTypes.CUSTOM_REQUIRED_ACTION.name=Custom required action +updateExecutorError=Executor not updated +clientIdHelpHelp=Client ID of client to which LDAP role mappings will be mapped. Applicable only if 'Use Realm Roles Mapping' is false. +createdAt=Created at +moveGroupEmpty=No sub groups +rolesHelp=Select the roles you want to associate with the selected user. +samlEntityDescriptor=SAML entity descriptor +passwordPolicyHintsEnabled=Password policy hints enabled +enableLdapv3PasswordHelp=Use the LDAPv3 Password Modify Extended Operation (RFC-3062). The password modify extended operation usually requires that LDAP user already has password in the LDAP server. So when this is used with 'Sync Registrations', it can be good to add also 'Hardcoded LDAP attribute mapper' with randomly generated initial password. +syncMode=Sync mode +details=Details +privateRSAKeyHelp=Private RSA Key encoded in PEM format +onDragStart=Dragging started for item {{item}} +pushedAuthorizationRequestRequired=Pushed authorization request required +requirements.REQUIRED=Required +generate=Generate +clientOfflineSessionMaxHelp=Max time before a client offline session is expired. If Offline Session Max Limited is enabled at realm level, offline tokens are invalidated when a client offline session is expired. The option does not affect the global user SSO session. If not set, it uses the realm Offline Session Max value. +resetPasswordBtn=Reset password +strictTransportSecurity=HTTP Strict Transport Security (HSTS) +editInfo=Edit info +offlineSessionMaxLimited=Offline Session Max Limited +providerCreateSuccess=New client policy created successfully +disableSigning=Disable "{{key}}" +periodicChangedUsersSync=Periodic changed users sync +searchScope=Search scope +dateFrom=Date(from) +importAdded_one=One record added. +clientAccessType=It uses the client's access type (confidential, public, bearer-only) to determine whether the policy is applied. Condition is checked during most of OpenID Connect requests (Authorization requests, token requests, introspection endpoint request, etc.). Confidential client has enabled client authentication when public client has disabled client authentication. Bearer-only is a deprecated client type. +firstName=First name +emptySecondaryAction=Configure a new mapper +defaultGroupAdded_one=New group added to the default groups +unexpectedError=An unexpected error occurred\: '{{error}}' +removeAllAssociatedRolesConfirmDialog=This action will remove the associated roles of {{name}}. Users who have permission to {{name}} will no longer have access to these roles. +noRolesInstructions=You haven't assigned any roles to this user. Assign a role to get started. +authorizationEncryptedResponseEncHelp=JWA Algorithm used for content encryption in encrypting the authorization response when the response mode is jwt. This option is needed if you want encrypted authorization response. If left empty, the authorization response is just signed, but not encrypted. +permissionName=The name of this permission. +postBrokerLoginFlowAliasHelp=Alias of authentication flow, which is triggered after each login with this identity provider. Useful if you want additional verification of each user authenticated with this identity provider (for example OTP). Leave this to "None" if you need no any additional authenticators to be triggered after login with this identity provider. Also note that authenticator implementations must assume that user is already set in ClientSession as identity provider already set it. +preview=Preview +eventTypes.UNREGISTER_NODE_ERROR.name=Unregister node error +clientRegisterPolicyDeleteConfirmTitle=Delete client registration policy? +groupDetails=Group details +sessionsType.allSessions=All session types +kid=Kid +sessionsType.serviceAccount=Service account +allowKerberosAuthenticationHelp=Enable/disable HTTP authentication of users with SPNEGO/Kerberos tokens. The data about authenticated users will be provisioned from this LDAP server. +oauthDeviceAuthorizationGrantHelp=This enables support for OAuth 2.0 Device Authorization Grant, which means that client is an application on device that has limited input capabilities or lack a suitable browser. +clientSignatureHelp=Will the client sign their saml requests and responses? And should they be validated? +importOverwritten_other={{count}} records overwritten. +requirements.CONDITIONAL=Conditional +leaveGroupConfirmDialog_one=Are you sure you want to remove {{username}} from the group {{groupname}}? +kc.client.user_agent=Client/User Agent +frontendUrl=Frontend URL +permissionDeletedSuccess=Successfully deleted permission +clientScopeRemoveSuccess=Scope mapping successfully removed +addClientScopes=Add client scopes +doNotStoreUsersHelp=When enabled, users from this broker are not persisted in internal database. +deletePolicyConfirm=If you delete this policy, some permissions or aggregated policies will be affected. +userCreateError=Could not create user\: {{error}} +user-events-cleared=The user events have been cleared +resetPasswordConfirm=Reset password? +emailAsUsernameHelpText=Allow users to set email as username. +AESKeySize=AES Key Size +fullName={{givenName}} {{familyName}} +deleteConfirm=Are you sure you want to permanently delete the provider '{{provider}}'? +compositesRemovedAlertDescription=All the associated roles have been removed +aliasHelp=The alias uniquely identifies an identity provider and it is also used to build the redirect uri. +selectRealm=Select realm +roleNameLdapAttribute=Role name LDAP attribute +javaKeystore=java-keystore +updatedUserProfileSuccess=User Profile configuration has been saved +deleteProviderMapper=Delete mapper? +clientsPermissionsHint=Fine grained permissions for administrators that want to manage this client or apply roles defined by this client. +lookAroundHelp=How far around should the server look just in case the token generator and server are out of time sync or counter sync? +usersLeft_one={{count}} user left the group +sync-keycloak-groups-to-ldap=Sync Keycloak groups to LDAP +saveError=User federation provider could not be saved\: {{error}} +bruteForceDetection=Brute force detection +loginTimeoutHelp=Max time a user has to complete a login. This is recommended to be relatively long, such as 30 minutes or more +eventTypes.OAUTH2_DEVICE_CODE_TO_TOKEN.name=Oauth2 device code to token +searchGroups=Search groups +trusted-hosts.tooltip=List of Hosts, which are trusted and are allowed to invoke Client Registration Service and/or be used as values of Client URIs. You can use hostnames or IP addresses. If you use star at the beginning (for example '*.example.com' ) then whole domain example.com will be trusted. +disableNonceHelp=Do not send the nonce parameter in the authentication request. The nonce parameter is sent and verified by default. +deleteClientProfile=Delete this client profile +none=None +type=Type +createNewUser=Create new user +emptyClientProfiles=No profiles +internationalization=Internationalization +seconds=Seconds +memberofLdapAttributeHelp=Used just when 'User Roles Retrieve Strategy' is GET_GROUPS_FROM_USER_MEMBEROF_ATTRIBUTE. It specifies the name of the LDAP attribute on the LDAP user, which contains the groups, which the user is member of. Usually it will be the default 'memberOf'. +clientRegisterPolicyDeleteSuccess=Client registration policy deleted successfully +otpPolicyDigits=Number of digits +keysFilter.ACTIVE=Active keys +rsaGenerated=rsa-generated +krbPrincipalAttributeHelp=Name of the LDAP attribute, which refers to Kerberos principal. This is used to lookup appropriate LDAP user after successful Kerberos/SPNEGO authentication in Keycloak. When this is empty, the LDAP user will be looked based on LDAP username corresponding to the first part of his Kerberos principal. For instance, for principal 'john@KEYCLOAK.ORG', it will assume that LDAP username is 'john'. +client-roles-condition.tooltip=Client roles, which will be checked during this condition evaluation. Condition evaluates to true if client has at least one client role with the name as the client roles specified in the configuration. +impersonateError=Could not impersonate the user\: {{error}} +keyLabel=Key +syncChangedUsers=Sync changed users +eventTypes.IDENTITY_PROVIDER_RESPONSE_ERROR.name=Identity provider response error +orderDialogIntro=The order that the providers are listed in the login page or the Account UI. You can drag the row handles to change the order. +clientSessionIdle=Client Session Idle +push=Push +targetClaimHelp=Specifies the target claim which the policy will fetch. +periodicFullSyncHelp=Whether periodic full synchronization of LDAP users to Keycloak should be enabled or not +scopePermissions.users.user-impersonated-description=Policies that decide which users can be impersonated. These policies are applied to the user being impersonated. +forceNameIdFormat=Force name ID format +noMappersInstructions=There are currently no mappers for this identity provider. +deleteConfirmFlow=Delete flow? +addRole=Add role +FAIL=Fail import +userInfoSignedResponseAlgorithmHelp=JWA algorithm used for signed User Info Endpoint response. If set to 'unsigned', User Info Response won't be signed and will be returned in application/json format. +lastName=Last name +isAccessTokenJWT=Access Token is JWT +deleteConfirmDialog_one=Are you sure you want to permanently delete {{count}} selected user +eventTypes.AUTHREQID_TO_TOKEN.name=Authreqid to token +createError=Could not create the identity provider\: {{error}} +excludeIssuerFromAuthenticationResponseHelp=If this is on, the parameter 'iss' will not be included in OpenID Connect Authentication Response. It is useful if the client uses an older OIDC / OAuth2 adapter, which does not support the 'iss' parameter. +eventTypes.AUTHREQID_TO_TOKEN_ERROR.name=Authreqid to token error +deletePermissionConfirm=Are you sure you want to delete the permission {{permission}} +TERMS_AND_CONDITIONS=Terms and Conditions (TERMS_AND_CONDITIONS) +artifactResolutionServiceHelp=SAML Artifact resolution service for the client. This is the endpoint to which Keycloak will send a SOAP ArtifactResolve message. You can leave this blank if you do not have a URL for this binding. +userRoleMappingUpdatedSuccess=User role mapping successfully updated +clientUpdaterTrustedHosts=Trusted Hosts +deleteSuccess=Attributes group deleted. +attributesDropdown=Attributes dropdown +ssoServiceUrlHelp=The Url that must be used to send authentication requests (SAML AuthnRequest). +copy=Copy +credentialData=Data +clientRolesConditionTooltip=Client roles, which will be checked during this condition evaluation. Condition evaluates to true if client has at least one client role with the name as the client roles specified in the configuration. +invalidateSecret=Invalidate +emptyPermissionInstructions=If you want to create a permission, please click the button below to create a resource-based or scope-based permission. +webAuthnPolicyAvoidSameAuthenticatorRegisterHelp=Avoid registering the authenticator that has already been registered. +memberofLdapAttribute=Member-of LDAP attribute +supportedLocales=Supported locales +showPasswordDataValue=Value +webAuthnPolicyAttestationConveyancePreference=Attestation conveyance preference +copyOf=Copy of {{name}} +eventTypes.REMOVE_TOTP.description=Remove totp +evictionMinute=Eviction minute +requiredClient=Please add at least one client. +help=Help +passSubject=Pass subject +deleteFlowSuccess=Flow successfully deleted +nodeReRegistrationTimeoutHelp=Interval to specify max time for registered clients cluster nodes to re-register. If cluster node will not send re-registration request to Keycloak within this time, it will be unregistered from Keycloak +rename=Rename +httpPostBindingLogoutHelp=Indicates whether to respond to requests using HTTP-POST binding. If false, HTTP-REDIRECT binding will be used. +policyProvider.client=Define conditions for your permissions where a set of one or more clients is permitted to access an object. +clientAuthentication=Client authentication +validatePasswordPolicy=Validate password policy +registrationEmailAsUsername=Email as username +webAuthnPolicyFormHelp=Policy for WebAuthn authentication. This one will be used by 'WebAuthn Register' required action and 'WebAuthn Authenticator' authenticator. Typical usage is, when WebAuthn will be used for the two-factor authentication. +createResource=Create resource +data=Data +createNewMapper=Create new mapper +mapperTypeMsadUserAccountControlManager=msad-user-account-control-mapper +deleteNodeFail=Could not delete node\: '{{error}}' +syncModeOverrideHelp=Overrides the default sync mode of the IDP for this mapper. Values are\: 'legacy' to keep the behaviour before this option was introduced, 'import' to only import the user once during first login of the user with this identity provider, 'force' to always update the user during every login with this identity provider and 'inherit' to use the sync mode defined in the identity provider for this mapper. +eventTypes.TOKEN_EXCHANGE_ERROR.description=Token exchange error +strictTransportSecurityHelp=The Strict-Transport-Security HTTP header tells browsers to always use HTTPS. Once a browser sees this header, it will only visit the site over HTTPS for the time specified (1 year) at max-age, including the subdomains. <1>Learn more +authenticationExplain=Authentication is the area where you can configure and manage different credential types. +passwordPoliciesHelp.hashIterations=The number of times a password is hashed before storage or verification. Default\: 27,500. +dropNonexistingGroupsDuringSync=Drop non-existing groups during sync +clientAssertionSigningAlgHelp=Signature algorithm to create JWT assertion as client authentication. In the case of JWT signed with private key or JWT signed with client secret, it is required. If no algorithm is specified, the following algorithm is adapted. RS256 is adapted in the case of JWT signed with private key. HS256 is adapted in the case of JWT signed with client secret. +addProvider_other=Add {{provider}} providers +cibaExpiresIn=Expires In +dynamicScopeFormatHelp=This is the regular expression that the system will use to extract the scope name and variable. +updateMessageBundleError=Error updating message bundle. +resetPasswordConfirmText=Are you sure you want to reset the password for the user {{username}}? +create=Create +noAvailableIdentityProviders=No available identity providers. +passSubjectHelp=During login phase, forward an optional login_hint query parameter to SAML AuthnRequest's Subject. +notBeforeSetToNow=Not Before set for client +resource=Resource +emptyConditions=No conditions configured +profiles=Profiles +userSession.modelNote.tooltip=Name of stored user session note within the UserSessionModel.note map. +filterByRoles=Filter by realm roles +maxLifespan=Max lifespan +host-sending-registration-request-must-match.label=Host Sending Client Registration Request Must Match +eventTypes.VERIFY_PROFILE_ERROR.description=Verify profile error +webOriginsHelp=Allowed CORS origins. To permit all origins of Valid Redirect URIs, add '+'. This does not include the '*' wildcard though. To permit all origins, explicitly add '*'. +noSessionsForClient=There are currently no active sessions for this client. +profilesConfigType=Configure via\: +enableHelp=Help is enabled +xRobotsTagHelp=Prevent pages from appearing in search engines <1>Learn more +client-updater-source-roles.label=Updating entity role +clientRegisterPolicyDeleteError=Could not delete client registration policy\: '{{error}}' +resourceFile=Resource file +admin-clearEvents=Deletes all admin events in the database. +hardcodedRole=When user is imported from provider, hardcode a role mapping for it. +searchType.default=Default search +keysFilter.DISABLED=Disabled keys +link=Link +defaultGroupAddedError=Error adding group(s) to the default group {error} +eventTypes.INVALID_SIGNATURE_ERROR.description=Invalid signature error +idpUnlinkSuccess=The provider link has been removed +providerType=Provider Type +clientSessionIdleHelp=Time a client session is allowed to be idle before it expires. Tokens are invalidated when a client session is expired. The option does not affect the global user SSO session. If not set, it uses the standard SSO Session Idle value. +passwordPoliciesHelp.hashAlgorithm=Applies a hashing algorithm to passwords, so they are not stored in clear text. +scopesSelect=Specifies that this permission must be applied to one or more scopes. +selectMethodType.generate=Generate +emailInvalid=You must enter a valid email. +chooseAPolicyProvider=Choose a policy provider +clientAuthenticationHelp=The client authentication method (cfr. https\://openid.net/specs/openid-connect-core-1_0.html\#ClientAuthentication). In case of JWT signed with private key, the realm private key is used. +kerberosRealmHelp=Name of kerberos realm. For example, FOO.ORG +roleCreateError=Could not create role\: {{error}} +clientSecretHelp=The client secret registered with the identity provider. This field is able to obtain its value from vault, use ${vault.ID} format. +offlineSessionMax=Offline Session Max +generatedUserInfoHelp=See the example User Info, which will be provided by the User Info Endpoint +dynamicScopeFormat=Dynamic scope format +webAuthnPolicyExtraOriginsHelp=The list of extra origin for non-web application. +updatePermissionSuccess=Successfully updated the permission +idpLinkSuccess=Identity provider has been linked +removeAnnotationText=Remove annotation +verifyEmailHelpText=Require user to verify their email address after initial login or after address changes are submitted. +referrerPolicy=Referrer Policy +flow.clients=Client authentication flow +eventTypes.IDENTITY_PROVIDER_FIRST_LOGIN_ERROR.description=Identity provider first login error +groups=Groups +emptyStateText=There aren't any realm roles in this realm. Create a realm role to get started. +includeSubGroups=Include sub-group users +permanentLockoutHelp=Lock the user permanently when the user exceeds the maximum login failures. +logicType.positive=Positive +associatedPolicy=Associated policy +accountTheme=Account theme +webAuthnPolicyAvoidSameAuthenticatorRegister=Avoid same authenticator registration +emptyExecutors=No executors configured +notBeforeNowClear=Not Before cleared for client +selectARole=Select a role +titleAuthentication=Authentication +category=Category +startBySearchingAUser=Start by searching for users +times.days=Days diff --git a/js/apps/admin-ui/maven-resources/theme-resources/messages/messages_es.properties b/js/apps/admin-ui/maven-resources/theme-resources/messages/messages_es.properties new file mode 100644 index 0000000000..c92bcba427 --- /dev/null +++ b/js/apps/admin-ui/maven-resources/theme-resources/messages/messages_es.properties @@ -0,0 +1,273 @@ +storePassword=Contraseña del almacén +logoutServiceRedirectBindingURLHelp=URL de enlace SAML de redirección para la desconexión única del cliente. Puedes dejar esto en blanco si estás usando un enlace distinto. +themes=Temas +password=Contraseña +clientType=''OpenID connect'' permite a los clientes verificar la identidad del usuario final basado en la autenticación realizada por un servidor de autorización. ''SAML'' habilita la autenticación y autorización de escenarios basados en web incluyendo cross-domain y single sign-on (SSO) y utiliza tokens de seguridad que contienen afirmaciones para pasar información. +composite=Compuesto +clientSignature=Firma de Cliente requerida +waitIncrementSecondsHelp=Cuando se ha alcanzado el umbral de fallo, ¿cuanto tiempo debe estar un usuario bloqueado? +nodeHost=Host del nodo +mapperType=Tipo de asignador +quickLoginCheckMilliSeconds=Si ocurren errores de forma concurrente y muy rápida, bloquear al usuario. +edit=Editar +unspecified=no especificado +archiveFormat=Formato de Archivo +validatorDialogColNames.colName=Nombre de rol +associatedRolesText=Roles Asociados +certificateHelp=Certificado de cliente para validar los JWT emitidos por este cliente y firmados con la clave privada del cliente de tu almacén de claves. +credentialType=Tipo +defaultLocale=Idioma por defecto +clientIdHelp=El identificador del cliente registrado con el proveedor de identidad. +forcePostBindingHelp=Usar siempre POST para las respuestas +authorizationUrl=URL de autorización +roleName=Nombre de rol +httpPostBindingAuthnRequestHelp=Indica si AuthnRequest debe ser enviada usando HTTP-POST. Si no está activado se hace HTTP-REDIRECT. +securityDefences=Defensas de seguridad +accessTokenLifespanHelp=Tiempo máximo antes de que un token de acceso expire. Se recomienda que este valor sea corto en relación al tiempo máximo de SSO +includeInAccessToken.tooltip=¿Debería añadirse la identidad reclamada al token de acceso? +redirectURIHelp=La URI de redirección usada para configurar el proveedor de identidad. +idpInitiatedSsoRelayStateHelp=Estado de retransmisión que quieres enviar con una petición SAML cuando se inicia un SSO iniciado por el IDP +attestationPreference.none=ninguno +revocation=Revocación +clientDescriptionHelp=Indica la descripción del cliente. Por ejemplo ''My Client for TimeSheets''. También soporta claves para valores localizados. Por ejemplo\: ${my_client_description} +clientAuthenticator=Cliente autenticador +useEntityDescriptor=Importar metadatos desde un descriptor de entidad remoto de un IDP de SAML +logoutServiceRedirectBindingURL=URL de enlace SAML de redirección para la desconexión +loginActionTimeout=Tiempo máximo de acción en el inicio de sesión +idpInitiatedSsoRelayState=Estado de retransmisión de un SSO iniciado por el IDP +validatingX509Certs=Validando certificado X509 +masterSamlProcessingUrl=URL principal de procesamiento SAML +key=Clave +validRedirectURIs=Patrón de URI válida para la cual un navegador puede solicitar la redirección tras un inicio o cierre de sesión completado. Se permiten comodines simples p.ej. ''http\://example.com/*''. También se pueden indicar rutas relativas p.ej. ''/my/relative/path/*''. Las rutas relativas generarán una URI de redirección usando el host y puerto de la petición. Para SAML, se deben fijar patrones de URI válidos si quieres confiar en la URL del servicio del consumidor indicada en la petición de inicio de sesión. +userInfoUrl=URL de información de usuario +assertionConsumerServicePostBindingURL=Assertion Consumer Service POST Binding URL +usermodel.clientRoleMapping.clientId.label=ID Cliente +identityProviders=Proveedores de identidad +clientId=ID Cliente +nameIdPolicyFormat=Formato de política NameID +idpInitiatedSsoUrlName=Nombre del fragmento de la URL para referenciar al cliente cuando quieres un SSO iniciado por el IDP. Dejando esto vacío deshabilita los SSO iniciados por el IDP. La URL referenciada desde el navegador será\: {server-root}/realms/{realm}/protocol/saml/clients/{client-url-name} +validatingX509CertsHelp=El certificado en formato PEM que debe usarse para comprobar las firmas. +importFile=Archivo de Importación +clientLoginTimeoutHelp=Tiempo máximo que un cliente tiene para finalizar el protocolo de obtención del token de acceso. Debería ser normalmente del orden de 1 minuto. +lastAccess=Último Acceso +ssoSessionIdle=Tiempo máximo que una sesión puede estar inactiva antes de que expire. Los tokens y sesiones de navegador son invalidadas cuando la sesión expira. +xFrameOptions=X-Frame-Options +prompts.none=ninguno +emailTheme=Tema de email +times.minutes=Minutos +nameIdFormatHelp=El formato de NameID que se usará para el título +forcePostBinding=Forzar enlaces POST +discoveryEndpoint=Importar metadatos desde un descriptor de un proveedor de identidad (IDP) remoto. +registerNodeManually=Registrar nodo manualmente +redirectURI=URI de redirección +signDocuments=Firmar documentos +tokenUrl=Token URL +consentRequired=Si está habilitado, los usuarios tienen que consentir el acceso del cliente. +notBefore=No antes de +editUsername=Editar nombre de usuario +lastRegistration=Último registro +requireSsl=Solicitar SSL +samlEntityDescriptor=Te permite cargar metadatos de un proveedor de identidad (IDP) externo de un archivo de coniguración o descargarlo desde una URL. +addIdpMapperName=Nombre del asignador. +wantAuthnRequestsSigned=Firmar AuthnRequests +usermodel.attr.tooltip=Nombre del atributo de usuario almacenado que es el nombre del atributo dentro del map UserModel.attribute. +export=Exportar +generateNewKeys=Generar nuevas claves +offlineSessionIdle=Inactividad de sesión sin conexión +backchannelLogout=Backchannel Logout +userRegistrationHelpText=Habilitar/deshabilitar la página de registro. Un enlace para el registro se mostrará también en la página de inicio de sesión. +revokeRefreshToken=Revocar el token de actualización +minimumQuickLoginWaitSeconds=Tiempo mínimo entre fallos de conexión rápidos +prompts.login=login +offlineSessionIdleHelp=Tiempo máximo inactivo de una sesión sin conexión antes de que expire. Necesitas usar un token sin conexión para refrescar al menos una vez dentro de este periodo, en otro caso la sesión sin conexión expirará. +forceNameIdFormatHelp=Ignorar la petición de sujeto NameID y usar la configurada en la consola de administración. +realmRoles=Roles de dominio +port=Puerto +adminThemeHelp=Selecciona el tema para la consola de administración. +nameIdFormat=Formato de NameID +validRedirectUri=URIs de redirección válidas +clientList=Clientes +userSession.modelNote.label=Nota sesión usuario +logoutServicePostBindingURL=URL de enlace SAML POST para la desconexión +assertionConsumerServicePostBindingURLHelp=SAML POST Binding URL for the client''s assertion consumer service (login responses). You can leave this blank if you do not have a URL for this binding. +singleLogoutServiceUrl=URL de servicio de desconexión único +userAttribute=Atributo de usuario +roles=Roles +description=Descripción +validateSignatureHelp=Habilitar/deshabilitar la validación de firmas de proveedores de identidad (IDP) externos +clientSignatureHelp=¿Firmará el cliente sus peticiones y respuestas SAML? ¿Y deberían ser validadas? +title=Sesiones +keyPasswordHelp=Contraseña para acceder a la clave privada contenida en el archivo +verifyEmail=Verificar email +frontchannelLogout=Desonexión en primer plano (Front Channel) +formatOption=Formato +loginTheme=Tema de inicio de sesión +provider=Proveedor +providerId=ID +titleRoles=Roles de dominio +nodeReRegistrationTimeout=Tiempo de espera de re-registro de nodo +loginTimeout=Tiempo máximo de desconexión +accessTokenLifespan=Duración del token de acceso +setToNow=Fijar a ahora +signAssertionsHelp=¿Deberían firmarse las aserciones en documentos SAML? Este ajuste no es necesario si el documento ya está siendo firmado. +validateSignature=Validar firmas +headers=Cabeceras +fineGrainSamlEndpointConfig=Fine Grain SAML Endpoint Configuration +hours=Horas +encryptAssertions=Cifrar afirmaciones +keyAliasHelp=Alias del archivo de tu clave privada y certificado. +aliasHelp=El alias que identifica de forma única un proveedor de identidad, se usa también para construir la URI de redirección. +tokenClaimName.tooltip=Nombre del reclamo a insertar en el token. Puede ser un nombre completo como ''address.street''. En este caso, se creará un objeto JSON anidado. +maxFailureWaitSeconds=Espera máxima +userName=Usuario +clientProfileDescription=Descripción +ssoSessionMax=Tiempo máximo antes de que una sesión expire. Los tokens y sesiones de navegador son invalidados cuando una sesión expira. +protocolMapper=Protocolo. +times.hours=Horas +sslType.none=ninguno +webOrigins=Orígenes web +realm=Dominio +prompt=Prompt +username=Usuario +importConfig=Importar metadatos desde un descriptor de un proveedor de identidad (IDP) descargado. +bruteForceDetection=Detección de ataques por fuerza bruta +archiveFormatHelp=Formato de archivo Java keystore o PKCS12 +keyAlias=Alias de clave +revokeRefreshTokenHelp=Si está activado los tokens de actualización solo pueden usarse una vez. En otro caso los tokens de actualización no se revocan cuando se utilizan y pueden ser usado múltiples veces. +storedTokensReadableHelp=Habilitar/deshabilitar si los nuevos usuarios pueden leer los tokens almacenados. Esto asigna el rol ''broker.read-token''. +none=ninguno +sslType.all=todas las peticiones +type=Tipo +httpPostBindingResponse=HTTP-POST enlace de respuesta +issuer=Emisor +seconds=Segundos +editUsernameHelp=Si está habilitado, el nombre de usuario es editable, en otro caso es de solo lectura. +id=ID +accountThemeHelp=Selecciona el tema para las páginas de gestión de la cuenta de usuario. +fullScopeAllowedHelp=Permite deshabilitar todas las restricciones. +canonicalizationHelp=Método de canonicalización para las firmas XML +sessions=Sesiones +includeAuthnStatement=Incluir AuthnStatement +jsonType.tooltip=El tipo de JSON que debería ser usado para rellenar la petición de JSON en el token. long, int, boolean y String son valores válidos +multivalued.tooltip=Indica si el atributo soporta múltiples valores. Si está habilitado, la lista de todos los valores de este atributo se fijará como reclamación. Si está deshabilitado, solo el primer valor será fijado como reclamación. +enableStartTLS=Habilitar StartTLS +enableStartTls=Habilitar StartTLS +addIdPMapper=Añadir asignador de proveedor de identidad +trustEmail=Confiar en el email +jsonType.label=Tipo JSON de reclamación +fullScopeAllowed=Permitir todos los ámbitos +push=Push +homeURL=URL por defecto para usar cuando el servidor de autorización necesita redirigir o enviar de vuelta al cliente. +masterSamlProcessingUrlHelp=Si está configurada, esta URL se usará para cada enlace al proveedor del servicio del consumidor de aserciones y servicios de desconexión únicos. Puede ser sobreescrito de forma individual para cada enlace y servicio en el punto final de configuración fina de SAML. +usermodel.attr.label=Atributo de usuario +claimJsonType=El tipo de JSON que debería ser usado para rellenar la petición de JSON en el token. long, int, boolean y String son valores válidos +forceAuthenticationHelp=Indica si el proveedor de identidad debe autenticar al presentar directamente las credenciales en lugar de depender de un contexto de seguridad previo. +testClusterAvailability=Probar disponibilidad del cluster +forceNameIdFormat=Forzar formato NameID +rememberMeHelpText=Muestra la casilla de selección en la página de inicio de sesión para permitir al usuario permanecer conectado entre reinicios del navegador hasta que la sesión expire. +sslType.external=peticiones externas +multiValued=Indica si el atributo soporta múltiples valores. Si está habilitado, la lista de todos los valores de este atributo se fijará como reclamación. Si está deshabilitado, solo el primer valor será fijado como reclamación. +addRole=Añadir rol +ssoServiceUrl=URL de servicio de conexión único (SSO) +clients=Clientes +clientName=Nombre +userRegistration=Registro de usuario +save=Guardar +wantAuthnRequestsSignedHelp=Indica si el proveedor de identidad espera recibir firmadas las AuthnRequest. +login=login +enabled=Habilitado +maxDeltaTimeSeconds=Reinicio del contador de errores +keyPassword=Contraseña de la clave +backchannelLogoutHelp=Does the external IDP support backchannel logout? +SSOSessionIdle=Sesiones SSO inactivas +ssoServiceUrlHelp=La URL que debe ser usada para enviar peticiones de autenticación (SAML AuthnRequest). +trustEmailHelp=Si está habilitado, el email recibido de este proveedor no se verificará aunque la verificación esté habilitada para el dominio. +supportedLocales=Idiomas soportados +maxFailureWaitSecondsHelp=Tiempo máximo que un usuario quedará bloqueado. +issuerHelp=El identificador del emisor para el emisor de la respuesta. Si no se indica, no se realizará ninguna validación. +titleSessions=Sesiones +clientNameHelp=Indica el nombre visible del cliente. Por ejemplo ''My Client''. También soporta claves para valores localizados. Por ejemplo\: ${my_client} +maxDeltaTimeSecondsHelp=¿Cuando se debe reiniciar el contador de errores? +adminURLHelp=URL a la interfaz de administración del cliente. Fija este valor si el cliente soporta el adaptador de REST. Esta API REST permite al servidor de autenticación enviar al cliente políticas de revocación y otras tareas administrativas. Normalment se fija a la URL base del cliente. +contentSecurityPolicy=Content-Security-Policy +rootUrl=URL raíz +rootURL=URL raíz añadida a las URLs relativas +storePasswordHelp=Contraseña para acceder al archivo +frontchannelLogoutHelp=Cuando está activado, la desconexión require una redirección del navegador hacia el cliente. Cuando no está activado, el servidor realiza una invovación de desconexión en segundo plano. +clientLoginTimeout=Tiempo máximo de autenticación +nodeReRegistrationTimeoutHelp=Indica el máximo intervalo de tiempo para que los nodos del cluster registrados se vuelvan a registrar. Si el nodo del cluster no envía una petición de re-registro a Keycloak dentro de este intervalo, será desregistrado de Keycloak +logoutServicePostBindingURLHelp=URL de enlace SAML POST para la desconexión única del cliente. Puedes dejar esto en blanco si estás usando un enlace distinto. +registrationEmailAsUsername=Email como nombre de usuario +scopes=Los ámbitos que se enviarán cuando se solicite autorización. Puede ser una lista de ámbitos separados por espacios. El valor por defecto es ''openid''. +signDocumentsHelp=¿Debería el dominio firmar los documentos SAML? +requireSslHelp=¿Es HTTP obligatorio? ''ninguna'' significa que HTTPS no es obligatorio para ninguna direcicón IP de cliente, ''peticiones externas'' indica que localhost y las direcciones IP privadas pueden acceder sin HTTPS, ''todas las peticiones'' significa que HTTPS es obligatorio para todas las direcciones IP. +userInfoUrlHelp=La URL de información de usuario. Opcional. +includeAuthnStatementHelp=¿Debería incluirse una declaración especificando el método y la marca de tiempo en la respuesta de inicio de sesión? +client-authenticator-type=Cliente autenticador usado para autenticar este cliente contra el servidor Keycloak +kc.realm.name=Dominio +download=Descargar +protocol=Protocolo +tokenClaimName.label=Nombre de reclamo del token +host=Host +create=Crear +clientSecret=Secreto de Cliente +from=De +httpPostBindingAuthnRequest=HTTP-POST para AuthnRequest +includeInAccessToken.label=Añadir al token de acceso +adminURL=URL de administración +settings=Ajustes +failureFactorHelp=Indica cuantos fallos se permiten antes de que se dispare una espera. +minutes=Minutos +storeTokensHelp=Habilitar/deshabilitar si los tokens deben ser almacenados después de autenticar a los usuarios. +singleLogoutServiceUrlHelp=La URL que debe usarse para enviar peticiones de desconexión. +userSession.modelNote.tooltip=Nombre de la nota almacenada en la sesión de usuario dentro del mapa UserSessionModel.note +clientsClientTypeHelp=''OpenID connect'' permite a los clientes verificar la identidad del usuario final basado en la autenticación realizada por un servidor de autorización. ''SAML'' habilita la autenticación y autorización de escenarios basados en web incluyendo cross-domain y single sign-on (SSO) y utiliza tokens de seguridad que contienen afirmaciones para pasar información. +storeTokens=Almacenar tokens +includeInIdToken.label=Añadir al token de ID +webOriginsHelp=Orígenes CORS permitidos. Para permitir todos los orígenes de URIs de redirección válidas añade ''+''. Para permitir todos los orígenes añade ''*''. +emailThemeHelp=Selecciona el tema para los emails que son enviados por el servidor. +logoutUrl=URL de desconexión +canonicalization=Método de canonicalización +storedTokensReadable=Tokens almacenados legibles +SSOSessionMax=Tiempo máximo sesión SSO +minimumQuickLoginWaitSecondsHelp=Cuanto tiempo se debe esperar tras un fallo en un intento rápido de identificación +mappers=Asignadores +waitIncrementSeconds=Incremento de espera +usermodel.prop.label=Propiedad +name-id-format=Formato de NameID +addNode=Añadir Nodo +credentials=Credenciales +certificate=Certificado +importClient=Importar Cliente +selectRole.label=Selecciona rol +prompts.consent=consentimiento +enableSSL=Habilitar SSL +general=General +failureFactor=Número máximo de fallos de inicio de sesión +signAssertions=Firmar aserciones +adminTheme=Tema de consola de administración +alias=Alias +tokens=Tokens +encryptAssertionsHelp=¿Deberían cifrarse las afirmaciones SAML con la clave pública del cliente usando AES? +clientSecretHelp=El secreto del cliente registrado con el proveedor de identidad. +validateSignatures=Habilitar/deshabilitar la validación de firma en respuestas SAML. +on=Activado +descriptionHelp=Indica la descripción del cliente. Por ejemplo ''My Client for TimeSheets''. También soporta claves para valores localizados. Por ejemplo\: ${my_client_description} +logoutUrlHelp=Punto de cierre de sesión para usar en la desconexión de usuarios desde un proveedor de identidad (IDP) externo. +times.seconds=Segundos +clear=Limpiar +serviceAccount=Permitir autenticar este cliente contra Keycloak y recibir un token de acceso dedicado para este cliente. +assertionConsumerServiceRedirectBindingURL=Assertion Consumer Service Redirect Binding URL +loginThemeHelp=Selecciona el tema para las páginas de inicio de sesión, OTP, permisos, registro y recordatorio de contraseña. +signatureAlgorithm=El algoritmo de firma usado para firmar los documentos. +multivalued.label=Valores múltiples +accountTheme=Tema de cuenta +forceAuthentication=Forzar autenticación +clustering=Clustering +rememberMe=Seguir conectado +category=Categoría +usermodel.prop.tooltip=Nombre del método de propiedad en la interfaz UserModel. Por ejemplo, un valor de ''email'' referenciaría al método UserModel.getEmail(). +times.days=Días +user=Usuario +registeredClusterNodes=Registrar nodos de cluster +selectRole.tooltip=Introduce el rol en la caja de texto de la izquierda, o haz clic en este botón para navegar y buscar el rol que quieres. diff --git a/js/apps/admin-ui/maven-resources/theme-resources/messages/messages_fr.properties b/js/apps/admin-ui/maven-resources/theme-resources/messages/messages_fr.properties new file mode 100644 index 0000000000..f3dc7a6cb1 --- /dev/null +++ b/js/apps/admin-ui/maven-resources/theme-resources/messages/messages_fr.properties @@ -0,0 +1,96 @@ +duplicateEmails=Doublon courriel +bruteForceDetection=Détection des attaques par force brute +sslType.all=toutes les requêtes +themes=Thèmes +editUsernameHelp=Si actif, le champ du nom de l''utilisateur est modifiable. +seconds=Secondes +password=Mot de passe +waitIncrementSecondsHelp=Quand le seuil des erreurs est atteint, combien de temps l''utilisateur est-il bloqué ? +accountThemeHelp=Sélectionnez le thème pour la gestion des comptes. +events=Évènements +sessions=Sessions +quickLoginCheckMilliSeconds=Si une erreur apparait trop rapidement, bloquer le compte utilisateur. +enableStartTLS=Activer StartTLS +enableStartTls=Activer StartTLS +push=Appuyer +defaultLocale=Locale par défaut +htmlDisplayName=HTML Display name +rememberMeHelpText=Affiche une case à cocher sur la page de connexion pour permettre aux utilisateurs de rester connectés entre deux redémarrages de leur navigateur, jusqu''à expiration de la session. +sslType.external=les requêtes externes +securityDefences=Mesures de sécurité +realmSettings=Configurations du domaine +duplicateEmailsHelpText=Autorise plusieurs utilisateurs à avoir la même adresse de courriel. Changer cette configuration va vider le cache. Il est recommandé de mettre à jour manuellement les contraintes sur le courriel dans la base de données après la désactivation du support des doublons. +clients=Clients +accessTokenLifespanHelp=Durée maximale avant que le jeton d''accès n''expire. Cette valeur devrait être relativement plus petite que la durée d''inactivité (timeout) du SSO. +userRegistration=Enregistrement d''utilisateur +save=Sauver +enabled=Actif +revocation=Révocation +maxDeltaTimeSeconds=Durée de remise à zéro des erreurs +SSOSessionIdle=Sessions SSO inactives +loginActionTimeout=Durée d''inactivité des actions de connexions +endpoints=Endpoints +supportedLocales=Locales supportées +maxFailureWaitSecondsHelp=Durée maximale de blocage du compte utilisateur +clientLoginTimeoutHelp=Durée maximale qu''a un client pour finir le protocole du jeton d''accès. Devrait être de l''ordre de la minute (1 min). +titleSessions=Sessions +ssoSessionIdle=Temps d''inactivité autorisé avant expiration de la session. Les jetons et les sessions navigateurs sont invalidées quand la session expire. +xFrameOptions=X-Frame-Options +maxDeltaTimeSecondsHelp=Quand les erreurs sont-elles remises à zéro ? +contentSecurityPolicy=Content-Security-Policy +clientLoginTimeout=Durée d''inactivité de connexion (timeout) +userFederation=Regroupement Utilisateur +emailTheme=Thème pour le courriel +times.minutes=Minutes +registrationEmailAsUsername=Courriel comme nom d''utilisateur +requireSslHelp=Niveau d''exigence HTTPS \: ''aucun'' signifie que le HTTPS n''est requis pour aucune adresse IP cliente. ''les requêtes externes'' signifie que localhost et les adresses IP privées peuvent accéder sans HTTPS. ''toutes les requêtes'' signifie que le protocole HTTPS est obligatoire pour toutes les adresses IP. +notBefore=Pas avant +loginWithEmail=Authentification avec courriel +editUsername=Éditez le nom de l''utilisateur +titleEvents=Évènements +requireSsl=SSL requis +impersonate=Usurper l''identité +host=Hôte +from=De +add=Ajouter +failureFactorHelp=Nombre d''erreurs avant de déclencher le temps d''attente. +minutes=Minutes +userRegistrationHelpText=Activer/désactiver la page d''enregistrement. Un lien pour l''enregistrement sera visible sur la page de connexion. +minimumQuickLoginWaitSeconds=Durée minimale d''attente entre deux connexions +port=Port +adminThemeHelp=Sélectionnez le thème de la UI d''administration. +emailThemeHelp=Sélectionnez le thème pour les courriels envoyées par le serveur. +clientList=Clients +SSOSessionMax=Maximum de sessions SSO +minimumQuickLoginWaitSecondsHelp=Durée d''attente demandée après une erreur entre deux connexions. +waitIncrementSeconds=Temps d''attente +certificate=Certificat +title=Authentification +verifyEmail=Vérification du courriel +enableSSL=Activer SSL/TLS +general=Général +failureFactor=Nombre maximal d''erreurs de connexion +loginTheme=Thème de connexion +adminTheme=Thème de la UI d''administration +accessTokenLifespan=Durée de vie du jeton d''accès +loginWithEmailHelpText=Autorise l''utilisateur à s''authentifier avec son adresse de courriel. +loginTimeout=Durée d''inactivité de connexion +tokens=Jetons +setToNow=Mettre à maintenant +authentication=Authentification +times.seconds=Secondes +headers=En-têtes +hours=Heures +clear=Effacer +maxFailureWaitSeconds=Durée maximale d''attente +configure=Configurer +userName=Nom de l''utilisateur +loginThemeHelp=Sélectionnez le thème pour les pages de connexion, de mot de passe à usage unique basé sur le temps, des droits, de l''enregistrement, et du mot passe oublié. +manage=Gérer +ssoSessionMax=Durée maximale avant que la session n''expire. Les jetons et les sessions navigateurs sont invalidées quand la session expire. +accountTheme=Thème du compte +times.hours=Heures +rememberMe=Se souvenir de moi +titleAuthentication=Authentification +times.days=Jours +username=Nom de l''utilisateur diff --git a/js/apps/admin-ui/maven-resources/theme-resources/messages/messages_ja.properties b/js/apps/admin-ui/maven-resources/theme-resources/messages/messages_ja.properties new file mode 100644 index 0000000000..89b849ca2b --- /dev/null +++ b/js/apps/admin-ui/maven-resources/theme-resources/messages/messages_ja.properties @@ -0,0 +1,808 @@ +anyResource=任意のリソース +themes=テーマ +addClientScope=クライアント・スコープの追加 +clientType=「OpenID Connect」により、クライアントは認可サーバーによって実行される認証に基づいてエンドユーザーのアイデンティティーを検証できます。「SAML」は、クロスドメインのシングル・サインオン(SSO)を含むWebベースの認証および認可のシナリオを可能にし、アサーションを含むセキュリティー・トークンを使用して情報を渡します。 +clientSignature=クライアント署名が必須 +unanimous=Unanimous +policy-name=このポリシーの名前を設定します。 +clientHelp=認可リクエストを作成するクライアントを選択してください。提供されない場合は、認可リクエストは今いるページのクライアントで行われることになります。 +disabledFeatures=使用できない機能 +wantAssertionsSignedHelp=このサービス・プロバイダーが署名付きアサーションを要求するかどうかを設定します。 +signOut=サインアウト +validatorDialogColNames.colName=ロール名 +certificateHelp=クライアントで発行され、キーストアの秘密鍵で署名されたJWTを検証するためのクライアント証明書です。 +credentialType=タイプ +passLoginHint=login_hintを渡す +operationType=操作タイプ +httpPostBindingAuthnRequestHelp=HTTP-POSTバインディングを使用してAuthnRequestを送信するかどうかを設定します。オフの場合は、HTTP-REDIRECTバインディングが使用されます。 +userInitiatedActionLifespan=ユーザー起動アクションの有効期間 +decisionStrategy=決定戦略 +policyEnforcementMode=ポリシー施行モード +securityDefences=セキュリティー防御 +realmSettings=レルムの設定 +partialExport=部分エクスポート +displayName=アイデンティティー・プロバイダーの分かりやすい名前を設定します。 +applyToResourceTypeHelp=このパーミッションが、特定タイプの全リソースに適用されるべきかどうかを指定します。この場合、パーミッションは特定リソースタイプの全インスタンスに対して評価されます。 +envelopeFrom=Envelope From +clientDescriptionHelp=クライアントの説明を指定します。例えば「タイムシート用のクライアント」です。ローカライズ用のキーもサポートしています。例\: ${my_client_description} +effectiveRoleScopeMappings=有効なロールスコープ・マッピング +clientAuthenticator=クライアント認証 +updateFirstLoginHelp=初回ログイン時のプロファイル更新の有効/無効を設定します。 +clientSessionMax=クライアント・セッション最大 +usermodel.clientRoleMapping.clientId.label=クライアントID +clientId=クライアントID +contextualAttributesHelp=実行環境や実行コンテキストによって提供される任意の属性を設定します。 +clientLoginTimeoutHelp=クライアントがアクセストークン・プロトコルを終了するまでの最大時間。これは通常1分です。 +lastAccess=最終アクセス +clientAuthentications.private_key_jwt=秘密鍵で署名されたJWT +uiDisplayName=コンソール表示名 +adminEventsSettings=管理イベントの設定 +times.minutes=分 +disableUserInfo=UserInfoの無効 +addressClaim.postal_code.label=郵便番号のユーザー属性名 +forcePostBinding=POSTバインディングを強制 +defaultRoles=デフォルトロール +clientScopeTypes.default=DEFAULT +addressClaim.country.tooltip=「address」トークンクレーム内の「country」サブクレームにマップするために使用されるユーザー属性の名前。デフォルトは「country」です。 +uuidLdapAttribute=UUID LDAP属性 +topLevelFlowType=どの種類のトップレベル・フローを作成するか設定します。「client」タイプは、クライアント(アプリケーション)の認証で使用します。「generic」はユーザーと他のすべてで使用します。 +scopeNameHelp=クライアント・スコープの名前。レルム内でユニークでなければなりません。スコープ・パラメーターの値として使用されるため、名前には空白文字を含めないでください +requiredUserActions=必要なユーザー・アクション +flowTypeHelp=どの種類のフォームかを設定します。 +allowRemoteResourceManagement=リモートリソース管理 +identityProvider=アイデンティティー・プロバイダー +identityProviderLinks=アイデンティティー・プロバイダーのリンク +leave=外す +eventTypes.IMPERSONATE.name=代理ログイン +export=エクスポート +assertionLifespan=アサーションの有効期限 +addressClaim.formatted.label=整形された住所のユーザー属性名 +add=追加 +passwordPolicy=パスワード・ポリシー +openIDEndpointConfiguration=OpenIDエンドポイントの設定 +backchannelLogout=バックチャンネル・ログアウト +addressClaim.street.label=その他住所のユーザー属性名 +prompts.login=login +users=ユーザー +offlineSessionIdleHelp=セッションの有効期限が切れるまでのオフライン時間です。この期限内に少なくとも1回はオフライン・トークンを使用してリフレッシュしないと、オフライン・セッションは有効期限切れとなります。 +wantAssertionsEncrypted=アサーションの暗号化が必要 +forceNameIdFormatHelp=要求されたNameIDサブジェクト・フォーマットを無視し、管理コンソールで設定された物を使用します。 +uris=URI +port=ポート +realmRolePrefix=レルムロールのプレフィックス +jwksUrlHelp=JWK形式のクライアント鍵が格納されているURLを設定します。詳細はJWKの仕様を参照してください。「jwt」クレデンシャルを持つKeycloakクライアント・アダプターを使用している場合は、アプリケーションに「/k_jwks」という接尾辞を付けたURLを使用することができます。例えば、「http\://www.myhost.com/myapp/k_jwks」です。 +includeRepresentation=Representationを含める +singleLogoutServiceUrl=シングル・ログアウト・サービスのURL +roles=ロール +policyCode=このポリシーに対する条件を提供するJavaScriptコード。 +representation=Representation +remove=削除 +scopePermissions.users.manage-group-membership-description=管理者がレルム内のすべてのユーザーのグループ・メンバーシップを管理できるかどうかを決定するポリシー。これは、特定のグループポリシーと組み合わせて使用??されます +loginTheme=ログインテーマ +provider=プロバイダー +flows=フロー +scope=スコープ +includeRepresentationHelp=作成または更新リクエストのJSON Representationを含めるかどうかを設定します。 +signAssertionsHelp=SAMLドキュメント内のアサーションを署名すべきか設定します。もしドキュメントが既に署名済みの場合は、この設定は不要です。 +validateSignature=署名検証 +headers=ヘッダー +effectiveProtocolMappersHelp=すべてのデフォルトのクライアント・スコープと選択されたオプションのスコープが含まれます。クライアントに発行されたアクセストークンを生成するときに、すべてのクライアント・スコープのすべてのプロトコル・マッパーとロールスコープのマッピングが使用されます +fromDisplayNameHelp=差出人のアドレスのユーザー・フレンドリーな名前です(オプション)。 +userObjectClasses=ユーザー・オブジェクト・クラス +policyRoles=このポリシーで許可されるクライアント・ロールを指定してください。 +accountLinkingOnlyHelp=オンの場合、ユーザーはこのプロバイダーからログインできません。このプロバイダーにリンクすることのみできます。これは、プロバイダーからのログインを許可したくないが、プロバイダーと統合したい場合に便利です +refreshTokenMaxReuseHelp=リフレッシュ・トークンを再利用できる最大回数。別のトークンが使用された場合、即時に無効化されます。 +times.hours=時 +webOrigins=Webオリジン +webAuthnPolicyAuthenticatorAttachmentHelp=受け入れ可能なアタッチメント・パターンでオーセンティケーターと通信します。 +username=ユーザー名 +importConfig=ダウンロードしたIDPディスカバリー・ディスクリプターよりメタデータをインポートします。 +replyToDisplayNameHelp=返信先のアドレスのユーザー・フレンドリーな名前です(オプション)。 +lifespan=有効期限 +storedTokensReadableHelp=新しいユーザーが格納されたトークンを読み取り可能かどうかの有効/無効設定です。broker.read-tokenロールをアサインします。 +webAuthnPolicyRpIdHelp=これは、WebAuthnリライング・パーティーとしてのIDです。オリジンの有効なドメインでなければなりません。 +authenticationFlowTypeHelp=どの種類のフォームかを設定します。 +editUsernameHelp=有効の場合はユーザー名フィールドが編集可能になり、そうでない場合は読み取り専用になります。 +consoleDisplayConnectionUrlHelp=LDAPサーバーへの接続URL +clientAssertionSigningAlg=クライアントアサーション署名アルゴリズム +fullScopeAllowedHelp=全ての制限の無効を許可します。 +applyPolicy=ポリシーの適用 +otpType=OTPタイプ +directGrantHelp=ダイレクト・グラント認証で使用したいフローを選択してください。 +algorithm=アルゴリズム +jsonType.tooltip=トークンへのJSONクレームの追加で使用されるJSONタイプを設定します。long、int、boolean、String、JSONが有効な値です。 +enableStartTLS=StartTLSの有効 +syncModeOverride=同期モードのオーバーライド +includeInTokenScope=トークンスコープに含める +eventType=イベントタイプ +accountLinkingOnly=アカウントのリンクのみ +sectorIdentifierUri.label=セクター識別子URI +usermodel.attr.label=ユーザー属性 +eventTypes.REGISTER.name=登録 +rememberMeHelpText=セッションの有効期限が切れるまではブラウザーの再起動でもログイン状態を保存するチェックボックスをログインページに表示します。 +webAuthnPolicyUserVerificationRequirementHelp=ユーザーを実際に検証することを確認するためにオーセンティケーターと通信します。 +idTokenSignatureAlgorithm=IDトークン署名アルゴリズム +syncModes.import=インポート +ssoServiceUrl=シングル・サインオン・サービスのURL +allowRemoteResourceManagementHelp=リソースは、リソースサーバーによりリモートで管理すべきかどうかを設定します。オフの場合は、リソースはこの管理コンソールだけで管理されます。 +changedUsersSyncPeriod=変更ユーザーの同期周期 +webAuthnPolicyAuthenticatorAttachment=オーセンティケーター・アタッチメント +userRegistration=ユーザー登録 +save=保存 +login=login +changedUsersSyncHelp=変更または新規作成されたLDAPユーザーの同期周期を秒で設定します。 +trustEmailHelp=有効とした場合は、このレルムでEメールの確認が有効となっている場合でも、このプロバイダーが提供するEメールは確認されなくなります。 +credentialUserLabel=ユーザーラベル +adminURLHelp=クライアントの管理インターフェイスのURLを設定します。クライアントがアダプターのREST APIをサポートしている場合に設定してください。このREST APIにより、認証サーバーは無効化ポリシーや他の管理タスクをプッシュすることができます。通常、クライアントのベースURLを設定します。 +otpPolicyPeriodHelp=OTPトークンが有効な秒数を設定します。デフォルトは30秒です。 +storePasswordHelp=アーカイブ自身にアクセスするためのパスワード +userFederation=ユーザー・フェデレーション +directAccess=ダイレクト・アクセス・グラントのサポートを有効にします。これは、アクセストークンの取得のためにKeycloakサーバーとユーザーのユーザー名/パスワードで直接アクセスを行います。OAuth2の仕様における「リソース・オーナー・パスワード・クレデンシャル・グラント」のサポートを有効にします。 +disable=無効 +attributes=属性 +logic=ロジック +resourceType=リソースタイプ +minuteHelp=ポリシーが許可される分を定義します。2番目のフィールドに値を入力して範囲を指定することもできます。この場合、現在の分が指定した2つの値の間にあるか、等しい場合のみ許可されます。 +scopeName=このスコープのユニークな名前を設定します。名前はスコープの一意な識別に使用され、特定のスコープを照会する際に使用することができます。 +userInfoUrlHelp=UserInfoのURLを設定します。これはオプションです。 +kc.realm.name=レルム +impersonate=代理ログイン +members=メンバー +scopePermissions.clients.token-exchange-description=このクライアントを対象とするトークンのトークン交換を許可するクライアントを決定するポリシー。 +registration-access-token=登録用アクセストークンにより、クライアントはクライアント登録サービスにアクセスできます。 +adminURL=管理URL +settings=設定 +webAuthnPolicyUserVerificationRequirement=ユーザー検証要件 +failureFactorHelp=検出するまでの失敗回数です。 +webAuthnPolicyCreateTimeout=タイムアウト +storeTokensHelp=ユーザー認証後のトークン格納の有効/無効を設定します。 +singleLogoutServiceUrlHelp=ログアウト・リクエストの送信に使用するURLを設定します。 +useTruststoreSpi=トラストストアSPIを使用 +usermodel.clientRoleMapping.rolePrefix.tooltip=各クライアント・ロールのプレフィックスを設定します(オプション)。 +storeTokens=トークンの格納 +userHelp=必要に応じて、サンプルのアクセストークンを生成するユーザーを選択します。ユーザーを選択しないと、評価中にサンプルのアクセストークンは生成されません +Sunday=日 +emailVerifiedHelp=ユーザーのEメールが確認済みかどうかを設定します。 +addExecution=エグゼキューションを追加 +editMode=編集モード +passwordHelp=SMTPパスワード。このフィールドは、ボールトから値を取得できます。${vault.ID}形式を使用します。 +groupMembership=グループ・メンバーシップ +fullSyncPeriod=フル同期の周期 +addNode=ノードを追加 +jwksUrl=JWKS URL +policy-description=このポリシーの説明を設定します。 +policies=ポリシー +parentClientScope=親クライアント・スコープ +importClient=クライアントのインポート +allTypes=すべてのタイプ +ldapFilter=LDAPフィルター +webAuthnPolicyRpEntityNameHelp=WebAuthnリライング・パーティーとしての人間が読み取れるサーバー名 +postBrokerLoginFlowAlias=ログイン後のフロー +tokens=トークン +refreshTokenMaxReuse=リフレッシュ・トークンの最大再利用回数 +encryptAssertionsHelp=SAMLアサーションをクライアントの公開鍵でAESを使い暗号化すべきか設定します。 +clientScopes=クライアント・スコープ +httpPostBindingLogout=HTTP-POSTバインディング・ログアウト +requirement=必要条件 +permissionDescription=このパーミッションの説明を設定します。 +multivalued.label=マルチバリュー +minute=分 +useJwksUrl=JWKS URLの使用 +wantAssertionsSigned=アサーションの署名が必要 +algorithmNotSpecified=アルゴリズムの指定なし +scopeParameter=スコープ・パラメーター +rememberMe=ログイン状態の保存 +flow.registration=登録フロー +webAuthnPolicyAcceptableAaguids=許容可能なAAGUID +registeredClusterNodes=登録済みクラスターノード +storePassword=ストアのパスワード +logoutServiceRedirectBindingURLHelp=シングル・ログアウト・サービスのSAMLRedirectバインディングURLを設定します。異なるBindingを使用している場合は空でよいです。 +defaultGroups=デフォルト・グループ +flow.browser=ブラウザーフロー +scopePermissions.clients.map-roles-client-scope-description=管理者がこのクライアントによって定義されたロールを別のクライアントのクライアント・スコープに適用できるかどうかを決定するポリシー +addressClaim.street.tooltip=「address」トークンクレーム内の「street_address」サブクレームにマップするために使用されるユーザー属性の名前。デフォルトは「street」です。 +includeInIdToken.tooltip=クレームをIDトークンに追加すべきかどうかを設定します。 +password=パスワード +httpPostBindingResponseHelp=HTTP-POSTバインディングを使用してリクエストに応答するかどうかを設定します。オフの場合は、HTTP-REDIRECTバインディングが使用されます。 +allowPasswordAuthentication=パスワード認証を許可 +pairwiseSubAlgorithmSalt.tooltip=ペアワイズ対象識別子を計算する際に使用するソルトを設定します。空白のままにするとソルトは生成されます。 +clientAuthorization=認可 +waitIncrementSecondsHelp=失敗回数が閾値に達した場合、どれくらいの時間ユーザーはロックアウトされるか設定します。 +allowKerberosAuthentication=Kerberos認証を許可 +addressClaim.formatted.tooltip=「address」トークンクレーム内の「formatted」サブクレームにマップするために使用されるユーザー属性の名前。デフォルトは「formatted」です。 +allowedClockSkew=許容されるクロックスキュー +events=イベント +createPermission=パーミッションを作成 +mapperType=マッパータイプ +credentialResetConfirm=Eメールを送信 +permissionsEnabledHelp=このロールを管理するために、きめ細かいパーミッションを有効にするかどうかを決定します。無効にすると、設定されている現在のパーミッションがすべて削除されます。 +consentScreenTextHelp=このクライアント・スコープが同意が必要なクライアントに追加された場合に、同意画面に表示されるテキスト。指定しない場合は、デフォルトでクライアント・スコープの名前になります +kerberosRealm=Kerberosレルム +flow.direct\ grant=ダイレクト・グラント・フロー +typeHelp=作成された各クライアントにデフォルト・スコープとして追加されるクライアント・スコープ +htmlDisplayName=HTML表示名 +authorizationUrl=認可URL +contextualAttributes=コンテキスト属性 +replyTo=返信先 +providerDescription=プロバイダーの説明 +scopePermissions.clients.view-description=管理者がこのクライアントを表示できるかどうかを決定するポリシー +idpInitiatedSsoRelayStateHelp=IDP Initiated SSOを行う際のSAMLリクエストで送信したいRelayStateを設定します。 +otpHashAlgorithmHelp=OTPを生成するのにどのハッシュ・アルゴリズムを使用するか設定します。 +usermodel.clientRoleMapping.clientId.tooltip=ロールマッピング用のクライアントID。このクライアントのクライアント・ロールだけがトークンに追加されます。これが設定されていない場合は、すべてのクライアントのクライアント・ロールがトークンに追加されます。 +default=DEFAULT +passCurrentLocaleHelp=現在のロケールをui_localesパラメーターとしてアイデンティティー・プロバイダーに渡します。 +scopePermissions.clients.manage-description=管理者がこのクライアントを管理できるかどうかを決定するポリシー +vendor=ベンダー +webAuthnPolicyRequireResidentKeyHelp=これは、オーセンティケーターに公開鍵クレデンシャルを常駐鍵として作成するかどうかを指示します。 +logoutServiceRedirectBindingURL=ログアウト・サービスのRedirectバインディングURL +dayMonth=ポリシーが許可される日を定義します。2番目のフィールドに値を入力して範囲を指定することもできます。この場合、現在の日が指定した2つの値の間にあるか、等しい場合のみ許可されます。 +disabled=無効 +idpInitiatedSsoRelayState=IDP Initiated SSOのRelayState +validatingX509Certs=検証用のX509証明書 +guiOrder=GUI(同意ページのような)でのプロバイダーの順序を整数で指定します。 +userInfoUrl=UserInfo URL +displayOnConsentScreen=同意画面で表示する +principalAttributeHelp=外部ユーザーを識別するために使用される属性の名前またはフレンドリー名。 +nameIdPolicyFormat=Name IDポリシー・フォーマット +idpInitiatedSsoUrlName=IDP Initiated SSOを行う際にクライアントを参照するためのURLフラグメント名を設定します。空にするとIDP Initiated SSOは無効になります。ブラウザーから参照するURLは「{server-root}/realms/{realm}/protocol/saml/clients/{client-url-name}」になります。 +xFrameOptions=X-Frame-Options +scopeDescriptionHelp=クライアント・スコープの説明 +directGrant=ダイレクト・グラント・フロー +consensus=Consensus +nameIdFormatHelp=サブジェクトに使用するName IDフォーマットを設定します。 +ssoSessionIdleRememberMe=リメンバーミー・セッションの有効期限が切れるまでのアイドル時間です。セッションが期限切れになると、トークンおよびブラウザー・セッションは無効になります。設定されていない場合は、標準のSSOセッション・アイドル値が使用されます。 +adminEvents=管理イベント +SSOSessionIdleRememberMe=SSOセッション・アイドル・リメンバーミー +urisHelp=リソースによって保護されているURIのセット。 +serverPrincipal=サーバー・プリンシパル +signDocuments=ドキュメントを署名する +tokenUrl=トークンURL +webauthnPolicy=WebAuthnポリシー +grantedClientScopes=付与されたクライアント・スコープ +evictionHour=エビクションの時 +effectiveProtocolMappers=有効なプロトコル・マッパー +notBefore=この日時より前 +syncModes.legacy=レガシー +ldapMappersList=LDAPマッパー +titleEvents=イベント +addIdpMapperName=マッパーの名前です。 +continue=続ける +acceptsPromptNoneHelp=これは、アイデンティティー・プロバイダー・オーセンティケーターとともに使用されるか、またはkc_idp_hintがこのアイデンティティー・プロバイダーを指す場合に使用されます。クライアントがprompt\=noneでリクエストを送信し、ユーザーがまだ認証されていない場合、エラーは直接クライアントに返されませんが、prompt\=noneのリクエストはこのアイデンティティー・プロバイダーに転送されます。 +included.client.audience.label=含まれるクライアント・オーディエンス +selectScope=スコープを選択 +generateNewKeys=新しい鍵を生成 +offlineSessionIdle=オフライン・セッション・アイドル +revokeRefreshToken=リフレッシュ・トークンの無効化 +resourceName=このリソースの一意な名前。この名前は、リソースを一意に識別するために使用でき、特定のリソースを照会するときに便利です。 +minimumQuickLoginWaitSeconds=クイックログイン失敗時の最小待機時間 +operationTypes=操作タイプ +expireTime=ポリシーを許可しない日時を定義します。現在日時がこの値より前か、等しい場合にのみ許可されます。 +adminThemeHelp=管理コンソールのテーマを選択します。 +name=クライアント・スコープの名前。レルム内でユニークでなければなりません。スコープ・パラメーターの値として使用されるため、名前には空白文字を含めないでください +clientList=クライアント +userSession.modelNote.label=ユーザー・セッション・ノート +next=次へ +pagination=ページネーション +import=リソースサーバーの認可設定を含むJSONファイルをインポートします。 +otpHashAlgorithm=OTPハッシュ・アルゴリズム +mapper.nameid.format.tooltip=マッパーを適用するName IDフォーマット +hideOnLoginPageHelp=非表示の場合、明示的に要求されていれば(例えば、「kc_idp_hint」パラメーターを使用していれば)、このプロバイダーによるログインが可能です。 +description=説明 +eventListenersHelpText=どのリスナーがレルムのイベントを受け取るか設定します。 +addressClaim.postal_code.tooltip=「address」トークンクレーム内の「postal_code」サブクレームにマップするために使用されるユーザー属性の名前。デフォルトは「postal_code」です。 +providerId=ID +Tuesday=火 +loginTimeout=ログイン・タイムアウト +idTokenEncryptionContentEncryptionAlgorithm=IDトークン暗号化コンテンツの暗号化アルゴリズム +fineGrainSamlEndpointConfig=SAMLエンドポイントの詳細設定 +hours=時 +maxFailureWaitSeconds=最大待機時間 +configure=設定 +manage=管理 +alwaysDisplayInUI=常にコンソールに表示 +kerberosIntegration=Kerberosと統合 +protocolMapper=プロトコルです。 +requiredSettings=必要な設定 +time=日時 +scopePermissions.users.view-description=管理者がレルム内のすべてのユーザーを表示できるかどうかを決定するポリシー +idTokenSignatureAlgorithmHelp=IDトークンの署名に使用されるJWAアルゴリズム。 +sslType.all=全てのリクエスト +excludeSessionStateFromAuthenticationResponse=認証レスポンスからセッション状態を除外 +httpPostBindingResponse=HTTP-POSTバインディング・レスポンス +saveEvents=イベントの保存 +issuer=発行者(Issuer) +policyEnforcementModeHelp=ポリシー施行モードは、認可リクエストを評価する際に適用される方法を決定します。「Enforcing」は、与えられたリソースに関連するポリシーが存在しない場合でも、リクエストはデフォルトで拒否されることを意味します。「Permissive」は、与えられたリソースに関連するポリシーが存在しない場合でも、リクエストは許可されることを意味します。「Disabled」は、完全にポリシーの評価を無効にし、任意のリソースへのアクセスを許可します。 +lastUpdated=最終更新日 +credentialResetBtn=クレデンシャルのリセット +selectAUser=ユーザーを選択 +eventTypes.RESET_PASSWORD.name=パスワードをリセット +oAuthMutual=OAuth 2.0相互TLS証明書バインド・アクセストークンが有効 +keystore=キーストア +canonicalizationHelp=XML署名の正規化方式(Canonicalization Method)を設定します。 +sessions=セッション +fullSyncPeriodHelp=フル同期の周期を秒で設定します。 +priority=優先度 +trustEmail=Eメールを信頼 +jsonType.label=クレームJSONタイプ +fullScopeAllowed=フルスコープを許可 +syncModes.inherit=継承 +masterSamlProcessingUrlHelp=設定された場合は、このURLがSPのアサーション・コンシューマーおよびシングル・ログアウト・サービスの両方のBindingに使われます。これは、SAMLエンドポイントの詳細設定にある各Bindingやサービスの設定にて個別に上書きすることができます。 +claimJsonType=トークンへのJSONクレームの追加で使用されるJSONタイプを設定します。long、int、boolean、String、JSONが有効な値です。 +sslType.external=外部リクエスト +multiValued=属性がマルチバリューをサポートしているかどうかを示します。サポートしている場合は、この属性のすべての値リストがクレームとして設定されます。サポートしていない場合は、最初の値だけがクレームとして設定されます。 +webAuthnPolicyAttestationConveyancePreferenceHelp=認証ステートメントを生成する方法の優先権をオーセンティケーターに通知します。 +duplicateEmailsHelpText=複数のユーザーが同じEメールアドレスを持つことを許可します。この設定を変更すると、ユーザーのキャッシュもクリアされます。重複するEメールアドレスのサポートを無効にした後で、データベース内の既存ユーザーのEメールの制約を手動で更新することをお勧めします。 +usermodel.realmRoleMapping.rolePrefix.label=レルムロールのプレフィックス +temporaryPasswordHelpText=有効の場合は、ユーザーは次のログイン時にパスワードの変更が必要となります。 +connectionPooling=接続プーリング +wantAuthnRequestsSignedHelp=アイデンティティー・プロバイダーが署名付きAuthnRequestを要求するかどうかを設定します。 +enabled=有効 +forgotPassword=パスワード忘れ +idTokenEncryptionKeyManagementAlgorithmHelp=IDトークンの暗号化鍵の管理に使用されるJWAアルゴリズム。このオプションは、暗号化されたIDトークンが必要な場合に必須です。空のままにすると、IDトークンは署名されますが、暗号化されません。 +keyPassword=鍵のパスワード +scopePermissions.clients.map-roles-composite-description=管理者がこのクライアントによって定義されたロールをコンポジットとして別のロールに適用できるかどうかを決定するポリシー +startTime=ポリシーを許可しない日時を定義します。現在日時がこの値より後か、等しい場合にのみ許可されます。 +logicHelp=ロジックは、ポリシーの判定方法を決定します。「Positive」の場合は、このポリシーの評価中に得られた結果(許可または拒否)が判定の実行に使用されます。「Negative」の場合は、結果は反転されます。つまり、許可は拒否になり、拒否は許可になります。 +clientNameHelp=クライアントの表示名を指定します。例えば、「My Client」です。ローカライズ用のキーもサポートしています。例\: ${my_client} +createPolicy=ポリシーを作成 +clearAdminEvents=管理イベントのクリア +rootUrl=ルートURL +clientLoginTimeout=クライアントのログイン・タイムアウト +webAuthnPolicyExtraOrigins=エクストラオリジンズ +alwaysDisplayInUIHelp=ユーザーのアクティブなセッションがない場合でも、このクライアントを常にアカウント・コンソールに一覧表示します。 +readTimeout=読み取りタイムアウト +samlSignatureKeyName=SAML署名鍵名 +accessTokenSignatureAlgorithm=アクセストークン署名アルゴリズム +logicType.negative=Negative +otpPolicy=OTPポリシー +flow-type.form-flow=form +signDocumentsHelp=SAMLドキュメントをレルムで署名すべきか設定します。 +resetPassword=パスワードをリセット +requireSslHelp=HTTPSが必須かどうか。「なし」は、HTTPSがどのIPアドレスのクライアントにも要求されないことを意味します。「外部リクエスト」は、ローカルホストとプライベートIPアドレスのクライアントがHTTPSなしでアクセスできることを意味します。「すべてのリクエスト」は、HTTPSがすべてのIPアドレスのクライアントに要求されることを意味します。 +addUser=ユーザーの追加 +includeAuthnStatementHelp=認証方式とタイムスタンプを含めたステートメントをログイン・レスポンスに含めるべきか設定します。 +protocol=プロトコル +manageAccount=アカウントの管理 +clientSecret=クライアント・シークレット +httpPostBindingAuthnRequest=AuthnRequestのHTTP-POSTバインディング +includeInAccessToken.label=アクセストークンに追加 +iconUri=アイコンURI +usersInRole=ロールのユーザー +groupsClaimHelp=定義されている場合、ポリシーは、パーミッションを要求するアイデンティティーを表すアクセストークンまたはIDトークン内の特定のクレームから、ユーザーのグループを取得します。定義されていない場合、ユーザーのグループはレルム設定から取得されます。 +createGroup=グループの作成 +clientAuthentications.client_secret_jwt=JWTでクライアント・シークレット +created=作成日 +minutes=分 +usersDN=ユーザーDN +selectUser=サーバーからパーミッションを検索するためにIDが使用されるユーザーを選択します。 +included.custom.audience.label=含まれるカスタム・オーディエンス +requestObjectSignatureAlgorithm=リクエスト・オブジェクトの署名アルゴリズム +tokenLifespan.expires=有効期限 +mappers=マッパー +waitIncrementSeconds=連続失敗時の待機時間 +name-id-format=Name IDフォーマット +credentials=クレデンシャル +webAuthnPolicyCreateTimeoutHelp=ユーザーの公開鍵クレデンシャルの作成に対するタイムアウト値(秒単位)。0に設定すると、このタイムアウト・オプションは適応されません。 +policyType.hotp=カウンターベース +enableSSL=SSLの有効 +general=一般 +failureFactor=最大ログイン失敗回数 +usermodel.clientRoleMapping.tokenClaimName.tooltip=トークン内に挿入するクレームの名前を設定します。「address.street」のように完全修飾名で設定します。この場合、ネストされたJSONオブジェクトが作成されます。ネスティングを防ぎ、ドットを文字通りに使用するには、ドットをバックスラッシュ(\\.)でエスケープします。特別なトークン${client_id}を使うことができ、これは実際のクライアントIDに置き換えられます。使用例は「resource_access.${client_id}.roles」です。これは、すべてのクライアントからロールを追加する場合(特に「Client ID」スイッチが設定されていない場合)や、各クライアントのクライアント・ロールを別々の場所に保存する場合に、特に便利です。 +signAssertions=アサーションを署名する +scopePermissions.clients.map-roles-description=管理者がこのクライアントによって定義されたロールをマップできるかどうかを決定するポリシー +disableUserInfoHelp=追加のユーザー情報を取得するUserInfoサービスの使用を無効にするかどうかを設定します。デフォルトではこのOIDCサービスを使用します。 +adminTheme=管理コンソールテーマ +alias=エイリアス +validateSignatures=SAMLレスポンスの署名検証の有効/無効を設定します。 +authentication=認証 +descriptionHelp=クライアント・スコープの説明 +logoutUrlHelp=外部IDPからユーザーのログアウトに使用するセッション終了エンドポイントを設定します。 +permissionType=このパーミッションが適用されるリソースタイプを指定します。 +policyEnforcementModes.ENFORCING=実施 +permanentLockout=永久ロックアウト +debug=デバッグ +webAuthnPolicyRequireResidentKey=常駐鍵が必要 +clear=クリア +signatureAlgorithm=ドキュメントの署名に使用する署名アルゴリズムです。 +eventTypes.LOGOUT.name=ログアウト +groupsClaim=グループクレーム +requiredActions=必須アクション +authenticationOverridesHelp=レルム認証フロー・バインディングをオーバーライドします。 +policyDecisionStagey=決定戦略は、ポリシーの評価方法と最終的な判定方法を決定します。「Affirmative」は、最終判定がpositiveとなるためには、少なくとも1つのポリシーがpositiveと評価する必要がある、ということを意味します。「Unanimous」は、全体の判定がpositiveとなるためには、すべてのポリシーがpositiveと評価する必要がある、ということを意味します。「Consensus」は、positiveの数がnegativeの数より多くなければならないことを意味します。positiveとnegativeの数が同じ場合は、最終的な判定はnegativeになります。 +resetActions=リセット・アクション +batchSize=バッチサイズ +usermodel.prop.tooltip=UserModelインターフェイスのプロパティー・メソッドの名前です。例えば、「email」の値はUserModel.getEmail()メソッドを参照しています。 +user=ユーザー +otpTypeHelp=「totp」はタイムベースのワンタイム・パスワードです。「hotp」は、サーバーでハッシュに対してカウンターを保持するカウンターベースのワンタイム・パスワードです。 +duplicateEmails=メールの重複 +keyForCodeExchange=Proof Key for Code Exchangeのコードチャレンジ方式 +endpointsHelp=プロトコル・エンドポイントの設定を表示します。 +useKerberosForPasswordAuthentication=パスワード認証にKerberosを使用 +xXSSProtection=X-XSS-Protection +debugHelp=Krb5LoginModuleの標準出力へのデバッグロギングの有効/無効を設定します。 +validatorColNames.colConfig=設定 +nodeHost=ノードホスト +quickLoginCheckMilliSeconds=クイックログイン失敗があまりにも頻繁に発生した場合は、ユーザーをロックアウトします。 +unspecified=未定義 +profile=プロファイル +active=アクティブ +forcePostBindingHelp=レスポンスに常にPOSTバインディングを使用します。 +roleName=ロール名 +addOrigins=オリジンを追加 +requiredUserActionsHelp=ユーザーがログインするときに必要なアクションです。「Verify email」は、Eメールアドレスを確認するためのEメールをユーザーに送信します。「Update profile」は、新しい個人情報を入力する必要があります。「Update password」は、ユーザーが新しいパスワードを入力する必要があります。「Configure OTP」は、モバイル・パスワード・ジェネレーターの設定が必要です。 +requestObjectSignatureAlgorithmHelp=クライアントが「request」または「request_uri」パラメーターで指定されたOIDCリクエスト・オブジェクトを送信する際に使用する必要がある、JWAアルゴリズムを設定します。「any」に設定した場合は、リクエスト・オブジェクトは任意のアルゴリズム(「none」を含む)で署名されます。 +deleteEvents=イベントのクリア +includeOneTimeUseConditionHelp=OneTimeUse条件をログイン・レスポンスに含めるべきか設定します。 +accessTokenLifespanHelp=アクセストークンが有効期限切れとなる最大時間です。この値はSSOタイムアウトと比べて短くすることをお勧めします。 +redirectURIHelp=アイデンティティー・プロバイダーの設定で使用するリダイレクトURIです。 +resourcePath=リソースパス +permissionsEnabled=パーミッションが有効 +attestationPreference.none=none +useJwksUrlHelp=有効とした場合は、アイデンティティー・プロバイダーの公開鍵が指定されたJWKS URLからダウンロードされます。アイデンティティー・プロバイダーが新しい鍵ペアを生成する際に、新しい鍵が常に再ダウンロードされるため、柔軟性が大幅に向上します。無効とした場合は、Keycloak DBの公開鍵(または証明書)が使用されるため、アイデンティティー・プロバイダーの鍵ペアが変更された際には、常にKeycloak DBに新しい鍵をインポートする必要があります。 +pairwiseSubAlgorithmSalt.label=ソルト +revocation=無効化 +scopeTypeHelp=作成された各クライアントにデフォルト・スコープとして追加されるクライアント・スコープ +useEntityDescriptor=リモートIDPのSAMLエンティティー・ディスクリプターからメタデータをインポートします。 +loginActionTimeout=ログイン・アクション・タイムアウト +cacheSettings=キャッシュ設定 +validRedirectURIs=ログインまたはログインの成功後にブラウザーがリダイレクト可能とする、有効なURIパターンを設定します。「http\://example.com/*」のような単純なワイルドカードが使用可能です。相対パス、つまり「/my/relative/path/*」も指定可能です。相対パスはクライアントのルートURLを基準とします。または、未指定の場合は認証サーバーのルートURLが使用されます。SAMLでは、ログイン・リクエストに埋め込まれたコンシューマー・サービスのURLに依存している場合は、有効なURIパターンを設定する必要があります。 +removeImported=インポートを削除 +assertionConsumerServicePostBindingURL=アサーション・コンシューマー・サービスのPOSTバインディングURL +endpoints=エンドポイント +validatingX509CertsHelp=署名の確認に使用するPEM形式の証明書を設定します。 +importFile=ファイルをインポート +protocolHelp=このクライアント・スコープによって提供されているSSOプロトコル設定がどれか +accessTokenSignatureAlgorithmHelp=アクセストークンの署名に使用されるJWAアルゴリズム。 +requestObjectRequired=リクエスト・オブジェクトが必要 +prompts.none=none +resourcesHelp=このパーミッションが適用されるリソース・インスタンスを指定します。 +passwordConfirmation=新しいパスワード(確認) +emailVerified=Eメールが確認済み +aggregate.attrs.tooltip=属性値をグループ属性と集約する必要があるかどうかを示します。OpenID Connectマッパーを使用している場合は、すべての値を取得するためにマルチバリューのオプションも有効にする必要があります。重複した値は破棄され、値の順序はこのオプションでは保証されません。 +Thursday=木 +requestObjectRequiredHelp=クライアントが認可リクエストとともにリクエスト・オブジェクトを提供する必要があるかどうか、およびそのためにどの方法を使用できるかを指定します。「not required」に設定されている場合、リクエスト・オブジェクトの提供はオプションです。それ以外のケースでは、リクエスト・オブジェクトを提供する必要があります。「request」に設定されている場合、リクエスト・オブジェクトは値で提供される必要があります。「request_uri」に設定されている場合、リクエスト・オブジェクトは参照によって提供される必要があります。「requestまたはrequest_uri」に設定されている場合、いずれの方法も使用できます。 +discoveryEndpoint=リモートIDPディスカバリー・ディスクリプターよりメタデータをインポートします。 +countHelp=このトークンを利用してクライアントをいくつ作成可能か指定します。 +otpPolicyPeriod=OTPトークンの期間 +Monday=月 +frontendUrlHelp=レルムのフロントエンドURLを設定します。デフォルトのホスト名プロバイダーと組み合わせて使用し、特定のレルムのフロントエンド・リクエストのベースURLをオーバーライドします。 +cachePolicy=キャッシュ・ポリシー +consentRequired=有効の場合は、ユーザーはクライアント・アクセスに同意する必要があります。 +selectMethodType.import=インポート +standardFlow=OpenID Connectの標準的な、認可コードによるリダイレクト・ベースの認証を有効にします。OpenID ConnectまたはOAuth2の仕様における「認可コードフロー」のサポートを有効にします。 +eventListeners=イベントリスナー +clientScopeType.default=DEFAULT +bindDn=バインドDN +Friday=金 +wantAuthnRequestsSigned=AuthnRequestの署名が必要 +usermodel.attr.tooltip=格納されるユーザー属性名、UserMode.attributeマップ内の属性名です。 +fineGrainOpenIdConnectConfiguration=OpenID Connectの詳細設定 +count=カウント +testAuthentication=認証テスト +month=月 +addressClaim.region.tooltip=「address」トークンクレーム内の「region」サブクレームにマップするために使用されるユーザー属性の名前。デフォルトは「region」です。 +expiration=有効期限 +logoutServicePostBindingURL=ログアウト・サービスのPOSTバインディングURL +assertionConsumerServicePostBindingURLHelp=アサーション・コンシューマー・サービス(ログイン・レスポンス)のSAML POSTバインディングURLを設定します。このBindingのためのURLがない場合は空でよいです。 +resourceTypes=リソースタイプ +includeInUserInfo.label=UserInfoに追加 +back=戻る +validateSignatureHelp=外部IDPの署名検証の有効/無効を設定します。 +title=認証 +verifyEmail=Eメールの確認 +addressClaim.locality.label=市区町村のユーザー属性名 +formatOption=フォーマット・オプション +nodeReRegistrationTimeout=ノード再登録のタイムアウト +client=client +connectionURL=接続URL +accessTokenLifespan=アクセストークン生存期間 +loginWithEmailHelpText=ユーザーがEメールアドレスでログインできるようにします。 +setToNow=現在日時を設定 +firstBrokerLoginFlowAliasHelp=このアイデンティティー・プロバイダーでの初回ログイン後に起動させる認証フローのエイリアスです。「初回ログイン」という用語は、認証したアイデンティティー・プロバイダー・アカウントに現在関連付けられているKeycloakアカウントがない状態であることを意味します。 +owner=オーナー +implicitFlow=OpenID Connectの認可コードなしのリダイレクト・ベース認証のサポートを有効にします。OpenID ConnectまたはOAuth2の仕様における「インプリシット・フロー」のサポートを有効にします。 +encryptAssertions=アサーションを暗号化する +keyAliasHelp=秘密鍵と証明書のアーカイブ・エイリアスです。 +tokenClaimName.tooltip=トークン内に挿入するクレームの名前を設定します。「address.street」のように完全修飾名で設定します。この場合、ネストされたJSONオブジェクトが作成されます。ネスティングを防ぎ、ドットを文字通りに使用するには、ドットをバックスラッシュ(\\.)でエスケープします。 +userName=ユーザー名 +clientProfileDescription=説明 +clientScope.default=DEFAULT +ssoSessionMax=セッションの有効期限が切れるまでの最大時間です。セッションの有効期限が切れると、トークンとブラウザー・セッションは無効化されます。 +optimizeLookup=REDIRECT署名鍵検索の最適化 +browserFlowHelp=ブラウザー認証で使用したいフローを選択してください。 +temporaryLocked=ユーザーは、ログインに複数回失敗したため、ロックされている可能性があります。 +setup=セットアップ +realm=レルム +prompt=プロンプト(prompt) +showAuthData=認可データを表示 +includeInUserInfo.tooltip=クレームをUserInfoに追加すべきかどうかを設定します。 +unlinkUsers=ユーザーのリンクを解除する +initialCounter=初期カウンター +revokeRefreshTokenHelp=有効にすると、リフレッシュ・トークンは「リフレッシュ・トークンの最大再利用回数」までしか使用できず、別のトークンが使用されると無効化されます。無効にすると、リフレッシュ・トークンは使用後に無効化されず、複数回使用できます。 +ownerManagedAccessHelp=有効にすると、このリソースへのアクセスをリソースオーナーが管理できます。 +authorization=きめ細かい認可のサポートを有効/無効にします。 +scopePermissions.users.map-roles-description=管理者がすべてのユーザーのロールをマップできるかどうかを決定するポリシー +bindCredentialsHelp=LDAP管理者のパスワードを設定します。このフィールドは、ボールトから値を取得できます。${vault.ID}形式を使用します。 +webAuthnPolicySignatureAlgorithms=署名アルゴリズム +action=アクション +id=ID +join=参加 +idTokenEncryptionContentEncryptionAlgorithmHelp=IDトークンの暗号化の際に、コンテンツの暗号化に使用されるJWAアルゴリズム。このオプションは、暗号化されたIDトークンが必要な場合にのみ必須です。空のままにすると、IDトークンは署名されますが、暗号化されません。 +scopesHelp=認可リクエストの際に送信されるスコープです。スペース区切りでスコープのリストを設定します。デフォルトは「openid」です。 +includeAuthnStatement=AuthnStatementを含める +multivalued.tooltip=属性がマルチバリューをサポートしているかどうかを示します。サポートしている場合は、この属性のすべての値リストがクレームとして設定されます。サポートしていない場合は、最初の値だけがクレームとして設定されます。 +addIdPMapper=アイデンティティー・プロバイダー・マッパーを追加 +enableStartTls=StartTLSの有効 +usersPermissionsHint=レルム内のすべてのユーザーを管理するきめ細かいパーミッション。レルム内のユーザーを管理できるユーザーには、さまざまなポリシーを定義できます。 +homeURL=認証サーバーがクライアントへのリダイレクトまたは戻るリンクを必要とする際に使用するデフォルトURLを設定します。 +contentSecurityPolicyReportOnly=Content-Security-Policy-Report-Only +firstBrokerLoginFlowAlias=初回ログインフロー +clientScopeList=クライアント・スコープ +usernameLdapAttribute=ユーザー名のLDAP属性 +evaluate=評価 +status=ステータス +clients=クライアント +clientName=名前 +syncModes.force=強制 +maxDeltaTimeSeconds=ログイン失敗回数のリセット時間 +backchannelLogoutHelp=外部IDPがバックチャンネル・ログアウトをサポートするどうかを設定します。 +usermodel.realmRoleMapping.rolePrefix.tooltip=各レルムロールのプレフィックスを設定します(オプション)。 +fromDisplayName=差出人の表示名 +affirmative=Affirmative +maxFailureWaitSecondsHelp=ユーザーがロックアウトされる最大待機時間を設定します。 +userInfoSignedResponseAlgorithm=署名付きUserInfoレスポンスのアルゴリズム +maxDeltaTimeSecondsHelp=いつ失敗回数がリセットされるか設定します。 +contentSecurityPolicy=Content-Security-Policy +off=オフ +frontchannelLogoutHelp=有効の場合は、ログアウトはクライアントへのブラウザー・リダイレクトが必要になります。無効の場合は、サーバーはログアウトのバックグラウンド呼び出しを行います。 +forwardParameters=転送されるクエリー・パラメーター +oAuthMutualHelp=これにより、OAuth 2.0相互TLS証明書バインド・アクセストークンがサポートされます。つまり、Keycloakは、Keycloakのトークン・エンドポイントとこのクライアントの間で相互TLSにより交換されるクライアントのX.509証明書と、アクセストークンおよびリフレッシュ・トークンをバインドします。これらのトークンは、ベアラートークンの代わりにHolder-of-Keyトークンとして扱うことができます。 +scopes=スコープ +principalType=プリンシパル・タイプ +flowType=フロータイプ +policyEnforcementModes.PERMISSIVE=許容 +auth=認証 +accessTokenLifespanImplicitFlow=インプリシット・フローにおけるアクセストークン生存期間 +subject=サブジェクトDN +defaultAdminInitiated=デフォルトの管理者起動アクションの有効期間 +remainingCount=残りのカウント +download=ダウンロード +authScopes=認可スコープ +host=ホスト +optimizeLookupHelp=Keycloakアダプターによって保護されたSPのREDIRECTバインディングでSAMLドキュメントに署名する際、署名鍵のIDを要素のSAMLプロトコルメッセージに含める必要があるかどうかを設定します。これにより、検証のために既知のすべてのキーを試行する代わりに単一のキーを使用するため、署名の検証が最適化されます。 +supportedApplications=現在のOTPポリシーで動作することが分かっているアプリケーション +resourceAttribute=リソースに関連付けられた属性。 +addressClaim.region.label=都道府県のユーザー属性名 +ipAddress=IPアドレス +included.custom.audience.tooltip=これは「含まれるクライアント・オーディエンス」が入力されていない場合にのみ使用されます。指定された値が、トークンのオーディエンス(aud)フィールドに含まれます。トークンに既存のオーディエンスが存在する場合は、指定された値が単にそれらに追加されます。既存のオーディエンスを上書きすることはありません。 +includeInIdToken.label=IDトークンに追加 +browserFlow=ブラウザーフロー +anyScope=任意のスコープ +serverInfo=サーバー情報 +emailThemeHelp=サーバーから送信されるEメールのテーマを選択します。 +principalTypeHelp=アサーションから外部ユーザーを識別し、追跡する方法。デフォルトではSubject NameIDを使用しますが、識別属性を設定することもできます。 +Wednesday=水 +consents=同意 +canonicalization=正規化方式 +SSOSessionMax=SSOセッション最大 +minimumQuickLoginWaitSecondsHelp=クイックログイン失敗後にどれくらいの時間待機するか設定します。 +policyEnforcementModes.DISABLED=無効 +code=コード +allowedClockSkewHelp=アイデンティティー・プロバイダーのトークンの検証時に許容されるクロックスキュー(秒単位)。デフォルト値は0です。 +keys=鍵 +defaultSigAlg=デフォルトの署名アルゴリズム +signatureKeyName=SAML署名鍵名 +certificate=証明書 +selectRole.label=ロールの選択 +prompts.consent=consent +webAuthnPolicyRpEntityName=リライング・パーティー・エンティティー名 +hour=時 +connectionTimeoutHelp=LDAP接続タイムアウト(ミリ秒単位) +defaultSigAlgHelp=このレルムでトークンの署名に使用されるデフォルトのアルゴリズム +save-admin-events=有効の場合は、管理イベントがデータベースに保存され、管理コンソールで使用可能になります。 +policyGroups=どのユーザーがこのポリシーで許可されるか指定してください。 +forwardParametersHelp=最初のアプリケーションへのリクエストから取得し、外部IDPの認可エンドポイントへ転送されるOpenID Connect/OAuth標準以外のクエリー・パラメーター。複数のパラメーターをカンマ(,)で区切って入力できます。 +on=オン +webAuthnPolicyRpId=リライング・パーティー・エンティティーID +serviceAccount=このクライアントをKeycloakで認証し、このクライアント専用のアクセストークンの取得ができるようになります。OAuth2の仕様における「クライアント・クレデンシャル・グラント」のサポートを有効にします。 +assertionConsumerServiceRedirectBindingURL=アサーション・コンシューマー・サービスのRedirectバインディングURL +acceptsPromptNone=クライアントから転送されるprompt\=noneを受け入れる +loginThemeHelp=ログイン、OTP、グラント、登録、およびパスワード忘れに使用するページのテーマを選択します。 +userManagedAccess=User-Managed Access +excludeSessionStateFromAuthenticationResponseHelp=これがオンの場合、パラメーター「session_state」はOpenID Connect認証レスポンスに含まれません。クライアントが「session_state」パラメーターをサポートしていない古いOIDC / OAuth2アダプターを使用している場合に便利です。 +initialAccessToken=初期アクセストークン +evictionDay=エビクションの日 +vendorHelp=LDAPベンダー(プロバイダー) +addressClaim.country.label=国のユーザー属性名 +clustering=クラスタリング +applyToResourceType=リソースタイプに適用 +selectRole.tooltip=左側にあるテキストボックスにロールを入力するか、ブラウズして必要なロールを選択するためにこのボタンをクリックしてください。 +setPassword=パスワードを設定 +editModeLdapHelp=READ_ONLYの場合、LDAPストアに読み取り専用でアクセスします。WRITABLEは、必要に応じてデータをLDAPに同期させることを意味します。UNSYNCEDは、ユーザーデータをインポートするが、LDAPに同期しないことを意味します。 +SSOSessionMaxRememberMe=SSOセッション最大リメンバーミー +Saturday=土 +save-user-events=有効の場合は、ログインイベントがデータベースに保存され、管理コンソールとアカウント管理で使用することができます。 +composite=複合 +hourHelp=ポリシーが許可される時を定義します。2番目のフィールドに値を入力して範囲を指定することもできます。この場合、現在の時が指定した2つの値の間にあるか、等しい場合のみ許可されます。 +generatedAccessToken=生成されたアクセストークン +executeActions=アクションの実行 +edit=編集 +testConnection=接続テスト +archiveFormat=アーカイブ形式 +associatedRolesText=関連ロール +defaultLocale=デフォルト・ロケール +clientIdHelp=アイデンティティー・プロバイダーで登録されているクライアント識別子を設定します。 +aggregate.attrs.label=属性値の集約 +flow-type.basic-flow=generic +webauthnPasswordlessPolicy=WebAuthnパスワードレス・ポリシー +allowPasswordAuthenticationHelp=Kerberosデータベースに対するユーザー名/パスワード認証の有効/無効を設定します。 +includeInAccessToken.tooltip=クレームをアクセストークンに追加すべきかどうかを設定します。 +includeOneTimeUseCondition=OneTimeUse条件を含める +clientsClientScopesHelp=このリソースに関連付けるスコープを設定します。 +envelopeFromHelp=バウンスに使用されるEメールアドレス(オプション)。 +masterSamlProcessingUrl=SAMLを処理するマスターURL +samlIdentityProviderMetadata=SAML 2.0アイデンティティー・プロバイダー・メタデータ +key=キー +email=Eメール +identityProviders=アイデンティティー・プロバイダー +importUsers=ユーザーのインポート +scopeParameterHelp=このスコープ・パラメーターの値をコピー/ペーストし、このクライアント・アダプターから送信された最初のOpenID Connect認証リクエストで使用できます。このクライアントに発行されたトークンを生成するときは、デフォルトのクライアント・スコープと選択されたオプションのクライアント・スコープが使用されます +idTokenEncryptionKeyManagementAlgorithm=IDトークン暗号化鍵管理アルゴリズム +clientAuthentications.client_secret_basic=基本認証で送信されたクライアント・シークレット +ssoSessionIdle=セッションの有効期限が切れるまでのアイドル時間です。セッションの有効期限が切れると、トークンとブラウザー・セッションは無効化されます。 +userManagedAccessHelp=有効にすると、ユーザーはアカウント管理コンソールを使用してリソースとパーミッションを管理できます。 +policyType.totp=タイムベース +emailTheme=Eメールテーマ +scopePermissions.users.impersonate-description=管理者が他のユーザーを偽装できるかどうかを決定するポリシー +registerNodeManually=ノードを手動で登録 +redirectURI=リダイレクトURI +publicKeys=公開鍵 +periodicFullSync=定期的なフル同期 +assertionLifespanHelp=SAMLアサーション条件に設定された有効期限。その後、アサーションは無効になります。「SessionNotOnOrAfter」属性は変更されず、レルムレベルで定義された「SSOセッション最大」時間を引き続き使用します。 +createdAt=作成日 +editUsername=ユーザー名の編集 +lastRegistration=最終登録 +rolesHelp=選択されたユーザーに関連付けたいロールを選択してください。 +requireSsl=SSLの要求 +samlEntityDescriptor=外部IDPメタデータを設定ファイルよりロード、またはURLよりダウンロードして設定します。 +reevaluate=再評価 +syncMode=同期モード +details=詳細 +strictTransportSecurity=HTTP Strict Transport Security(HSTS) +offlineSessionMaxLimited=オフライン・セッション最大制限 +periodicChangedUsersSync=定期的な変更ユーザーの同期 +principalAttribute=プリンシパル属性 +searchScope=検索スコープ +userRegistrationHelpText=登録ページの有効/無効。ログインページに登録のリンクも表示されるようになります。 +realmRoles=レルムロール +firstName=名 +expirationHelp=イベントの有効期限を設定します。期限切れのイベントはデータベースから定期的に削除されます。 +webAuthnPolicySignatureAlgorithmsHelp=認証アサーションに使用する署名アルゴリズム。 +nameIdFormat=Name IDフォーマット +validRedirectUri=有効なリダイレクトURI +wantAssertionsEncryptedHelp=このサービス・プロバイダーが暗号化されたアサーションを期待するかどうかを設定します。 +permissionName=このパーミッションの名前を設定します。 +expires=有効期限 +userAttribute=ユーザー属性 +kid=Kid +revoke=無効化 +webAuthnPolicyAcceptableAaguidsHelp=登録可能なオーセンティケーターのAAGUIDのリスト。 +clientSignatureHelp=クライアントがSAMLリクエストとレスポンスを署名するか、そしてそれらを検証すべきどうかか設定します。 +keyPasswordHelp=アーカイブ内の秘密鍵にアクセスするためのパスワード +frontchannelLogout=フロントチャンネル・ログアウト +policyClient=このポリシーで許可されるクライアントを指定します。 +titleRoles=レルムロール +frontendUrl=フロントエンドURL +sectorIdentifierUri.tooltip=pairwise sub値を使用し、かつ動的クライアント登録をサポートするプロバイダーは、sector_identifier_uriパラメーターを使用すべきです(SHOULD)。これは、共通の管理下にあるWebサイト群に対し、個々のドメイン名とは独立してparwise sub値の一貫性を保持する方法を提供します。また、クライアントに対し、すべてのユーザーを再登録させることなしにredirect_uriを変更する方法も提供します。 +rdnLdapAttribute=RDN LDAP属性 +replyToDisplayName=返信先の表示名 +xRobotsTag=X-Robots-Tag +bindType=バインドタイプ +aliasHelp=エイリアスは一意にアイデンティティー・プロバイダーを識別するもので、リダイレクトURIの構築にも使用されます。 +contextualInfo=コンテキスト情報 +syncModeHelp=すべてのマッパーのデフォルトの同期モード。同期モードは、マッパーを使用してユーザーデータを同期するタイミングを決定します。可能な値は次のとおりです。このオプションが導入される前の動作を維持する「レガシー」、このアイデンティティー・プロバイダーを使用したユーザーの初回ログイン時に一度だけユーザーをインポートする「インポート」、このアイデンティティー・プロバイダーでログインするたびにユーザーを常に更新する「強制」。 +applyPolicyHelp=このポリシーやパーミッションで定義されたスコープに適用するすべてのポリシーを設定します。 +temporaryPassword=一時的 +sslType.none=none +clientsPermissionsHint=このクライアントを管理したり、このクライアントによって定義されたロールを適用したりする管理者のきめ細かいパーミッションです。 +consentScreenText=同意画面のテキスト +bruteForceDetection=ブルートフォースの検出 +archiveFormatHelp=JavaキーストアまたはPKCS12アーカイブ形式 +xContentTypeOptions=X-Content-Type-Options +keyAlias=キーエイリアス +prefix=各レルムロールのプレフィックスを設定します(オプション)。 +none=none +type=タイプ +seconds=秒 +otpPolicyDigits=桁数 +ownerManagedAccess=User-Managed Accessの有効 +permissions=パーミッション +accountThemeHelp=ユーザー・アカウント管理画面のテーマを選択します。 +displayOnConsentScreenHelp=オンで、同意が必要なクライアントにこのクライアント・スコープが追加された場合、「同意画面のテキスト」で指定されたテキストが同意画面に表示されます。オフの場合、このクライアント・スコープは同意画面に表示されません +requirements.DISABLED=無効 +clientSessionIdle=クライアント・セッション・アイドル +push=プッシュ +titleUsers=ユーザー +scopePermissions.users.user-impersonated-description=どのユーザーを偽装するかを決定するポリシー。これらのポリシーは、偽装されているユーザーに適用されます。 +forceAuthenticationHelp=アイデンティティー・プロバイダーが以前のセキュリティー・コンテキストに頼るのではなく、プレゼンターを直接認証すべきかどうかを設定します。 +testClusterAvailability=クラスターの可用性をテスト +forceNameIdFormat=Name IDフォーマットを強制 +scopePermissions.users.manage-description=管理者がレルム内のすべてのユーザーを管理できるかどうかを決定するポリシー +included.client.audience.tooltip=指定されたオーディエンス・クライアントのクライアントIDが、トークンのオーディエンス(aud)フィールドに含まれます。トークンに既存のオーディエンスが存在する場合は、指定された値が単にそれらに追加されます。既存のオーディエンスを上書きすることはありません。 +addRole=ロールの追加 +addressClaim.locality.tooltip=「address」トークンクレーム内の「locality」サブクレームにマップするために使用されるユーザー属性の名前。デフォルトは「locality」です。 +keyForCodeExchangeHelp=PKCEのどのコードチャレンジ方式を使用するかを選択します。指定しない場合、Keycloakは、クライアントが適切なコードチャレンジとコード交換の方式で認可リクエストを送信しない限り、クライアントにPKCEを適用しません。 +userInfoSignedResponseAlgorithmHelp=署名付きUserInfoエンドポイントのレスポンスに使用するJWAアルゴリズムを設定します。「unsigned」に設定した場合は、UserInfoレスポンスは署名されず、application/json形式で返されます。 +lastName=姓 +otpPolicyDigitsHelp=OTPの桁数を設定します。 +clientAuthentications.client_secret_post=POSTで送信されたクライアント・シークレット +authenticationAliasHelp=この設定の名前を設定します。 +SSOSessionIdle=SSOセッション・アイドル +ssoServiceUrlHelp=認証リクエスト(SAML AuthnRequest)の送信に使用するURLを設定します。 +copy=コピー +credentialData=データ +connectionTimeout=接続タイムアウト +passLoginHintHelp=アイデンティティー・プロバイダーにlogin_hintを渡します。 +monthHelp=ポリシーが許可される月を定義します。2番目のフィールドに値を入力して範囲を指定することもできます。この場合、現在の月が指定した2つの値の間にあるか、等しい場合のみ許可されます。 +webAuthnPolicyAvoidSameAuthenticatorRegisterHelp=すでに登録されているオーセンティケーターの登録を避けるかどうかを設定します。 +registrationAccessToken=登録用アクセストークン +supportedLocales=サポートされるロケール +showPasswordDataValue=値 +issuerHelp=レスポンス内の発行者の識別子(Issuer Identifier)を設定します。未設定の場合は、検証は実行されません。 +webAuthnPolicyAttestationConveyancePreference=期待する構成証明伝達 +titleSessions=セッション +rootURL=相対URLに追加するルートURLを設定します。 +evictionMinute=エビクションの分 +nodeReRegistrationTimeoutHelp=登録されたクライアントをクラスターノードへ再登録する際の最大時間間隔を設定します。クラスターノードがこの時間内にKeycloakに再登録リクエストを送信しない場合は、Keycloakから登録解除されます。 +logoutServicePostBindingURLHelp=シングル・ログアウト・サービスのSAMLPOSTバインディングURLを設定します。異なるBindingを使用している場合は空でよいです。 +clientAuthentication=クライアント認証 +validatePasswordPolicy=パスワード・ポリシーの検証 +registrationEmailAsUsername=Eメールをユーザー名とする +passCurrentLocale=現在のロケールを渡す +webAuthnPolicyFormHelp=WebAuthn認証のポリシー。これは、「WebAuthn Register」必須アクションと「WebAuthn Authenticator」オーセンティケーターで使用されます。一般的な用途は、2要素認証にWebAuthnを使用する場合です。 +identityInformation=アイデンティティー情報 +usermodel.clientRoleMapping.rolePrefix.label=クライアント・ロールのプレフィックス +syncModeOverrideHelp=このマッパーのIDPのデフォルトの同期モードをオーバーライドします。値は次のとおりです。このオプションが導入される前の動作を維持する「レガシー」、このアイデンティティー・プロバイダーを使用したユーザーの初回ログイン時に一度だけユーザーをインポートする「インポート」、このアイデンティティー・プロバイダーでログインするたびにユーザーを常に更新する「強制」、このマッパーのアイデンティティー・プロバイダーで定義された同期モードを使用する「継承」。 +partialImport=部分インポート +includeInTokenScopeHelp=オンの場合、このクライアント・スコープの名前がアクセストークン・プロパティーの「scope」と同様にトークン・イントロスペクション・エンドポイントのレスポンスに追加されます。オフの場合、このクライアント・スコープはトークンとトークン・イントロスペクション・エンドポイントのレスポンスから除外されます。 +client-authenticator-type=Keycloakサーバーに対してこのクライアントの認証に使用するクライアント認証方式を設定します。 +signatureKeyNameHelp=署名されたSAML文書には、KeyName要素の署名鍵の識別情報が含まれています。Keycloak / RH-SSOカウンター・パーティーの場合は、KEY_IDを使用し、MS AD FSの場合はCERT_SUBJECTを使用します。他のオプションが動作しない場合はNONEをチェックして使用します。 +clientAssertionSigningAlgHelp=クライアント認証でJWTアサーションを利用するときの署名アルゴリズム。クライアント認証が 秘密鍵で署名されたJWT もしくは JWTでクライアント・シークレット の場合に設定します。アルゴリズムの指定をしなかった場合、 秘密鍵で署名されたJWT ではRS256 JWTでクライアント・シークレット ではHS256のアルゴリズムが使用されます。 +loginWithEmail=Eメールでログイン +tokenClaimName.label=トークンクレーム名 +create=作成 +from=差出人 +decisionStrategyHelp=決定戦略は、パーミッションの評価方法と最終的な判定の取得方法を決定します。「Affirmative」とは、リソースおよびそのスコープへのアクセスを許可するために、少なくとも1つのパーミッションが肯定的な判定に評価される必要があることを意味します。「Unanimous」とは、最終的な判定も肯定的であるために、すべてのパーミッションが肯定的な判定に評価される必要があることを意味します。 +hideOnLoginPage=ログインページで非表示 +resource=リソース +userSession.modelNote.tooltip=UserSessionModel.noteマップ内のユーザー・セッション・ノート名です。 +maxLifespan=最大生存期間 +clientsClientTypeHelp=「OpenID Connect」により、クライアントは認可サーバーによって実行される認証に基づいてエンドユーザーのアイデンティティーを検証できます。「SAML」は、クロスドメインのシングル・サインオン(SSO)を含むWebベースの認証および認可のシナリオを可能にし、アサーションを含むセキュリティー・トークンを使用して情報を渡します。 +webOriginsHelp=許可されるCORSオリジンを設定します。有効なリダイレクトURIのすべてのオリジンを許可するには「+」を追加してください。ただし、これには「*」ワイルドカードは含まれません。すべてのオリジンを許可するには、明示的に「*」を追加してください。 +logoutUrl=ログアウトURL +webAuthnPolicyPasswordlessFormHelp=パスワードレスWebAuthn認証のポリシー。これは、「Webauthn Register Passwordless」必須アクションおよび「WebAuthn Passwordless Authenticator」オーセンティケーターによって使用されます。一般的な使用法は、WebAuthnが一要素認証として使用される場合です。「WebAuthnポリシー」と「WebAuthnパスワードレス・ポリシー」の両方を使用すると、WebAuthnを同じレルムの第1要素オーセンティケーターと第2要素オーセンティケーターの両方として使用できます。 +storedTokensReadable=読み取り可能なトークンを格納 +admin-clearEvents=データベース内のすべての管理イベントを削除します。 +usermodel.prop.label=プロパティー +authenticationOverrides=認証フローのオーバーライド +clientSessionIdleHelp=クライアント・セッションが期限切れになるまでアイドル状態にできる時間。トークンは、クライアント・セッションが期限切れになると無効になります。設定しない場合、標準のSSOセッション・アイドルの値が使用されます。 +scopesSelect=このパーミッションは1つまたは複数のスコープに適用されるように指定してください。 +clientAuthenticationHelp=クライアント認証方法(参照:https\://openid.net/specs/openid-connect-core-1_0.html\#ClientAuthentication)。秘密鍵で署名されたJWTの場合、レルム秘密鍵が使用されます。 +clientSecretHelp=アイデンティティー・プロバイダーで登録されているクライアント・シークレットを設定します。このフィールドは、ボールトから値を取得できます。${vault.ID}形式を使用します。 +value=値 +offlineSessionMax=オフライン・セッション最大 +times.seconds=秒 +webAuthnPolicyExtraOriginsHelp=非 Web アプリケーションの追加オリジンのリスト。 +resources=リソース +groups=メンバーであるグループです。グループから外すには、グループを選択して「外す」ボタンをクリックしてください。 +permanentLockoutHelp=最大ログイン失敗回数を超えたときに、ユーザーを永久にロックします。 +logicType.positive=Positive +accountTheme=アカウントテーマ +forceAuthentication=認証を強制 +webAuthnPolicyAvoidSameAuthenticatorRegister=オーセンティケーターの重複登録回避 +assertionConsumerServiceRedirectBindingURLHelp=アサーション・コンシューマー・サービス(ログイン・レスポンス)のSAML RedirectバインディングURLを設定します。このBindingのためのURLがない場合は空でよいです。 +selectARole=ロールを選択してください +titleAuthentication=認証 +category=カテゴリー +times.days=日 +providers=プロバイダー diff --git a/js/apps/admin-ui/maven-resources/theme-resources/messages/messages_lt.properties b/js/apps/admin-ui/maven-resources/theme-resources/messages/messages_lt.properties new file mode 100644 index 0000000000..345a159a31 --- /dev/null +++ b/js/apps/admin-ui/maven-resources/theme-resources/messages/messages_lt.properties @@ -0,0 +1,569 @@ +otpTypeHelp='totp' paremtas ribotą laiką galiojančiu vienkartiniu slaptažodžiu. 'hotp' - ribotą kartų galiojančiu vienkartiniu slaptažodžiu. +useKerberosForPasswordAuthentication=Naudoti Kerberos autentifikacijai su slaptažodžiu +anyResource=Bet kuris resursas +themes=Temos +addClientScope=Kliento šablono kūrimas +clientType='OpenID connect' leidžia klientams tikrinti galutinio naudotojo tapatybę remiantis autorizacijos serverio atlikta autentifikacija. 'SAML' įgalina žiniatinklio, įskaitant skirtingų domenų atvejus, vieningos autentifikacijos ir autorizacijos scenarijus perduodant informaciją saugiose žinutėse. +clientSignature=Privalomas kliento parašas +unanimous=Vienbalsė +policy-name=Šios taisyklės pavadinimas. +clientHelp=Nurodykite klientą, kuris atlieka autorizacijos užklausas. Nei nenurodyta, tuomet autorizacijos užklausa bus vertinama naudojant dabartinį klientą. +debugHelp=Ar įgalinti Krb5LoginModule veikimo pranešimų rašymą į standarinę išvestį derinimo rėžimu? +validatorColNames.colConfig=Konfigūruoti +nodeHost=Mazgo serveris +quickLoginCheckMilliSeconds=Jei nėsėkmingi bandymai prisijungti seka vienas kitą per greitai, tuomet naudotojo paskyra yra užrakinama. +unspecified=nenurodyta +signOut=Atsijungti +active=Aktyvus +validatorDialogColNames.colName=Rolės pavadinimas +credentialType=Tipas +certificateHelp=Kliento sertifikatas naudojamas kliento išduotų ir privačiu raktu pasirašytų JWT prieigos raktų tikrinimui. +forcePostBindingHelp=Visuomet naudoti POST sąryšį siunčiant atsakymus. +roleName=Rolės pavadinimas +operationType=Veiksmo tipas +httpPostBindingAuthnRequestHelp=Jei įgalinta, tuomet AuthnRequest siunčiami HTTP-POST saistymu. Kitu atveju bus naudojamas HTTP-REDIRECT. +policyEnforcementMode=Taisyklių vykdymo rėžimas +decisionStrategy=Sprendimo strategija +requestObjectSignatureAlgorithmHelp=JWA algoritmas, kurį klientas naudoja siunčiant OIDC užklausos objektą, nusakytą 'request' arba 'request_uri' parameterais. Jei nustatyta 'any', tuomet užklausos objektas gali būti nepasirašytas arba pasirašytas bet kuriuo algoritmu. +requiredUserActionsHelp=Nurodykite kuriuos veiksmus po prisijungimo naudotojas privalo atlikti. 'Patvirtinti el. pašto adresą' į naudotojo el. pašto adresą siunčia patvirtinimo nuorodą. 'Atnaujinti profilio informaciją' reikalauja naudotojo peržiūrėti ir atnaujinti profilio informaciją. 'Atnaujinti slaptažodį' reikalauja naudotojo pasikeisti slaptažodį. 'Konfigūruoti OTP' reikalauja atnaujinti mobilaus slaptažodžių generatoriaus konfigūraciją. +securityDefences=Saugos priemonės +realmSettings=Srities nustatymai +deleteEvents=Išvalyti įvykius +accessTokenLifespanHelp=Laikas, po kurio prisijungimui naudojamas raktas (Access Token) nustoja galioti. Rekomenduojama, kad šios reikšmės galiojimas būtų reliatyviai trumpas palyginus su SSO galiojimo laiku. +redirectURIHelp=Tapatybės teikėjo konfigūravimo nuoroda. +displayName=Žmogui suprantamas, draugiškas tapatybės teikėjo pavadinimas. +resourcePath=Resurso kelias +applyToResourceTypeHelp=Nurodykite ar šis leidimas turi būti pritaikomas visiems šio tipo resursams. Jei įgalinta, tuomet leidimo tikrinimas bus atliekamas visiems nurodyto tipo resursams. +attestationPreference.none=jokio +useJwksUrlHelp=Jei įgalinta, tuomet tapatybės teikėjo viešasis raktas atsiunčiamas iš pateiktos JWKS URL. Įgalinimas suteikia lankstumo, nes tapatybės teikėjui pergeneravus raktus jie automatiškai atsiunčiami. Jei ši nuostata išjungta, tuomet naudojamas Keycloak DB saugomas viešasis raktas (arba sertifikatas) ir klientui sugeneravus naujus raktus juos rankiniu būdu reikės importuoti į Keycloak DB. +pairwiseSubAlgorithmSalt.label=Druska +revocation=Atšaukimai +clientDescriptionHelp=Nurodomas kliento aprašas. Pavyzdžiui 'Mano laiko lentelių klientas'. Palaikomos lokalizuotos reikšmės. Pavyzdžiui\: ${my_client_description} +clientAuthenticator=Kliento autentifikavimo priemonės +useEntityDescriptor=Importuoti metaduomenis iš nutolusio IDP SAML subjekto aprašo. +loginActionTimeout=Naudotojo prisijungimo veiksmui skirtas laikas +updateFirstLoginHelp=Pirmojo prisijungimo metu atnaujinti naudotojo profilio duomenis +validRedirectURIs=Nukreipimo URI šablonas, kuomet naršyklei leidžiama nukreipti naudotoją po sėkmingos autentifikacijos ar atsijungimo metu. Leidžiami pakaitos simboliai, pvz. 'http\://pavyzdys.lt/*'. Leidžiami reliatyvūs keliai pvz. /mano/reliatyvus/kelias/*. Reliatyvumas skaičiuojamas nuo kliento šakninio URL (jei nurodyta) arba nuo autentifikacijos serverio šakninio adreso. SAML atveju, kuomet tikimasi gavėjo paslaugos URL įtraukimo į prisijungimo užklausą, privaloma nurodyti teisingus URI šablonus. +assertionConsumerServicePostBindingURL=Sprendinių naudotojo paslaugos POST jungties URL +usermodel.clientRoleMapping.clientId.label=Kliento ID +endpoints=Prieigos adresai +clientId=Kliento ID +validatingX509CertsHelp=PEM formato sertifikatai, kurie turi būti naudojami parašų tikrinimui. Reikšmės skiriamos kableliais (,). +contextualAttributesHelp=Galite pateikti vykdymo aplinkos arba vykdymo konteksto atributus. +importFile=Importuoti rinkmeną +clientLoginTimeoutHelp=Laikas, per kurį klientas turi užbaigti prisijungimo procesą. Normaliu atveju reikšmė turėtų būti 1 minutė. +protocolHelp=Kurio SSO protokolo konfigūracija teikia šis šablonas +lastAccess=Vėliausios prieigos laikas +uiDisplayName=Konsolėje rodomas pavadinimas +prompts.none=jokio +resourcesHelp=Nurodykite, kad šis leidimas turi būti taikomas tik tam tikriems resursams. +adminEventsSettings=Administravimo veiksmų nustatymai +passwordConfirmation=Pakartotas slaptažodis +emailVerified=El. paštas patvirtintas +Thursday=Ketvirtadienis +times.minutes=Minutės +disableUserInfo=Uždrausti naudotojo informacijos prieigą +forcePostBinding=Priverstinai naudoti POST sąryšį +defaultRoles=Numatytosios rolės +discoveryEndpoint=Importuoti metaduomenis iš nutolusio IDP aptikimo aprašo (IDP discovery descriptor). +countHelp=Nurodykite kiek klientų gali būti sukurti naudojant prieigos raktą +otpPolicyPeriod=OTP rakto galiojimo intervalas +uuidLdapAttribute=UUID LDAP atributas +topLevelFlowType=Kokio tipo ši aukščiausio lygio sritis? 'client' tipas naudojamas klientų (programų) autentifikacijai. 'generic' naudojamas visais kitais atvejais. +scopeNameHelp=Kliento šablono pavadinimas. Privalo būti unikalus šioje srityje +Monday=Pirmadienis +requiredUserActions=Privalomi veiksmai naudotojui +flowTypeHelp=Kokios rūšies ši forma? +consentRequired=Jei įgalinta, tuomet naudotojai privalo patvirtinti, kad pageidauja prisijungti prie kliento (programos). +allowRemoteResourceManagement=Nuotolinis resursų valdymas +standardFlow=Įgalina standartinį OpenID Connect nukreipimą, kuomet autentifikacijos metu yra perduodamas autorizacijos kodas. OpenID Connect arba OAuth2 specifikacijos terminais tai reiškia 'Authorization Code Flow' įgalinimą šiam klientui. +identityProvider=Tapatybės teikėjas +eventListeners=Įvykių gavėjai +bindDn=Prisijungimo DN +Friday=Penktadienis +identityProviderLinks=Sąsajos su tapatybės teikėjais +leave=Palikti +eventTypes.IMPERSONATE.name=Įkūnyti +wantAuthnRequestsSigned=Reikalaujami pasirašytų AuthnRequests +usermodel.attr.tooltip=Išsaugoto naudotojo atributo pavadinimas kuris naudojamas UserModel.attribute rinkinyje. +export=Eksportuoti +fineGrainOpenIdConnectConfiguration=Detalioji OpenID prisijungimo konfigūracija +add=Pridėti +passwordPolicy=Slaptažodžių taisyklės +backchannelLogout=Foninis atjungimas +count=Kiekis +testAuthentication=Tikrinti autentifikaciją +prompts.login=prisijungimas +users=Naudotojai +offlineSessionIdleHelp=Darbo neprisijungus sesijos neveikimo laikas, po kurio neaktyvi sesija bus užbaigta. Darbo neprisijungus metu, prisijungimo raktai turi būti atnaujinami bent kartą per nurodytą periodą. Kitu atveju sesijos galiojmas bus sustabdytas. +uris=URI kuris taip pat gali būti naudojamas vienareikšmiškam resurso identifikavimui. +forceNameIdFormatHelp=Ignoruoti NameID tapatybės identifikatoriaus formatą, naudojant administratoriaus konsolėje nurodytą formatą. +month=Mėnesis +port=Prievadas +expiration=Galiojimas +realmRolePrefix=Srities rolės prefiksas +jwksUrlHelp=URL, kuriuo pasiekiami kliento JWK formatu saugomi raktai. Žiūrėkite JWK specifikaciją detalesnei informacijai. Jei naudojamas kliento adapteris su "jwt" kredencialais, tuomet galite naudoti jūsų programos URL su '/k_jwks' sufiksu. Pavyzdžiui 'http\://www.myhost.com/myapp/k_jwks' . +includeRepresentation=Išsaugoti reprezentaciją +assertionConsumerServicePostBindingURLHelp=Kliento sprendinių priėmimo paslaugos (prisijungimo rezultatų) SAML POST jungties URL. Jei tokių jungčių neturite, tuomet palikite tuščias reikšmes. +resourceTypes=Resurso tipas +singleLogoutServiceUrl=Vieningo atsijungimo paslaugos URL +roles=Rolės +includeInUserInfo.label=Pridėti prie naudotojo informacijos +back=Atgal +validateSignatureHelp=Įgalinamas išorinių IDP parašų tikrinimas. +policyCode=JavaScript kodas kuriame aprašytos šios taisyklės sąlygos. +title=Autentifikavimas +verifyEmail=El. pašto patvirtinimas +representation=Reprezentacija +remove=Šalinti +formatOption=Formato pasirinkimas +loginTheme=Prisijungimo lango tema +provider=Teikėjas +flows=Sekos +scope=Taikymo sritis +nodeReRegistrationTimeout=Mazgo persiregistravimui skirtas laikas +client=client +includeRepresentationHelp=Išsaugoti kurūmo ir redagavimo užklausų JSON reprezentaciją. +connectionURL=Jungties URL +accessTokenLifespan=Prisijungimo rakto galiojimo laikas +setToNow=Parinkti dabartinę datą +signAssertionsHelp=Ar SAML sprendiniai SAML dokumentuose turi būti pasirašomi? Šis nustatymas nebūtinas, kuomet naudojamas viso dokumento pasirašymas. +firstBrokerLoginFlowAliasHelp=Autentifikacijos eigos pseudonimas, kuris bus sužadintas šio tapatybės teikėjo naudotojui prisijungus pirmą kartą. Terminas 'pirmas kartas' reiškia, kad Keycloak sistemoje nebuvo saugomas naudotojo profilis susietas su autentifikuotu šio tapatybės teikėjo naudotoju. +owner=Savininkas +validateSignature=Parašo tikrinimas +implicitFlow=Įgalina OpenID Connect nukreipimą, kuomet autentifikacijos metu nėra perduodamas autorizacijos kodas. OpenID Connect arba OAuth2 specifikacijos terminais tai reiškia 'Implicit Flow' įgalinimą šiam klientui. +headers=Antraštės +encryptAssertions=Užkoduoti sprendinius +keyAliasHelp=Privataus rakto ir sertifikato rinkmenos pseudonimas. +tokenClaimName.tooltip=Į raktą įterpiamas privalomas atributas. Galite nurodyte pilną kelią iki atributo, pavyzdžiui 'address.street'. Pateiktu atveju bus sukuriamas sudėtinis (nested) JSON objektas. +userName=Naudotojo vardas +clientProfileDescription=Aprašymas +userObjectClasses=Naudotojų objektų klasės +ssoSessionMax=Laikas, po kurio prisijungimo sesija yra sunaikinama. Sesijos pasibaigimo metu visi raktai (Tokens) ir naršyklių sesijos sunaikinamos. +policyRoles=Nurodo *kliento* rolė(įs) kurios tenkina šią taisyklę. +optimizeLookup=Optimizuoti REDIRECT pasirašymo rakto paiešką +times.hours=Valandos +browserFlowHelp=Pasirinkite autentifikacijos naršyklėje seką +temporaryLocked=Naudotojas laikintai užrakintas, nes per daug klydo prisijungiant prie sistemos. +webOrigins=Šakninės nuorodos +realm=Sritis +prompt=Raginimas +username=Naudotojo vardas +showAuthData=Rodyti autorizacijos duomenis +importConfig=Importuoti metaduomenis iš rinkmenos, kurią atsisiuntėte iš IDP aptikimo aprašo (IDP discovery descriptor). +includeInUserInfo.tooltip=Ar privaloma informacija turi būti pridedama prie naudotojo informacijos? +initialCounter=Pradinė skaitliuko reikšmė +revokeRefreshTokenHelp=Jei įgalintas, tuomet atnaujinimo raktai (Refresh Token) gali būti naudojami tik vieną kartą. Kitu atveju - atnaujinimo raktai gali būti pernaudojami daugelį kartų. +storedTokensReadableHelp=Jei įgalinta, tuomet naudotojai gali peržiūrėti išsaugotus prieigos raktus. Įgalinama broker.read-token rolė. +authenticationFlowTypeHelp=Kokios rūšies ši forma? +authorization=Įgalinti detalų kliento autorizacijos palaikymą +editUsernameHelp=Jei įgalintas, tuomet naudotojas gali keisti savo naudotojo vardą. +consoleDisplayConnectionUrlHelp=Jungties į LDAP serverį URL +bindCredentialsHelp=LDAP administratoriaus slaptažodis +action=Veiksmas +id=ID +join=Prijungti +fullScopeAllowedHelp=Įgalinimo atveju visi apribojimai išjungiami +applyPolicy=Pritaikyti taisyklę +otpType=OTP tipas +directGrantHelp=Pasirinkite tiesioginių teisių seką (direct grant authentication). +scopesHelp=Taikymos sritys, kurios siunčiamos autorizavimo užklausoje. Reikšmės turi būti atskirtos tarpo simboliu. Numatyta reikšmė - 'openid'. +includeAuthnStatement=Įtraukti AuthnStatement +jsonType.tooltip=Naudojamas JSON lauko tipas, kuris turi būti užpildomas rakto privalomoje JSON informacijoje. Galimi tipai\: long, int, boolean ir String. +multivalued.tooltip=Nurodo, kad atributas gali turėti daugiau nei vieną reikšmę. Jei pažymėtas, tuomet visos reikšmės nustatomos kaip privalomos. Kitu atveju privaloma tik pirmoji reikšmė. +enableStartTLS=Įgalinti StartTLS +enableStartTls=Įgalinti StartTLS +addIdPMapper=Pridėti tapatybės teikėjo atitikmens susiejimą +eventType=Įvykio tipas +sectorIdentifierUri.label=Sektoriaus identifikatoriaus URI +homeURL=Numatytas URL, kuris turi būti naudojamas naudotojo nukreipimui atgal į klientą. +firstBrokerLoginFlowAlias=Pirmojo prisijungimo eiga +usermodel.attr.label=Naudotojo atributas +eventTypes.REGISTER.name=Registracijos +rememberMeHelpText=Prisijungimo lange rodyti pasirinkimą leidžiantį naudotojui likti prisijungus netgi tuomet, kai naršyklė yra išjungiama/įjungiama tol, kol nepasibaigia prisijungimo sesija. +usernameLdapAttribute=Prisijungimo vardo LDAP atributas +evaluate=Vertinti +status=Būsena +ssoServiceUrl=Vieningo prisijungimo paslaugos URL +allowRemoteResourceManagementHelp=Ar leidžiama nuotoliniu būdu resursų serveriui valdyti resursus? Jei neįgalinta, tuomet resursai gali būti valdomi tik per šią administravimo konsolę. +clients=Klientai +changedUsersSyncPeriod=Periodinis sinchronizavimo intervalas +clientName=Vardas +userRegistration=Naudotojų registracija +save=Saugoti +login=prisijungimas +maxDeltaTimeSeconds=Pamiršti nepavykusius prisijungimus po +backchannelLogoutHelp=Ar išorinis tapatybės teikėjas palaiko serveris-serveris naudotojo atjungimo būdą? +usermodel.realmRoleMapping.rolePrefix.tooltip=Prefiksas, pridedamas prieš kiekvieną srities rolę (neprivalomas) +affirmative=Pozityvi +changedUsersSyncHelp=Intervalas sekundėmis, kas kurį atliekamas periodinis naujai registruotų arba su pakeistais duomenimis LDAP naudotojų sinchronizavimas į Keycloak +trustEmailHelp=Jei įgalintas, tuomet šio tapatybės teikėjo pateiktas el. pašto adresas laikomas patikimu ir, nepaisant bendrųjų srities nustatymų, nėra papildomai tikrinamas. +maxFailureWaitSecondsHelp=Maksimalus laikas, kuomet naudotojo paskyra yra užrakinama po nesėkmingų bandymų prisijungti. +userInfoSignedResponseAlgorithm=Naudotojo informacijos pasirašyto atsako algoritmas +maxDeltaTimeSecondsHelp=Laikas, po kurio nepavykę prisijungimai bus pamiršti +adminURLHelp=Kliento administravimo tinklinės sąsajos URL. Įrašyti tuomet, kai klientas palaiko adapterio REST API. Šis REST API leidžia autentifikacijos serveriui perduoti atšaukimo ir kitas su administravimu susijusias taisykles. Dažniausiai šis URL sutampa su kliento pagrindiniu URL. +otpPolicyPeriodHelp=Kiek sekundžiu galios OTP prieigos raktas? Numatyta reikšmė 30 sekundžių. +contentSecurityPolicy=Content-Security-Policy +storePasswordHelp=Slaptažodis, reikalingas norint atidaryti slaptažodžių saugyklą +frontchannelLogoutHelp=Jei įgalinta, tuomet atsijungimas atliekamas naršyklės nukreipimu į kliento puslapį. Kitu atveju, atsijungimas atliekamas perduodant serveris-serveris užklausą. +userFederation=Naudotojų federavimas +directAccess=Įgalina tiesioginį prieigos suteikimą, kuomet klientas turi prieigą prie naudotojo vardo ir slaptažodžio ir prieigos raktų gavimui šiais duomenimis gali tiesiogiai apsikeisti su Keycloak serveriu. OAuth2 specifikacijos terminais, šiam klientui įgalinimas 'Resource Owner Password Credentials Grant'. +disable=Išjungti +attributes=Atributai +logic=Logika +scopes=Taikymo sritys +resourceType=Resurso tipas +flowType=Sekos tipas +minuteHelp=Nurodykite minutę iki kurios ši taisyklė TENKINAMA. Užpildžius antrąjį laukelį, taisyklė bus TENKINAMA jei minutė patenka į nurodytą intervalą. Reikšmės nurodomos imtinai. +policyEnforcementModes.PERMISSIVE=Liberalus +auth=Autentifikacijos informacija +accessTokenLifespanImplicitFlow=Prisijungimo rakto galiojimo laikas (Implicit Flow) +scopeName=Unikalus taikymo srities pavadinimas. Šis pavadinimas gali vienareikšmiškai identifikuoti taikymo sritį. Naudingas kuomet ieškoma šios tam tikros srities. +userInfoUrlHelp=Naudotojo informacijos URL. Neprivalomas. +remainingCount=Likęs kiekis +kc.realm.name=Sritis +download=Atsisiųsti +authScopes=Autorizacijos taikymo sritys +impersonate=Įkūnyti +members=Nariai +host=Serveris +optimizeLookupHelp=Ar privalo būti itrauktas pasirašymo rakto ID į SAML protokolo žinutės elementą kuomet pasirašomi Keycloak REDIRECT SP sąsajos dokumentai? Tokiu būdu tikrinančioji pusė optimizuoja tikrinimo proceą naudodama tik vieną raktą vietoj to, kad bandytų visų raktų kombinacijas. +registration-access-token=Registracijos prieigos raktas klientams suteikia prieigą prie klientų registracijos paslaugos +adminURL=Administravimo URL +settings=Nustatymai +failureFactorHelp=Pasiekus maksimalų nesėkmingų bandymų prisijungti skaičių įjungiamas specialus rėžimas, kuomet laukimo intervalas yra didinamas po kiekvieno sekančio neteisingo bandymo. +storeTokensHelp=Jei įgalinta, tuomet po naudotojų prisijungimo, prieigos raktai bus išsaugoti. +singleLogoutServiceUrlHelp=Adresas, kuriuo turi būti siunčiamos naudotojo atjungimo užklausos. +ipAddress=IP adresas +useTruststoreSpi=Naudoti raktų saugyklos SPI +storeTokens=Saugoti raktus +usermodel.clientRoleMapping.rolePrefix.tooltip=Prefiksas, pridedamas prieš kiekvieną kliento rolę (neprivalomas) +includeInIdToken.label=Pridėti prie ID rakto +browserFlow=Autentifikacijos seka +anyScope=Bet kuri taikymo sritis +serverInfo=Serverio informacija +Sunday=Sekmadienis +emailThemeHelp=Pasirinkite kaip atrodys siunčiami el. pašto laiškai. +Wednesday=Trečiadienis +emailVerifiedHelp=Ar naudotojo el. pašto adresas yra patvirtintas? +addExecution=Pridėti išimtį +editMode=Pakeitimų rėžimas +consents=Sutikimai +canonicalization=Standartizavimo metodas +SSOSessionMax=SSO sesijos maksimalus laikas +groupMembership=Narystė grupėse +minimumQuickLoginWaitSecondsHelp=Laikas, kurį naudotojo prisijungimai yra draudžiami, kai nėsėkmingi bandymai prisijungti seka vienas kitą per greitai. +code=Programinis kodas +fullSyncPeriod=Pilno sinchronizavimo intervalas +addNode=Pridėti mazgą +jwksUrl=JWKS URL +policy-description=Šios taisyklės aprašymas. +keys=Raktai +policies=Taisyklės +certificate=Sertifikatas +importClient=Įdiegti programos nustatymus +selectRole.label=Parinkite rolę +allTypes=Visi tipai +prompts.consent=sutikimo tekstas +ldapFilter=LDAP filtras +hour=Valanda +postBrokerLoginFlowAlias=Sekančių prisijungimų eiga +tokens=Raktai +save-admin-events=Jei įgalinta, tuomet administravimo veiksmai saugomi duomenų bazėje ir tampa prieinami per administravimo valdymo skydą. +encryptAssertionsHelp=Ar SAML sprendiniai turi būti užkoduojami kliento viešuoju raktu naudojant AES? +policyGroups=Nurodo kurie naudotojai tenkina šią taisyklę. +on=On +serviceAccount=Įgalina klientą autentifikuotis su Keycloak serveriu ir gauti dedikuotą prieigos raktą skirtą šiam klientui. OAuth2 specifikacijos terminais, tai reiškia 'Client Credentials Grant' teisę šiam klientui. +requirement=Privalomumas +assertionConsumerServiceRedirectBindingURL=Sprendinių priėmimo paslaugos nukreipimo jungties URL +loginThemeHelp=Pasirinkite kaip atrodys Jūsų prisijungimo, OTP, teisių suteikimo, naudotojų registracijos ir slaptažodžių priminimo langai. +permissionDescription=Šio leidimo aprašymas. +multivalued.label=Daugiareikšmis +minute=Minutė +useJwksUrl=Naudoti JWKS URL +initialAccessToken=Pradinis prieigos raktas +vendorHelp=LDAP gamintojas (teikėjas) +clustering=Klasteriai +applyToResourceType=Pritaikyti resurso tipui +rememberMe=Prisiminti mane +flow.registration=Registracijos seka +registeredClusterNodes=Registruoti klasterio mazgus +selectRole.tooltip=Kairėje pusėje esančiame laukelyje įveskite rolės pavadinimą arba paspauskite Rinktis norėdami nurodyti pageidaujamą rolę. +storePassword=Saugyklos slaptažodis +logoutServiceRedirectBindingURLHelp=Kliento vieningo atsijungimo paslaugos SAML nukreipimo jungties. Jei naudojate kitas jungtis, tuomet šias reikšmes galite palikti neužpildytas. +defaultGroups=Numatytos grupės +flow.browser=Autentifikacijos seka +editModeLdapHelp=READ_ONLY reiškia, kad LDAP saugykla bus naudojama vien tik skaitymo rėžimu. WRITABLE reiškia, kad duomenys sinchronizuojami atgal į LDAP pagal poreikį. UNSYNCED reiškia, kad naudotojų duomenys bus importuoti, tačiau niekuomet nesinchronizuojami atgal į LDAP. +Saturday=Šeštadienis +includeInIdToken.tooltip=Ar privaloma informacija turi būti pridedama prie ID rakto? +save-user-events=Jei įgalinta, tuomet su prisijungimu susiję veiksmai saugomi duomenų bazėje ir tampa prieinami per administravimo bei naudotojo paskyros valdymo skydus. +password=Slaptažodis +allowPasswordAuthentication=Leisti autentifikaciją naudojant slaptažodį +composite=Sudėtinis +hourHelp=Nurodykite valandą iki kurios ši taisyklė TENKINAMA. Užpildžius antrąjį laukelį, taisyklė bus TENKINAMA jei valanda patenka į nurodytą intervalą. Reikšmės nurodomos imtinai. +pairwiseSubAlgorithmSalt.tooltip=Druska naudojama porinio objekto identifikatoriaus skaičiavimo metu. Jei paliekama tuščia reikšmė, tuomet druskos reikšmė bus automatikšai sugeneruota. +clientAuthorization=Autorizacija +waitIncrementSecondsHelp=Laikas, kurį naudotojo prisijungimai yra draudžiami, kai nėsėkmingų bandymų skaičius pasiekia nustatytą ribą +allowKerberosAuthentication=Leisti Kerberos autentifikaciją +events=Įvykiai +createPermission=Sukurti leidimą +mapperType=Atitikmens tipas +edit=Redaguoti +testConnection=Tikrinti jungtį +archiveFormat=Archyvo formatas +credentialResetConfirm=Siųsti el. pašto laišką +kerberosRealm=Kerberos sritis +flow.direct\ grant=Tiesioginių teisių seka +associatedRolesText=Priskirtos rolės +defaultLocale=Numatyta kalba +clientIdHelp=Kliento identifikatorius užregistruotas tapatybės teikėjo sistemoje. +typeHelp=Šio resurso tipas. Reikšmė leidžia sugrupuoti skirtingus resursus turinčius tą patį tipą. +htmlDisplayName=Rodomas pavadinimas HTML formatu +authorizationUrl=Autorizacijos URL +contextualAttributes=Kontekstiniai atributai +allowPasswordAuthenticationHelp=Ar suteikti galimybę naudotojui prisijungti prie Kerberos naudojant naudotojo vardą ir slaptažodį? +includeInAccessToken.tooltip=Ar privaloma informacija turi būti pridedama prie prieigos rakto? +idpInitiatedSsoRelayStateHelp=SSO būsenos parametro (RelayState) perdavimas kartu su IDP inicijuota SSO SAML užklausa. +otpHashAlgorithmHelp=Kuris maišos algoritmas turi būti naudojamas OTP generavimui. +usermodel.clientRoleMapping.clientId.tooltip=Kliento ID naudojamas rolių atributų susiejime +clientsClientScopesHelp=Su šiuo resursu susietos taikymo sritys. +vendor=Gamintojas +logoutServiceRedirectBindingURL=Atsijungimo paslaugos nukreipimo jungties URL +dayMonth=Nurodykite mėnesio dieną iki kurios ši taisyklė TENKINAMA. Užpildžius antrąjį laukelį, taisyklė bus TENKINAMA jei diena patenka į nurodytą intervalą. Reikšmės nurodomos imtinai. +idpInitiatedSsoRelayState=IDP inicijuotos SSO būsenos perdavimas +validatingX509Certs=X509 sertifikatai tikrinimui +masterSamlProcessingUrl=Šakninis SAML apdorojimo URL +key=Raktas +email=El. paštas +userInfoUrl=Naudotojo informacijos URL +identityProviders=Tapatybės teikėjai +nameIdPolicyFormat=NameID taisyklių formatas +idpInitiatedSsoUrlName=Pavadinimas, kuris IDP inicijuoto SSO prisijungimo metu, perduodamas klientui per URL fragmentą. Palikus tuščią reikšmę IDP inicjuojamą SSO prisijungimo funkcionalumas išjungiamas. Šis fragmentas buv naudojamas formuojant šią nuorodą\: {server-root}/realms/{realm}/protocol/saml/clients/{client-url-name} +ssoSessionIdle=Laikas, po kurio neaktyvi sesija bus užbaigta. Sesijos pasibaigimo metu visi raktai (Tokens) ir naršyklių sesijos sunaikinamos. +xFrameOptions=X-Frame-Options +scopeDescriptionHelp=Kliento šablono aprašymas +directGrant=Tiesioginių teisių seka +consensus=Daugumos +policyType.totp=Paremtas laiku +emailTheme=El. pašto tema +nameIdFormatHelp=Koks tapatybės identifikatoriaus formatas turi būti naudojamas. +adminEvents=Administravimo įvykiai +registerNodeManually=Registruoti mazgą rankiniu būdu +serverPrincipal=Pagrindinis serveris +redirectURI=Nukreipimo URI +signDocuments=Pasirašyti dokumentus +periodicFullSync=Pilnas periodinis sinchronizavimas +tokenUrl=Prieigos raktų URL +notBefore=Ne anksčiau +ldapMappersList=LDAP atitikmenų parinkėjai +createdAt=Sukūrimo data +editUsername=Naudotojo vardo redagavimas +titleEvents=Įvykiai +lastRegistration=Vėliausia registracija +rolesHelp=Nurodykite pasirinkto naudotojo roles. +requireSsl=Reikalauti SSL +samlEntityDescriptor=Leidžia įkelti konfigūracinę rinkmeną arba nurodyti atsisiuntimo URL su išorinio IDP metaduomenimis. +reevaluate=Vertinti pakartotinai +addIdpMapperName=Atitikmens susiejimo vardas. +continue=Tęsti +details=Detaliau +selectScope=Parinkite taikymo sritį +generateNewKeys=Generuoti naujus raktus +offlineSessionIdle=Neprisijungusios sesijos neveikimo laikas +periodicChangedUsersSync=Periodinis pakeitimų sinchronizavimas +searchScope=Paieškos apimtis +userRegistrationHelpText=Įgalina naudotojų registravimosi sąsają. Prisijungimo lange rodoma nuoroda į registravimosi puslapį. +revokeRefreshToken=Prieigos raktą naudoti tik kartą +resourceName=Unikalus resurso vardas. Vardas turi unikaliai identifikuoti resursą. Naudingas, kuomet ieškoma specifinių resursų. +minimumQuickLoginWaitSeconds=Per greito bandymo prisijungti užrakinimo laikas +operationTypes=Veiksmas +realmRoles=Srities rolės +firstName=Vardas +expireTime=Nurodykite laiką po kurio ši taisyklė NETENKINAMA. Teigiamas rezultatas duodamas tik tuo atveju, kuomet dabartinė data ir laikas yra ankstesni arba lygi šiai reikšmei. +expirationHelp=Nustato įvykių galiojimo laiką. Nebegaliojantys įvykiai periodiškai ištrinami iš duomenų bazės. +nameIdFormat=NameID formatas +adminThemeHelp=Pasirinkite kaip atrodys administravimo konsolės langai. +name=Kliento šablono pavadinimas. Privalo būti unikalus šioje srityje +validRedirectUri=Leidžiamos nukreipimo nuorodos +clientList=Klientai +userSession.modelNote.label=Naudotojo sesijos pastaba +permissionName=Šio leidimo pavadinimas. +expires=Galioja iki +pagination=Puslapiavimas +import=Importuoti šio resursų serverio autorizacijos nustatymų JSON rinkmeną. +otpHashAlgorithm=OTP maišos algoritmas +userAttribute=Naudotojo atributas +kid=KID +description=Aprašymas +revoke=Atšaukti +eventListenersHelpText=Nurodykite srities įvykių gavėjus. +clientSignatureHelp=Ar kliento siunčiamos SAML užklausos ir atsakymai bus pasirašyti? Jei taip, tuomet ar juos privaloma tikrinti? +keyPasswordHelp=Slaptažodžių saugykloje esančio privataus rakto slaptažodis +frontchannelLogout=Išregistravimas per naršyklę +providerId=ID +titleRoles=Srities rolės +sectorIdentifierUri.tooltip=Paslaugų teikėjai, kurie naudoja porines subreikšmes ir palaiko dinaminę klientų registraciją (Dynamic Client Registration) turėtų naudoti sector_identifier_uri parametrą. Teikiamas funkcionalumas leidžia svetainių grupėms, valdomoms centralizuotos administravimo panelės, turėti pastovias porines subreikšmes nepriklausomas nuo domeno vardų. Tokiu būdu klientai gali keisti domenų redirect_uri neperregistruojant visų naudotojų. +Tuesday=Antradienis +loginTimeout=Naudotojo prisijungimui skirtas laikas +rdnLdapAttribute=RDN LDAP atributas +fineGrainSamlEndpointConfig=Detalioji SAML prieigos taškų konfigūracija +hours=Valandos +bindType=Autentifikacijos tipas +aliasHelp=Pseudonimas, kuris vienareikšmiškai identifikuoja tapatybės teikėją ir yra naudojamas konstruojant nukreipimo nuorodą. +maxFailureWaitSeconds=Maksimalus užrakinimo laikas +configure=Konfigūruoti +contextualInfo=Kontekstinė informacija +manage=Valdyti +temporaryPassword=Laikinas +applyPolicyHelp=Nurodo visas taisykles, kurios turi būti įvertintos šios taisyklės ar leidimo taikymo sričiai. +kerberosIntegration=Kerberos intergacija +protocolMapper=Protokolas... +requiredSettings=Privalomi nustatymai +sslType.none=jokio +time=Laikas +bruteForceDetection=Grubios jėgos ataka +archiveFormatHelp=Java raktų saugykla (keystore) arba PKCS12 formato rinkmena. +xContentTypeOptions=X-Content-Type-Options +keyAlias=Rakto pseudonimas +prefix=Prefiksas, pridedamas prieš kiekvieną srities rolę (neprivalomas) +none=jokio +sslType.all=visoms užklausoms +type=Tipas +httpPostBindingResponse=Siųsti atsakymus HTTP-POST +saveEvents=Saugoti įvykius +issuer=Išdavėjas +policyEnforcementModeHelp=Taisyklių vykdymo rėžimas nusako kaip turi būti tenkinamos autorizacijos užklausų taisyklės. 'Taikyti' reiškia, kad tuo atveju kai nėra sukonfigūruota nei viena su resursu susijusi taisyklė, prieiga draudžiama. 'Liberalus' reiškia, kad tuo atveju kai nėra sukonfigūruota nei viena su resursu susijusi taisyklė, prieiga leidžiama. 'Išjungta' reiškia, kad neatliekamas taisyklių tikrinimas ir prieiga leidžiama prie visų resursų. +lastUpdated=Pask. kartą atnaujinta +credentialResetBtn=Prisijungimo duomenų atkūrimas +selectAUser=Parinkite naudotoją +seconds=Sekundės +eventTypes.RESET_PASSWORD.name=Pakeisti slaptažodį +otpPolicyDigits=Skaitmenų skaičius +permissions=Leidimai +keystore=Raktų saugykla +accountThemeHelp=Pasirinkite kaip atrodys naudotojo profilio valdymo langai. +canonicalizationHelp=XML parašo metodas. +sessions=Sesijos +fullSyncPeriodHelp=Laikas sekundėmis, kas kurį atliekamas pilnas naudotojų sinchronizavimas į Keycloak sistemą +priority=Prioritetas +trustEmail=El. paštas patikimas +jsonType.label=Privalomo atributo JSON tipas +fullScopeAllowed=Taikymas pilna apimtimi +push=Informuoti apie atšaukimą +titleUsers=Naudotojai +masterSamlProcessingUrlHelp=Kuomet sukonfigūruotas, šis URL bus naudojamas visoms, 'SP Assertion Consumer' ir 'Single Logout Services' užklausoms. Detalioje SAML prieigos adresų konfigūravimo skyriuje šios reikšmės gali būti atskirai pakeistos. +claimJsonType=Naudojamas JSON lauko tipas, kuris turi būti užpildomas rakto privalomoje JSON informacijoje. Galimi tipai\: long, int, boolean ir String. +forceAuthenticationHelp=Jei įgalinta, tuomet tapatybės teikėjas privalo autentifikuoti naudotoją iš naujo nepasitikint ankstesniu prisijungimu. +testClusterAvailability=Tikrinti ar mazgas prieinamas +forceNameIdFormat=Priverstinai naudoti NameID formatą +sslType.external=išorinėms užklausoms +multiValued=Nurodo, kad atributas gali turėti daugiau nei vieną reikšmę. Jei pažymėtas, tuomet visos reikšmės nustatomos kaip privalomos. Kitu atveju privaloma tik pirmoji reikšmė. +addRole=Pridėti rolę +userInfoSignedResponseAlgorithmHelp=JWA algoritmas naudojamas pasirašyti naudotojo informacijos prieigos taško atsaką. Jei nustatyta 'unsigned', tuomet naudotojo informacijos atsakas nebus pasirašytas ir bus grąžintas application/json formatu. +lastName=Pavardė +usermodel.realmRoleMapping.rolePrefix.label=Srities rolės prefiksas +temporaryPasswordHelpText=Jei įgalinta, tuomet naudotojas privalės pasikeisti slaptažodį sekančio prisijungimo metu +otpPolicyDigitsHelp=Kiek OTP turėtų turėti skaitmenų? +connectionPooling=Jungčių buferizavimas +wantAuthnRequestsSignedHelp=Nurodykite, ar tapatybės teikėjas tikisi pasirašytų AuthnRequest užklausų. +enabled=Įgalintas +authenticationAliasHelp=Konfigūracijos pavadinimas +keyPassword=Rakto slaptažodis +SSOSessionIdle=SSO sesijos neveikimo laikas +ssoServiceUrlHelp=Adresas, kuriuo turi būti siunčiamos autentifikacijos užklausos (SAML AuthnRequest). +startTime=Nurodykite laiką iki kurio ši taisyklė NETENKINAMA. Teigiamas rezultatas duodamas tik tuo atveju, kuomet dabartinė data ir laikas yra vėlesnė arba lygi šiai reikšmei. +logicHelp=Logika nurodo kaip turi būti tenkinama taisyklė. Jei nurodyta 'Teigiama', tuomet šios taisyklės vykdymo metu gautas rezultatas (leisti arba drausti) bus naudojamas sprendinio priėmimui. Jei nurodyta 'Neigiama', tuomet šios taisyklės vykdymo rezultatas bus paneigtas, t.y. leidžiama taps draudžiama ir atvirkščiai. +copy=Kopijuoti +monthHelp=Nurodykite mėnesį iki kurio ši taisyklė TENKINAMA. Užpildžius antrąjį laukelį, taisyklė bus TENKINAMA jei mėnesis patenka į nurodytą intervalą. Reikšmės nurodomos imtinai. +registrationAccessToken=Registracijos prieigos raktas +supportedLocales=Palaikomos kalbos +showPasswordDataValue=Reikšmė +issuerHelp=Išdavėjo identifikatorius perduodamas išdavėjo atsakyme. Tikrinimas nebus atliekamas jei reikšmė tuščia. +titleSessions=Sesijos +clientNameHelp=Reikšmė, kuri rodoma naudotojams. Pavyzdžiui 'My Client'. Galimos lokalizuotos reikšmės - pavyzdžiui\: ${my_client} +createPolicy=Sukurti taisyklę +clearAdminEvents=Išvalyti administravimo įvykius +rootURL=Prie reliatyvių nuorodų pridedamas šakninis URL +rootUrl=Šakninis URL +clientLoginTimeout=Kliento prisijungimui skirtas laikas +nodeReRegistrationTimeoutHelp=Nurodykite maksimalų laiko intervalą, per kurį mazgai privalo iš naujo prisiregistruoti. Jei mazgas neatsiųs persiregistravimo užklausos per nurodytą laiką, tuomet šis mazgas bus išregistruojamas iš Keycloak +clientAuthentication=Klientų autentifikacijos seka +registrationEmailAsUsername=El. paštas kaip naudojo vardas +logicType.negative=Neigiama +otpPolicy=OTP taisyklės +flow-type.form-flow=form +signDocumentsHelp=Ar SAML dokumentai turi būtį pasirašomi šios srities? +resetPassword=Pakeisti slaptažodį +requireSslHelp=Ar HTTPS privalomas? 'niekada' - HTTPS nereikalaujamas. 'išorinėms užklausoms' - jungiantis iš localhost ar serverio IP adresų galima prieiti ir per HTTP. 'visoms užklausoms' - HTTPS reikalaujamas jungiantis iš visų IP adresų. +identityInformation=Tapatybės informacija +addUser=Pridėti naudotoją +usermodel.clientRoleMapping.rolePrefix.label=Kliento rolės prefiksas +partialImport=Dalinis duomenų importavimas +includeAuthnStatementHelp=Ar prisijungimo būdas ir laikas šurėtų būti įtraukiami į prisijungimo operacijos atsakymą? +client-authenticator-type=Kliento autentifikavimo priemonės naudojamos kliento autentifikavimuisi į Keycloak serverį +protocol=Protokolas +manageAccount=Valdyti paskyrą +tokenClaimName.label=Reikalaujamo rakto pavadinimas +create=Sukurti +clientSecret=Kliento slaptas kodas +from=Nuo +httpPostBindingAuthnRequest=Siųsti AuthnRequest HTTP-POST +includeInAccessToken.label=Pridėti prie prieigos rakto +iconUri=Ikonos URI +createGroup=Sukurti grupę +resource=Resursas +created=Sukurta +minutes=Minutės +userSession.modelNote.tooltip=Išsaugotos naudotojo sesijos pastaba, kuri saugoma UserSessionModel.note rinkinyje. +usersDN=Naudotojų DN +clientsClientTypeHelp='OpenID connect' leidžia klientams tikrinti galutinio naudotojo tapatybę remiantis autorizacijos serverio atlikta autentifikacija. 'SAML' įgalina žiniatinklio, įskaitant skirtingų domenų atvejus, vieningos autentifikacijos ir autorizacijos scenarijus perduodant informaciją saugiose žinutėse. +selectUser=Nurodykite naudotoją, kurio vardu atliekamas teisių serveryje filtravimas. +webOriginsHelp=Leidžiamos CORS nuorodos. Norėdami leisti nukreipimą į teisingas nuorodas, naudokite '+'. Norėdami leisti visas nuorodas, naudokite '*'. +requestObjectSignatureAlgorithm=Užklausos objekto parašo algoritmas +logoutUrl=Atsijungimo URL +storedTokensReadable=Saugoti raktus skaitomame formate +admin-clearEvents=Ištrina visus su administravimu susijusius veiksmus iš duomenų bazės. +mappers=Atributų atitikmenys +waitIncrementSeconds=Laukimo laiko didinimas po +usermodel.prop.label=Atributas +name-id-format=NameID formatas +credentials=Prisijungimo duomenys +policyType.hotp=Paremtas skaitliuku +enableSSL=Įgalinti SSL +general=Bendra informacija +failureFactor=Maksimalus bandymų prisijungimų skaičius +signAssertions=Pasirašyti sprendinius +scopesSelect=Nurodo, kad šis leidimas turi būti pritaikytas vienai ar daugiau taikymo sričių. +disableUserInfoHelp=Ar uždrausti prieigą prie papildomos naudotojo profilio informacijos per User Info paslaugą? Numatyta reikšmė - naudoti šią OIDC paslaugą. +adminTheme=Administravimo konsolės tema +alias=Pseudonimas +value=Reikšmė +clientSecretHelp=Kliento saugos kodas užregistruotas tapatybės teikėjo sistemoje. +validateSignatures=Įjungti/išjungti SAML atsakymų parašo tikrinimą. +authentication=Autentifikavimas +descriptionHelp=Kliento šablono aprašymas +logoutUrlHelp=Adresas, kuris turi būti naudojamas norint atjungti naudotoją nuo išorinio tapatybės teikėjo. +times.seconds=Sekundės +permissionType=Nurodykite, kad ši taisyklė turi būti taikoma visiems šio tipo resursams. +policyEnforcementModes.ENFORCING=Taikyti +debug=Derinti +clear=Išvalyti +resources=Resursai +groups=Visos grupės, kurių narys yra šis naudotojas. Pažymėkite grupę ir paspauskite 'Palikti' norėdami pašalinti naudotoją iš grupės. +logicType.positive=Teigiama +signatureAlgorithm=Parašo algoritmas naudojamas dokumentų pasirašymui. +eventTypes.LOGOUT.name=Seanso pabaiga +accountTheme=Naudotojo profilio tema +requiredActions=Privalomi veiksmai +forceAuthentication=Priverstinė autentifikacija +assertionConsumerServiceRedirectBindingURLHelp=Kliento sprendinio priėmimo paslaugos SAML nukreipimo jungties URL (prisijungimo atsakymams). Jei tokių jungčių neturite, tuomet palikite tuščias reikšmes. +policyDecisionStagey=Sprendimo strategija nurodo kaip priimamas galutinis sprendimas, kuomet yra vykdomos visos šio leidimo taisyklės. 'Pozityvi' reiškia, kad galutiniam teigiamam sprendimui turi būti tenkinama bent viena taisyklė. 'Vienbalsė' reiškia, kad galutiniam teigiamam sprendimui visos taisyklės turi būti teigiamos. 'Daugumos' reiškia, kad galutinis teigiamas sprendimas bus priimtas tuomet, kai teigiamų taisyklių bus daugiau nei neigiamų. Jei teigiamų ir neigiamų taisyklių skaičius yra vienodas, tuomet galutinis rezultatas bus neigiamas. +resetActions=Atkurti veiksmus +selectARole=Pasirinkti rolę +titleAuthentication=Autentifikavimas +category=Kategorija +batchSize=Paketo dydis +usermodel.prop.tooltip=Sąsajos UserModel atributo metodo pavadinimas. Pavyzdžiui reikšmė 'email' atitinka UserMode.getEmail() metodą. +user=Naudotojas +times.days=Dienos +providers=Teikėjai diff --git a/js/apps/admin-ui/maven-resources/theme-resources/messages/messages_no.properties b/js/apps/admin-ui/maven-resources/theme-resources/messages/messages_no.properties new file mode 100644 index 0000000000..cdcbc6e593 --- /dev/null +++ b/js/apps/admin-ui/maven-resources/theme-resources/messages/messages_no.properties @@ -0,0 +1,531 @@ +otpTypeHelp=Totp er et tidsbasert engangspassord. 'hotp' er et teller basert engangspassord hvor serveren følger med på en teller som den kan hashe mot. +useKerberosForPasswordAuthentication=Bruk Kerberos for autentisering av passord +anyResource=Enhver ressurs +themes=Tema +addClientScope=Legg til klientmal +clientType='OpenID connect' tillater klienter å verifisere identiteten til sluttbrukeren basert på autentisering utført av en autorisasjonsserver. 'SAML' aktiverer en web-basert autentisering og autoriseringsscenarier som inkluderer cross-domain single sign-on (SSO) og som bruker security tokens som inneholder assertions for å dele informasjon videre. +clientSignature=Klientens signatur er påkrevd +unanimous=Enstemmig +policy-name=Navnet på denne policien. +clientHelp=Velg klienten som vil utføre denne autorisasjonsforespørselen. +debugHelp=Aktiver/deaktiver logging av feilsøking til standard output for Krb5LoginModule. +validatorColNames.colConfig=Konfig +nodeHost=Nodevert +quickLoginCheckMilliSeconds=Hvis en feil skjer for raskt samtidig, steng brukeren ute. +unspecified=uspesifisert +signOut=Logg ut +validatorDialogColNames.colName=Rollenavn +credentialType=Type +certificateHelp=Klientsertifikat for å validere JWT utstedt av klienten og signert av privatnøkkel til klient fra din keystore. +forcePostBindingHelp=Bruk alltid POST binding for svar. +roleName=Rollenavn +operationType=Operasjonstype +httpPostBindingAuthnRequestHelp=Indikerer om AuthnRequests må bli sendt ved å bruke en HTTP-POST binding. Hvis satt til false, vil HTTP-REDIRECT binding bli brukt. +policyEnforcementMode=Modus for håndhevelse av policy +decisionStrategy=Beslutningsstrategi +requiredUserActionsHelp=Krev en handling når brukeren logger inn. 'Verifiser e-post' sender en e-post til brukeren for å verifisere deres e-postadresse. 'Oppdater profil' krever at bruker legger inn personlig informasjon. 'Oppdater passord' krever at bruker skriver inn et nytt passord. 'Konfigurer OTP' krever installasjon av en passordgenerator for mobil. +securityDefences=Sikkerhetsmekanismer +realmSettings=Innstillinger for sikkerhetsdomene +deleteEvents=Fjern hendelser +accessTokenLifespanHelp=Maksimum tid før et access token utløper. Det anbefales at denne verdien er kort i forhold til SSO timeout. +redirectURIHelp=Redirect URI som skal brukes når du konfigurerer identitetsleverandøren. +resourcePath=Filsti for ressurs +applyToResourceTypeHelp=Spesifiserer om denne tillatelsen skal gjelde for alle ressurser med en gitt type. I dette tilfellet vil tillatelsen bli evaluert for alle instanser av gitt ressurstype. +attestationPreference.none=Ingen +revocation=Oppheving +clientDescriptionHelp=Angir beskrivelse av klienten. For eksempel\: 'Min klient for timelister'. Støtter nøkler for lokaliserte verdier. For eksempel\: ${my_client_description} +clientAuthenticator=Klientautentikator +useEntityDescriptor=Importer metadata fra et eksternt IDP SAML entity descriptor. +loginActionTimeout=Timeout for innloggingshandling. +updateFirstLoginHelp=Oppdater profil ved første innlogging +validRedirectURIs=Gyldig URI mønster som en nettleser kan redirecte til etter en vellykket innlogging eller utlogging. Enkle jokertegn er tillatt, for eksempel 'http\://example.com/*'. Relativ sti kan også spesifiseres, for eksempel /my/relative/path/*. Relative stier er relative til klientens root URL, eller hvis ingen er spesifisert brukes root URL for autorisasjonsserveren. For SAML må du sette et gyldig URI mønster hvis du er avhengig av at URL for forbrukertjenesten er integrert med forespørselen for pålogging. +assertionConsumerServicePostBindingURL=Assertion consumer service POST binding URL +endpoints=Endepunkter +clientId=Klient-ID +validatingX509CertsHelp=Sertifikatet i PEM format som må brukes for å se etter signaturer. +contextualAttributesHelp=Ethvert attributt gitt av et kjørende miljø eller ved utførelseskontekst. +importFile=Importer fil +clientLoginTimeoutHelp=Maksimum tid en klient har for å fullføre access token protokollen. Dette burde normalt være 1 minutt. +lastAccess=Sist aksessert +protocolHelp=Hvilken SSO protokoll-konfigurasjon som blir levert av denne klientmalen +uiDisplayName=Konsoll vis navn +prompts.none=Ingen +resourcesHelp=Spesifiserer at denne tillatelsen må bli brukt for en spesifikk ressursinstans. +adminEventsSettings=Innstillinger for administratorhendelser +emailVerified=E-post verifisert +passwordConfirmation=Passord bekreftelse +times.minutes=Minutter +forcePostBinding=Force POST binding +defaultRoles=Standardroller +discoveryEndpoint=Importer metadata fra et eksternt IDP discovery descriptor. +countHelp=Angir hvor mange klienter som kan bli opprettet ved å bruke token. +otpPolicyPeriod=Engangskode token +uuidLdapAttribute=UUID LDAP-attributt +topLevelFlowType=Hvilken type toppnivå flyt er det? Type 'klient' brukes for autentisering av klienter (applikasjoner) når generisk brukes for brukere og alt annet +scopeNameHelp=Navn på klientmal. Må være unik i sikkerhetsdomenet. +requiredUserActions=Påkrevde brukerhandlinger +flowTypeHelp=Hva slags skjema det er +consentRequired=Hvis aktivert må brukere gi samtykke for at klienten skal få tilgang. +allowRemoteResourceManagement=Håndtering av ekstern ressurs +standardFlow=Dette aktiverer standard OpenID Connect redirect-basert autentisering med autorisasjonskode. I forhold til OpenID Connect eller OAuth2 spesifikasjoner aktiverer dette støtte for 'Authorization Code Flow' for denne klienten. +identityProvider=Identitetsleverandør +eventListeners=Hendelseslyttere +bindDn=Bind DN +identityProviderLinks=Lenker til identitetsleverandør +leave=Forlat +eventTypes.IMPERSONATE.name=Utgi deg for å være bruker +wantAuthnRequestsSigned=Vil ha AuthnRequests signert +usermodel.attr.tooltip=Navn på lagret brukerattributt som er navnet på en attributt innenfor UserModel.attribute map. +export=Eksporter +add=Legg til +passwordPolicy=Passordpolicy +backchannelLogout=Backchannel utlogging +count=Teller +testAuthentication=Testautentisering +prompts.login=Innlogging +users=Brukere +offlineSessionIdleHelp=Tiden en sesjon i frakoblet modus er tillatt å være inaktiv før den utløper. Du må bruke tokens for frakoblet modus for å oppdatere sesjonen minst en gang i denne perioden, ellers vil sesjonen utløpe. +uris=En URI som også kan brukes for å identifisere denne ressursen. +forceNameIdFormatHelp=Ignorer forespurt format på Navn-ID emnet og bruk den som er konfigurert i administrasjonskonsollen. +port=Port +expiration=Holdbarhet +realmRolePrefix=Prefiks for sikkerhetsdomenerolle +includeRepresentation=Inkluder representasjon +assertionConsumerServicePostBindingURLHelp=SAML POST binding URL for klientens assertion customer service (innloggingsrespons). Du kan la denne stå tom om du ikke ønsker en URL for denne bindingen. +resourceTypes=Ressurstyper +singleLogoutServiceUrl=Single utloggingstjeneste URL +roles=Roller +includeInUserInfo.label=Legg til i brukerinfo +back=Tilbake +validateSignatureHelp=Aktiver/deaktiver signaturvalidering av eksterne IDP signaturer. +policyCode=JavaScript-koden angir betingelsene for denne politikken. +title=Autentisering +verifyEmail=Bekreft e-postadresse +representation=Representasjon +remove=Fjern +formatOption=Formatalternativer +loginTheme=Innloggingstema +provider=Leverandør +flows=Flyt +scope=Scope +nodeReRegistrationTimeout=Timeout for re-registrering av node +client=klient +includeRepresentationHelp=Inkluder JSON-representasjon for å skape og oppdatere forespørsler. +connectionURL=Tilkoblings URL +accessTokenLifespan=Levetid for access token +setToNow=Sett til nå +signAssertionsHelp=Skal assertions i SAML dokumenter bli signert? Denne innstillingen er ikke nødvendig hvis et dokument allerede har blitt signert. +firstBrokerLoginFlowAliasHelp=Alias for autentiseringsflyt, som trigges etter første innlogging med denne identitetsleverandøren. Begrepet 'Første innlogging' betyr at det ennå ikke eksisterer en Keycloak-konto koblet til den autentiserte kontoen til identitetsleverandøren. +owner=Eier +validateSignature=Valider signaturer +implicitFlow=Dette aktiverer støtte for OpenID Connect redirect-basert autentisering uten autorisasjonskode. I forhold til OpenID Connect eller OAuth2 spesifikasjoner aktiverer dette støtte for 'Implicit Flow' for denne klienten. +headers=Headere +encryptAssertions=Krypter assertions +keyAliasHelp=Arkiv-alias for din privatnøkkel og sertifikater. +tokenClaimName.tooltip=Navn på claim som skal legges inn i token. Denne kan være et fullt kvalifisert navn som 'address.street'. I dette tilfellet vil et nestet jsonobjekt bli laget. +userName=Brukernavn +clientProfileDescription=Beskrivelse +userObjectClasses=Brukerobjektklasser +usermodel.clientRoleMapping.client.label=Klient-ID +ssoSessionMax=Maksimum tid før en sesjon utløper. Tokens og nettlesersesjoner vil bli ugyldig når en sesjon utløper. +policyRoles=Spesifiserer klientroller tillatt av denne policien. +times.hours=Timer +browserFlowHelp=Velg flyten du ønsker å bruke for nettleser-autentisering. +temporaryLocked=Brukeren kan ha blitt låst på grunn av at innloggingsforsøk har feilet for mange ganger. +webOrigins=Web origins +realm=Sikkerhetsdomene +prompt=Prompt +username=Brukernavn +showAuthData=Vis autorisasjonsdata +importConfig=Importer metadata fra en nedlastet IDP discovery descriptor. +includeInUserInfo.tooltip=Burde claim bli lagt til i brukerinfo? +initialCounter=Initiell teller +revokeRefreshTokenHelp=Hvis aktivert kan refresh token kun bli brukt en gang. Ellers vil refresh tokens kunne bli brukt flere ganger. +storedTokensReadableHelp=Aktiver/deaktiver hvis nye brukere kan lese lagrede tokens. Dette tildeles broker.read-token rollen. +authenticationFlowTypeHelp=Hva slags skjema det er +authorization=Aktiver/deaktiver finkornet autorisasjonssupport for en klient +editUsernameHelp=Dersom aktivert, er feltet for brukernavn redigerbart, ellers kun lesbart. +consoleDisplayConnectionUrlHelp=Tilkoblings URL din til LDAP-server +bindCredentialsHelp=Passord for LDAP administrator +action=Handling +join=Bli med +id=ID +fullScopeAllowedHelp=Lar deg å deaktivere alle restriksjoner. +applyPolicy=Anvend policy +otpType=Type engangskode +directGrantHelp=Velg flyten du ønsker å bruke for direct grant autentisering. +scopesHelp=Scopes som sendes når du ber om autorisasjon. Dette kan være en liste med scopes separert med mellomrom. Standard er satt til 'openid'. +includeAuthnStatement=Inkluder AuthnStatement +jsonType.tooltip=JSON-type som burde bli brukt for å fylle json claimet i tokenet. long, int, boolean og String er gyldige verdier. +multivalued.tooltip=Angir om en attributt støtter flere verdier. Hvis true, vil listen med alle verdier for dette attributtet bli satt som claims. Hvis false, vil bare den første verdien bli satt som claim. +enableStartTLS=Aktiver StartTLS +enableStartTls=Aktiver StartTLS +addIdPMapper=Legg til identitetsleverandørmappere +eventType=Hendelsestype +homeURL=Standard URL som kan brukes når autorisasjonsserveren trenger å redirecte eller lenke tilbake til klienten. +contentSecurityPolicyReportOnly=Rapporterende sikkerhetspolicy for innhold +firstBrokerLoginFlowAlias=Flyt for første innlogging +usermodel.attr.label=Brukerattributt +eventTypes.REGISTER.name=Registrer +rememberMeHelpText=Vis en avkryssingsboks på innloggingssiden som lar brukere forbli innlogget mellom omstart av nettleser og inntil sesjonen utløper. +usernameLdapAttribute=Brukernavn LDAP-attributt +evaluate=Evaluer +ssoServiceUrl=Single sign-on service URL +allowRemoteResourceManagementHelp=Skal ressursene bli håndtert eksternt av ressursserveren? Hvis satt til false kan ressursene kun bli håndtert fra denne administratorkonsollen. +clients=Klienter +changedUsersSyncPeriod=Synkroniseringsperiode for endrede brukere +clientName=Navn +userRegistration=Registrering av bruker +save=Lagre +login=Innlogging +maxDeltaTimeSeconds=Tid for tilbakestilling av feil. +backchannelLogoutHelp=Støtter ekstern IDP backchannel utlogging? +usermodel.realmRoleMapping.rolePrefix.tooltip=Prefiks for hver sikkerhetsdomenerolle (valgfri). +affirmative=Bekreftende +changedUsersSyncHelp=Tidsperiode for synkronisering av endrede eller nylig opprettede LDAP-brukere i sekunder. +trustEmailHelp=Hvis aktivert vil ikke e-post levert av denne leverandøren bli verifisert selv om verifisering er aktivert for sikkerhetsdomenet. +maxFailureWaitSecondsHelp=Maksimum tid en bruker vil være stengt ute. +maxDeltaTimeSecondsHelp=Når vil teller for feil nullstilles? +adminURLHelp=URL til administratorgrensesnitt for klienten. Sett denne hvis klienten støtter adapter REST API. Dette REST APIet tillater autorisasjonsserveren til å sende tilbakekallingsregler og andre administrative oppgaver. Vanligvis er dette satt til klientens base URL. +otpPolicyPeriodHelp=Hvor mange sekunder burde et engangskode token være gyldig? Standard er satt til 30 sekunder. +contentSecurityPolicy=Sikkerhetspolicy for innhold +storePasswordHelp=Passord for å få tilgang til arkivet +frontchannelLogoutHelp=Hvis satt til true, krever utlogging en redirect i nettleser til klient. Hvis satt til false, vil server utføre en bakgrunnskall for utlogging. +userFederation=Brukerfederering +directAccess=Dette gir støtte for Direct Access Grants, som betyr at klienten har tilgang til brukerens brukernavn/passord og kan bytte dette direkte med Keycloak-serveren for access token. I følge OAuth2 spesifikasjonen, aktiverer dette støtte for 'Resource Owner Password Credentials Grant' for denne klienten. +attributes=Attributter +logic=Logikk +scopes=Scope +resourceType=Ressurstype +flowType=Type av flyt +policyEnforcementModes.PERMISSIVE=Ettergivende +auth=Auth +accessTokenLifespanImplicitFlow=Access token-levetid for implicit flow +scopeName=Et unikt navn for dette scopet. Navnet kan bli brukt for å identifisere et scope, og er nyttig i spørringer for en bestemt ressurs. +userInfoUrlHelp=Brukerinfo URLen. Denne er valgfri. +remainingCount=Resterende antall +kc.realm.name=Sikkerhetsdomene +download=Last ned +authScopes=Autorisasjonsscopes +impersonate=Utgi deg for å være bruker +members=Medlemmer +host=Vert +registration-access-token=Access token for registrering gir klienter tilgang til registreringstjenesten for klienter. +adminURL=Admin URL +settings=Innstillinger +failureFactorHelp=Hvor mange feil før ventetid blir aktivert. +storeTokensHelp=Aktiver/deaktiver hvis tokens må bli lagret etter at brukere har blitt autentisert. +singleLogoutServiceUrlHelp=URL som må brukes for å sende utloggingsforespørsler. +ipAddress=IP-adresse +useTruststoreSpi=Bruk Truststore SPI +storeTokens=Lagre Tokens +usermodel.clientRoleMapping.rolePrefix.tooltip=Prefiks for hver klientrolle (valgfri). +includeInIdToken.label=Legg til i ID token +browserFlow=Nettleserflyt +anyScope=Ethvert scope +serverInfo=Serverinformasjon +emailThemeHelp=Velg tema for e-post sendt av server. +emailVerifiedHelp=Har brukerens e-post blitt verifisert? +addExecution=Legg til eksekvering +editMode=Redigeringsmodus +consents=Samtykke +canonicalization=Kanoniseringsmetode +SSOSessionMax=Maksimum SSO sesjon +groupMembership=Gruppemedlemskap +minimumQuickLoginWaitSecondsHelp=Ventetid etter en hurtig innloggingsfeil. +code=Kode +fullSyncPeriod=Fullstendig synkroniseringsperiode +addNode=Legg til node +policy-description=En beskrivelse av denne policien. +policies=Policier +certificate=Sertifikat +importClient=Importer klient +selectRole.label=Velg rolle +allTypes=Alle typer +prompts.consent=samtykke +ldapFilter=LDAP filter +postBrokerLoginFlowAlias=Post-påloggingsflyt +tokens=Tokens +save-admin-events=Hvis aktivert vil administratorhendelser bli lagret i databasen, som vil gjøre hendelsene tilgjengelige i administrasjonskonsollen. +encryptAssertionsHelp=Skal SAML assertions bli kryptert med klientens offentlige nøkkel ved å bruke AES? +policyGroups=Spesifiser bruker(e) som tillates av denne policien. +on=På +serviceAccount=Lar deg autentisere denne klienten til Keycloak og hente access token dedikert til denne klienten. I følge OAuth2 spesifikasjonen, aktiverer dette støtte for 'Client Credentials Grant' for denne klienten. +requirement=Krav +assertionConsumerServiceRedirectBindingURL=Assertion Consumer Service redirect binding URL +loginThemeHelp=Velg tema for sidene\: innlogging, OTP, rettigheter, registrering, glemt passord. +permissionDescription=En beskrivelse av denne tillatelsen. +multivalued.label=Flere verdier +initialAccessToken=Første access token +vendorHelp=LDAP leverandør (provider) +clustering=Clustering +applyToResourceType=Bruk på ressurstype +rememberMe=Husk meg +flow.registration=Registreringsflyt +registeredClusterNodes=Registrerte clusternoder +selectRole.tooltip=Skriv inn rolle i tekstboksen til venstre, eller klikk på denne knappen for å bla gjennom og velge rollen du ønsker. +storePassword=Lagre passord +logoutServiceRedirectBindingURLHelp=SAML redirect binding URL for klientens single logout-tjeneste. Du kan la dette stå tomt om du bruker en annen binding. +defaultGroups=Standardgrupper +flow.browser=Nettleserflyt +editModeLdapHelp=READ_ONLY er et skrivebeskyttet LDAP-lager. WRITABLE betyr at data vil bli synkronisert tilbake til LDAP på forespørsel. UNSYNCED betyr at brukerdata vil bli importert, men vil ikke bli synkronisert tilbake til LDAP. +includeInIdToken.tooltip=Burde claim bli lagt til i ID token? +save-user-events=Hvis aktivert vil innloggingshendelser bli lagret i databasen, noe som gjør hendelsene tilgjengelige for administrator og kontoadministrasjonskonsoll. +password=Passord +allowPasswordAuthentication=Tillat autentisering med passord +composite=Sammensatt +clientAuthorization=Autorisasjon +waitIncrementSecondsHelp=Når terskelen for feil er nådd, hvor lenge skal brukeren stenges ute? +allowKerberosAuthentication=Tillat autentisering med Kerberos +events=Hendelser +createPermission=Opprett tillatelse +mapperType=Mappertype +testConnection=Testkobling +edit=Rediger +archiveFormat=Arkivformat +credentialResetConfirm=Send e-post +kerberosRealm=Sikkerhetsdomene for Kerberos +flow.direct\ grant=Direct Grant Flyt +associatedRolesText=Assosierte roller +defaultLocale=Standard lokalitet +clientIdHelp=Identifikator for klient registrert hos identitetsleverandør. +typeHelp=Ressurstype. Den kan brukes til å gruppere ulike ressursinstanser av samme type. +htmlDisplayName=HTML vis navn +authorizationUrl=Autorisasjons URL +contextualAttributes=Kontekstuelle attributter +allowPasswordAuthenticationHelp=Aktiver/deaktivert muligheten for autentisering med brukernavn/passord mot databasen til Kerberos +includeInAccessToken.tooltip=Burde claim bli lagt til i access token? +idpInitiatedSsoRelayStateHelp=Relay state du ønsker å sende med SAML forespørselen når du vil utføre en IDP initiert SSO. +otpHashAlgorithmHelp=Hva slags hashing algoritme skal brukes for å generere OTP. +clientsClientScopesHelp=Scopes assosiert med denne ressursen. +vendor=Leverandør +logoutServiceRedirectBindingURL=Logout-tjeneste redirect binding URL +idpInitiatedSsoRelayState=IDP initiert SSO relay state +validatingX509Certs=Validerer X509 sertifikat +masterSamlProcessingUrl=Master SAML prosesserings URL +key=Nøkkel +email=E-postadresse +userInfoUrl=Brukerinfo URL +identityProviders=Identitetsleverandør +nameIdPolicyFormat=Policy for nameid-format +idpInitiatedSsoUrlName=Navn på URL-fragment som refererer til klienten når du vil gjøre en IDP initiert SSO. La denne stå tom om du ønsker å deaktivere IDP initiert SSO. URLen vil være\: {server-root}/realms/{realm}/protocol/saml/clients/{client-url-name} +ssoSessionIdle=Tiden en sesjon er tillatt å være inaktiv før den utløper. Tokens og nettlesersesjoner vil bli ugyldig når en sesjon utløper. +xFrameOptions=Alternativer for X-Frame +scopeDescriptionHelp=Beskrivelse av klientmal +directGrant=Direct Grant Flyt +consensus=Konsensus +policyType.totp=Tidsbasert +emailTheme=E-posttema +nameIdFormatHelp=Navn-ID formatet som skal brukes for emnet. +adminEvents=administratorhendelser +registerNodeManually=Register node manuelt +serverPrincipal=Server principal +redirectURI=Redirect URI +signDocuments=Signer dokumenter +periodicFullSync=Fullstendig periodisk synkronisering +tokenUrl=Token URL +notBefore=Ikke før +createdAt=Opprettet ved +editUsername=Rediger brukernavn +titleEvents=Hendelser +lastRegistration=Siste registrering +rolesHelp=Velg en rolle som du vil knytte til den valgte brukeren. +requireSsl=Krev SSL +samlEntityDescriptor=Lar deg laste inn ekstern IDP metadata fra en konfigurasjonsfil eller ved å laste det ned fra en URL. +reevaluate=Re-evaluering +addIdpMapperName=Navn på mapper. +continue=Fortsett +details=Detaljer +selectScope=Velg et scope +generateNewKeys=Generer nye nøkler +offlineSessionIdle=Inaktiv sesjon i frakoblet modus +periodicChangedUsersSync=Periodisk synkronisering av endrede brukere +searchScope=Scope for søk +userRegistrationHelpText=Aktiver/deaktiver registreringssiden. En lenke for registrering vil være synlig på innloggingssiden. +revokeRefreshToken=Fjern refresh token +resourceName=Et unikt navn for denne ressursen. Navnet kan bli brukt til å identifisere en ressurs og er nyttig i spørringer for en bestemt ressurs. +minimumQuickLoginWaitSeconds=Minimum ventetid for hurtig innlogging +operationTypes=Operasjonstyper +realmRoles=Sikkerhetsdomeneroller +firstName=Fornavn +expireTime=Definerer tiden etter en policy MÅ IKKE innvilges. Denne innvilges kun om gjeldende dato/tid er før eller lik denne verdien. +expirationHelp=Setter utløpstid for hendelser. Utløpte hendelser vil med jevne mellomrom bli slettet fra databasen. +nameIdFormat=Navn-ID format +adminThemeHelp=Velg et tema for administrasjonskonsollen. +name=Navn på klientmal. Må være unik i sikkerhetsdomenet. +validRedirectUri=Gyldig redirect URIer +clientList=Klienter +userSession.modelNote.label=Brukersesjonsmerknad +permissionName=Navnet på denne tillatelsen. +expires=Utløper +pagination=Paginering +import=Importer en JSON-fil som inneholder innstillinger for autorisasjon for denne ressursserveren. +otpHashAlgorithm=OTP hash-algoritme +userAttribute=Brukerattributt +description=Beskrivelse +revoke=Opphev +eventListenersHelpText=Konfigurer hvilke lyttere som skal motta eventer fra sikkerhetsdomenet. +clientSignatureHelp=Skal klienten signere sine SAML forespørsler og svar? Og skal de valideres? +keyPasswordHelp=Passord for å få tilgang til privatnøkler i arkivet +frontchannelLogout=Front channel utlogging +policyClient=Spesifiser klient(er) som tillates av denne policien. +providerId=ID +titleRoles=Sikkerhetsdomeneroller +loginTimeout=Timeout for innlogging +rdnLdapAttribute=RDN LDAP-attributt +fineGrainSamlEndpointConfig=Finkornet SAML endepunktskonfigurasjon +hours=Timer +bindType=Autentiseringstype +aliasHelp=Aliaset identifiserer en identitetsleverandør og kan brukes for å bygge en redirect uri. +maxFailureWaitSeconds=Maksimum ventetid +configure=Konfigurer +contextualInfo=Kontekstuell informasjon +manage=Håndter +temporaryPassword=Midlertidig +applyPolicyHelp=Spesifiserer alle policies som må bli anvendt for scopes definert av denne policien eller tillatelsen. +kerberosIntegration=Kerberos Integrasjon +protocolMapper=Protokoll... +requiredSettings=Påkrevde innstillinger +sslType.none=Ingen +time=Tid +bruteForceDetection=Deteksjon av Brute Force +archiveFormatHelp=Java keystore eller PKCS12 arkivformat. +xContentTypeOptions=Alternativer for X-innholdstyper +keyAlias=Nøkkelalias +prefix=Prefiks for hver sikkerhetsdomenerolle (valgfri). +none=Ingen +sslType.all=Alle forespørsler +usermodel.clientRoleMapping.client.tooltip=Klient-ID for å mappe roller +type=Type +httpPostBindingResponse=HTTP-POST binding svar +saveEvents=Lagre hendelser +issuer=Utgiver +policyEnforcementModeHelp=Modus for håndhevelse av policy dikterer hvordan policier blir håndhevet når autorisasjonsforespørsler blir evaluert. 'Håndhevende' betyr at forespørsler blir nektet som standard selv om det ikke er en policy knyttet til en gitt ressurs. 'Ettergivende' betyr at forespørsler blir tillatt selv om det ikke er en policy knyttet til en gitt ressurs. 'Deaktivert' deaktiverer fullstendig evalueringen av policier og tillater tilgang til enhver ressurs. +lastUpdated=Sist oppdatert +seconds=Sekunder +selectAUser=Velg en bruker +eventTypes.RESET_PASSWORD.name=Tilbakestill passord +otpPolicyDigits=Antall siffer +permissions=Tillatelser +accountThemeHelp=Velg tema for brukerkontoadministrasjonssider. +canonicalizationHelp=Kanoniseringsmetode for XML signaturer. +sessions=Sesjoner +fullSyncPeriodHelp=Periode for fullstendig synkronisering i sekunder +priority=Prioritet +trustEmail=Stol på e-post +jsonType.label=JSON-type for claims +fullScopeAllowed=Tillatt med fullt scope +push=Send +titleUsers=Brukere +masterSamlProcessingUrlHelp=Hvis konfigurert vil denne URLen bli brukt for hver binding til både SPs Assertion Consumer og Single Logout-tjenester. Denne kan bli individuelt overstyrt for hver binding og tjenester i konfigurasjonen for finkornet SAML endepunkt. +claimJsonType=JSON-type som burde bli brukt for å fylle json claimet i tokenet. long, int, boolean og String er gyldige verdier. +forceAuthenticationHelp=Indikerer om identitetsleverandør må autentisere presentatøren direkte i stedet for å stole på en tidligere sikkerhetskontekst. +testClusterAvailability=Test cluster tilgjengelighet +forceNameIdFormat=Force navn-ID format +sslType.external=Eksterne forespørsler +multiValued=Angir om en attributt støtter flere verdier. Hvis true, vil listen med alle verdier for dette attributtet bli satt som claims. Hvis false, vil bare den første verdien bli satt som claim. +addRole=Legg til rolle +lastName=Etternavn +usermodel.realmRoleMapping.rolePrefix.label=Prefiks for sikkerhetsdomenerolle +temporaryPasswordHelpText=Hvis aktivert, er brukeren påkrevd til å endre passordet ved neste innlogging +otpPolicyDigitsHelp=Hvor mange sifre skal OTP ha? +connectionPooling=Connection Pooling +wantAuthnRequestsSignedHelp=Indikerer om identitetsleverandør forventer en signert AuthnRequest. +enabled=Aktivert +authenticationAliasHelp=Navn på konfigurasjonen +keyPassword=Nøkkelpassord +SSOSessionIdle=Inaktiv SSO sesjon +ssoServiceUrlHelp=URL som må brukes for å sende autentiseringsforespørsler (SAML AuthnRequest). +startTime=Definerer tiden før policien MÅ IKKE innvilges. Denne innvilges kun om gjeldende dato/tid er før eller lik denne verdien. +logicHelp=Logikken som dikterer hvordan beslutningspolicien skal utførres. Hvis 'Positiv', vil resulterende effekt (tillate eller nekte) oppnådd under evalueringen av denne policien bli brukt for å ta en beslutning. Hvis 'Negativ', vil resulterende effekt bli opphevet, med andre ord blir en tillatelse til et avslag og motsatt. +copy=Kopi +supportedLocales=Støttede lokaliteter +registrationAccessToken=Access token for registrering +showPasswordDataValue=Verdi +issuerHelp=Identifikator for utgiver av forespørselen. Hvis dette ikke er oppgitt vil ingen validering utføres. +titleSessions=Sesjoner +clientNameHelp=Angir klientnavnet som blir vist. For eksempel, 'Min klient'. Støtter nøkler for lokaliserte verdier. For eksempel\: ${my_client} +createPolicy=Opprett policy +clearAdminEvents=Fjern administratorhendelser +rootUrl=Root URL +rootURL=Root URL lagt til relative URLer +clientLoginTimeout=Timeout av klientinnlogging +nodeReRegistrationTimeoutHelp=Intervall for å angi maksimum tid for registrerte klienters clusternoder for å re-registreres. Hvis en clusternode ikke sender re-regisreringsforespørsel til Keycloak innen dette intervallet, vil den bli uregistrert fra Keycloak. +clientAuthentication=Autentisering av klient +registrationEmailAsUsername=E-postadresse som brukernavn +logicType.negative=Negativ +otpPolicy=Policy for engangskode +flow-type.form-flow=skjema +signDocumentsHelp=Skal SAML dokumenter bli signert av sikkerhetsdomenet? +resetPassword=Tilbakestill passord +requireSslHelp=Kreves HTTPS? 'Ingen' betyr at HTTPS ikke kreves for noen klienters IP-adresse. 'Ekstern forespørsel' betyr at localhost og private IP-adresser kan få tilgang uten HTTPS. 'Alle forespørsler' betyr at HTTPS kreves for alle IP-adresser. +identityInformation=Identitetsinformasjon +addUser=Legg til bruker +usermodel.clientRoleMapping.rolePrefix.label=Prefiks for klientrolle +partialImport=Delvis import +includeAuthnStatementHelp=Skal et statement som spesifiserer metoden for tidsstempel inngå i innloggingssvaret? +client-authenticator-type=Klientautentikator som blir brukt for å autentisere denne klienten mot keycloak-server +protocol=Protokoll +manageAccount=Administrer konto +tokenClaimName.label=Navn på token claim +create=Opprett +clientSecret=Klient secret +from=Fra +httpPostBindingAuthnRequest=HTTP-POST binding for AuthnRequest +includeInAccessToken.label=Legg til i access token +iconUri=Ikon URI +createGroup=Opprett gruppe +resource=Ressurs +created=Opprettet +minutes=Minutter +userSession.modelNote.tooltip=Navn på lagret brukersesjonsmerknad innenfor UserSessionModel.note map. +usersDN=DN-brukere +clientsClientTypeHelp='OpenID connect' tillater klienter å verifisere identiteten til sluttbrukeren basert på autentisering utført av en autorisasjonsserver. 'SAML' aktiverer en web-basert autentisering og autoriseringsscenarier som inkluderer cross-domain single sign-on (SSO) og som bruker security tokens som inneholder assertions for å dele informasjon videre. +selectUser=Velg en bruker hvis identitet vil bli brukt for å søke tillatelser fra serveren. +webOriginsHelp=Tillat CORS origins. For å tillate alle origins med gyldig Redirect URIer legg til '+'. For å tillate alle origins legg til '*'. +logoutUrl=Utloggings URL +storedTokensReadable=Lagrede lesbare tokens +admin-clearEvents=Sletter alle administratorhendelser i databasen. +mappers=Mappere +waitIncrementSeconds=økning av ventetid +usermodel.prop.label=Egenskap +name-id-format=Navn-ID format +credentials=Innloggingsdetaljer +policyType.hotp=Tellerbasert +enableSSL=Aktiver SSL +general=Generelt +failureFactor=Maksimum antall innloggingsfeil +signAssertions=Signer assertions +scopesSelect=Spesifiserer at denne tillatelse må anvendes på en eller flere scopes. +adminTheme=Administrasjonskonsolltema +alias=Alias +value=Verdi +clientSecretHelp=Klient secret registrert hos identitetsleverandør. +validateSignatures=Aktiver/deaktiver signaturvalidering av SAML svar. +authentication=Autentisering +descriptionHelp=Beskrivelse av klientmal +logoutUrlHelp=Endepunkt for avsluttende sesjon som brukes for å logge ut bruker fra ekstern IDP. +times.seconds=Sekunder +permissionType=Spesifiserer at denne tillatelsen må bli anvendt for alle ressursinstanser for en gitt type. +policyEnforcementModes.ENFORCING=Håndhevende +debug=Feilsøking +clear=Tøm +resources=Ressurser +groups=Gruppen som brukeren er medlem av. Velg en gruppe på listen og klikk på 'Forlat' for å forlate gruppen. +logicType.positive=Positiv +signatureAlgorithm=Signaturalgoritmen som brukes for å signere et dokument. +eventTypes.LOGOUT.name=Logg ut +accountTheme=Kontotema +requiredActions=Påkrevde handlinger +forceAuthentication=Force autentisering +assertionConsumerServiceRedirectBindingURLHelp=SAML redirect for klientens assertion consumer service (innloggingsrespons). Du kan la denne stå tom om du ikke ønsker en URL for denne bindingen. +policyDecisionStagey=Beslutningsstrategi som dikterer hvordan policies knyttet til en gitt policy blir evaluert og hvordan endelig avgjørelse oppnås. 'Bekreftende' betyr at minst en policy må evalueres til en positiv beslutning for at den samlede avgjørelsen kan bli positiv. 'Enstemmig' betyr at alle policies må evalueres til en positiv beslutning for at den samlede avgjørelsen kan bli positiv. 'Konsensus' betyr at antall positive beslutninger må være høyere enn antall negative beslutninger. Hvis antallet av positive og negative er likt, blir den samlede avgjørelsen negativ. +resetActions=Tilbakestill handlinger +selectARole=Velg en rolle +titleAuthentication=Autentisering +category=Kategori +batchSize=Batch størrelse +usermodel.prop.tooltip=Navn på egenskapsmetoden i UserModel-grensesnittet. For eksempel, en verdi av 'e-post' vil referere til metoden UserModel.getEmail(). +user=Bruker +times.days=Dager +providers=Leverandører diff --git a/js/apps/admin-ui/maven-resources/theme-resources/messages/messages_pt_BR.properties b/js/apps/admin-ui/maven-resources/theme-resources/messages/messages_pt_BR.properties new file mode 100644 index 0000000000..feec3bb323 --- /dev/null +++ b/js/apps/admin-ui/maven-resources/theme-resources/messages/messages_pt_BR.properties @@ -0,0 +1,525 @@ +otpTypeHelp=totp is Time-Based One Time Password. 'hotp' is a counter base one time password in which the server keeps a counter to hash against. +useKerberosForPasswordAuthentication=Utilizar Kerberos para autenticação via senha +anyResource=Qualquer recurso +themes=Temas +addClientScope=Adicionar modelo de cliente +clientType='OpenID connect' permite aos Clientes verificarem a identidade do usuário final baseado na autenticação realizada por um servidor de Autorização. 'SAML' permite cenários de autenticação e autorização web-based incluindo cross-domain single sign-on (SSO) e utiliza tokens de segurança contendo assertions para trafegar informações. +clientSignature=Assinatura do cliente requerida +unanimous=Unânime +policy-name=The name of this policy. +clientHelp=Select the client making this authorization request. If not provided, authorization requests would be done based on the client you are in. +debugHelp=Habilita/Desabilita log de nível debug para a saída padrão para Krb5LoginModule. +validatorColNames.colConfig=Configuração +nodeHost=Host +quickLoginCheckMilliSeconds=Se uma falha ocorre concorrentemente neste período, travar a conta do usuário. +unspecified=Não especificado +signOut=Sign Out +validatorDialogColNames.colName=Nome do Role +credentialType=Tipo +certificateHelp=Certificado do cliente para validar JWT emitidos pelo cliente e assinados pela chave privada do cliente da sua keystore. +forcePostBindingHelp=Sempre utilizar POST para respostas. +roleName=Nome do Role +operationType=Tipo de operação +httpPostBindingAuthnRequestHelp=Indica se o AuthnRequest deve ser enviado utilizando HTTP-POST. Se falso, HTTP-REDIRECT será utilizado. +policyEnforcementMode=Modo de execução da política +decisionStrategy=Estratégia de decisão +requiredUserActionsHelp=Require an action when the user logs in. 'Verify email' sends an email to the user to verify their email address. 'Update profile' requires user to enter in new personal information. 'Update password' requires user to enter in a new password. 'Configure OTP' requires setup of a mobile password generator. +securityDefences=Defesas +realmSettings=Configurações do Realm +deleteEvents=Limpar eventos +accessTokenLifespanHelp=Tempo máximo antes que um token de acesso expire. Recomenda-se que este valor seja menor em relação ao tempo de inativação do inativação do SSO. +redirectURIHelp=A url de redirecionamento para usar quando da configuração do provedor de identidade. +resourcePath=Path do recurso +applyToResourceTypeHelp=Specifies if this permission would be applied to all resources with a given type. In this case, this permission will be evaluated for all instances of a given resource type. +attestationPreference.none=Nenhum +revocation=Revogação +clientDescriptionHelp=Especifica a descrição do cliente. Por exemplo 'Meu cliente para TimeSheets'. Também aceita chaves para valores localizados. Por exemplo\: ${meu_cliente_descricao} +clientAuthenticator=Autenticador do cliente +useEntityDescriptor=Importar metadata de um descritor de entidade IDP SAML remoto. +loginActionTimeout=Tempo limite da ação de Login +updateFirstLoginHelp=Atualizar o perfil no primeiro login +validRedirectURIs=Padrão de URI válido para onde um navegador pode redirecionar depois de um login bem-sucedido ou sair. Wildcards simples são permitidos, por exemplo 'http\://example.com/*'. Caminhos relativos podem ser especificados também, ex\: /my/relative/path/*. Caminhos relativos são relativos à URL raiz do cliente, ou se nenhum for especificado a URL raiz do servidor é usado. Para SAML, é necessário definir padrões de URI válidos se você está contando com a URL do serviço consumidor incorporada com a solicitação de login. +assertionConsumerServicePostBindingURL=URL para conexão post para o serviço consumidor de Assertions +usermodel.clientRoleMapping.clientId.label=ID do cliente +endpoints=Endpoints +clientId=ID do cliente +validatingX509CertsHelp=O certificado em formato PEM que deve ser usado para verificar assinaturas. +contextualAttributesHelp=Any attribute provided by a running environment or execution context. +importFile=Importar arquivo +clientLoginTimeoutHelp=Tempo máximo que um cliente tem para finalizar o procolo do token de acesso. Normalmente deve ser 1 minuto. +lastAccess=Último acesso +protocolHelp=Qual configuração de protocolo SSO será provida por este modelo de cliente. +uiDisplayName=Nome de exibição no UI +prompts.none=Nenhum +resourcesHelp=Specifies that this permission must be applied to a specific resource instance. +adminEventsSettings=Configuração de eventos de administração +emailVerified=E-mail verificado +passwordConfirmation=Confirmação de senha +times.minutes=Minutos +forcePostBinding=Forçar Binding via POST +defaultRoles=Roles padrão +discoveryEndpoint=Importar metadata de um descritor de descoberta remoto do IDP. +countHelp=Especifica quantos clientes podem ser criados usando o token +otpPolicyPeriod=Período de token OTP +uuidLdapAttribute=Atributo LDAP para UUID +topLevelFlowType=What kind of top level flow is it? Type 'client' is used for authentication of clients (applications) when generic is for users and everything else +scopeNameHelp=Nome do modelo de cliente. Deve ser único neste Realm. +requiredUserActions=Ações necessárias do usuário +flowTypeHelp=What kind of form is it +consentRequired=Se habilitado os usuários devem consentir com o acesso ao cliente. +allowRemoteResourceManagement=Administração remota de recursos +standardFlow=Isto habilita a autenticação baseada em redirecionamento com código de autorização padrão do OpenID Connect. Em termos de especificações OpenID Connect ou OAuth2, isto habilita suporte ao 'Fluxo de Código de Autorização' para este cliente. +identityProvider=Provedor de identificação +eventListeners=Listeners de eventos +bindDn=Bind DN +identityProviderLinks=Links de provedores de identificação. +leave=Sair +eventTypes.IMPERSONATE.name=Personificar +wantAuthnRequestsSigned=Esperar AuthnRequests assinados +usermodel.attr.tooltip=Nome do atributo do usuário que é uma chave de atributo no mapa UserModel.attribute. +export=Exportar +add=Adicionar +passwordPolicy=Política de senha +backchannelLogout=Backchannel Logout +count=Quantidade +testAuthentication=Testar autenticação +prompts.login=Login +users=Usuários +offlineSessionIdleHelp=Tempo que uma sessão offline pode ficar inativa antes de expirar. Você precisa utilizar um token de atualização offline pelo menos uma vez neste período, caso contrário a sessão offline será expirada. +uris=An URI that can also be used to uniquely identify this resource. +forceNameIdFormatHelp=Ignora o NameID de assunto solicitado e utiliza o configurado no UI de administração. +port=Porta +expiration=Duração +realmRolePrefix=Prefixo do Realm Role +logoutServicePostBindingURL=URL de conexão POST para o serviço de logout +includeRepresentation=Incluir representação +assertionConsumerServicePostBindingURLHelp=URL de ligação SAML via post para as asserções de consumidor de serviços do cliente (respostas de login). Você pode deixar este campo em branco se você não tiver uma URL para esta ligação. +singleLogoutServiceUrl=URL de serviço de Single Logout +roles=Roles +includeInUserInfo.label=Adicionar à informação do usuário +back=Voltar +validateSignatureHelp=Habilita/Desabilita a validação de assinatura de IDP externo. +policyCode=The JavaScript code providing the conditions for this policy. +title=Autenticação +verifyEmail=Verificar e-mail +representation=Representação +remove=Remover +formatOption=Formato +loginTheme=Tema de login +provider=Provedor +flows=Fluxos +scope=Escopo +nodeReRegistrationTimeout=Tempo limite para re-registro de nó +client=cliente +includeRepresentationHelp=Include JSON representation for create and update requests. +connectionURL=URL de conexão +accessTokenLifespan=Duração do Token de Acesso +setToNow=Definir como agora +signAssertionsHelp=Devem as asserções dentro dos documentos SAML serem assinadas? Esta configuração não é necessária se o documento já está sendo assinado. +firstBrokerLoginFlowAliasHelp=Alias do fluxo de autenticação que será invocado depois do primeiro login com este provedor de identificação. O termo 'Primeiro Login' significa que ainda não existe uma conta no Keycloak ligada a esta conta autenticada neste provedor. +owner=Proprietário +validateSignature=Validar assinaturas +implicitFlow=Isto habilita suporte a autenticação baseada em redirecionamento sem código de autorização. Em tempos de especificações OpenID Connect ou OAuth2, isto habilita suporte do 'Fluxo Implícito' para este cliente. +headers=Cabeçalhos +encryptAssertions=Encriptar Assertions +keyAliasHelp=Alias do arquivo para sua chave privada e certificado. +tokenClaimName.tooltip=Nome do claim para inserir no token. Pode ser um nome completo (fully qualified) como 'address.street'. Neste caso, um objeto json aninhado será criado. +userName=Usuário +clientProfileDescription=Descrição +userObjectClasses=Classes do objeto User +ssoSessionMax=Tempo máximo antes que uma sessão seja expirada. Tokens e sessões de navegador são invalidados quando uma sessão é expirada. +policyRoles=Especifica quais role(s) do *cliente* são permitidos por esta política. +times.hours=Horas +browserFlowHelp=Select the flow you want to use for browser authentication. +temporaryLocked=The user may have been locked due to failing to login too many times. +webOrigins=Permitir origens CORS. Para permitir todas as URIs de redirecionamento de origem válidas adicionar '+'. Para permitir todas as origens adicionar '*'. +realm=Realm +prompt=Prompt +username=Usuário +showAuthData=Exibir dados da autorização +importConfig=Importar metadata fr um descritor de descoberta baixado do IDP. +includeInUserInfo.tooltip=O claim deve ser adicionado à informação do usuário? +initialCounter=Contador inicial +revokeRefreshTokenHelp=Se habilitado os tokens de atualização podem ser utilizados somente uma vez. Caso contrário os tokens de atualização não são revogados quando utilizados e podem ser utilizados várias vezes. +storedTokensReadableHelp=Habilita/desabilita se novos usuários podem ler quaisquer tokens salvo. Isto irá adicionar o role broker.read-token. +authenticationFlowTypeHelp=What kind of form is it +authorization=Enable/Disable fine-grained authorization support for a client +editUsernameHelp=Se habilitado, o campo nome de usuário é editável, senão será apenas leitura. +consoleDisplayConnectionUrlHelp=Conexão URL para o seu servidor LDAP +bindCredentialsHelp=Senha do administrador do LDAP +action=Ações +join=Participar +id=ID +fullScopeAllowedHelp=Permite a você desabilitar todas as restrições. +applyPolicy=Aplicar política +otpType=Tipo OTP +directGrantHelp=Select the flow you want to use for direct grant authentication. +scopesHelp=Os escopos que serão enviados ao solicitar autorização. Pode ser uma lista de escopos separadas por espaço. Valor padrão é 'openid'. +includeAuthnStatement=Incluir AuthnStatement +jsonType.tooltip=Tipo JSON que deve ser utilizado para popular o claim json no token. Os valores válidos são Long, int boolean e String. +multivalued.tooltip=Indica se um atributo suporta múltiplos valores. Se verdadeiro, então a lista de todos os valores desse atributo será definida como o claim. Se falso, então apenas o primeiro valor será utilizado. +enableStartTLS=Habilitar StartTLS +enableStartTls=Habilitar StartTLS +addIdPMapper=Adicionar mapeamento de provedor de identificação +eventType=Tipo de evento +homeURL=URL padrão para utilizar quando o servidor de autenticação necessita redirecionar ou linkar para o cliente. +firstBrokerLoginFlowAlias=Fluxo do primeiro login +usermodel.attr.label=Atributo do usuário +eventTypes.REGISTER.name=Registro +rememberMeHelpText=Exibe um checkbox na página de login para permitir ao usuário continuar logado entre restarts do browser até que a sessão expire. +usernameLdapAttribute=Atributo LDAP para Username +evaluate=Avaliar +ssoServiceUrl=URL de serviço do Single Sign On +allowRemoteResourceManagementHelp=Should resources be managed remotely by the resource server? If false, resources can only be managed from this Admin UI. +clients=Clientes +changedUsersSyncPeriod=Período +clientName=Nome +userRegistration=Cadastro de usuário +save=Salvar +login=Login +maxDeltaTimeSeconds=Tempo para zerar falhas +backchannelLogoutHelp=O IDP externo suporta logou via backchannel? +usermodel.realmRoleMapping.rolePrefix.tooltip=Um prefixo para cada Realm Role (opcional). +affirmative=Afirmativa +changedUsersSyncHelp=Intervalo para sincronização dos usuários alterados ou novos do LDAP em segundos. +trustEmailHelp=Se habilitado então o e-mail provido por este provedor não será verificado mesmo que a verificação esteja habilitada para este realm. +maxFailureWaitSecondsHelp=Tempo máximo que um usuário deverá aguardar após uma falha de quick login. +maxDeltaTimeSecondsHelp=Quando o contador de falhas será resetado? +adminURLHelp=URL para a inteface administrativa do cliente. Defina este valor se o cliente suporta a API do adaptador REST. Esta API rest permite que o servidor de autenticação envie políticas de revogação e outras tarefas administrativas. Geralmente este valor é definido apontando para a URL base do cliente. +otpPolicyPeriodHelp=How many seconds should an OTP token be valid? Defaults to 30 seconds. +contentSecurityPolicy=Content-Security-Policy +storePasswordHelp=Senha para acessar o arquivo em si. +frontchannelLogoutHelp=Quando marcado, o logout requer um redirecionamento do browser para o cliente. Caso contrário o servidor executo uma invocação em background para o logout. +userFederation=Federação de usuários +directAccess=Habilita o suporte para concessões de acesso direto (Direct Access Grants), o que significa que o cliente tem acesso ao nome de usuário/senha e negocia diretamente com o servidor Keycloak pelo token de acesso. Em termos de especificações OAuth2, habilita suporte de "Resource Owner Password Credentials Grant" para este cliente. +attributes=Atributos +logic=Lógica +scopes=Escopos +resourceType=Tipo de recurso +flowType=Flow Type +policyEnforcementModes.PERMISSIVE=Permissiva +auth=Autenticação +accessTokenLifespanImplicitFlow=Duração do token de acesso para fluxos Implícitos +scopeName=An unique name for this scope. The name can be used to uniquely identify a scope, useful when querying for a specific scope. +userInfoUrlHelp=A Url de informações de usuário. Opcional. +remainingCount=Quantidade restante +kc.realm.name=Realm +download=Download +authScopes=Autorização de escopos +impersonate=Personificar +members=Membros +host=Host +registration-access-token=O token de acesso para registro provê acesso aos cliente para o serviço de registro cliente. +adminURL=URL do administrador +settings=Configurações +failureFactorHelp=Quantas falhas de login antes que a espera seja habilitada. +storeTokensHelp=Habilita/desabilita se os tokens deve ser guardados depois de autenticar os usuários. +singleLogoutServiceUrlHelp=A Url que deve ser utilizada para enviar solicitações de logout. +ipAddress=Endereço IP +useTruststoreSpi=Utilizar Truststore SPI +storeTokens=Salvar Tokens +usermodel.clientRoleMapping.rolePrefix.tooltip=Um prefixo para cada role do cliente (opcional) +includeInIdToken.label=Adicionar ao token de ID +browserFlow=Fluxo de browser +anyScope=Qualquer escopo +serverInfo=Informação do servidor +emailThemeHelp=Selecione o tema para os e-mail que são enviados pelo servidor. +emailVerifiedHelp=Has the user's email been verified? +addExecution=Adicionar execução +editMode=Modo de edição +consents=Consentimentos +canonicalization=Método de Canonicalization +SSOSessionMax=Sessão SSO Máxima +groupMembership=Grupos associados +minimumQuickLoginWaitSecondsHelp=Quanto tempo aguardar após uma falha de quick login. +code=Código +fullSyncPeriod=Período +addNode=Adicionar nó +policy-description=A description for this policy. +policies=Políticas +certificate=Certificado +importClient=Importar cliente +selectRole.label=Selecione o Role +allTypes=Todos os tipos +prompts.consent=Consentimento +ldapFilter=Filtro do LDAP +postBrokerLoginFlowAlias=Fluxo pós login +tokens=Tokens +save-admin-events=If enabled admin events are saved to the database which makes events available to the Admin UI. +encryptAssertionsHelp=Devem as asserções SAML serem encriptadas com a chave pública do cliente usando AES? +policyGroups=Specifies which user(s) are allowed by this policy. +serviceAccount=Permite autenticar este cliente no Keycloak e recuperar tokens de acesso dedicados para este cliente. Em termos da especificações OAuth2, habilita suporte para 'Client Credentials Grants' para este cliente. +requirement=Condição +assertionConsumerServiceRedirectBindingURL=URL para conexão de redirecionamento do serviço consumidor de Assertions +loginThemeHelp=Selecione o tema para páginas de login, OTP, grant, cadastro e recuperar senha. +permissionDescription=A description for this permission. +multivalued.label=Múltiplos valores +initialAccessToken=Token de acesso inicial +vendorHelp=LDAP vendor (provedor) +applyToResourceType=Aplicar ao tipo de recurso +rememberMe=Lembrar me +flow.registration=Fluxo de registro +registeredClusterNodes=Nós de cluster registrados +selectRole.tooltip=Entre com o role na caixa à esquerda, ou clique neste botão para navegar e selecionar o role desejado. +storePassword=Salvar senha +logoutServiceRedirectBindingURLHelp=URL de ligação SAML de redirecionamento para o serviço de logout único do cliente. Voce pode deixar este campo em branco s e estiver usando uma ligação diferente. +defaultGroups=Grupos Padrão +flow.browser=Fluxo de browser +editModeLdapHelp=READ_ONLY é um LDAP somente leitura. WRITABLE significa que os dados serão sicronizados de volta para o LDAP on demand. UNSYNCED significa que os dados do usuário serão importados, mas não sicronizados de volta para o LDAP. +includeInIdToken.tooltip=O claim deve ser adicionado ao token de ID? +save-user-events=If enabled login events are saved to the database which makes events available to the Admin and Account management UIs. +password=Senha +allowPasswordAuthentication=Permitir autenticação via senha +composite=Composto +clientAuthorization=Autorização +waitIncrementSecondsHelp=Quando a quantidade de falhas for alcançada, quanto tempo o usuário deve aguardar antes de tentar novamente? +allowKerberosAuthentication=Permitir autenticação Kerberos +events=Eventos +createPermission=Criar permissão +mapperType=Tipo de mapeamento +testConnection=Testar conexão +edit=Editar +archiveFormat=Formato do arquivo +credentialResetConfirm=Enviar e-mail +kerberosRealm=Realm do Kerberos +flow.direct\ grant=Fluxo de Direct Grant +associatedRolesText=Roles associados +defaultLocale=Local padrão +clientIdHelp=O identificador do cliente registrado com o provedor de identificação. +typeHelp=The type of this resource. It can be used to group different resource instances with the same type. +htmlDisplayName=Nome de exibição HTML +authorizationUrl=URL de autorização +flow-type.basic-flow=genérico +contextualAttributes=Atributos contextuais +allowPasswordAuthenticationHelp=Habilita/Desabilita a possibilidade de autenticação via usuário/senha contra o banco Kerberos +includeInAccessToken.tooltip=O claim deve ser adicionado ao token de acesso? +idpInitiatedSsoRelayStateHelp=O estado de Relay que você deseja enviar com um pedido SAML quando você deseja realizar SSO iniciado por IDP. +otpHashAlgorithmHelp=What hashing algorithm should be used to generate the OTP. +usermodel.clientRoleMapping.clientId.tooltip=ID do cliente para mapeamentos de roles +clientsClientScopesHelp=The scopes associated with this resource. +vendor=Vendor +logoutServiceRedirectBindingURL=URL de conexão para o redirecionamento do serviço de logout +idpInitiatedSsoRelayState=Estado de relay para SSO iniciado via IDP +validatingX509Certs=Validar certificados X509 +masterSamlProcessingUrl=URL de processamento SAML principal +key=Chave +email=E-mail +userInfoUrl=URL de informações do usuário +identityProviders=Provedores de identificação +nameIdPolicyFormat=Política de formato NameID +idpInitiatedSsoUrlName=Nome do fragmento URL para referenciar o cliente quando você deseja um SSO iniciado por IDP. Deixar este campo vazio irá desabilitar SSO iniciado por IDP. A URL que você irá referenciar do seu browser será\: {server-root}/realms/{realm}/protocol/saml/clients/{client-url-name} +ssoSessionIdle=Tempo que uma sessão pode ficar inativa antes de expirar. Tokens e sessões de navegador são invalidados quando uma sessão é expirada. +xFrameOptions=X-Frame-Options +scopeDescriptionHelp=Descrição do modelo de cliente. +directGrant=Fluxo de Direct Grant +consensus=Consensual +policyType.totp=Baseado em tempo +emailTheme=Tema de e-mail +nameIdFormatHelp=O formato de Name ID para utilizar como assunto. +adminEvents=Eventos de adminstração +registerNodeManually=Registrar nó manualmente +serverPrincipal=Principal do servidor +redirectURI=URI de redirecionamento +signDocuments=Assinar documentos +periodicFullSync=Syncronização completa periódica +tokenUrl=URL do Token +notBefore=Não antes de +createdAt=Criado em +editUsername=Editar nome de usuário +titleEvents=Eventos +lastRegistration=Último registro +rolesHelp=Select the roles you want to associate with the selected user. +requireSsl=SSL requerido +samlEntityDescriptor=Permite que vocÊ carregue metadata de IDP externos de um arquivo de configuração ou baixando a partir de uma URL. +reevaluate=Re-avaliar +addIdpMapperName=Nome do mapeamento +continue=Continuar +details=Detalhes +selectScope=Selecione um escopo +generateNewKeys=Gerar novas chaves +offlineSessionIdle=Sessão Offline Inativa +periodicChangedUsersSync=Sincronização periódica de usuários alterados +searchScope=Escopo de pesquisa +userRegistrationHelpText=Habilita/desabilita a página de cadastro. Um link para a página de cadastro também será exibido na tela de login. +revokeRefreshToken=Revogar Token de Atualização +resourceName=An unique name for this resource. The name can be used to uniquely identify a resource, useful when querying for a specific resource. +minimumQuickLoginWaitSeconds=Espera mínima após Quick Login +operationTypes=Tipos de operações +realmRoles=Roles do Realm +firstName=Primeiro nome +expireTime=Defines the time after which the policy MUST NOT be granted. Only granted if current date/time is before or equal to this value. +expirationHelp=Sets the expiration for events. Expired events are periodically deleted from the database. +nameIdFormat=Formato do NameID +adminThemeHelp=Selecione o tema para o UI de administração. +name=Nome do modelo de cliente. Deve ser único neste Realm. +validRedirectUri=URIs de redirecionamento válidas +clientList=Clientes +userSession.modelNote.label=Nota da sessão de usuário +permissionName=The name of this permission. +expires=Expira em +pagination=Paginação +import=Import a JSON file containing authorization settings for this resource server. +otpHashAlgorithm=Algoritmo de hash OTP +userAttribute=Atributo do usuário +description=Descrição +revoke=Revogar +eventListenersHelpText=Configure what listeners receive events for the realm. +clientSignatureHelp=O cliente irá assinar os pedidos e respostas saml? E eles devem ser validados? +keyPasswordHelp=Senha para acessar a chave privada no certificado. +frontchannelLogout=Front Channel Logout +providerId=ID +titleRoles=Roles do Realm +loginTimeout=Tempo máximo do Login +rdnLdapAttribute=Atributo LDAP para RDN +fineGrainSamlEndpointConfig=Configuração de endpoint para configuração fina do SAML +hours=Horas +bindType=Tipo de autenticação +aliasHelp=O alias é o identificador único de um provedor de identidade e também é utilizado para construir a uri de redirecionamento. +maxFailureWaitSeconds=Espera máxima +configure=Configuração +contextualInfo=Informação contextual +manage=Administração +temporaryPassword=Temporária +applyPolicyHelp=Specifies all the policies that must be applied to the scopes defined by this policy or permission. +kerberosIntegration=Integração com Kerberos +protocolMapper=Protocolo... +requiredSettings=Configurações obrigatórias +sslType.none=Nenhum +time=Tempo +bruteForceDetection=Detecção de ataque de Força Bruta +archiveFormatHelp=Keystore Java ou arquivo em formato PKCS12. +xContentTypeOptions=X-Content-Type-Options +keyAlias=Alias da chave +prefix=Um prefixo para cada Realm Role (opcional). +none=Nenhum +sslType.all=todas requisições +type=Tipo +httpPostBindingResponse=Responder com HTTP-POST +saveEvents=Salvar eventos +issuer=Emissor +policyEnforcementModeHelp=The policy enforcement mode dictates how policies are enforced when evaluating authorization requests. 'Enforcing' means requests are denied by default even when there is no policy associated with a given resource. 'Permissive' means requests are allowed even when there is no policy associated with a given resource. 'Disabled' completely disables the evaluation of policies and allow access to any resource. +seconds=Segundos +selectAUser=Selecione um usuário +eventTypes.RESET_PASSWORD.name=Reiniciar senha +otpPolicyDigits=Quantidade de dígitos +permissions=Permissões +accountThemeHelp=Selecione o tema para as páginas de administração de conta do usuário. +canonicalizationHelp=Canonicalization Method para assinaturas XML. +sessions=Sessões +fullSyncPeriodHelp=Intervalo para a sincronização completa em segundos. +priority=Prioridade +trustEmail=Confiar no e-mail recebido +jsonType.label=Tipo JSON do Claim +fullScopeAllowed=Permitir Escopo completo +push=Enviar +titleUsers=Usuários +masterSamlProcessingUrlHelp=Se configurado, esta URL será utilizada para todos os bindings do "SP's Assertion Consumer" e "Single Logout Services". Ela pode ser sobreescriva idnvidualmente para cada ligação e serviço na Configuração Detalhada do Endpoint SAML. +claimJsonType=Tipo JSON que deve ser utilizado para popular o claim json no token. Os valores válidos são Long, int boolean e String. +forceAuthenticationHelp=Indica se um provedor de identificação deve autenticar o apresentador diretamente ao invés de confiar em um contexto de segurança anterior. +testClusterAvailability=Testar disponibilidade do cluster +forceNameIdFormat=Forçar formato do NameID +sslType.external=requisições externas +multiValued=Indica se um atributo suporta múltiplos valores. Se verdadeiro, então a lista de todos os valores desse atributo será definida como o claim. Se falso, então apenas o primeiro valor será utilizado. +addRole=Adicionar Role +lastName=Sobrenome +usermodel.realmRoleMapping.rolePrefix.label=Prefixo do Realm Role +temporaryPasswordHelpText=If enabled user is required to change password on next login +otpPolicyDigitsHelp=How many digits should the OTP have? +connectionPooling=Pooling de conexões +wantAuthnRequestsSignedHelp=Indicate se um provedor de identificação deve experar um AuthnRequest assinado. +enabled=Habilitado +authenticationAliasHelp=Name of the configuration +keyPassword=Senha da chave +SSOSessionIdle=Sessão SSO inativa +ssoServiceUrlHelp=A Url que deve ser utilizada para enviar solicitações de autenticação (SAML AuthnRequest). +startTime=Defines the time before which the policy MUST NOT be granted. Only granted if current date/time is after or equal to this value. +logicHelp=The logic dictates how the policy decision should be made. If 'Positive', the resulting effect (permit or deny) obtained during the evaluation of this policy will be used to perform a decision. If 'Negative', the resulting effect will be negated, in other words, a permit becomes a deny and vice-versa. +copy=Copiar +supportedLocales=Locais disponíveis +registrationAccessToken=Token de acesso para registro +showPasswordDataValue=Valor +issuerHelp=O identificador de emissor para o emissor da resposta. Se não for provido nenhuma validação será realizada. +titleSessions=Sessões +clientNameHelp=Especifica o nome de exibição do cliente. Por exemplo 'Meu Cliente'. Também aceita chaves para valores localizados. Por exemplo\: ${meu_cliente} +createPolicy=Criar política +clearAdminEvents=Limpar eventos administrativos +rootURL=URL raiz adicionada à URLs relativas +clientLoginTimeout=Tempo limite para login do Cliente +nodeReRegistrationTimeoutHelp=Intervalo para especificar o tempo máximo para nós clientes de cluster registrados se re-registrarem. Se os nós do cluster não enviarem solicitações de re-registro dentro deste intervalo eles serão deregistrados do Keycloak. +clientAuthentication=Autenticação do cliente +registrationEmailAsUsername=Email como nome de usuário +logicType.negative=Negativa +otpPolicy=Política OTP +flow-type.form-flow=formulário +signDocumentsHelp=Devem os documentos SAML serem assinados pelo realm? +resetPassword=Reiniciar senha +requireSslHelp=É necessário SSL? 'Nunca' significa que HTTPS não é requerido para nenhum endereço IP cliente. 'Requisições externas' significa que localhost e IPs privados podem acessar sem HTTPS. 'Todas requisições' significa que HTTPS é requerido para todos os endereços IPs. +identityInformation=Informação de identidade +addUser=Adicionar usuário +usermodel.clientRoleMapping.rolePrefix.label=Prefixo para o role de Cliente +partialImport=Importação parcial +includeAuthnStatementHelp=Deve ser adicionado um statement especificando o método e timestamp nas respostas de login? +client-authenticator-type=Autenticador de Cliente usado para autenticar este cliente ao servidor Keycloak +protocol=Protocolo +manageAccount=Administrar a conta +tokenClaimName.label=Nome do Token Claim +create=Criar +clientSecret=Secret do Cliente +from=Remetente +httpPostBindingAuthnRequest=Utilizar HTTP-POST binding para AuthnRequest +includeInAccessToken.label=Adicionar ao token de acesso +iconUri=URI do ícone +usersInRole=Usuários no role +createGroup=Criar grupo +resource=Recurso +minutes=Minutos +userSession.modelNote.tooltip=Nome da nota de sessão do usuário salva no mapa UserSessionModel.note. +usersDN=Users DN +clientsClientTypeHelp='OpenID connect' permite aos Clientes verificarem a identidade do usuário final baseado na autenticação realizada por um servidor de Autorização. 'SAML' permite cenários de autenticação e autorização web-based incluindo cross-domain single sign-on (SSO) e utiliza tokens de segurança contendo assertions para trafegar informações. +selectUser=Select an user whose identity is going to be used to query permissions from the server. +logoutUrl=URL de logout +storedTokensReadable=Leitura de tokens salvos +admin-clearEvents=Deletes all admin events in the database. +mappers=Mapeamentos +waitIncrementSeconds=Incremento de Espera +usermodel.prop.label=Propriedade +name-id-format=Formato do NameID +credentials=Credenciais +policyType.hotp=Baseado em contador +enableSSL=Habilitar SSL +general=Geral +failureFactor=Falhas de login +signAssertions=Assinar assertions +scopesSelect=Define que esta permissões deve ser aplicada para um ou mais escopos. +adminTheme=Tema para UI de administração +alias=Alias +value=Valor +clientSecretHelp=A senha do cliente registrado junto ao provedor de identificação. +validateSignatures=Habilita/Desabilita validação de assinaturas de respostas SAML. +authentication=Autenticação +descriptionHelp=Descrição do modelo de cliente. +logoutUrlHelp='End session endpoint' para utilizar para realizar logour dos usuários do IDP externo. +times.seconds=Segundos +permissionType=Specifies that this permission must be applied to all resources instances of a given type. +policyEnforcementModes.ENFORCING=Restritiva +debug=Debug +clear=Limpar +resources=Recursos +groups=Groups user is a member of. Select a listed group and click the Leave button to leave the group. +logicType.positive=Positiva +signatureAlgorithm=O algoritmo de assinatura a ser utilizado para assinar documentos. +eventTypes.LOGOUT.name=Logout +accountTheme=Tema para conta +requiredActions=Ações requeridas +forceAuthentication=Forçar autenticação +assertionConsumerServiceRedirectBindingURLHelp=URL de ligação SAML de redirecionamento para as asserções de consumidor de serviços do cliente (respostas de login). Você pode deixar este campo em branco se você não tiver uma URL para esta ligação. +policyDecisionStagey=The decision strategy dictates how the policies associated with a given policy are evaluated and how a final decision is obtained. 'Affirmative' means that at least one policy must evaluate to a positive decision in order to the overall decision be also positive. 'Unanimous' means that all policies must evaluate to a positive decision in order to the overall decision be also positive. 'Consensus' means that the number of positive decisions must be greater than the number of negative decisions. If the number of positive and negative is the same, the final decision will be negative. +resetActions=Ações para reiniciar +selectARole=Selecione um role +titleAuthentication=Autenticação +category=Categoria +batchSize=Tamanho do lote +usermodel.prop.tooltip=Nome do método da propriedade na interface UserModel. Por exemplo, o valor 'email' iria referenciar o método UserModel.getEmail() . +user=Usuário +times.days=Dias +providers=Provedores diff --git a/js/apps/admin-ui/maven-resources/theme-resources/messages/messages_ru.properties b/js/apps/admin-ui/maven-resources/theme-resources/messages/messages_ru.properties new file mode 100644 index 0000000000..5ce951b9d8 --- /dev/null +++ b/js/apps/admin-ui/maven-resources/theme-resources/messages/messages_ru.properties @@ -0,0 +1,612 @@ +otpTypeHelp=totp является Временным одноразовым паролем. 'hotp' основанный на счетчике одноразовый пароль в котором сервер хранит счетчик хеша. +duplicateEmails=Дублирующиеся E-mail +useKerberosForPasswordAuthentication=Использовать Kerberos для аутентификации по паролю +anyResource=Любой ресурс +themes=Темы +addClientScope=Добавить шаблон клиента +clientType='OpenID connect' разрешает клиентам проверить личность конечного пользователя, основанного на выполнении аутентификации на Сервере Авторизации.'SAML' включает веб-сценарии аутентификации и авторизации, включая кроссдоменные центры единого управления доступом (SSO) и использующие токены безопасности, содержащие заявления на передачу информации. +clientSignature=Подпись клиента обязательна +unanimous=Единогласная +policy-name=Название этой политики. +clientHelp=Выберите клиента, осуществляющего авторизационный запрос. Если не задан, авторизационные запросы будут основаны на том клиенте, в котором вы находитесь. +debugHelp=Включить/выключить отладочные логи в стандартный вывод для Krb5LoginModule. +validatorColNames.colConfig=Конфигурация +disabledFeatures=Отключенные функции сервера +nodeHost=Хост узла +quickLoginCheckMilliSeconds=Если попытки аутентификации происходят слишком часто, то пользователя необходимо заблокировать. +unspecified=неопределенный +signOut=Выход +active=Активные +validatorDialogColNames.colName=Наименование роли +credentialType=Тип +certificateHelp=Клиентский сертификат для валидации JWT, выпущенный клиентом и подписанный клиентским приватным ключом из Вашего хранилища ключей. +forcePostBindingHelp=Всегда использовать POST Binding для ответов. +roleName=Наименование роли +operationType=Тип операции +httpPostBindingAuthnRequestHelp=Указывает, должны ли AuthnRequest быть посланы, используя привязку HTTP-POST. Если нет, то будет использован HTTP-REDIRECT. +policyEnforcementMode=Режим применения политик +decisionStrategy=Стратегия решения +requestObjectSignatureAlgorithmHelp=JWA алгоритм, который необходим клиенту для использования во время отсылки OIDC запроса объекта, специфицированного по 'request' или 'request_uri' параметрам. Если установлено в 'any', то объект запроса будет подписан любым алгоритмом (включая 'none' ). +requiredUserActionsHelp=Требует действий от пользователя когда он входит. 'Подтвердить E-mail' высылает письмо пользователю для подтверждения его E-mail. 'Обновить профиль' требует от пользователя ввести новую персональную информацию. 'Обновить пароль' требует от пользователя ввести новый пароль. 'Настроить OTP' требует установить мобильное приложение генерации паролей. +securityDefences=Защита безопасности +realmSettings=Настройки Realm +deleteEvents=Очистить события +includeOneTimeUseConditionHelp=Должно ли условие одноразового использования быть включено в ответе на вход? +accessTokenLifespanHelp=Максимальное время действия токена доступа. Значение рекомендуется устанавливать как можно ближе к таймауту SSO. +redirectURIHelp=Этот uri перенаправления используется в том случае, если сконфигурирован поставщик идентификации. +displayName=Дружелюбное имя для провайдеров идентификации. +resourcePath=Путь к ресурсу +applyToResourceTypeHelp=Определяет, будет ли это разрешение будет применено ко всем ресурсам с данным типом. В этом случае это разрешение будет вычисляться для всех экземпляров с заданным типом ресурса. +attestationPreference.none=нет +useJwksUrlHelp=Если включено, то публичные ключи поставщиков идентификации будет скачаны с заданного JWKS URL. Это дает дополнительную гибкость, так как новые ключи скачиваются каждый раз когда поставщик идентификации создает новую пару. Если выключено, то будут использованы публичные ключи (или сертификат) из базы данных Keycloak, и в случае изменений пары на поставщике идентификации вам будет необходимо каждый раз импортировать новые ключи в базу данных Keycloak. +pairwiseSubAlgorithmSalt.label=Соль +revocation=Отзыв +clientDescriptionHelp=Задает описание клиента. Например 'Мой клиент для табеля учета времени'. Поддерживает ключи для локализованных значений. Например\: ${my_client_description} +clientAuthenticator=Проверка подлинности клиента +useEntityDescriptor=Импортировать метаданные из удаленного дескриптора сущностей IDP SAML. +loginActionTimeout=Таймаут действий по входу +updateFirstLoginHelp=Обновить профиль при первом входе +validRedirectURIs=Валидирует паттерн URI, на который может быть перенаправлен браузер после успешного входа или выхода. Разрешены простые ссылки, напр. 'http\://example.com/*'. Также допускается использовать относительный путь, напр. '/my/relative/path/*'. Относительные пути необходимо указывать относительно корневого URL клиента, или, если он не специфицирован, корневого URL сервера авторизации. Для SAML Вы должны задать валидный паттерн URI, если Вы полагаетесь на URL сервиса потребителя, внедренного в запрос авторизации. +assertionConsumerServicePostBindingURL=Привязка URL POST-запроса для сервиса подтверждения потребителей +removeImported=Удалить импортированных +usermodel.clientRoleMapping.clientId.label=ID клиента +endpoints=Конечные точки +clientId=ID клиента +validatingX509CertsHelp=Сертификат в формате PEM, который должен быть использован для проверки подписи. +contextualAttributesHelp=Любой аттрибут определяется запущенным окружением или контекстом исполнения. +importFile=Импортировать файл +clientLoginTimeoutHelp=Максимальное время клиента для завершения протокола access token. Обычно устанавливается равным 1-ой минуте. +protocolHelp=Какая конфигурация протокола SSO будет поддержана шаблоном клиента +lastAccess=Последний доступ +uiDisplayName=Наименование в консоли +prompts.none=нет +resourcesHelp=Определяет, что это разрешение должно быть применено к конкретному экземпляру ресурсов. +adminEventsSettings=Настройки событий администратора +passwordConfirmation=Подтверждение пароля +emailVerified=Подтверждение E-mail +Thursday=Четверг +times.minutes=минут +disableUserInfo=Отключить информацию о пользователе +addressClaim.postal_code.label=Имя пользовательского атрибута, обозначающего Почтовый индекс +forcePostBinding=Принудительно использовать POST Binding +defaultRoles=Роли по умолчанию +discoveryEndpoint=Импорт метаданных из дескриптора развертывания удаленного поставщика идентификации. +countHelp=Определяет, как много клиентов может быть создано с помощью этого токена +otpPolicyPeriod=Период токена OTP +addressClaim.country.tooltip=Имя пользовательского атрибута, которое будет использоватлься для сопоставления атрибута 'country' внутри атрибута 'address' токена. По умолчанию 'country' . +uuidLdapAttribute=Атрибут UUID в LDAP +topLevelFlowType=Какой это тип сценария верхнего уровня? Тип "клиент" используется для аутентификации клиентов (приложений), когда "общий" для пользователей и всего остального +scopeNameHelp=Наименование шаблона клиента. Должно быть уникально для realm +Monday=Понедельник +requiredUserActions=Требуемые действия от пользователя +flowTypeHelp=Какого типа эта форма +consentRequired=Если включено, пользователи должны дать согласие на доступ клиентскому приложению. +allowRemoteResourceManagement=Удаленное управление ресурсами +standardFlow=Включает стандартное OpenID Connect перенаправление, основанное на аутентификации с кодом авторизации. В терминах OpenID Connect или OAuth2 спецификаций включает 'Authorization Code Flow' для этого клиента. +identityProvider=Поставщик идентификации +eventListeners=Слушатели событий +bindDn=Сопоставление DN +Friday=Пятница +identityProviderLinks=Ссылки поставщика идентификации +leave=Покинуть +eventTypes.IMPERSONATE.name=Имперсонировать +wantAuthnRequestsSigned=Ожидание подписи AuthnRequests +usermodel.attr.tooltip=Имя сохраненного атрибута пользователя, которое является именем атрибута, согласованным с UserModel.attribute. +export=Экспорт +fineGrainOpenIdConnectConfiguration=Тонкая настройка конфигурации OpenID Connect +addressClaim.formatted.label=Имя пользовательсокого атрибута, обозначающего Формитированный адрес +add=Добавить +passwordPolicy=Политики пароля +backchannelLogout=Backchannel Logout +addressClaim.street.label=Имя пользовательского атрибута, обозначающего Улицу +count=Счетчик +testAuthentication=Проверка аутентификации +prompts.login=вход +users=Пользователи +offlineSessionIdleHelp=Допустимое время бездействия оффлайн сессии. Вам необходимо использовать оффлайн токен для обновления хотя бы раз за этот период, иначе сессия истечет. +uris=URI, который также может быть использован для уникальной идентификации этого ресурса. +forceNameIdFormatHelp=Игнорирует запрошенный формат заголовка NameID и использует сконфигурированный через консоль администратора. +month=Месяц +addressClaim.region.tooltip=Имя пользовательского атрибута, которое будет использоваться для сопоставления атрибута 'region' внутри атрибута 'address' токена. По умолчанию 'region' . +port=Порт +expiration=Истечение +realmRolePrefix=Префикс ролей Realm +logoutServicePostBindingURL=URL для выхода из сервиса в привязанном POST-методе +jwksUrlHelp=URL, где клиентские ключи хранятся в формате JWK. Для дополнительных деталей смотрите спецификацию JWK. Если Вы будете использовать адаптер клиента keycloak с учетными записями "jwt", то Вы можете использовать URL вашего приложения с суффиксом '/k_jwks'. Например 'http\://www.myhost.com/myapp/k_jwks' . +includeRepresentation=Включить представление +assertionConsumerServicePostBindingURLHelp=URL-адрес SAML POST запроса для клиентских сервисов подтверждения потребителей (запросы входа). Вы можете оставить это поле пустым, если не имеете URL для осуществления такой приввязки. +resourceTypes=Типы ресурсов +singleLogoutServiceUrl=Адреса сервиса единого выхода +roles=Роли +includeInUserInfo.label=Добавить в информацию о пользователе +back=Назад +validateSignatureHelp=Включить/выключить проверку подписей внешних поставщиков идентификации. +policyCode=Код JavaScript, предоставляющий условия для этой политики. +title=Аутентификация +verifyEmail=Подтверждение E-mail +representation=Представление +remove=Удалить +addressClaim.locality.label=Имя пользовательского атрибута, обозначающего Местонахождение +formatOption=Формат +loginTheme=Тема страницы входа +provider=Поставщик +flows=Сценарии +scope=Область +nodeReRegistrationTimeout=Таймаут узла перерегистрации +client=клиент +includeRepresentationHelp=Включить JSON представление для запросов на создание и обновление. +connectionURL=URL соединения +loginWithEmailHelpText=Разрешает пользователям входить с помощью E-mail. +accessTokenLifespan=Продолжительность жизни токена доступа +setToNow=Установить на сейчас +signAssertionsHelp=Должны ли утверждения внутри SAML документов быть подписаны? Устанавливает отсутствие необходимости подписывать уже подписанные документы. +firstBrokerLoginFlowAliasHelp=Синоним сценария аутентификации, который срабатывает после первого входа с этого поставщика идентификации. Термин 'First Login' означает, что еще не существует учетной записи Keycloak связанной с аутентифицированной учетной записью поставщика идентификации. +owner=Владелец +validateSignature=Проверка подписей +implicitFlow=Включает поддержку OpenID Connect перенаправления, основанного на аутентификации без кода авторизации. В терминах OpenID Connect или OAuth2 спецификаций включает поддержку 'Implicit Flow' для этого клиента. +headers=Заголовки +encryptAssertions=Зашифровка утверждений +keyAliasHelp=Синоним архива для Вашего приватного ключа и сертификата. +tokenClaimName.tooltip=Имя переменной при добавлении ее в токен. Может быть полное имя, например 'address.street'. В таком случае будет создан вложенный json объект. +userName=Имя пользователя +clientProfileDescription=Описание +userObjectClasses=Классы объектов пользователя +ssoSessionMax=Максимальное время до того, как истечет сессия. По истечении этого времени токены и браузерные сессии становятся невалидными. +policyRoles=Задайте роли клиента, допущенные этой политикой. +accountLinkingOnlyHelp=Если установлено, то пользователи не смогут войти через этого провайдера. Только устанавливает связь к этому провайдеру. Используется, если вы не хотите разрешать вход через этого провайдера, но хотите с этим провайдером иметь интеграцию. +optimizeLookup=Оптимизация REDIRECT поиска подписанного ключа +times.hours=часов +browserFlowHelp=Выберите сценарий, который вы хотите использовать для аутентификации через браузер. +temporaryLocked=Пользователь может быть заблокирован в случае многократных неудачных попыток входа. +webOrigins=Web источники +realm=Realm +prompt=Подсказка +username=Имя пользователя +showAuthData=Показать авторизационные данные +importConfig=Импорт метаданных со скачанного дескриптора развертывания удаленного поставщика идентификации. +includeInUserInfo.tooltip=Должно ли требование быть добавлено в информацию о пользователе? +unlinkUsers=Отвязать пользователей +initialCounter=Начальное значение счетчика +revokeRefreshTokenHelp=Если включено, то токены обновления могут быть использованы один раз. Иначе токен отзываться не будет и может использоваться многократно. +storedTokensReadableHelp=Включено/выключено чтение новыми пользователями любых сохраненных токенов. Это назначается ролью broker.read-token. +authenticationFlowTypeHelp=Какого типа эта форма +authorization=Включить/Выключить тонко-настраиваемую поддержку авторизации для клиента +editUsernameHelp=Если включено,то имя пользователя можно будет отредактировать, иначе оно будет доступным только для чтения. +consoleDisplayConnectionUrlHelp=URL соединения с вашим сервером LDAP +bindCredentialsHelp=Пароль администратора LDAP +action=Действие +id=ID +join=Присоединиться +fullScopeAllowedHelp=Отключает все ограничения. +applyPolicy=Применить политику +otpType=Тип одноразового пароля OTP +directGrantHelp=Выберите сценарий, который вы хотите использоваться для аутентификации direct grant. +scopesHelp=Области, которые будут посланы после запроса авторизации. Это может быть список областей, разделенных пробелом. По умолчанию 'openid'. +includeAuthnStatement=Включать Аутентификационные Заявки +jsonType.tooltip=Тип переменной в JSON, который должен использоваться при добавлении ее в токен. Допустимые значения long, int, boolean, и String. +multivalued.tooltip=Отображается, если атрибут поддерживает несколько значений. Если включен, то список всех значений будет претендовать на этот атрибут. В противном случае выбираться будет только первое значение +enableStartTLS=Включить StartTLS +enableStartTls=Включить StartTLS +addIdPMapper=Добавить сопоставление поставщика учетных записей +eventType=Тип события +accountLinkingOnly=Только связывание учетной записи +sectorIdentifierUri.label=Сектор идентификации URI +homeURL=Используемый URL по умолчанию. Используется в случае, если серверу требуется перенаправление или обратная ссылка на клиента. +firstBrokerLoginFlowAlias=Сценарий первого входа +usermodel.attr.label=Атрибут пользователя +eventTypes.REGISTER.name=Регистрация +rememberMeHelpText=Показать чекбокс на странице входа, чтобы разрешить пользователю запомнить вход в учетную запись в случае если браузерная сессия устареет. +usernameLdapAttribute=Атрибут Username в LDAP +evaluate=Оценка +status=Статус +ssoServiceUrl=Адрес сервиса единой точки входа +allowRemoteResourceManagementHelp=Должны ли ресурсы управляться удаленно сервером ресурсов? Если нет, то ресурсы могут управляться только через консоль администратора. +clients=Клиенты +changedUsersSyncPeriod=Период синхронизации измененных пользователей +clientName=Имя +userRegistration=Самостоятельная регистрация пользователей +save=Сохранить +login=вход +maxDeltaTimeSeconds=Время сброса неудачных попыток +backchannelLogoutHelp=Поддерживает ли внешний IDP backchannel logout? +usermodel.realmRoleMapping.rolePrefix.tooltip=Префикс для каждой роли Realm (опционально). +affirmative=Утвердительная +changedUsersSyncHelp=Период для синхронизации измененных или вновь созданных пользователей LDAP в секундах +trustEmailHelp=Если включено, то E-mail, предоставленный этим поставщиком не будет подтвержденным даже если подтверждение включено для realm. +maxFailureWaitSecondsHelp=Максимальное время, на которое пользователь будет заблокирован. +userInfoSignedResponseAlgorithm=Алгоритм подписи ответа информации о пользователе +maxDeltaTimeSecondsHelp=Через какое время счетчик неудачных попыток будет сброшен? +adminURLHelp=URL для доступа к интерфейсу администратора в заданном клиенте. Необходимо установить, если клиент поддерживает адаптер REST API. Это REST API разрешает серверу авторизации слать политики отзыва и прочие административные задачи. Обычно устанавливается значение, соответствующее базовому URL клиента. +otpPolicyPeriodHelp=Сколько секунд токен OTP должен быть действителен? По умолчанию 30 секунд. +contentSecurityPolicy=Content-Security-Policy +storePasswordHelp=Пароль для доступа в сам архив +frontchannelLogoutHelp=Когда правила, выход требует перенаправить браузер на клиента. Если ложь, сервер выполняет фоновый режим для выхода из системы. +userFederation=Федерация пользователей +directAccess=Включает поддержку Direct Access Grants, которая означает, что клиент имеет доступ к имени пользователя и пароля и обменивает их напрямую с сервером Keycloak на токен доступа. В терминах OAuth2 спецификации означает поддержку 'Resource Owner Password Credentials Grant' для этого клиента. +disable=Отключено +attributes=Атрибуты +logic=Логика +scopes=Области +principalType=Тип идентификации +resourceType=Тип ресурса +flowType=Тип сценария +minuteHelp=Определяет минуту, в которую политика ДОЛЖНА быть разрешена. Вы также можете определить диапазон, заполнив второе поле. В этом случае разрешение выдается только если текущая минута равна или находится между заданными значениями. +policyEnforcementModes.PERMISSIVE=Разрешающая +auth=Аутентификация +accessTokenLifespanImplicitFlow=Продолжительность жизни токена доступа для Implicit Flow +scopeName=Уникальное имя для области. Имя может быть использовано для уникальной идентификации области, используется при запросах конкретных областей. +userInfoUrlHelp=Url информации о пользователе. Это поле опционально. +remainingCount=Счетчик остатка +kc.realm.name=Realm +download=Скачать +authScopes=Области авторизации +impersonate=Имперсонировать +members=Члены +host=Сервер +optimizeLookupHelp=При подписи SAML документов при REDIRECT сопоставлении с SP, который обеспечивается безопасностью адаптера Keycloak, должен ли включать ID подписанного ключа в сообщение по протоколу SAML в элемент? Это оптимизирует валидацию сигнатуры, где в качестве проверки используется один ключ вместо попытки проверки каждого ключа во время валидации. +registration-access-token=Токен доступа к регистрации обеспечивает доступ для клиентов к сервису регистрации клиентов. +adminURL=URL администрирования приложения +settings=Настройки +failureFactorHelp=Количество неудачных попыток входа до блокировки пользователя. +addressClaim.region.label=Имя пользовательского атрибута, обозначающего Регион +storeTokensHelp=Включено/выключено хранение токенов после аутентификации пользователя. +singleLogoutServiceUrlHelp=Url, который должен быть использован для отправленных запросов на выход. +ipAddress=IP адрес +useTruststoreSpi=Использование доверенных сертификатов SPI +storeTokens=Хранение токенов +usermodel.clientRoleMapping.rolePrefix.tooltip=Префикс для каждой роли клиента (опционально). +includeInIdToken.label=Добавить в токен ID +browserFlow=Сценарий браузера +anyScope=Любая область +serverInfo=Информация о сервере +Sunday=Воскресенье +emailThemeHelp=Выберите тему для E-mail, которые будут отсылаться с сервера. +principalTypeHelp=Определяет, каким образом Keycloak идентифицирует внешних пользователей по SAML-сообщению. По умолчанию идентификация происходит по Subject NameID, в качестве альтернативы можно использовать атрибут-идентификатор. +Wednesday=Среда +emailVerifiedHelp=Должен ли пользователь подтверждать свой E-mail? +addExecution=Добавить исполнение +editMode=Режим редактирования +consents=Согласия +canonicalization=Метод канонизации +SSOSessionMax=Ограничение сессии SSO +groupMembership=Членство в группах +minimumQuickLoginWaitSecondsHelp=Как долго ждать после неудачной попытки быстрого входа. +code=Код +fullSyncPeriod=Период полной синхронизации +addNode=Добавить узел +jwksUrl=JWKS URL +policy-description=Описание этой политики. +keys=Ключи +policies=Политики +signatureKeyName=Наименование ключа сигнатуры SAML +certificate=Сертификат +importClient=Импортировать клиента +selectRole.label=Выберите роль +allTypes=Все типы +prompts.consent=согласие +ldapFilter=LDAP фильтр +hour=Час +connectionTimeoutHelp=Таймаут соединения с LDAP в миллисекундах +postBrokerLoginFlowAlias=Сценарий после входа +tokens=Токены +save-admin-events=Если включено, то события администратора будет сохранены в базу данных, что сделает их доступными через консоль администратора. +encryptAssertionsHelp=Должны ли SAML утверждения быть зашифрованы публичным ключом клиента, используя AES? +policyGroups=Задайте, какие пользователи допущены этой политикой. +on=Вкл +httpPostBindingLogout=Привязывание HTTP-POST для выхода +serviceAccount=Разрешает Вам аутентифицировать этого клиента в Keycloak и получить токен доступа специально для этого клиента. В терминах OAuth2 спецификации включает поддержку 'Client Credentials Grant' для этого клиента. +requirement=Требования +assertionConsumerServiceRedirectBindingURL=Привязка URL-адреса переадресации для сервиса подтверждения потребителей +loginThemeHelp=Выберите тему для страниц входа, временного одноразового пароля (OTP), выдачи разрешений, регистрации и восстановления пароля. +permissionDescription=Описание этого разрешения. +multivalued.label=Несколько значений +minute=Минута +useJwksUrl=Использовать JWKS URL +initialAccessToken=Токен первичного доступа +vendorHelp=LDAP поставщик (провайдер) +addressClaim.country.label=Имя пользовательского атрибута, обозначающего Страна +clustering=Кластеризация +applyToResourceType=Применить к типу ресурса +rememberMe=Запомнить меня +flow.registration=Сценарий регистрации +registeredClusterNodes=Зарегистрированные узлы кластера +selectRole.tooltip=Введите роль в текстовом поле слева, или нажмите на кнопку, чтобы выбрать желаемую роль. +storePassword=Пароль хранилища +logoutServiceRedirectBindingURLHelp=SAML переадресует на привязанный URL для единой точки выхода из сервиса для клиентов. Если Вы используете другие привязки, то можете остаавить это поле пустым. +defaultGroups=Группы по умолчанию +flow.browser=Сценарий браузера +editModeLdapHelp=READ_ONLY означает доступ только на чтение из LDAP. WRITABLE означает, что данные будут обратно синхронизированы в LDAP по заявке. UNSYNCED означает, что данные пользователя будут импортированы, но не синхронизированы обратно в LDAP. +addressClaim.street.tooltip=Имя пользовательского атрибута, которое будет использоваться для сопоставления атрибута 'street_address' внутри атрибута 'address' токена. По умолчанию 'street' . +Saturday=Суббота +includeInIdToken.tooltip=Должно ли значение быть добавлено в токен ID? +save-user-events=Если включено, то события будут сохранены в базу данных, что сделает их доступными администратору и консоли управления учетной записью. +password=Пароль +httpPostBindingResponseHelp=Указывает, необходоимо ли отвечать на завпросы, используя привязку HTTP-POST. Если не задано, то будет использован HTTP-REDIRECT. +allowPasswordAuthentication=Разрешить аутентификацию по паролю +composite=Составная +hourHelp=Определяет час, в который политика ДОЛЖНА быть разрешена. Вы также можете определить диапазон, заполнив второе поле. В этом случае разрешение выдается только если текущий час равен или находится между заданными значениями. +pairwiseSubAlgorithmSalt.tooltip=Соль, используемая для вычисления парного субъекта идентификатора. Если поле не заполнено, то соль будет сгенерирована. +clientAuthorization=Авторизация +waitIncrementSecondsHelp=Если порог ошибок превышен, сколько времени пользователь будет заблокирован? +allowKerberosAuthentication=Разрешить аутентификацию Kerberos +addressClaim.formatted.tooltip=Имя пользовательского атрибута, которое будет использоваться для сопоставления атрибута 'formatted' внутри атрибута 'address' токена. По умолчанию 'formatted' . +createPermission=Создать полномочия +events=События +mapperType=Тип сопоставления +edit=Редактировать +testConnection=Тест соединения +archiveFormat=Формат архивации +credentialResetConfirm=Послать письмо +kerberosRealm=Kerberos Realm +flow.direct\ grant=Сценарий Direct Grant Flow +associatedRolesText=Ассоциированные роли +defaultLocale=Язык по умолчанию +clientIdHelp=Идентификатор клиента, зарегистрированный с помощью поставщика идентификации. +typeHelp=Тип этого ресурса. Может быть использовано для группировки различных экземпляров ресурса с тем же типом. +htmlDisplayName=Отображаемое название в HTML +authorizationUrl=URL авторизации +flow-type.basic-flow=общий +contextualAttributes=Контекстные аттрибуты +allowPasswordAuthenticationHelp=Включить/выключить возможность аутентификации по имени/пароля вопреки базе данных Kerberos +includeInAccessToken.tooltip=Должно ли значение быть добавлено в токен доступа? +idpInitiatedSsoRelayStateHelp=Передать состояние, которое вы хотите послать вместе с SAML запросом, которым хотите проиницировать SSO поставщиком идентификации. +otpHashAlgorithmHelp=Какой алгоритм хеширования должен быть использован для генерации OTP. +usermodel.clientRoleMapping.clientId.tooltip=ID клиента для сопоставления ролей +includeOneTimeUseCondition=Включить условие одноразового использования +clientsClientScopesHelp=Области, ассоциироваанные с этим ресурсом. +vendor=Поставщик +logoutServiceRedirectBindingURL=URL переадресации для выхода из сервиса +dayMonth=Определяет день месяца, в который политика ДОЛЖНА быть разрешена. Вы также можете определить диапазон, заполнив второе поле. В этом случае разрешение выдается только если текущий день месяца равен или находится между заданными значениями. +idpInitiatedSsoRelayState=Передача состояния SSO инициирующим поставщиком идентификации +validatingX509Certs=Проверка X509 сертификатов +masterSamlProcessingUrl=Основной URL обработчика SAML +key=Ключ +email=E-mail +userInfoUrl=URL информации о пользователе +identityProviders=Поставщики идентификации +importUsers=Импортировать пользователей +principalAttributeHelp=Имя (Name) или "дружественное имя" (Friendly Name) атрибута, идентифицирующего внешних пользователей. +nameIdPolicyFormat=Формат политики NameID +idpInitiatedSsoUrlName=Имя URL фрагмента, обозначающего клиента, если вы хотите, чтобы SSO был проинициирован поставщиком идентификации. Оставьте это поле пустым, чтобы отключить инициирование SSO с помощью поставщика идентификации. URL для ссылки вашего браузера может быть в следующем виде\: {server-root}/realms/{realm}/protocol/saml/clients/{client-url-name} +ssoSessionIdle=Допустимое время бездействия сессии. По истечении этого времени токены и браузерные сессии становятся невалидными. +xFrameOptions=X-Frame-Options +scopeDescriptionHelp=Описание шаблона клиента +directGrant=Сценарий Direct Grant Flow +consensus=Консенсусная +policyType.totp=Основан на времени +emailTheme=Тема для E-mail +nameIdFormatHelp=Наименование формата ID для использования в теме. +adminEvents=События администратора +registerNodeManually=Зарегистрировать узел вручную +serverPrincipal=Основной сервер +redirectURI=URI перенаправления +signDocuments=Подпись документов +publicKeys=Публичные ключи +periodicFullSync=Периодическая полная синхронизация +tokenUrl=URL токена +notBefore=Не ранее чем +ldapMappersList=Сопоставления LDAP +createdAt=Создан +editUsername=Редактируемое имя пользователя +titleEvents=События +lastRegistration=Последняя регистрация +rolesHelp=Выберите роли, которые вы хотите связать с выбранным пользователем. +requireSsl=Требует SSL +samlEntityDescriptor=Позволяет вам загрузить метаданные внешнего IDP из файла конфигурации или скачать его из URL. +reevaluate=Переоценить +addIdpMapperName=Наименование сопоставления. +continue=Продолжить +details=Детали +selectScope=Выберите область +generateNewKeys=Сгенерировать новые ключи +offlineSessionIdle=Таймаут оффлайн сессии +periodicChangedUsersSync=Периодическая синхронизация изменений пользователей +principalAttribute=Атрибут-идентификатор +searchScope=Поиск области +userRegistrationHelpText=Включить/выключить страницу регистрации. Ссылка для регистрации будет также показана на странице входа. +revokeRefreshToken=Одноразовые токены обновления +resourceName=Уникальное имя для этого ресурса. Имя может быть использовано для уникальной идентификации ресурса, используется при запросах конкретных ресурсов. +minimumQuickLoginWaitSeconds=Минимальное ожидание быстрого входа +operationTypes=Типы операций +realmRoles=Роли Realm +firstName=Имя +expireTime=Определяет время, после которого политика НЕ ДОЛЖНА быть разрешена. Разрешено только если текущее время/дата менеьше или равны заданному значению. +expirationHelp=Установить срок истечения для событий. Истекшие события периодически удаляются из базы данных. +nameIdFormat=Наименование формата ID +adminThemeHelp=Выберите тему для консоли администратора. +name=Наименование шаблона клиента. Должно быть уникально для realm +validRedirectUri=Валидация URI перенаправления +clientList=Клиенты +userSession.modelNote.label=Заметка сессии пользователя +permissionName=Имя этого разрешения. +expires=Истекает +pagination=Постраничный вывод +import=Импорт JSON файла, содержащего авторизационные настройки для этого сервера ресурсов. +otpHashAlgorithm=Алгоритм хеша OTP +hideOnLoginPageHelp=Если скрыто, то вход с этим провайдером возможен только при явном вызове, например при использовании параметра 'kc_idp_hint'. +userAttribute=Атрибут пользователя +kid=KID +description=Описание +revoke=Отобрать +eventListenersHelpText=Настройка слушателей, получающих события для realm. +addressClaim.postal_code.tooltip=Имя пользоватеслького атрибута, котоое будет использоваться для сопоставления атрибута 'postal_code' внутри атрибута 'address' токена. По умолчанию 'postal_code' . +clientSignatureHelp=Будет ли клиент подписывать свои saml запросы и ответы? И должны ли они быть провалидированы? +keyPasswordHelp=Пароль для доступа к приватного ключу в архиве +frontchannelLogout=Выход с переднего канала +policyClient=Задайте, какие клиенты допущеный этой политикой. +providerId=ID +titleRoles=Роли Realm +sectorIdentifierUri.tooltip=Провайдеры, использующие пары вспомогательных значений и поддерживающие динамическую регистрацию клиентов ДОЛЖНЫ использовать sector_identified_uri параметр. Это обеспечивает способ для группы сайтов под общим административным контролем, чтобы иметь последовательные попарные значения независимо от индивидуальных доменных имен. Это также обеспечивает способ для клиентов для изменения redirect_uri доменов, не имещющих возможности перерегистрации всех своих пользователей. +Tuesday=Вторник +loginTimeout=Таймаут входа +rdnLdapAttribute=Атрибут RDN в LDAP +fineGrainSamlEndpointConfig=Тонкая настройка конфигурации конечных точек доступа SAML +hours=часов +bindType=Тип аутентификации +aliasHelp=Синоним уникально идентифицирует поставщика идентификации, а также используется для построения адреса переадресации. +maxFailureWaitSeconds=Максимальное ожидание +configure=Конфигурация +contextualInfo=Контекстная информация +manage=Управление +temporaryPassword=Временный +applyPolicyHelp=Определяем все политики, которые должны быть применены к областям, определенным этой политикой или разрешением. +kerberosIntegration=Интеграция с Kerberos +protocolMapper=Протокол... +requiredSettings=Требуемые настройки +sslType.none=нет +time=Время +bruteForceDetection=Определение Brute Force +archiveFormatHelp=Формат архивации Java keystore или PKCS12. +xContentTypeOptions=X-Content-Type-Options +keyAlias=Синоним ключа +prefix=Префикс для каждой роли Realm (опционально). +none=нет +sslType.all=все запросы +type=Тип +httpPostBindingResponse=Привязанный ответ HTTP-POST +saveEvents=Сохранять события +issuer=Эмитент +policyEnforcementModeHelp=Режим применения политик диктует, каким образом политики применяются при оценке запросов на авторизацию. «Обязывающая» означает, что запросы запрещены по умолчанию, даже если нет никакой политики, связанной с данным ресурсом. "Разрешающая" означает, что запросы разрешены даже если не существует политика, связанная с данным ресурсом. 'Отключено' полностью отключает оценку политики и позволяет получить доступ к любому ресурсу. +lastUpdated=Обновлено +credentialResetBtn=Сброс учетных данных +selectAUser=Выберите пользователя +seconds=секунд +eventTypes.RESET_PASSWORD.name=Сброс пароля +otpPolicyDigits=Количество цифр +permissions=Разрешения +keystore=Хранилище ключей +accountThemeHelp=Выберите тему для управления учетной записью пользователя. +canonicalizationHelp=Метод канонизации для XML сигнатур. +sessions=Сессии +fullSyncPeriodHelp=Период для полной синхронизации в секундах +priority=Приоритет +trustEmail=Подтверждение E-mail +jsonType.label=Тип переменной JSON +fullScopeAllowed=Полный доступ к областям +push=Разослать +titleUsers=Пользователи +masterSamlProcessingUrlHelp=Если URL сконфигурирован, то он будет каждый раз для связывания SP's Assertion Consumer и Single Logout Services. Может быть переопределен индивидуально для связывания каждого сервиса в тонкой настройке конфигурации конечных точек доступа SAML. +claimJsonType=Тип переменной в JSON, который должен использоваться при добавлении ее в токен. Допустимые значения long, int, boolean, и String. +forceAuthenticationHelp=Указывает, должен ли поставщик идентификации аутентифицировать ведущего напрямую, а не использовать предыдущий контекст безопасности. +testClusterAvailability=Протестировать доступность кластера +forceNameIdFormat=Принудительно использовать формат ID +sslType.external=внешние запросы +multiValued=Отображается, если атрибут поддерживает несколько значений. Если включен, то список всех значений будет претендовать на этот атрибут. В противном случае выбираться будет только первое значение +addRole=Добавить роль +addressClaim.locality.tooltip=Имя пользовательского атрибута, которое будет использоваться для сопоставления атрибута 'locality' внутри атрибута 'address' токена. По умолчанию 'locality' . +userInfoSignedResponseAlgorithmHelp=JWA алгоритм используется для подписи ответа ресурса информации о пользователе. Если установлено в 'unsigned', то ответ инофрмации о пользователе не будет подписан и будет возвращен в формате application/json. +lastName=Фамилия +duplicateEmailsHelpText=Разрешает разным пользователям иметь один и тот же E-mail. Изменение этой настройки также очистит пользовательский кэш. После выключения поддержки дублирующихся email рекомендуется вручную почистить в базе данных ограничения по E-mail существующим пользователям. +usermodel.realmRoleMapping.rolePrefix.label=Префикс ролей Realm +temporaryPasswordHelpText=Если включено, пользователю необходимо сменить пароль при следующем входе +otpPolicyDigitsHelp=Сколько цифр должен иметь OTP? +connectionPooling=Пул соединений +wantAuthnRequestsSignedHelp=Указывает, ожидает ли поставщик идентификации подписанных AuthnRequest. +enabled=Включено +authenticationAliasHelp=Наименование конфигурации +keyPassword=Пароль для ключа +SSOSessionIdle=Таймаут сессии SSO +ssoServiceUrlHelp=Url, который должен быть использован для отправленных запросов на аутентификацию (SAML AuthnRequest). +startTime=Определете время, до наступления которого политика НЕ ДОЛЖНА быть разрешена. Разрешено только если текущее время/дата больше или равны заданному значению. +logicHelp=Логика диктует, как политика должна применяться. Если 'Позитивная', результирующий эффект (разрешение или запрещение) полученный в ходе оценки этой политики будет использован для выполнения решения. Если 'Негативная', результирующий эффект будет отрицательным, другими словами, разрешение становится запрещением и наоборот. +copy=Копировать +connectionTimeout=Таймаут соединения +monthHelp=Определяет месяц, в который политика ДОЛЖНА быть разрешена. Вы также можете определить диапазон, заполнив второе поле. В этом случае разрешение выдается только если текущий месяц равен или находится между заданными значениями. +registrationAccessToken=Токен доступа к регистрации +supportedLocales=Поддерживаемые языки +showPasswordDataValue=Значение +issuerHelp=Идентификатор эмитента для эмитента ответа. Если не предоставлен, проверка не будет выполняться. +titleSessions=Сессии +clientNameHelp=Задает отображаемое название клиента. Например 'My Client'. Поддерживает ключи для локализованных значений. Например\\\: ${my_client} +createPolicy=Создать политику +clearAdminEvents=Очистить события администратора +rootURL=Корневой URL добавляется к относительным URL +rootUrl=Корневой URL +clientLoginTimeout=Таймаут авторизации клиента +nodeReRegistrationTimeoutHelp=Интервал, означающий максимальное время для узлов кластера зарегистрированных клиентов для их перерегистрации. Если узел кластера не может послать запрос перерегистрации в Keycloak за указанное время, то он будет разрегистрирован из Keycloak +logoutServicePostBindingURLHelp=SAML POST связанный URL для клиентского сервиса единого выхода. Если Вы используете другие привязки, то можете оставить это поле пустым. +readTimeout=Таймаут чтения +samlSignatureKeyName=Наименование ключа сигнатуры SAML +clientAuthentication=Аутентификация клиента +registrationEmailAsUsername=E-mail как имя пользователя +logicType.negative=Негитивная +otpPolicy=Политики OTP +flow-type.form-flow=форма +signDocumentsHelp=Должны ли SAML документы быть подписаны в realm? +resetPassword=Сброс пароля +requireSslHelp=Требуется ли HTTPS? 'нет' означает, что HTTPS не требуется для клиентов с любым IP адресом. 'Внешние запросы' означает, что localhost и внутренние IP адреса могут получить доступ без HTTPS. 'Все запросы' означает, что HTTPS требуется вне зависимости от IP адреса. +identityInformation=Идентичность данных +addUser=Добавить пользователя +usermodel.clientRoleMapping.rolePrefix.label=Префикс ролей клиента +partialImport=Частичный импорт +includeAuthnStatementHelp=Должны ли заявки на методы и временные метки быть включены в ответе на вход? +client-authenticator-type=Проверка подлинности клиента используется для аутентификации этого клиента вместо сервера Keycloak +signatureKeyNameHelp=Подписанные SAML документы содержат идентификаторы ключей подписи в элементе KeyName. Для Keycloak / RH-SSO контрагентов, используйте KEY_ID, для MS AD FS используйте CERT_SUBJECT, для остальных установите и используйте NONE если другие опции не работают. +loginWithEmail=Вход по E-mail +protocol=Протокол +manageAccount=Управление учетной записью +tokenClaimName.label=Имя переменной в токене +create=Создать +clientSecret=Секрет клиента +from=От +httpPostBindingAuthnRequest=Привязывание HTTP-POST для AuthnRequest +includeInAccessToken.label=Добавить в токен доступа +iconUri=Иконка URI +hideOnLoginPage=Скрыть на странице входа +createGroup=Создать группу +resource=Ресурс +created=Создано +minutes=минут +userSession.modelNote.tooltip=Наименование процедуры заметки сессии пользователя согласованным с UserSessionModel.note. +usersDN=Пользователи DN +clientsClientTypeHelp='OpenID connect' разрешает клиентам проверить личность конечного пользователя, основанного на выполнении аутентификации на Сервере Авторизации.'SAML' включает веб-сценарии аутентификации и авторизации, включая кроссдоменные центры единого управления доступом (SSO) и использующие токены безопасности, содержащие заявления на передачу информации. +selectUser=Выберите пользователя, идентификационные данные которого будут использованы для запроса разрешений с сервера. +webOriginsHelp=Разрешает CORS источникам. Чтобы разрешить всем источники с допустимыми URI-адресами переадресации, добавьте '+'. Чтобы разрешить все источники, добавьте '*'. +requestObjectSignatureAlgorithm=Алгоритм сигнатуры объекта запроса +logoutUrl=URL выхода +storedTokensReadable=Сохраненные токены доступны на чтение +admin-clearEvents=Удалить все события администратора из базы данных. +mappers=Сопоставления +waitIncrementSeconds=Порог ожидания +usermodel.prop.label=Свойство +name-id-format=Наименование формата ID +credentials=Учетные данные +policyType.hotp=Основан на счетчике +enableSSL=Включить SSL +general=Главная +failureFactor=Максимальное количество неудачных попыток входа +signAssertions=Sign Assertions +scopesSelect=Определяет, что разрешение должно быть применено к одной или нескольким областям. +disableUserInfoHelp=Отключить использование сервиса информации о пользователе, чтобы получить дополнительную информацию о пользователе? По умолчанию используется сервис OIDC. +adminTheme=Тема консоли администратора +alias=Синоним +value=Значение +clientSecretHelp=Секрет клиента, зарегистрированный с помощью поставщика идентификации. +validateSignatures=Включает/выключает проверку подписи ответов от SAML. +authentication=Аутентификация +descriptionHelp=Описание шаблона клиента +logoutUrlHelp=Конечная точка окончания сессии, используемая для выхода пользователя из внешнего IDP. +times.seconds=секунд +permissionType=Определяет, что это разрешение должно быть применено ко всем экземплярам ресурсов заданного типа. +policyEnforcementModes.ENFORCING=Обязывающая +debug=Отладчик +clear=Очистить +resources=Ресурсы +groups=Пользователь является членом группы. Выберите в списке группу и нажмите кнопку Покинуть, чтобы покинуть группу. +logicType.positive=Позитивная +signatureAlgorithm=Алгоритм, используемый для подписи документов. +eventTypes.LOGOUT.name=Выход +accountTheme=Тема учетной записи +requiredActions=Требуемые действия +forceAuthentication=Принудительная аутентификация +assertionConsumerServiceRedirectBindingURLHelp=SAML переадресация на привязанный URL для клиентского сервиса подтверждения потребителей (запросы входа). Вы можете оставить это поле пустым, если вы не имеете URL для осуществления такой привязки. +policyDecisionStagey=Стратегия решения диктует как политики связаны с заданными разрешениями и как формируется окончательное решение. 'Утвердительная' означает, что, по крайней мере, одна политика должна дать положительную оценку для того, чтобы окончательное решение также было положительным. 'Единогласная' означает что все политики должны дать положительную оценку для того, чтобы окончательная оценка также была положительной. 'Консенсусная' означает, что количество положительных решений должно превышать количество отрицательных решений. Если количество положительных и отрицательных решений совпадает, окончательное решение будет отрицательным. +resetActions=Действия сброса +selectARole=Выберите роль +titleAuthentication=Аутентификация +category=Категория +batchSize=Размер пачки +usermodel.prop.tooltip=Имя свойства метода в интерфейсе UserModel. Для примера, значение 'email' будет ссылкой на метод UserModel.getEmail(). +user=Пользователь +times.days=дней +providers=Поставщики diff --git a/js/apps/admin-ui/maven-resources/theme-resources/messages/messages_zh_CN.properties b/js/apps/admin-ui/maven-resources/theme-resources/messages/messages_zh_CN.properties new file mode 100644 index 0000000000..416163c236 --- /dev/null +++ b/js/apps/admin-ui/maven-resources/theme-resources/messages/messages_zh_CN.properties @@ -0,0 +1,2831 @@ +cancel=取消 +deleteConfirm_other=是否要删除这些群组? +trusted-hosts.label=受信任的主机 +deletedSuccess=供应商已成功删除。 +userID=用户 ID +anyResource=任何资源 +importAdded_zero=没有添加记录。 +createClientPolicy=创建客户端策略 +clientSignature=需要客户端签名 +persistent=持续 +eventTypes.PERMISSION_TOKEN.name=权限令牌 +permissionsDisable=是否禁用权限? +eventTypes.FEDERATED_IDENTITY_LINK_ERROR.description=联合身份链接错误 +secretHasExpired=密码已过期,请点击上面的 "Regenerate" 按钮生成一个新的 Secret +requiredRoles=请至少添加一个角色。 +addLdapWizardTitle=添加 LDAP 用户联盟供应商 +wantAssertionsSignedHelp=表明该服务供应商是否需要一个已签名的断言。 +disableConfirm=您确定要禁用供应商'{{provider}}' +eventTypes.CUSTOM_REQUIRED_ACTION.description=自定义所需操作 +flowName=流程名称 +userInfoResponseEncryptionContentEncryptionAlgorithm=用户信息响应加密内容加密算法 +eventTypes.IDENTITY_PROVIDER_FIRST_LOGIN_ERROR.name=身份供应商首次登录错误 +credentialType=类型 +searchByRoleName=按角色名称搜索 +passLoginHint=传递登录提示 +openIdConnectCompatibilityModesHelp=此部分用于配置与旧版 OpenID Connect / OAuth 2 适配器向后兼容的设置。特别是当您的客户端使用旧版 Keycloak / RH-SSO 适配器时,它非常有用。 +emptyClientScopes=此客户端没有任何添加的客户端范围 +requiredGroups=请至少添加一组。 +httpPostBindingAuthnRequestHelp=指示是否必须使用 HTTP-POST 绑定发送验证请求。如果为否,将使用 HTTP-REDIRECT 绑定。 +policyEnforcementMode=策略执行模式 +eventTypes.CLIENT_UPDATE.name=客户端更新 +addMultivaluedLabel=添加 {{fieldLabel}} +notRepeat=不重复 +secretRotated=密码轮换使用 +userFedDeleteConfirmTitle=删除用户联盟供应商? +userCredentialsHelpTextLabel=用户凭据帮助文本 +role=角色 +displayName=显示名称 +applyToResourceTypeHelp=指定此权限是否应应用于给定类型的所有资源。在这种情况下,将为给定资源类型的所有实例评估此权限。 +cibaIntervalHelp=CD(消费设备)必须在令牌端点的轮询请求之间等待的最短时间(以秒为单位)。如果设置为 0,CD 必须根据 CIBA 规范使用 5 作为默认值。 +envelopeFrom=信封发件人 +eventTypes.UPDATE_TOTP.name=更新TOTP +updateCibaError=无法更新 CIBA 策略:{{error}} +policyUrl=策略网址 +clientDescriptionHelp=指定客户端的描述。例如'My Client for TimeSheets'。也支持本地化值的键。例如:${my_client_description} +rolesPermissionsHint=确定是否为管理此角色启用细粒度权限。禁用将删除当前已设置的所有权限。 +invalidRealmName=领域名称不能包含特殊字符 +realmNameTitle={{name}} 领域 +subjectNameId=主题名称ID​​ +facebook.fetchedFields=其他用户的个人资料字段 +credentialsList=凭据列表 +usermodel.clientRoleMapping.clientId.label=客户端ID +clientId=客户端ID +serviceProviderEntityId=服务供应商实体ID +internationalizationHelp=如果启用,您可以选择您支持该领域的语言环境以及默认语言环境。 +managePriorityOrder=管理优先顺序 +contextualAttributesHelp=运行环境或执行上下文提供的任何属性。 +clientLoginTimeoutHelp=客户端必须完成访问令牌协议的最长时间。这通常应该是 1 分钟。 +emptyMappers=无映射 +artifactBindingUrlHelp=将 HTTP ARTIFACT 消息发送到的 URL。如果您使用不同的绑定,则可以将此留空。在强制 ARTIFACT 绑定与 IdP 发起的登录时,应设置此值。 +artifactBindingUrl=工件绑定 URL +clientsList=客户端列表 +userId=用户 ID +eventTypes.CLIENT_UPDATE_ERROR.description=客户端更新错误 +eventTypes.UPDATE_EMAIL.description=更新邮箱 +eventTypes.VALIDATE_ACCESS_TOKEN.description=验证访问令牌 +dedicatedScopeExplain=这是一个包括专用映射器和范围的客户端范围 +updateOtpError=无法更新 OTP 策略:{{error}} +addressClaim.postal_code.label=邮政编码的用户属性名称 +defaultRoles=默认角色 +samlSignatureKeyNameHelp=已签名的 SAML 文档在 KeyName 元素中包含签名密钥的标识。对于 Keycloak / RH-SSO 对方,使用 KEY_ID,对于 MS AD FS 使用 CERT_SUBJECT,对于其他人,如果没有其他有效的选项,请查看并使用 NONE。 +clientScopeTypes.default=默认 +invalidateRotatedSecret=使轮换使用的密码无效? +noDirectUsers=无直接用户 +whoCanEditHelp=如果启用,用户或管理员可以查看和编辑属性。否则,用户或管理员无权写入属性。 +eventTypes.LOGIN.name=登录 +addressClaim.country.tooltip=用户属性的名称,将用于映射到“地址”令牌声明中的“国家”子声明。默认为'country'。 +uuidLdapAttribute=UUID LDAP 属性 +scopeNameHelp=客户端作用域的名称。在领域中必须是唯一的。名称不应包含空格字符,因为它用作作用域参数的值。 +requiredUserActions=必需的用户操作 +noConsentsText=只有当用户尝试访问配置为需要被许可的客户端时,才会记录许可。在这种情况下,用户将获得一个许可授权页面,要求他们授予对客户端的访问权限。 +addStep=添加步骤 +userInitiatedActionLifespanHelp=用户发送的操作许可(例如忘记密码的电子邮件)过期之前的最长时间。建议该值较短,因为预计用户会对自己创建的操作做出快速反应。 +clearFileExplain=是否要清除该文件? +userModelAttribute=用户模型属性 +eventTypes.LOGOUT_ERROR.name=登出错误 +allowRemoteResourceManagement=远程资源管理 +syncRegistrationsHelp=新创建的用户应该在 LDAP 存储中创建吗?优先影响选择哪个供应商来同步新用户。此设置仅适用于可写的编辑模式。 +resetPasswordAllowed=忘记密码 +emptyExecution=无执行器 +passwordPolicyHintsEnabledHelp=仅适用于可写 MSAD。如果打开,则更新 MSAD 用户的密码将使用 LDAP_SERVER_POLICY_HINTS_OID 扩展,这意味着将应用高级 MSAD 密码策略,如“密码历史”或“最小密码使用期限”。此扩展有效仅适用于 MSAD 2008 R2 或更新版本。 +expirationValueNotValid=值应该大于或等于 1 +eventTypes.UPDATE_CONSENT.name=更新许可 +forceArtifactBinding=强制神器绑定 +eventTypes.REFRESH_TOKEN_ERROR.description=刷新令牌错误 +eventTypes.IMPERSONATE.name=角色扮演 +updateFirstLogin=首次登录时更新用户档案 +columnDisplayDescription=展示说明 +flowUsedBy=使用这个流程 +client-updater-trusted-hosts.label=受信任的主机 +updateExecutorSuccess=执行器更新成功 +ldapAttributeHelp=LDAP 对象上映射属性的名称。例如 'cn'、'sn'、'mail'、'street' 等。 +assertionLifespan=断言寿命 +export=导出 +密码策略.length=密码所需的最少字符数。 +revocationDescription=这是一种撤销所有活动会话和访问令牌的方法。“不在某日期之前”意味着您可以撤销在该日期之前发行的令牌。 +eventTypes.CODE_TO_TOKEN_ERROR.description=用于交换令牌的代码错误 +termsOfServiceUrl=服务条款网址 +requestObject.request_uri\ only=仅请求 URI +passwordPolicy=密码策略 +backchannelLogout=后台注销 +addressClaim.street.label=街道的用户属性名称 +applyToResourceTypeFlag=应用于资源类型 +offlineSessionIdleHelp=离线会话过期前允许空闲的时间。在此期间内至少需要使用离线令牌刷新一次,否则离线会话将过期。 +eventTypes.UPDATE_TOTP.description=更新TOTP +testError=尝试连接到 LDAP 时出错。有关详细信息,请参阅 server.log.{{error}} +groupObjectClassesHelp=群组对象的对象类(或多个类)。如果需要更多类,则用英文逗号分隔。在典型的 LDAP 部署中,它可能是'groupOfNames'。在 Active Directory 中,它通常是'组'。 +filterByClients=按客户端筛选 +claims=声明 +createPolicyOfType=创建 {{policyType}} 策略 +realmRolePrefix=领域角色前缀 +flowUsedByDescription=此流程由以下 {{value}} 使用 +createClientScope=创建客户端作用域 +includeRepresentation=是否包含表述文件 +expireTimeHelp=定义在该时间之后不得授予策略。仅当当前日期/时间早于或等于此值时才授予。 +singleLogoutServiceUrl=单一注销服务URL +noRolesInstructions-roles=您尚未在此领域中创建任何角色。创建角色以开始。 +editIdPMapper=编辑身份供应商映射器 +policyCode=为该策略提供条件的 JavaScript 代码。 +representation=表述 +remove=移除 +userProfile=用户资料 +syncLDAPGroupsToKeycloak=将 LDAP 组同步到 Keycloak +confirmPasswordDoesNotMatch=密码和验证不匹配。 +eventTypes.DELETE_ACCOUNT_ERROR.description=删除账号错误 +provider=供应者 +flows=流程 +root=根目录 +removeImportedUsersSuccess=导入的用户已被移除。 +eventTypes.VERIFY_PROFILE_ERROR.name=验证配置文件错误 +signAssertionsHelp=SAML 文档中的断言应该被签名吗?如果文档已经被签名,则不需要此设置。 +authnContextClassRefsHelp=请求的 AuthnContext ClassRefs 的有序列表。 +sessionsType.directGrant=直接授权 +validateSignature=验证签名 +useLowerCaseBearerType=在令牌响应中使用小写承载类型 +headers=标题 +ldapAttributeNameHelp=LDAP 属性的名称,将在注册期间添加到新用户 +createAGroup=创建群组 +effectiveProtocolMappersHelp=包含所有默认客户端范围和选定的可选范围。所有这些客户端范围的协议映射器和角色范围映射将在生成为客户端颁发的访问令牌时使用 +exportSuccess=领域成功导出。 +scopePermissions.groups.manage-description=决定管理员是否可以管理此群组的策略。 +testClusterFail=验证可用性失败:{{failedNodes}}。修复或注销失败的集群节点并重试 +eventExplain=事件是该领域中用户活动和管理员活动的记录。事件记录的配置请跳转至 <1>Event configs. +queryExtensions=查询支持的扩展 +signingKeysConfig=签名密钥配置 +validateBindDn=您必须输入 LDAP 管理员的 DN +addedGroupMembership=已添加群组成员身份 +resourceDeletedSuccess=资源删除成功 +userObjectClasses=用户对象类 +useRefreshTokensHelp=如果打开,将创建一个 refresh_token 并将其添加到令牌响应中。如果关闭,则不会生成任何 refresh_token。 +getStarted=要开始,请从下面的列表中选择一个供应商。 +times.hours=小时 +signedJWTConfirm=从密钥选项卡为客户端生成私钥和证书。 +permit=允许 +webOrigins=网络根源 +searchAdminEventsBtn=搜索管理员事件 +deleteDialogDescription=您确定要永久删除属性组 <1>{{group}}} 吗? +importResourceSuccess=资源导入成功 +eventTypes.LOGOUT.description=登出 +deleteNodeBody=您确定要永久删除节点"{{node}}" +lifespan=到期时间 +storedTokensReadableHelp=如果新用户可以读取任何存储的令牌,则启用/禁用。这会分配 broker.read-token 角色。 +authenticationFlowTypeHelp=它是一种什么样的形式? +usersAdded_one={{count}}用户已添加到群组 +resourcesAndScopes=资源和范围 +eventTypes.UPDATE_CONSENT_ERROR.description=更新许可错误 +overrideActionTokensHelp=在用户发送的操作许可(例如忘记密码的电子邮件)针对特定操作过期之前覆盖默认设置的最长时间。建议该值较短,因为预计用户会做出反应快速进行自我创建的动作。 +searchByName=按名称搜索 +executorTypeSwitchHelpText=执行器类型切换帮助文本 +attributeConsumingServiceNameHelp=要在 SP 元数据中通告的属性消费服务配置文件的名称。 +overrideActionTokens=覆盖操作令牌 +deleteGrantsError=删除授权时出错。 +defaultGroupAdded_other={{count}} 个新群组已被添加到默认群组 +used.SPECIFIC_CLIENTS=特定客户 +freeMemory=空余内存 +applyPolicy=应用策略 +userFedDeleteConfirm=如果您删除此用户联盟供应商,所有相关数据都将被删除。 +directGrantHelp=选择您要用于直接授权身份验证的流程。 +unlockUsersSuccess=所有临时锁定的用户现在都已解锁 +jsonType.tooltip=应该用于在令牌中填充JSON声明的JSON类型。long, int, boolean, String和JSON是有效的值。 +emptyPrimaryAction=添加预设的映射 +enableClientSignatureRequired=启用"需要客户端签名"? +supportedApplicationsHelp=已知适用于当前 OTP 策略的应用程序 +enableStartTLS=启用 StartTLS +syncModeOverride=同步模式覆盖 +addAssociatedRolesError=无法关联角色{{error}} +removeUserText=是否要移除{{numSelected}}个用户?这些用户将不再具有角色{{role}}及其关联角色的权限。 +diagramView=图表视图 +密码策略.digits=密码字符串中要求的数字的位数。 +removeImportedUsers=移除导入的用户? +conditionsHelpItem=条件帮助项 +accountLinkingOnly=仅账户链接 +clientPoliciesPoliciesHelpText=客户端策略允许将客户端配置文件与各种条件绑定,以指定何时执行特定客户端配置文件中的执行器所规定的行为。 +anyClient=任何客户端在任何事件中都满足该条件。 +editFlow=编辑流程 +noDefaultGroupsInstructions=设置默认组将允许您在<1>identity brokering过程中创建或导入新用户时自动分配群组。添加默认组以开始使用这一功能。 +tokenSaveSuccess=已创建新的初始访问令牌 +usermodel.attr.label=用户属性 +eventTypes.REGISTER.name=注册 +deleteUser=删除用户 +addedNodeSuccess=节点添加成功 +eventTypes.INTROSPECT_TOKEN_ERROR.description=令牌内部检查错误 +webAuthnPolicyUserVerificationRequirementHelp=与身份验证器通信以确认实际验证用户。 +syncModes.import=导入 +realmSaveError=领域无法更新:{{error}} +authDataDescription=表示作为处理授权请求的结果携带授权数据的令牌。这种表示基本上是 Keycloak 向请求许可的客户端发出的内容。检查 `authorization` 声明以获取基于当前授权请求。 +permissionScopes=指定此权限必须应用于一个或多个范围。 +generatedAccessTokenIsDisabled=未选择用户时禁用生成的访问令牌 +allowRemoteResourceManagementHelp=资源应该由资源服务器远程管理吗?如果为假,资源只能从这个 Admin UI 管理。 +addNewProvider=添加新供应商 +userInfoResponseEncryptionKeyManagementAlgorithm=用户信息响应加密密钥管理算法 +changedUsersSyncPeriod=更改用户同步周期 +keystoreHelp=密钥文件路径 +userRegistration=用户注册 +save=保存 +helpFileUploadClient=上传 JSON 或 XML 文件 +generateSuccess=新密钥对和证书生成成功 +userAttributeValueHelp=你想要硬编码的值 +whoCanViewHelp=如果启用,用户或管理员可以查看该属性。否则,用户或管理员无权访问该属性。 +eventTypes.IDENTITY_PROVIDER_LOGIN.description=身份供应者登录 +includeClients=包含客户端 +copySuccess=成功复制到剪贴板! +eventTypes.LOGOUT_ERROR.description=登出错误 +clientProfilesHelp=应用此策略的客户端配置文件。 +deleteClientPolicyError=无法删除策略:{{error}} +resourceAttributeHelp=与资源关联的属性。 +updateCredentialUserLabelSuccess=已成功更改用户标签。 +product=产品名称 +credentialUserLabel=用户标签 +bindTypeHelp=在 LDAP 绑定操作期间使用的身份验证方法的类型。它用于发送到 LDAP 服务器的大多数请求。目前只有'无'(匿名 LDAP 身份验证)或'简单'(绑定凭据+绑定密码身份验证)机制可用。 +permissionPolicies=指定必须应用于此策略或权限定义的范围的所有策略。 +whoWillAppearPopoverText=群组是分层的。选择“直接群组成员资格”时,只会看到用户直接加入的子组,而不包括父级群组。 +eventTypes.VERIFY_EMAIL.description=验证邮箱 +eventTypes.REFRESH_TOKEN_ERROR.name=刷新令牌错误 +partialImportHeaderText=部分导入允许您从之前导出的 json 文件中导入用户、客户端和其他资源。 +disableSuccess=供应商已成功禁用 +validatingPublicKeyIdHelp=如果是密钥 ID,则上面给出的验证公钥的显式 ID。如果上面的密钥被始终使用,则可以留空,不管外部 IDP 指定的密钥 ID。如果密钥仅用于验证,则设置它如果来自外部 IDP 的密钥 ID 匹配。 +eventTypes.IDENTITY_PROVIDER_LINK_ACCOUNT_ERROR.name=身份提供商关联账号错误 +subtree=子数 +userFederation=用户联盟 +effectiveRoleScopeMappingsHelp=选定的可选客户端范围,将在为该客户端发出访问令牌时使用。当您希望在初始OpenID连接身份验证请求从您的客户端适配器发送时并且要应用这些可选的客户端范围时,您可以在上面看到OAuth范围参数需要使用的值。 +disable=禁用 +membershipLdapAttribute=成员身份的 LDAP 属性 +availableIdPs=可用的身份供应商 +updateClientConditionSuccess=条件更新成功。 +attributes=属性 +roleDeleteConfirmDialog=此操作将永久删除角色“{{selectedRoleName}}”,并且无法撤消。 +clientDelete=删除客户端 {{clientId}} 吗? +userDeletedSuccess=用户已被删除 +revokeClientScopesTitle=是否撤消所有已授予的客户端作用域? +contentSecurityPolicyReportOnlyHelp=用于测试内容安全策略<1>了解更多 +eventTypes.PERMISSION_TOKEN.description=权限令牌 +allow-default-scopes.label=允许默认范围 +minuteHelp=定义必须授予策略的分钟。您还可以通过填写第二个字段来提供范围。在这种情况下,仅当当前分钟介于或等于您提供的两个值时才授予权限。 +updateCibaSuccess=CIBA 策略更新成功 +newRoleNameHelp=新角色名称。新名称格式与角色将映射到访问令牌中的位置相对应。因此,新名称“myapp.newname”将角色映射到访问标记中的位置。新名称“newname”将角色映射到令牌中的领域角色。 +mapperTypeFullNameLdapMapper=fullname-ldap-mapper +eventTypes.INVALID_SIGNATURE.name=无效签名 +authDetailsHelp=导出并下载此资源服务器的所有资源设置。 +policyProvider.regex=为您的权限定义正则表达式条件。 +clientImportError=无法导入客户端:{{error}} +members=成员 +scopePermissions.clients.token-exchange-description=决定允许哪些客户端将令牌交换为此客户端的令牌的策略。 +realmCertificateAliasHelp=领域证书也存储在存档中。这是它的别名。 +scopePermissions.roles.map-role-client-scope-description=决定管理员是否可以将此角色应用于客户端的客户端范围的策略。 +createIdentityProviderError=无法创建身份供应商:{{error}} +registration-access-token=注册访问令牌为客户端提供对客户端注册服务的访问。 +eventTypes.SEND_VERIFY_EMAIL_ERROR.description=发送验证邮件错误 +deleteClientPolicyConfirm=此操作将永久删除策略 {{policyName}},并且无法撤消。 +cibaAuthRequestedUserHint=身份验证请求的用户提示 +samlKeysExportError=无法导出密钥,因为:{{error}} +webAuthnPolicyCreateTimeout=超时 +comparison=对比 +deletedSuccessClientScope=客户端作用域已删除 +notBeforeError=清除领域的“不早于”时出错\: {{error}} +columnDisplayName=展示名称 +noUsersFoundErrorStorage=找不到用户,可能是由于错误配置了联合提供程序{{error}} +storeTokensHelp=如果必须在验证用户身份后存储令牌,则可以启用/禁用。 +revert=还原 +eventTypes.IDENTITY_PROVIDER_RETRIEVE_TOKEN.description=身份供应者检索令牌 +dependentPermission=依赖权限 +addAssociatedRolesSuccess=已添加关联角色 +groupDeleted_one=已删除群组 +userHelp=可选择用户,将为选择的用户生成示例访问令牌。如果不选择用户,则在评估期间不会生成示例访问令牌 +loginScreenCustomization=登录页面定制 +policiesConfigType=配置方式: +exportWarningTitle=谨慎导出 +emailVerifiedHelp=用户的电子邮件是否已验证? +duplicateFlow=复制流程 +addExecution=添加执行器 +noSearchResultsInstructions=单击上面的搜索栏搜索群组 +addedNodeFail=无法添加节点。因为'{{error}}' +groupMembership=间接群组成员资格 +maxLength=最大长度{{length}} +prompts.unspecified=未指定 +revokeClientScopes=是否要吊销{{clientId}}的所有已授予的客户端作用域? +cibaBackhannelTokenDeliveryModes.poll=计票 +policies=策略 +parentClientScope=父级客户端范围 +reorder=重新排序 +allTypes=所有类型 +backchannelLogoutSessionRequired=需要反向通道注销会话 +ldapFilter=LDAP 过滤器 +editAttribute=编辑属性 +webAuthnPolicyRpEntityNameHelp=便于阅读的 WebAuthn依赖方的服务器名称 +postBrokerLoginFlowAlias=登录后流程 +refreshTokenMaxReuse=刷新令牌重复使用的最大次数 +partialExportHeaderText=部分导出允许您将领域配置和其他相关资源导出到 json 文件中。 +clientScopes=客户端范围 +displayDescriptionHint=在用户界面表单中用于提示的文本。 +loadingRealms=领域加载中... +eventTypes.SEND_RESET_PASSWORD_ERROR.description=发送重置密码错误 +httpPostBindingLogout=HTTP-POST 绑定注销 +updateMessageBundleSuccess=成功!消息包已更新。 +permissionDescription=权限的描述。 +multivalued.label=支持多值 +buildIn=内置 +roleCreateExplain=这是一些描述 +scopePermissions.identityProviders.token-exchange-description=决定允许哪些客户端使用此身份提供程序生成的外部令牌交换令牌的策略。 +algorithmNotSpecified=未指定算法 +rememberMe=记住我 +flow.registration=注册流程 +showLess=显示更少 +registeredClusterNodes=注册集群节点 +connectionAndAuthenticationSettings=连接和身份验证设置 +密码策略.notEmail=密码不能与用户邮箱地址相同。 +deleteConfirmUsers=删除用户? +storePassword=存储密码 +defaultGroups=默认群组 +eventTypes.TOKEN_EXCHANGE_ERROR.name=令牌交换错误 +flow.browser=浏览器流程 +unlinkUsersSuccess=取消用户链接成功完成。 +addressClaim.street.tooltip=用户属性的名称,将用于映射到'address'令牌声明中的'street_address'子声明。默认为'street'。 +webAuthnPolicyCreateTimeoutHint=超时时间需要在 0 秒到 8 小时之间 +addValidator=添加验证器 +attributeImporter=如果断言中存在声明的 SAML 属性,则将其导入指定的用户属性或属性。 +userInfoSettings=用户信息设置 +createAttributeError=错误!用户资料的配置尚未保存{{error}}。 +password=密码 +eventTypes.VERIFY_EMAIL.name=验证邮箱 +httpPostBindingResponseHelp=指示是否响应使用 HTTP-POST 绑定的请求。如果为否,将使用 HTTP-REDIRECT 绑定。 +mapperTypeHardcodedAttributeMapper=hardcoded-attribute-mapper +eventTypes.IMPERSONATE.description=角色扮演 +forbidden_other=禁止, needed\: 权限 +clientAuthorization=授权 +identityProvidersPermissionsHint=确定是否为管理此角色启用细粒度权限。禁用将删除当前已设置的所有权限。 +removeMappingConfirm_other=您确定要移除 {{count}} 个角色 +kerberosWizardDescription=此处需要文本。 +nameHint=组的唯一名称。在将属性绑定到组时,此名称将用于引用组。 +welcome=欢迎访问 +events=事件 +importHelp=导入包含此资源服务器授权设置的 JSON 文件。 +mapperType=映射器类型 +importResources=将导入以下设置和数据: +validateConnectionUrl=您必须输入连接 URL +attributeConsumingServiceIndexHelp=在身份验证期间请求的属性消费服务配置文件的索引。 +clientSessionSettings=客户端会话设置 +cibaAuthRequestedUserHintHelp=识别请求身份验证的最终用户的方式。目前仅支持 "login_hint"。 +leaveGroupConfirmDialog_other=是否要从{{count}}所选群组中移除{{username}}? +createTokenHelp=初始访问令牌只能用于创建客户端 +removeImportedUsersError=由于:'{{error}}',无法移除导入的用户。 +eventTypes.OAUTH2_DEVICE_CODE_TO_TOKEN_ERROR.description=Oauth2设备用于交换令牌的代码错误 +typeHelp=客户端作用域,将以默认作用域的形式添加到每个创建的客户端 +linkedIdPs=关联的身份提供程序 +htmlDisplayName=HTML 展示名称 +groupObjectClasses=分组对象类 +requiredActionPlaceholder=选择 +bindCredentials=绑定凭据 +logoutSettings=注销设置 +validateServerPrincipal=您必须输入服务器主体 +baseUrlHelp=覆写此身份供应商的默认基本 URL。 +addMessageBundle=添加消息包 +密码策略.forceExpiredPasswordChange=在需要新密码之前,当前密码的有效天数。 +realmName=领域名称 +searchEventType=搜索被保存的事件类型 +idpInitiatedSsoRelayStateHelp=当您想要执行 IDP 发起的 SSO 时,您想要使用 SAML 请求发送的中继状态。 +otpHashAlgorithmHelp=应该使用什么哈希算法来生成 OTP。 +joinGroup=加入群组 +eventTypes.REMOVE_TOTP_ERROR.description=移除totp错误 +eventTypes.EXECUTE_ACTION_TOKEN_ERROR.description=执行动作令牌错误 +unlinkAccountConfirm=是否要永久取消此帐号与{{provider}}的关联? +x509CertificateHelp=以 PEM 格式编码的 X509 证书 +samlEndpointsLabel=SAML 2.0 服务供应商元数据 +passCurrentLocaleHelp=将当前语言环境作为 ui_locales 参数传递给身份供应商。 +lessThan=必须小于 {{value}} +webAuthnPolicyRequireResidentKeyHelp=它告诉验证者是否创建公钥凭证作为常驻密钥。 +logoutServiceRedirectBindingURL=注销服务重定向绑定URL +createIdentityProviderSuccess=身份供应商已成功创建 +emptyMappersInstructions=如果要添加映射,请单击下面的按钮添加预设的映射或配置新的映射 +dayMonth=日 +clientRolesHelp=该条件检查客户端上是否存在指定的客户端角色,以确定是否应用该策略。这有效地允许客户端管理员在客户端上创建指定名称的客户端角色,以确保特定的客户端策略将应用于此客户端的请求。在大多数 OpenID Connect 请求(授权请求、令牌请求、内省端点请求等)期间检查条件。 +validatingX509Certs=验证 X509 证书 +eventTypes.CLIENT_UPDATE.description=客户端更新 +searchInitialAccessToken=搜索令牌 +guiOrder=显示顺序 +friendlyName=断言中要搜索的属性的友好名称。您可以将此留空并指定一个名称。 +testSuccess=成功连接到 LDAP +userInfoUrl=用户信息网址 +displayOnConsentScreen=在许可上显示 +noClientPolicies=无客户端策略 +syncUsersSuccess=用户同步成功完成。 +updatedCredentialMoveError=尚未保存用户凭据设置 +shortVerificationUriTooltip=如果设置,此值将在设备授权流程中作为 verification_uri 返回。此 uri 需要重定向到 {server-root}/realms/{realm}/device +searchForRoles=按名称搜索角色 +refresh=刷新 +roleDeletedSuccess=角色已删除 +advancedClaimToRole=如果所有声明都存在,则授予用户指定的领域或客户端角色。 +directGrant=直接授权流程 +maxLifespanHelp=缓存条目的最大寿命(以毫秒为单位) +associatedRolesModalTitle=将角色添加到{{name}} +nameIdFormatHelp=用于主题的名称 ID 格式。 +detailsHelp=这是关于细节的信息 +adminEvents=管理员事件 +serviceAccountHelp=允许您向 Keycloak 验证此客户端并检索专用于此客户端的访问令牌。根据 OAuth2 规范,这可以支持此客户端的'客户端凭据授权'。 +urisHelp=一组受资源保护的 URI。 +eventTypes.IDENTITY_PROVIDER_RESPONSE.name=身份供应者响应 +confirmClientSecretTitle=为这个客户端重新生成密码? +serverPrincipal=服务器主体 +deleteConfirmGroup_one=是否要删除此群组“{{groupName}}”。 +signDocuments=签署文件 +noTokens=没有初始访问令牌 +addMapper=添加映射器 +webauthnPolicy=Webauthn 策略 +userAttributeName=用于存储 SAML 属性的用户属性名称。使用电子邮件、姓氏和名字映射到那些预定义的用户属性。 +displayDescriptionField=展示说明 +eventTypes.DELETE_ACCOUNT.description=删除账号 +eventTypes.RESTART_AUTHENTICATION_ERROR.description=重启认证错误 +evictionHour=清除的时间(小时) +notBefore=不早于 +onDragFinish=拖动完成{{list}} +otpSupportedApplications.totpAppMicrosoftAuthenticatorName=Microsoft 身份验证器 +ldapMappersList=LDAP 映射器 +bindDnHelp=LDAP 管理员的 DN,Keycloak 将使用它来访问 LDAP 服务器 +newClientProfileName=客户端配置文件名称 +eventTypes.OAUTH2_DEVICE_CODE_TO_TOKEN_ERROR.name=Oauth2设备用于交换令牌的代码错误 +eventTypes.TOKEN_EXCHANGE.description=交换令牌 +continue=继续 +editProvider=编辑供应者 +included.client.audience.label=包括客户端受众 +backchannelLogoutUrlHelp=当注销请求发送到该领域时(通过 end_session_endpoint)将导致客户端自行注销的 URL。如果省略,在这种情况下将不会向客户端发送注销请求。 +updateScopeSuccess=授权范围更新成功 +userInfoResponseEncryptionKeyManagementAlgorithmHelp=JWA 算法用于加密用户信息端点响应的密钥管理。如果您想要加密用户信息端点响应,则需要此选项。如果留空,用户信息端点响应不加密。 +authnContextDeclRefsHelp=请求的 AuthnContext DeclRefs 的有序列表。 +inherent=继承 +tableTitle=属性组 +generateNewKeys=生成新密钥 +updateClientPolicySuccess=客户端策略已更新 +unlock=解锁 +validateRealm=您必须进入一个领域 +attributeValue=属性值 +eventTypes.CLIENT_DELETE_ERROR.description=客户端删除错误 +clientScopesHelp=它使用预先请求或分配给客户端的范围来确定策略是否应用于此客户端。在 OpenID Connect 授权请求和/或令牌请求期间评估条件。 +revokeRefreshToken=撤销刷新令牌 +mappingUpdatedSuccess=映射更新成功 +logoUrlHelp=引用客户端应用程序徽标的 URL +resourceName=此资源的唯一名称。该名称可用于唯一标识资源,在查询特定资源时很有用。 +operationTypes=操作类型 +loginWithEmailAllowed=使用邮箱登录 +expireTime=过期时间 +requestObject.request\ or\ request_uri=请求或请求 URI +policyProvider.user=定义允许一组一个或多个用户访问对象的权限条件。 +protocolTypes.openid-connect=OpenID Connect +clientTypeHelp='OpenID Connect' 允许客户端根据授权服务器执行的身份验证来验证最终用户的身份。'SAML' 启用基于 Web 的身份验证和授权方案,包括跨域单点登录( SSO) 并使用包含断言的安全令牌来传递信息。 +addOpenIdProvider=添加 OpenID Connect 供应商 +memory=内存 +eventTypes.CLIENT_LOGIN.name=客户端登录 +mapper.nameid.format.tooltip=名称ID使用映射格式 +hideOnLoginPageHelp=如果隐藏,只有在明确请求时才能使用此提供程序登录,例如使用'kc_idp_hint'参数。 +eventTypes.UPDATE_PROFILE.description=更新资料 +assignRolesTo=为{{client}}账号分配角色 +orderChangeError=无法更改身份供应商的显示顺序 {{error}} +policyProvider.client-scope=为您的权限定义条件,允许一组一个或多个客户端范围访问一个对象。 +secretExpiresOn=密码在 {{time}} 过期 +searchClientByName=按名称搜索客户端 +loginTimeout=登录超时 +attributeName=属性 [名称] +updateError=无法更新供应商 {{error}} +importUsersHelp=如果为真,LDAP 用户将被导入 Keycloak 数据库并通过配置的同步策略进行同步。 +emptyClientProfilesInstructions=没有配置文件,选择'创建客户端配置文件'来创建新的客户端配置文件 +policyProvider.js=使用 JavaScript 为您的权限定义条件。它是 Keycloak 支持的基于规则的策略类型之一,并具有编写基于 Evaluation API 的任何策略的灵活性。 +idpType.social=社交账号登录 +fineGrainSamlEndpointConfig=细粒度 SAML 端点配置 +hours=小时 +eventTypes.RESET_PASSWORD_ERROR.name=重置密码错误 +yes=是 +showRemaining=显示${remaining} +searchProfile=搜索配置文件 +eventTypes.UPDATE_EMAIL_ERROR.name=更新邮箱错误 +removeConfirm_other=您确定要移除这些组吗? +renameGroup=重命名组 +configure=配置 +searchScopeHelp=对于一个级别,搜索仅适用于用户 DN 指定的 DN 中的用户。对于子树,搜索适用于整个子树。有关更多详细信息,请参阅 LDAP 文档。 +jumpToSection=跳转到 +noUsersEmptyStateDescription=只有直接分配了此角色的用户才会显示在此选项卡下。如果需要查找分配给此角色的角色,请转到 +manage=管理 +searchForSession=搜索会话 +temporaryLockedHelp=由于多次登录尝试失败,用户可能被锁定。 +kerberosIntegration=Kerberos 集成 +useEntityDescriptorHelp=从远程 IDP SAML 实体描述符导入元数据。 +decisionStrategies.CONSENSUS=共识 +saveProviderSuccess=供应者已成功保存。 +dedicatedScopes=专用范围 +noSessionsDescription=此领域中当前没有活动会话。 +createGroupText=创建属性组 +otpPolicyCodeReusable=可重复使用的令牌 +addRedirectUri=添加有效的重定向 URI +time=时间 +disableSigningExplain=如果您禁用 "{{key}}",Keycloak 数据库将更新,您可能需要为此客户端下载新的适配器。 +mapperTypeRoleLdapMapperHelp=用于将角色的角色映射从某些 LDAP DN 映射到领域角色或特定客户端的客户端角色的 Keycloak 角色映射 +used.DEFAULT=默认 +authenticationCreateFlowHelp=创建流程 +credentialResetEmailSuccess=发送给用户的电子邮件。 +sslType.all=所有请求 +discoveryEndpointHelp=从远程 IDP 发现描述符导入元数据。 +excludeSessionStateFromAuthenticationResponse=从身份验证响应中排除会话状态 +required=是否为必填项 +linkedIdPsText=已关联到此用户帐户的身份供应商 +lastUpdated=最后更新 +credentialResetBtn=重置凭据 +socialProfileJSONFieldPathHelp=从社交供应商用户配置文件 JSON 数据中获取值的字段路径。您可以使用圆点表示法进行嵌套,使用方括号表示数组索引。例如 'contact.address[0].country'。 +userModelAttributeHelp=UserModel 属性的名称或要将 LDAP 属性映射到的属性。例如'firstName'、'lastName、'email'、'street' 等。 +userList=用户列表 +eventTypes.RESET_PASSWORD.name=重置密码 +exportWarningDescription=如果您的领域中有大量群组、角色或客户端,该操作可能会使服务器暂时无响应。 +importRole=导入角色 +deleteClientProfileConfirm=此操作将永久删除配置文件 {{profileName}}。此操作无法撤消。 +signServiceProviderMetadataHelp=启用/禁用提供商 SAML 元数据的签名。 +oAuthMutual=OAuth 2.0 相互 TLS 证书绑定访问令牌已启用 +keystore=密钥库 +eventTypes.EXECUTE_ACTION_TOKEN.description=执行动作令牌 +eventTypes.CLIENT_INFO.description=客户端信息 +updateClientProfilesError=提供的 JSON 不正确\: Unexpected token { in JSON +canonicalizationHelp=XML 签名的规范化方法。 +authorizationHelp=为客户端启用/禁用细粒度授权支持 +sessions=会话 +mapperCreateSuccess=映射器创建成功。 +fullSyncPeriodHelp=以秒为单位的完全同步周期 +resourceTypeHelp=指定此权限必须应用于给定类型的所有资源实例。 +encryptionAlgorithmHelp=SAML IDP 用于加密 SAML 文档、断言或 ID 的加密算法。解密 SAML 文档部分的相应解密密钥将根据此配置的算法选择,并且应该在领域密钥中可用加密 (ENC) 使用。如果未配置算法,则允许使用任何支持的算法,并且将根据 SAML 文档本身配置的算法选择解密密钥。 +socialUserAttributeName=存储信息的用户属性名。 +priority=优先级 +jsonType.label=声明的 JSON 类型 +fullScopeAllowed=允许全范围 +syncModes.inherit=继承 +masterSamlProcessingUrlHelp=如果配置,则此 URL 将用于每个绑定到 SP 的断言消费者和单点注销服务。这可以在 Fine Grain SAML 端点配置中为每个绑定和服务单独覆写。 +addedGroupMembershipError=添加群组成员身份时出错 +authenticatorAttachment.platform=平台 +configSaveSuccess=成功保存执行器的配置 +regenerate=重新生成 +ignoreMissingGroups=忽略缺失的群组 +sslType.external=外部请求 +showMetaData=显示元数据 +webAuthnPolicyAttestationConveyancePreferenceHelp=向身份验证者传达如何生成证明声明的偏好。 +top-level-flow-type.basic-flow=基本流程 +groupRemoveError=移除群组 {error} 时出错 +temporaryPasswordHelpText=如果启用,用户需要在下次登录时更改密码 +requestObjectEncryption=请求对象加密算法 +connectionPooling=连接池 +wantAuthnRequestsSignedHelp=指示身份供应商是否需要签名的验证请求。 +eventTypes.IMPERSONATE_ERROR.description=角色扮演错误 +eventTypes.IDENTITY_PROVIDER_RESPONSE.description=身份供应者响应 +shouldBeANumber=应为一个数字 +validatorDialogColNames.colDescription=描述 +requestObjectEncoding=请求对象内容加密算法 +idTokenEncryptionKeyManagementAlgorithmHelp=JWA 算法用于加密 ID 令牌的密钥管理。如果您想要加密的 ID 令牌,则需要此选项。如果留空,ID 令牌只是签名,但不加密。 +idpInitiatedSsoUrlNameHelp=当您想执行 IDP 发起的 SSO 时引用客户端的 URL 片段名称。将此留空将禁用 IDP 发起的 SSO。您将从浏览器引用的 URL 将是:{server-root}/realms/{realm }/protocol/saml/clients/{client-url-name} +keyPassword=密钥密码 +attributeFriendlyName=属性 [友好名称] +clearAllFilters=清除所有筛选条件 +scopePermissions.clients.map-roles-composite-description=决定管理员是否可以将此客户端定义的角色作为组合应用于其他角色的策略 +roleObjectClassesHelp=角色对象的对象类(或多个类)。如果需要更多类,则用英文逗号分隔。在典型的 LDAP 部署中,它可能是 'groupOfNames'。在 Active Directory 中,它通常是 'group'。 +emptyAddClientScopes=无客户端范围 +changeTypeTo=将类型更改为 +generateKeys=生成密钥? +searchForUser=用户搜索 +groupRemove_one=群组已移除 +savePasswordError=保存密码时出错\: {{error}} +allGroups=所有组 +密码策略.passwordHistory=防止最近使用的密码被重复使用。 +deleteNode=删除节点? +rdnLdapAttributeHelp=LDAP 属性的名称,用作典型用户 DN 的 RDN(顶级属性)。通常它与用户名 LDAP 属性相同,但不是必需的。例如对于 Active directory,它很常见当用户名属性可能是“sAMAccountName”时使用“cn”作为 RDN 属性。 +addAaguids=添加 AAGUID +createPolicy=创建客户端策略 +disablePolicyConfirm=如果策略被禁用,用户和客户端将无法访问该策略。您确定要继续吗? +useDiscoveryEndpoint=使用发现端点 +clearAdminEvents=清除管理员事件 +eventTypes.CLIENT_DELETE.name=客户端删除 +clientLoginTimeout=客户端登录超时 +mapperSaveSuccess=映射器保存成功。 +noRolesAssociatedInstructions=要将角色复合到此角色,请按“添加角色”按钮 +alwaysDisplayInUIHelp=始终在帐户 UI 中列出此客户端,即使用户没有活动会话。 +eventTypes.UPDATE_PASSWORD.name=更新密码 +eventTypes.UPDATE_CONSENT.description=更新许可 +realmSaveSuccess=领域更新成功 +notBeforePushFail=无法将 "not before" 推送到:{{failedNodes}} +executorTypeTextHelpText=执行器类型文本帮助文本 +eventTypes.IDENTITY_PROVIDER_LOGIN_ERROR.description=身份供应者登录错误 +readTimeout=读取超时 +userInfoResponseEncryptionContentEncryptionAlgorithmHelp=在加密用户信息端点响应时用于内容加密的 JWA 算法。如果指定了用户信息响应加密密钥管理算法,则此值的默认值为 A128CBC-HS256。 +accessTokenSignatureAlgorithm=访问令牌签名算法 +createUser=创建用户 +logoutAllDescription=如果您注销所有活动会话,此领域中的所有有效主体将被注销。 +credentialResetEmailError=失败:{{error}} +flow-type.form-flow=表单型 +useKerberosForPasswordAuthenticationHelp=用户 Kerberos 登录模块用于根据 Kerberos 服务器验证用户名/密码,而不是使用目录服务 API 验证 LDAP 服务器 +guiOrderHelp=将GUI中提供程序的顺序(如“许可”页面)指定为整数 +signDocumentsHelp=SAML 文档应该由领域签名吗? +resetPassword=重置密码 +requireSslHelp=是否需要HTTPS?'无'表示任何客户端IP地址都不需要HTTPS。'外部请求'表示本地主机和私有IP地址无需HTTPS即可访问。'所有请求'表示所有IP地址都需要HTTPS。 +policyDeletedSuccess=策略已成功删除 +manageServiceAccountUser=要管理详细信息和群组映射,请单击用户名 <1>{{link}} +addClientProfileSuccess=已添加新的客户端配置文件 +helpDisabled=关闭帮助 +deleteResource=永久删除资源? +validRequestURIsHelp=有效 URI 列表,可在 OpenID Connect 身份验证请求期间用作 'request_uri' 参数的值。支持与有效重定向 URI 相同的功能。例如通配符或相对路径。 +emptyAddClientScopesInstructions=没有要添加的客户端范围 +changeTypeIntro={{count}}个所选客户端作用域将更改为 +secretSizeHelp=生成的密码的字节大小 +clientSecret=客户端密码 +claimHelp=要在令牌中搜索的声明名称。您可以使用'.'引用嵌套声明,即'address.locality'。要按字面意思使用点 (.),请使用反斜杠将其转义。(\\. ) +regexClaimValues=正则表达式声明值 +iconUri=图标 URI +allowed-protocol-mappers.label=允许的协议映射器 +group=群组 +addAssociatedRolesText=添加关联角色 +enabledFeatures=启用的功能 +groupsClaimHelp=如果已定义,该策略将从表示请求权限的身份的访问令牌或 ID 令牌中的给定声明中获取用户组。如果未定义,则用户组将从您的领域配置中获取。 +createGroup=创建群组 +validatingPublicKeyId=验证公钥 ID +clientAuthentications.client_secret_jwt=作为 jwt 的客户端秘密 +created=已创建 +minutes=分 +displayOnClient=在页面上显示客户端 +certSubject=CERT_SUBJECT +userCredentialsHelpText=顶级处理程序允许您为用户转换凭据的优先级,最顶层的凭据具有最高优先级。一个可扩展面板中的处理程序允许您更改凭证的可视顺序,最上面的凭证将显示在最左侧。 +ldapAdvancedSettingsDescription=此部分包含用于更精细地配置 LDAP 存储提供程序的所有其他选项。 +usersDN=用户DN +secretSize=秘钥大小 +included.custom.audience.label=包括自定义受众 +max-clients.label=每个领域最大客户端数量 +requestObjectSignatureAlgorithm=请求对象签名算法 +searchForGroups=搜索群组 +noRolesAssociated=没有关联的角色 +eventTypes.IDENTITY_PROVIDER_POST_LOGIN_ERROR.name=身份供应者非首次登录错误 +emptyStateMessage=没有属性组 +tokenLifespan.expires=过期于 +oidcAttributeImporter=将声明的声明(如果存在于 ID、访问令牌或用户配置文件端点返回的声明集中)导入到指定的用户属性或属性中。 +requestObject.request\ only=仅请求 +waitIncrementSeconds=等待增量 +requiredForLabel.admins=仅限管理员 +clientScopeSuccess=作用域映射已更新 +clientPolicySearch=搜索客户端策略 +refreshTokens=刷新令牌 +eventTypes.UPDATE_EMAIL_ERROR.description=更新邮箱错误 +credentials=凭证 +webAuthnPolicyCreateTimeoutHelp=以秒为单位创建用户公钥凭证的超时值。如果设置为 0,则不适应此超时选项。 +policyType.hotp=基于计数器 +eventTypes.REGISTER_ERROR.name=注册错误 +priorityHelp=供应商的优先级 +emptyPolicies=没有策略 +manageOrderTableAria=按照登录页面列出的顺序排列的身份供应商列表 +disableError=无法禁用供应商 {{error}} +anyAlgorithm=任何算法 +enableSSL=启用 SSL +general=常规设置 +failureFactor=登录失败最多次数 +updateClientPoliciesSuccess=客户端策略配置已更新 +advancedSettings=高级设置 +attributeValueHelp=属性必须具有的值。如果属性是列表,则该值必须包含在列表中。 +eventTypes.FEDERATED_IDENTITY_LINK.description=联合身份链接 +adminTheme=管理界面主题 +alias=别名 +eventTypes.SEND_IDENTITY_PROVIDER_LINK_ERROR.name=发送身份供应者链接错误 +userEvents=用户事件 +otpPolicyPeriodErrorHint=时间需要在 1 秒到 2 分钟之间 +introduction=如果您想离开此页面并管理此领域,请单击左侧导航栏中相应的菜单项。 +clearUserEvents=清除用户事件 +descriptionHelp=新流程描述的帮助文本 +addCustomProvider=添加自定义供应商 +permissionType=指定此权限必须应用于给定类型的所有资源实例。 +policyEnforcementModes.ENFORCING=强制执行 +rowSaveBtnAriaLabel=保存对 {{messageBundle}} 的编辑 +permanentLockout=永久锁定 +debug=调试 +webAuthnPolicyRequireResidentKey=需要常驻密钥 +notBeforePushSuccess=成功推送 "not before" 到:{{successNodes}} +unlockUsersConfirm=所有临时锁定的用户将被解锁。 +clear=清除 +idpType.custom=自定义 +eventTypes.LOGOUT.name=登出 +deletedErrorClientScope=无法删除客户端作用域\: {{error}} +groupsClaim=团体声明 +roleMappingUpdatedError=无法更新角色映射 {{error}} +client-updater-source-groups.label=群组 +frontchannelLogoutUrlHelp=当注销请求发送到该领域时(通过 end_session_endpoint)将导致客户端自行注销的 URL。如果未提供,则默认为基本 url。 +authenticationOverridesHelp=覆写领域认证流程绑定。 +requiredActions=必需的操作 +selectLocales=选择语言环境 +policyDecisionStagey=决策策略规定了如何评估与给定权限相关的策略以及如何获得最终决定。'肯定'意味着至少有一个策略必须评估为肯定的决定才能做出最终决定也是肯定的。“一致”意味着所有政策都必须评估为肯定的决定,以便最终决定也是肯定的。“共识”意味着积极决定的数量必须大于消极决定的数量。如果数量正面和负面的相同,最终决定是否定的。 +usermodel.prop.tooltip=用户模块接口中属性方法的名字. 例如, 'email' 会引用UserModel.getEmail() 方法. +kc.identity.authc.method=认证方式 +regexAttributeValues=正则表达式属性值 +otpTypeHelp=totp 是基于时间的一次性密码。'hotp' 是一种基于计数器的一次性密码,服务器在其中保留一个用于哈希的计数器。 +setAsDefaultAction=设置为默认操作 +keyForCodeExchange=代码交换代码挑战方法的证明密钥 +clientProfiles=客户端配置文件 +endpointsHelp=显示服务提供商终端节点(Endpoint)的配置 +syncKeycloakGroupsToLDAP=将 Keycloak 组同步到 LDAP +mapperTypeLdapAttributeMapper=hardcoded-ldap-attribute-mapper +unlockAllUsers=解锁所有用户 +noGroupsText=您尚未将此用户添加到任何群组。从加入一个群组开始。 +createClientPolicyError=无法创建策略,因为:{{error}} +eventTypes.EXECUTE_ACTIONS_ERROR.name=执行动作错误 +path=路经 +overwritten=已被覆写 +deleteProviderError=删除密钥供应商时出错 +supportedLocalesHelp=该领域支持的语言环境。用户在登录屏幕上选择这些语言环境之一。 +comparisonHelp=指定用于评估请求的上下文类或语句的比较方法。默认为"Exact"。 +generatedIdTokenIsDisabled=未选择用户时禁用生成的 ID 令牌 +nodeHost=节点主机 +eventTypes.REGISTER_NODE_ERROR.description=注册节点错误 +acrToLoAMapping=ACR 到 LoA 映射 +advancedSettingsSaml=此部分用于配置此客户端的高级设置 +resetCredentialsError=重置用户凭据时出错\: {{error}} +eventTypes.INTROSPECT_TOKEN.name=令牌内部检查 +unspecified=未指定 +deleteMappingTitle=删除映射? +profile=配置文件 +active=活跃 +generateKeysDescription=如果您生成新密钥,您可以自动下载带有私钥的密钥库并将其保存在您的客户端。Keycloak 服务器将只保存证书和公钥,而不保存私钥。 +googleHelp.userIp=在调用 Google 的用户信息服务时设置 'userIp' 查询参数。这将使用用户的 IP 地址。如果 Google 正在限制对用户信息服务的访问,这很有用。 +addSubFlowTitle=添加子流程 +useTruststoreSpiHelp=指定 LDAP 连接是否将使用 Truststore SPI 以及在 standalone.xml/domain.sml 中配置的信任库。'始终' 表示它将始终使用它。'始终不' 表示它不会使用它。' 仅适用于ldaps' 意味着如果您的连接 URL 使用 ldaps,它将使用它。请注意,即使未配置 standalone.xml/domain.xml,'javax.net.ssl.trustStore' 属性指定的默认 java cacerts 或证书将会被使用。 +forcePostBindingHelp=始终使用 POST 绑定进行响应。 +executorName=姓名 +VERIFY_EMAIL=验证电子邮件 (VERIFY_EMAIL) +realmCertificateAlias=领域证书别名 +roleName=角色名称 +addOrigins=添加 Origin +evictionDayHelp=准入许可将在星期几失效 +actionTokens=操作令牌 +permissionResources=指定此权限必须应用于特定资源实例。 +testConnectionHint.withoutEmail=要测试连接,您必须首先为当前用户 ({{userName}}) 配置一个电子邮件地址。 +includeOneTimeUseConditionHelp=一次性使用的条件是否应该包含在登录响应中? +availableIdPsText=此处列出了此领域中所有配置的身份提供程序。您可以将用户帐户关联到任何IdP帐户。 +accessTokenLifespanHelp=访问令牌过期前的最长时间。建议此值相对于 SSO 超时时间较短 +editableRowsTable=可编辑的行表 +redirectURIHelp=配置身份供应商时使用的重定向 uri。 +permissionsEnabled=已启用权限 +saveRealmError=无法创建领域\: {{error}} +attestationPreference.none=无 +pairwiseSubAlgorithmSalt.label=盐值 +addGroupsToGroupPolicy=将群组添加到群组策略 +deniedScopes=拒绝范围 +updateClientProfilesSuccess=客户端配置文件配置已更新 +flow.docker\ auth=Docker 认证流程 +useEntityDescriptor=使用实体描述符 +loginActionTimeout=登录操作超时 +windowsDomainQN=窗口域名限定名 +deleteClientError=无法删除配置文件:{{error}} +validRedirectURIs=成功登录后浏览器可以重定向到的有效 URI 模式。允许使用简单的通配符,例如 'http\://example.com/*'。也可以指定相对路径,例如 /my/relative/path /*。相对路径是相对于客户端根 URL 的。如果没有指定,则使用身份验证服务器根URL。对于SAML协议,如果您依赖于登录请求中嵌入的消费者服务URL,则必须设置有效的URI模式。 +UPDATE_PROFILE=更新配置文件 (UPDATE_PROFILE) +assertionConsumerServicePostBindingURL=断言消费者服务 POST 绑定 URL +removeImported=移除导入的数据 +endpoints=终端 +roleSaveError=无法保存角色\: {{error}} +keySize=秘钥大小 +membershipUserLdapAttributeHelp=仅在成员身份属性类型为 UID 时使用。它是用户的 LDAP 属性的名称,用于成员身份映射。通常为“uid”。例如,如果“成员身份用户 LDAP”的值属性'是'uid',LDAP 组有'memberUid\: john',那么预计特定的LDAP 用户将有属性'uid\: john'。 +validatingX509CertsHelp=必须用于检查签名的PEM格式的证书。可以输入多个证书,以英文逗号(,)分隔。 +samlCapabilityConfig=SAML 功能 +accessTokenSignatureAlgorithmHelp=用于签署访问令牌的 JWA 算法。 +clientPolicyName=策略的显示名称 +derFormatted=DER 格式 +periodicChangedUsersSyncHelp=是否应启用将已更改或新创建的 LDAP 用户定期同步到 Keycloak +signatureAlgorithmHelp=用于签署文档的签名算法。请注意,基于 'SHA1' 的算法已被弃用,将来可能会被删除。建议坚持使用一些更安全的算法而不是 '*_SHA1' +allow-default-scopes.tooltip=如果开启,新注册的客户端将被允许拥有在领域默认客户端范围或领域可选客户端范围中提到的客户端范围。 +emailVerified=电子邮箱验证 +addExecutionHelp=执行可以有多种操作,从发送重置电子邮件到验证 OTP。 +requestObjectRequiredHelp=指定客户端是否需要为其授权请求提供请求对象,以及他们可以为此使用什么方法。如果设置为"not required",则提供请求对象是可选的。在所有其他情况下, 提供请求对象是强制性的。如果设置为"request",则请求对象必须按值提供。如果设置为"request_uri",则请求对象必须通过引用提供。如果设置为"request" or request_uri", 两种方法都可以使用。 +removeConfirm_one=您确定要移除这个群组吗? +createUserProviderSuccess=用户联盟供应商已成功创建 +countHelp=指定使用令牌可以创建多少个客户端 +mapperTypeHardcodedLdapGroupMapper=hardcoded-ldap-group-mapper +Monday=星期一 +resetCredentialsSuccess=密码已成功重置。 +added=已添加 +authnContextDeclRefs=验证上下文的否定参考 +externalRoleToRole=在 keycloak 访问令牌中寻找外部角色。如果存在外部角色,则授予用户指定的领域或客户端角色。 +attributeGroup=属性组 +deleteExecutionError=无法删除执行器:{{error}} +hideInheritedRoles=隐藏继承的角色 +consentRequired=需要授权 +selectMethodType.import=导入 +standardFlow=标准流程 +votedToStatus=投票给{{status}} +credentialResetConfirmText=是否要向用户发送电子邮件 +clientScopeType.default=默认 +helpFileUpload=上传 JSON 文件 +addProvider_one=添加 {{provider}} 身份供应商 +clientPoliciesPolicies=客户端策略 +removeAllAssociatedRoles=移除所有关联角色 +flowCreatedSuccess=流程已创建 +fineGrainOpenIdConnectConfiguration=细粒度 OpenID 连接配置 +flow.reset\ credentials=重置凭据流程 +eventTypes.DELETE_ACCOUNT_ERROR.name=删除账号错误 +eventTypes.CLIENT_DELETE_ERROR.name=客户端删除错误 +noRolesInstructions-client=您还没有为这个客户创建任何角色。创建一个角色以开始。 +test=测试 +leaveGroup_one=离开群组{{name}}? +count=数量 +noPasswordPoliciesInstructions=您尚未向该领域添加任何密码策略。添加一个策略以开始。 +testAuthentication=测试认证 +groupNameLdapAttributeHelp=LDAP 属性的名称,在组对象中用于组的名称和 RDN。通常为 'cn'。在这种情况下,典型的组/角色对象可能具有 DN,如 'cn\=Group1,ouu\=组,dc\=example,dc\=org'。 +deleteError=无法删除供应商 {{error}} +attributeDisplayName=展示名称 +pkceEnabled=使用 PKCE +userProviderSaveSuccess=用户联盟供应商已成功保存 +month=月 +valueLabel=值 +dropNonexistingGroupsDuringSyncHelp=如果这个标志为真,那么在从 LDAP 到 Keycloak 的群组同步期间,我们将只保留那些仍然存在于 LDAP 中的 Keycloak 组。其余的将被删除。 +expiration=过期 +addKerberosWizardTitle=添加 Kerberos 用户联盟供应商 +noPasswordPolicies=无密码策略 +resourceTypes=资源类型 +deleteConfirmTitle_one=是否删除群组? +eventTypes.UPDATE_PROFILE_ERROR.description=更新配置文件错误 +webAuthnUpdateSuccess=已成功更新 webauthn 策略 +authorizationSignedResponseAlg=授权响应签名算法 +mapperTypeFullNameLdapMapperHelp=用于将用户的全名从 LDAP 中的单个属性(通常是 'cn' 属性)映射到 Keycloak DB 中 UserModel 的 firstName 和 lastName 属性 +paypal.sandbox=目标沙箱 +includeInUserInfo.label=添加到用户信息 +onDragMove=正在拖动{{item}} +back=返回 +deleteScopeConfirm=如果删除此授权范围,部分权限将受到影响。 +updateOtpSuccess=OTP 策略成功更新 +title=身份验证 +deleteAttributeError=属性未删除 +enableClientSignatureRequiredExplain=如果启用"需要客户端签名",此客户端的适配器将被更新。您可能需要为此客户端下载一个新的适配器。您需要为此客户端生成或导入密钥,否则身份验证不管用。 +policiesConfigTypes.formView=表单视图 +residentKey.No=否 +nodeReRegistrationTimeout=节点重新注册超时 +fineGrainSamlEndpointConfigHelp=此部分为断言消费者和单点注销服务配置确切的 URL。 +connectionURL=连接地址 +validateCustomUserSearchFilter=过滤器必须用英文括号括起来,例如:(filter) +accessTokenLifespan=访问令牌寿命 +loginWithEmailHelpText=允许用户使用他们的电子邮件地址登录。 +eventTypes.IDENTITY_PROVIDER_LINK_ACCOUNT.name=身份提供商关联账号 +deleteMessageBundleSuccess=已成功从包中删除消息 +retry=刷新并继续 +firstBrokerLoginFlowAliasHelp=身份验证流程的别名,在首次使用此身份供应商登录后触发。术语“首次登录”表示当前没有 Keycloak 帐户链接到经过身份验证的身份供应商帐户。 +owner=所有者 +eventTypes.VERIFY_PROFILE.description=验证配置文件 +executorAuthenticatorMultiSelectHelpText=执行器验证多选的帮助文本 +eventTypes.FEDERATED_IDENTITY_LINK_ERROR.name=联合身份链接错误 +eventTypes.EXECUTE_ACTIONS.name=执行动作 +encryptAssertions=加密断言 +disableConfirmTitle=禁用领域? +custom=自定义属性... +keyTab=按键标签 +addSamlProvider=添加 SAML 供应商 +permission=权限 +saveEventListeners=保存事件监听器 +capabilityConfig=功能配置 +mapperTypeMsadUserAccountControlManagerHelp=映射器特定于 MSAD。它能够将 MSAD 用户帐户状态集成到 Keycloak 帐户状态(帐户已启用,密码已过期等)。它为此使用 userAccountControl 和 pwdLastSet MSAD 属性。例如,如果 pwdLastSet 为 0, Keycloak 用户需要更新密码;如果 userAccountControl 为 514(禁用帐户),则 Keycloak 用户也被禁用等。Mapper 还能够处理来自 LDAP 用户身份验证的异常代码。 +home=首页 +bindFlow=绑定流程 +baseUrl=基本网址 +userAttributeValue=用户属性值 +browserFlowHelp=选择要用于浏览器身份验证的流程。 +tokenLifespan.never=永不过期 +notFound=找不到您要查找的资源 +passMaxAge=通过 max_age +disablePolicyConfirmTitle=禁用策略? +eventTypes.LOGIN_ERROR.description=登录错误 +linkAccount=关联帐号 +attestationPreference.direct=直接 +eventTypes.OAUTH2_DEVICE_AUTH_ERROR.description=Oauth2设备认证错误 +unlinkUsers=取消链接用户 +userLdapFilter=用户 LDAP 过滤器 +emailVerification=邮箱验证 +configSaveError=无法保存执行器的配置:{{error}} +onlyLdaps=仅适用于 ldaps +cachePolicyHelp=此存储提供程序的缓存策略。'DEFAULT' 是全局缓存的默认设置。'EVICT_DAILY' 是每天缓存失效的时间。'EVICT_WEEKLY' 是一天缓存将失效的星期和时间。'MAX_LIFESPAN' 是以毫秒为单位的时间,它将成为缓存条目的生命周期。 +eventTypes.CUSTOM_REQUIRED_ACTION_ERROR.description=自定义必要操作错误 +eventTypes.SEND_RESET_PASSWORD.name=发送重置的密码 +requiredFor=针对何人为必填项 +scopePermissions.users.map-roles-description=决定管理员是否可以为所有用户映射角色的策略。 +bindCredentialsHelp=LDAP 管理员的密码。该字段可以从保险库中获取其值,使用 ${vault.ID} 格式。 +searchForAdminEvent=搜索管理员事件 +unitLabel=选择时间单位 +webAuthnPolicySignatureAlgorithms=签名算法 +eventTypes.GRANT_CONSENT_ERROR.name=授权许可错误 +action=操作 +shortVerificationUri=设备授权流程中的短 verification_uri +placeholderText=点击并请从中选择一个 +deleteCredentialsError=删除用户凭据时出错\: {{error}} +authDefaultActionTooltip=如果启用,此项操作对于任何新用户都将是必需的操作。 +validateBindCredentials=您必须输入 LDAP 管理员的密码 +evictionMinuteHelp=准入许可将在哪一分钟失效 +includeAuthnStatement=包括验证声明 +validatorType=验证器类型 +attributesHelp=要在令牌中搜索的属性的名称和(正则表达式)值。在 SAML 属性名称和属性友好名称字段中搜索属性的配置名称。必须满足每个给定的属性描述才能设置角色。如果属性是一个数组,那么这个值必须包含在数组中。如果一个属性可以多次找到,那么一次匹配就足够了。 +samlAttributeToRole=如果属性存在,则授予用户指定的领域或客户端角色。 +enableStartTls=启用 StartTLS +addIdPMapper=添加身份供应商映射器 +createPermissionSuccess=成功创建权限 +roleAuthentication=角色身份验证 +homeURL=主页 URL +eventTypes.REVOKE_GRANT_ERROR.name=撤销授权错误 +contentSecurityPolicyReportOnly=仅限内容安全策略报告 +firstBrokerLoginFlowAlias=首次登录流程 +missingAttributes=尚未定义任何属性。单击下面的按钮添加属性,密钥和值是密钥对所必需的。 +testConnectionError=错误!{{error}} +authenticatedAccessPoliciesHelp=当通过身份验证请求调用客户端注册服务时使用这些策略。这意味着该请求包含初始访问令牌或承载令牌。 +deleteClientPolicyProfileSuccess=配置文件已成功从策略中删除。 +reGenerateSigningExplain=如果您为客户端重新生成签名密钥,Keycloak 数据库将更新,您可能需要为此客户端下载新的适配器。 +evaluate=评估 +enableLdapv3Password=启用 LDAPv3 密码修改扩展操作 +status=状态 +dragInstruction=通过点击并拖动从而改变优先级 +clients=客户端 +密码策略.upperCase=密码字符串中要求的大写字母的个数。 +clientName=客户端名称 +syncModes.force=强制 +deleteMappingConfirm=是否要删除此映射? +createClientProfileSuccess=已创建新的客户端配置文件 +eventTypes.CLIENT_LOGIN_ERROR.description=客户端登录错误 +explainBearerOnly=这是一种特殊的 OIDC 类型。此客户端只允许承载令牌请求,不能参与浏览器登录。 +noMessageBundlesInstructions=添加消息包以开始使用。 +clearFile=清除该文件 +allowCreate=允许创建 +providerUpdatedError=由于{{error}}无法更新客户端策略 +usersAddedError=无法将用户添加到群组\: {{error}} +orderChangeErrorUserFed=由于{{error}},无法更改用户联盟供应商的优先顺序。 +scopeParameterPlaceholder=选择范围参数 +deleteClientPolicyConfirmTitle=删除策略? +validateRdnLdapAttribute=您必须输入 RDN LDAP 属性 +policyUrlHelp=依赖方客户端提供给最终用户的 URL,以了解如何使用配置文件数据 +fromDisplayName=发件人展示名称 +affirmative=肯定的 +clientRoles=客户端角色 +removeRoles=移除角色 +maxFailureWaitSecondsHelp=用户被锁定的最长时间。 +groupsPath=群组路径 +useRealmRolesMapping=使用领域角色映射 +identityProviderEntityId=身份供应商实体 ID +userInfoSignedResponseAlgorithm=用户信息签名响应算法 +selectGroup=选择群组 +scopePermissions.groups.view-members-description=决定管理员是否可以查看此群组成员的策略。 +tableOfGroups=群组列表 +allowed-protocol-mappers.tooltip=允许的协议映射程序提供商白名单。如果尝试注册客户端,其中包含一些未被列入白名单的协议映射器,则注册请求将被拒绝。 +policyProvider.role=为您的权限定义条件,允许一组一个或多个角色访问一个对象。 +openIDendpointConfiguration=OpenID 终端节点配置 +targetOptions.brokerId=BROKER_ID +eventTypes.VERIFY_PROFILE.name=验证配置文件 +useRealmRolesMappingHelp=如果为真,则 LDAP 角色映射将映射到 Keycloak 中的领域角色映射。否则它将映射到客户端角色映射。 +forwardParameters=转发查询参数 +frontchannelLogoutUrl=前端通道注销 URL +testConnectionHint.withoutEmailAction=配置电子邮件地址 +webAuthnUpdateError=由于{{error}},无法更新 webauthn 策略 +paginationHelp=LDAP服务器是否支持分页 +oAuthMutualHelp=这启用了对 OAuth 2.0 双向 TLS 证书绑定访问令牌的支持,这意味着 keycloak 将访问令牌和刷新令牌与令牌的 X.509 证书绑定在一起,请求客户端在 keycloak 的令牌端点和这个客户。这些令牌可以被视为密钥持有者令牌而不是不记名令牌。 +deleteProviderTitle=删除密钥提供商? +scopes=范围 +accessTokens=访问令牌 +columnName=名称 +flowType=流程类型 +syncLDAPGroupsSuccessful=数据已成功同步 {{result}} +policyEnforcementModes.PERMISSIVE=获准使用 +subject=主题 DN +use=使用 +defaultAdminInitiated=由管理员发起的默认操作的生命周期 +chooseAMapperType=选择映射类型 +startTimeHelp=定义在该时间之前不得授予策略。仅当当前日期/时间晚于或等于此值时才授予。 +noGroupsInThisRealm=此领域中没有群组 +executorClientAuthenticator=执行器客户端认证器 +addWebOrigins=添加网络根源 +clientScopeExplain=客户端作用域是多个客户端之间共享的一组通用协议映射和角色。 +attributeNameHelp=要在断言中搜索的属性名称。您可以将此留空并指定一个友好的名称。 +linkAccountTitle=将帐号关联到{{provider}} +invalidateRotatedSuccess=轮换使用的秘密成功删除 +userSessionAttributeHelp=您要硬编码的用户会话属性的名称 +updateSuccessIdentityProvider=供应商更新成功 +host=主机 +forbidden_one=禁止, needed\: 权限 +backchannelLogoutRevokeOfflineSessions=后台注销撤销离线会话 +supportedApplications=支持的应用程序 +kerberosPrincipal=Kerberos 主体 +resourceAttribute=资源属性 +addressClaim.region.label=区域的用户属性名称 +applyToResourceTypeFlagHelp=指定此权限是否应用于给定类型的所有资源。在这种情况下,将为给定资源类型的所有实例评估此权限。 +managePriorityInfo=优先级是供应商在进行用户查找时的顺序。您可以拖动用户联盟供应商所在的行来更改优先级。 +deletedErrorIdentityProvider=无法删除供应商 {{error}} +included.custom.audience.tooltip=这只在“包含的客户端受众”未填充时使用。指定的值将包含在令牌的受众(aud)字段中。如果令牌中存在现有受众,则只向其添加指定的值。它不会覆盖现有的用户。 +includeInIdToken.label=添加到ID令牌 +steps=步骤 +tokenDeleteConfirm=您确定要永久删除初始访问令牌 {{id}} +flowCreateError=无法创建流程:{{error}} +readTimeoutHelp=LDAP 读取超时,以毫秒为单位。此超时适用于 LDAP 读取操作。 +host-sending-registration-request-must-match.tooltip=如果开启,只要它是从一些受信任的主机或域发送的,任何对客户端注册服务的请求都是允许的。 +profilesConfigTypes.formView=表单视图 +validatorDeletedSuccess=用户资料配置已保存。 +canonicalization=规范化方法 +deleteConfirmTitle=删除领域? +includeInAccessTokenResponse.label=添加到访问令牌响应 +SSOSessionMax=SSO会话最长的时间 +clientScope=客户范围 +inheritedFrom=继承自 +clientScopeSearch.name=姓名 +deleteConditionSuccess=条件已删除 +clientProfile=配置文件详情 +syncAllUsers=同步所有用户 +allowedClockSkewHelp=验证身份供应商令牌时可以允许的时钟偏差秒数。默认值为零。 +disableConfirmIdentityProvider=您确定要禁用供应商'{{provider}}' +clientSaveError=无法更新客户端:{{error}} +tokenSaveError=无法创建初始访问令牌 {{error}} +certificate=证书 +deleteConfirmExecutionMessage=您确定要永久删除执行器"<1>{{name}}}"。 +offlineSessionMaxLimitedHelp=启用最大离线会话 +delete=删除 +userGroupsRetrieveStrategyHelp=指定如何检索用户组。LOAD_GROUPS_BY_MEMBER_ATTRIBUTE 表示将通过发送 LDAP 查询来检索用户角色,以检索“成员”是否是用户的所有群组。GET_GROUPS_FROM_USER_MEMBEROF_ATTRIBUTE 表示将从“memberOf”检索用户组'我们用户的属性或来自'Member-Of LDAP Attribute'指定的其他属性。 +hour=小时 +connectionTimeoutHelp=LDAP 连接超时毫秒数 +repeat=重复 +defaultSigAlgHelp=用于为领域签署令牌的默认算法 +save-admin-events=如果启用,管理员事件将保存到数据库中,从而使事件可用于管理员页面。 +policyGroups=指定此策略允许的用户。 +facebookHelp.fetchedFields=提供将使用配置文件请求获取的附加字段。这将附加到默认的 'id,name,email,first_name,last_name' 集合。 +searchForProtocol=搜索协议映射器 +eventTypes.CLIENT_INFO.name=客户端信息 +eventTypes.OAUTH2_DEVICE_CODE_TO_TOKEN.description=Oauth2设备用于交换令牌的代码 +eventTypes.UPDATE_TOTP_ERROR.name=更新totp错误 +client-updater-source-groups.tooltip=需要检查的组名。如果创建/更新客户端的实体是某些指定组的成员,则条件求值为“真”。配置的群组由其简单名称指定,该名称必须与Keycloak组的名称匹配。这里不支持群组层级。 +webAuthnPolicyRpId=依赖方ID +ldapRolesDnHelp=保存此树的角色的 LDAP DN。例如,'ou\=finance,dc\=example,dc\=org' +serviceAccount=服务账户角色 +providerUpdatedSuccess=客户端策略更新成功 +assertionConsumerServiceRedirectBindingURL=断言消费者服务重定向绑定 URL +deleteRole=删除此角色 +SSOSessionSettings=SSO会话设置 +directAccessHelp=这启用了对直接访问授权的支持,这意味着客户端可以访问用户的用户名/密码,并直接与 Keycloak 服务器交换它以获得访问令牌。就 OAuth2 规范而言,这启用了对“资源所有者密码”的支持授予此客户的凭证。 +groupHelp=要添加用户的群组。填写群组的完整路径,包括路径。例如:'/root-group/child-group'。 +addressClaim.country.label=国家的用户属性名称 +downloadType=这是关于下载类型的信息 +clustering=集群 +createSuccess=身份供应商已成功创建 +linkedinHelp.profileProjection=配置文件请求的开放参数。默认无任何开放。 +mapperAttributeName=属性名称 +setPassword=设置密码 +client-updater-source-roles.tooltip=在客户端注册/更新请求期间检查该条件,如果创建/更新客户端的实体(通常是用户)是指定角色的成员,则该条件计算为“真”。要引用领域角色,您可以使用领域角色名称,如'my_realm_role'。对于引用客户端角色,可以使用client_id.Role_name,例如“my_client.My_client_role”将引用客户端'my_client'的客户端角色' My_client_role'。 +createRole=创建角色 +clientDeletedSuccess=客户端已删除 +eventTypes.IDENTITY_PROVIDER_RESPONSE_ERROR.description=身份供应者响应错误 +editModeLdapHelp=READ_ONLY 是一个只读的 LDAP 存储。WRITABLE 意味着数据将按需同步回 LDAP。UNSYNCED 意味着用户数据将被导入,但不会同步回 LDAP。 +enableServiceAccount=启用服务账户角色 +signOutAllActiveSessionsQuestion=是否注销所有活动会话? +addPostLogoutRedirectUri=添加有效的注销后重定向 URI +SSOSessionMaxRememberMe=“记住我”的SSO会话的最长的时间 +pkceMethod=PKCE 方法 +noRoles-user=此用户没有角色 +moveGroupEmptyInstructions=没有子组,请选择“移至此处”将所选群组移动到该群组下并作为此群组的子组 +hmacGenerated=hmac-generated +unlockSuccess=用户已成功解锁 +unlockError=由于{{error}},无法解锁用户 +hourHelp=定义必须授予策略的时间。您还可以通过填写第二个字段来提供范围。在这种情况下,仅当当前时间介于或等于您提供的两个值时才授予权限。 +deleteClientProfileConfirmTitle=删除配置文件? +syncLDAPGroupsError=由于{{error}},无法同步数据 +saveSuccess=用户联盟供应商已成功保存 +generatedAccessToken=生成的访问令牌 +resetPasswordConfirmation=新密码确认 +testConnection=测试连接 +archiveFormat=存档格式 +requestObjectEncryptionHelp=JWE算法,客户端发送'request'或'request_uri'参数指定的OIDC请求对象时需要使用的JWE算法。如果设置为'任何',加密是可选的,允许任何算法。 +importSuccess=导入新证书 +attributeConsumingServiceName=属性消费服务名称 +invalidJsonError=无法保存用户配置文件,提供的信息不是有效的 JSON。 +promptHelp=指定授权服务器是否提示最终用户重新验证和授权。 +deleteBtn=删除 +defaultLocale=默认语言环境 +addLdapWizardDescription=此处需要文本 +aggregate.attrs.label=聚合属性值 +removedGroupMembershipError=移除群组成员身份时出错 +allowPasswordAuthenticationHelp=启用/禁用针对 Kerberos 数据库的用户名/密码身份验证的可能性 +deleteExecutorSuccess=成功!执行器被删除。 +eventTypes.SEND_RESET_PASSWORD_ERROR.name=发送重置密码错误 +stackoverflowHelp.key=从 Stack Overflow 客户端注册获得的 Key。 +eventTypes.IDENTITY_PROVIDER_FIRST_LOGIN.name=身份提供商首次登录 +noRoles-groups=此群组没有角色 +enableSwitchSuccess={{switch}} 更改成功 +eventTypes.INTROSPECT_TOKEN_ERROR.name=令牌内部检查错误 +usernameHelperText=请为身份提供程序输入用户的用户名。 +includeInAccessToken.tooltip=是否应将声明加入到访问令牌? +noScopeCreateHint=您需要先创建授权范围。 +eventTypes.CLIENT_INITIATED_ACCOUNT_LINKING_ERROR.name=客户端发起的账号关联错误 +clientScopesCondition=预期范围 +backchannelLogoutSessionRequiredHelp=指定在使用反向通道注销 URL 时注销令牌中是否包含 sid(会话 ID)声明。 +global=全局 +userAttributeHelp=您要硬编码的用户属性的名称 +searchForMapper=搜索映射器 +oidcCibaGrantHelp=这启用了对 OIDC CIBA Grant 的支持,这意味着用户通过一些外部身份验证设备而不是用户的浏览器进行身份验证。 +includeOneTimeUseCondition=包括一次性使用的条件 +clientUpdaterSourceRoles=更新实体角色 +enableSwitchError=由于{{error}},无法启用/禁用 +deleteClientPolicyProfileConfirm=此操作将从策略 {{policyName}} 中永久删除 {{profileName}}。并且此操作无法撤消。 +deleteExecutorProfileConfirm=该操作将永久删除 {{executorName}}。且此操作无法撤消。 +confirmClientSecretBody=如果您重新生成密钥,Keycloak 数据库将被更新,您将需要为此客户端下载一个新的适配器。 +keysList=秘钥列表 +generatedUserInfo=生成的用户信息 +clientRegistration=客户端注册 +masterSamlProcessingUrl=主 SAML 处理 URL +samlIdentityProviderMetadata=SAML 2.0 身份供应者元数据 +importParseError=无法解析文件 {{error}} +addMember=添加成员 +eventTypes.CLIENT_INFO_ERROR.name=客户端信息错误 +scopeParameterHelp=您可以复制/粘贴范围参数的这个值,并在从该客户端适配器发送的初始 OpenID Connect 身份验证请求中使用它。默认客户端范围和选定的可选客户端范围将在生成为此客户端颁发的令牌时使用 +idTokenEncryptionKeyManagementAlgorithm=ID令牌加密密钥管理算法 +authenticatorAttachment.not\ specified=未指定 +oidcCibaGrant=OIDC CIBA 补助金 +ssoSessionIdle=允许会话在到期前空闲的时间。令牌和浏览器会话在会话到期时失效。 +searchKey=搜索秘钥 +deleteClientSuccess=配置文件已删除 +emptyClientScopesPrimaryAction=添加客户端范围 +addStepTo=向 {{name}} 添加步骤 +eventTypes.AUTHREQID_TO_TOKEN_ERROR.description=认证令牌错误 +deleteAttributeConfirm=您确定要永久删除属性 {{attributeName}} 吗? +chooseResources=选择要导入的资源 +selectOne=选择一个选项 +emailTheme=电子邮件主题 +eventTypes.UPDATE_PASSWORD.description=更新密码 +policiesConfigTypes.jsonEditor=JSON 编辑器 +eventConfigSuccessfully=成功保存配置 +scopePermissions.users.impersonate-description=决定管理员是否可以模拟其他用户的策略。 +deleteResourceWarning=当其他资源不再使用时,以下权限将被删除: +moveTo=移动到 +registerNodeManually=手动注册节点 +redirectURI=重定向 URI +publicKeys=公钥 +emptyEventsInstructions=没有更多的事件类型可以添加 +periodicFullSync=周期性完全同步 +googleHelp.hostedDomain=使用 Google 登录时设置‘hd’查询参数。Google 将仅列出该域的帐户。Keycloak 验证返回的身份令牌是否具有该域的声明。输入‘*’时,任何托管帐户可以使用。支持英文逗号 ',' 分隔域列表。 +removeConfirmTitle_other=移除群组? +clientAccesstypeTooltip=客户端的访问类型,这是针对将被应用的条件的。 +emptyBuiltInMappersInstructions=所有内置映射都已添加到此客户端。 +assertionLifespanHelp=在 SAML 断言条件中设置的寿命。在此之后断言将无效。"SessionNotOnOrAfter" 属性不会被修改,并继续使用在领域级别定义的 "SSO Session Max" 时间。 +noTokensInstructions=您还没有创建任何初始访问令牌。通过单击“创建”创建一个初始访问令牌。 +editUsername=如果启用,用户名字段是可编辑的,否则用户名字是只读的。 +ldapAttributeValueHelp=LDAP 属性的值,将在注册期间添加到新用户。您可以硬编码任何值,如 'foo',但您也可以使用一些特殊标记。目前唯一支持的标记是 '${ RANDOM}',它将被一些随机生成的字符串替换。 +lastRegistration=上次注册 +advancedSettingsOpenid-connect=此部分用于配置此客户端与 OpenID Connect 协议相关的高级设置 +requireSsl=需要 SSL +reevaluate=重新评估 +clientOfflineSessionMax=客户端离线令牌最大值 +eventTypes.SEND_VERIFY_EMAIL.description=发送验证邮件 +eventTypes.REVOKE_GRANT_ERROR.description=撤销授权错误 +descriptionLanding=这是用户联盟登​​陆页面的描述 +moveHere=移至此处 +noKeys=没有秘钥 +batchSizeHelp=在单个事务中从 LDAP 导入 Keycloak 的 LDAP 用户数 +createClientConditionSuccess=条件创建成功。 +kerberosKeyTab=Kerberos 密钥选项卡 +principalAttribute=主体属性 +mapperTypeLdapAttributeMapperHelp=仅当启用了 syncRegistrations 时才支持此映射器。在 Keycloak 中注册的新用户将使用某些指定属性的硬编码值写入 LDAP。 +userRegistrationHelpText=启用/禁用注册页面。若启用此设置,登陆页上也会展示注册链接。 +activeHelp=设置密钥是否可用于签名 +addMapperExplain=如果需要更精细的控制,可以在此客户端上创建协议映射 +realmRoles=领域角色 +fineGrainOpenIdConnectConfigurationHelp=此部分用于配置此客户端与 OpenID Connect 协议相关的高级设置。 +searchForUserDescription=此领域可能具有联合提供程序。查看所有用户可能会导致系统变慢,但可以通过搜索来完成。请通过上面的搜索框搜索用户。 +expirationHelp=设置事件的到期时间。过期的事件会定期从数据库中清除。 +webAuthnPolicySignatureAlgorithmsHelp=身份验证断言应该使用什么签名算法。 +setToNowError=错误!无法设置为当前日期和时间。 +eventTypes.UNREGISTER_NODE_ERROR.description=注销节点错误 +clientScopeTypes.optional=非必需 +nameIdFormat=姓名ID格式 +eventTypes.SEND_VERIFY_EMAIL_ERROR.name=发送验证邮件错误 +addMessageBundleSuccess=成功!消息包已添加。 +validRedirectUri=有效的重定向 URI +webauthnIntro=这个表格是做什么用的? +wantAssertionsEncryptedHelp=表明此服务提供商是否需要加密断言。 +roleObjectClasses=角色对象类 +deleteClientScope_other=删除{{count}}个客户端作用域 +deleteCredentialsConfirmTitle=删除凭据? +expires=过期 +OVERWRITE=覆写 +user-clearEvents=清除数据库中的所有用户事件。 +eventTypes.REFRESH_TOKEN.name=刷新令牌 +userAttribute=用户属性 +revoke=撤销 +admin=管理员 +syncUsersError=无法同步用户:'{{error}}' +generatedAccessTokenHelp=请参阅示例访问令牌,该令牌将在选定用户通过身份验证时生成并发送到客户端。您可以看到令牌将包含的声明和角色基于有效的协议映射器和角色范围映射,也基于关于分配给用户本人的声明/角色 +webAuthnPolicyAcceptableAaguidsHelp=AAGUID 列表,其中可以注册验证者。 +keyPasswordHelp=私钥密码 +frontchannelLogout=前台通道注销 +policyClient=指定此策略允许的客户端。 +clientUpdaterTrustedHostsTooltip=受信任的主机列表。如果客户端注册/更新请求来自此配置中指定的主机/域,则条件评估为真。您可以使用主机名或 IP 地址。如果您在开头(例如 '*.example.com' )然后整个域 example.com 将被信任。 +titleRoles=领域角色 +mapperTypeGroupLdapMapperHelp=用于将群组的组映射从一些 LDAP DN 映射到 Keycloak 群组映射 +sectorIdentifierUri.tooltip=使用成对子值并支持动态客户端注册的提供程序应该使用sector_identifier_uri参数。它为在共同管理控制下的一组网站提供了一种方法,使其具有独立于单个域名的一致的成对子值。它还为客户端提供了一种无需重新注册所有用户即可更改redirect_uri域的方法。 +eventTypes.REVOKE_GRANT.name=撤销授权 +rdnLdapAttribute=RDN LDAP 属性 +usedBy=使用者 +replyToDisplayName=回复地址展示名称 +xRobotsTag=X-机器人标签 +bindType=绑定类型 +tokenDeleteSuccess=初始访问令牌删除成功 +contextualInfo=上下文信息 +syncModeHelp=所有映射器的默认同步模式。同步模式决定何时使用映射器同步用户数据。可能的值是:'引用' 保持引入此选项之前的行为,'导入' 仅导入在用户首次使用此身份供应商登录期间,用户一次,“强制”在每次使用此身份供应商登录期间始终更新用户。 +temporaryPassword=临时密码 +applyPolicyHelp=指定必须应用于此策略或权限定义的范围的所有策略。 +addKerberosWizardDescription=此处需要文本 +sslType.none=无 +dateTo=日期(截止日期) +eventTypes.REVOKE_GRANT.description=撤销授权 +keyPlaceholder=输入一个键 +eventTypes.OAUTH2_DEVICE_VERIFY_USER_CODE_ERROR.name=Oauth2设备验证用户代码错误 +addAuthnContextDeclRef=添加验证上下文的否定参考 +eventTypes.SEND_IDENTITY_PROVIDER_LINK.description=发送身份供应商链接 +eventTypes.IDENTITY_PROVIDER_RETRIEVE_TOKEN.name=身份供应者检索令牌 +userInfo=用户信息 +consentScreenText=许可页面的显示文本 +addRoles=添加角色 +clientPoliciesProfilesHelpText=客户端策略配置文件允许设置一组执行器,这些执行器将对与客户端相关的各种操作进行强制执行。这些操作可以是管理员操作,如创建或更新客户端,也可以是用户操作,如对客户端进行身份验证。 +archiveFormatHelp=Java 密钥库或 PKCS12 存档格式。 +xContentTypeOptions=X-Content-Type-Options +groupsDescription=群组是一组可应用于用户的属性和角色映射。您可以创建、编辑和删除群组,并管理其子级组织。 +addValidatorRole=添加 {{validatorName}} 验证器 +protocolTypes.all=全部 +keyAlias=秘钥别名 +prefix=每个领域角色的前缀(非必需)。 +xContentTypeOptionsHelp=默认值阻止 Internet Explorer 和谷歌浏览器从 MIME 嗅探远离声明的内容类型的响应<1>了解更多 +privateKeyMask=私钥未设置或未知 +signOutAllActiveSessions=注销所有活动会话 +addExecutorSuccess=成功!执行器创建成功 +executorTypeSelectHelpText=执行器类型选择帮助文本 +useDiscoveryEndpointHelp=如果启用此设置,发现端点将用于获取供应商配置。Keycloak 可以从终端节点加载配置并在源有任何更新时自动更新配置 +eventTypes.USER_INFO_REQUEST_ERROR.name=用户信息请求错误 +createUserProviderError=由于{{error}},无法创建用户联盟供应商。 +learnMore=了解更多 +onDragCancel=已取消拖动。列表未更改。 +removeUser=移除用户 +ownerManagedAccess=启用用户管理访问 +userModelAttributeNameHelp=从 LDAP 导入用户时要添加的模型属性的名称 +templateHelp=用于格式化要导入的用户名的模板。替换包含在 ${} 中。例如:'${ALIAS}.${CLAIM.sub}'。ALIAS 是供应商别名。CLAIM. 引用 ID 或访问令牌声明。可以通过将 |uppercase 或 |lowercase 附加到替换值来将替换转换为大写或小写,例如“${CLAIM.sub | lowercase}”。 +permissions=权限 +emptyExecutionInstructions=您可以通过添加子流程或执行器来开始定义此流程 +offlineSessionSettings=离线会话设置 +unAssignRole=取消分配 +deleteScope=永久删除授权范围? +eventTypes.CODE_TO_TOKEN.description=用于交换令牌的代码 +oAuthDevicePollingIntervalHelp=客户端在对令牌端点的轮询请求之间应等待的最短时间(以秒为单位)。 +passwordDataTitle=密码数据 +accountThemeHelp=为用户账户管理页面选择主题。 +clientPolicies=客户端策略 +NONE=无 +keystorePasswordHelp=密钥的密码 +clientSettings=客户端详情 +deleteClientPolicyConditionConfirm=此操作将永久删除{{condition}}。此操作无法撤消。 +selectATheme=选择主题 +permissionsList=权限列表 +attributeGroupHelp=user.profile.attribute.group.tooltip +createRealm=创建领域 +eventTypes.VALIDATE_ACCESS_TOKEN_ERROR.description=验证访问令牌错误 +mapperSaveError=保存映射器时出错:{{error}} +eventTypes.CLIENT_LOGIN_ERROR.name=客户端登录错误 +displayOnConsentScreenHelp=如果启用,并且此客户端作用域被添加到需要许可的某些客户端,则“许可页面的展示文本”指定的文本将展示在许可申请的页面上。如果禁用,此客户端作用域将不会展示在许可申请的页面上 +requirements.DISABLED=禁用 +mapperTypeHardcodedLdapGroupMapperHelp=从 LDAP 导入的用户将自动添加到这个配置的组中。 +titleUsers=用户管理 +whoWillAppearLinkText=谁将出现在此群组列表中? +ldapFullNameAttribute=LDAP 全名属性 +createClientError=无法创建客户端:'{{error}}' +deleteConfirmClientScopes=是否要删除此客户端作用域? +forceAuthenticationHelp=指示身份供应商是否必须直接验证呈现者而不是依赖先前的安全上下文。 +testClusterAvailability=测试集群可用性 +reGenerateSigning=为此客户端重新生成签名密钥 +authorizationEncryptedResponseAlgHelp=当响应模式为 jwt 时,用于加密授权响应的密钥管理的 JWA 算法。如果要加密授权响应,则需要此选项。如果留空,授权响应只是签名,但不加密。 +deleteConfirmGroup_other=是否要删除这些群组? +scopePermissions.users.manage-description=决定管理员是否可以管理领域中所有用户的策略。 +defaultACRValuesHelp=如果 OIDC 请求中的 'claims' 或 'acr_values' 参数没有明确请求 ACR,则用作自愿 ACR 的默认值。 +membershipAttributeType=成员属性类型 +included.client.audience.tooltip=指定受众客户端的客户端ID将包含在令牌的受众(aud)字段中。如果令牌中存在现有受众,则只向其添加指定的值。它不会覆盖现有的受众。 +searchGroup=搜索群组 +allowCreateHelp=允许外部身份供应商创建一个新的标识符来代表委托人。 +allResults=所有结果 +addressClaim.locality.tooltip=用户属性的名称,将用于映射到“address”令牌声明中的“locality”子声明。默认为'locality'。 +keyForCodeExchangeHelp=选择使用哪种 PKCE 代码质询方法。如果未指定,除非客户端发送具有适当代码质询和代码交换方法的授权请求,否则 keycloak 不会将 PKCE 应用于客户端。 +includeInAccessTokenResponse.tooltip=是否应该将声明添加到访问令牌响应中?应该只用于信息性和非敏感数据吗? +removeMappingConfirm_one=您确定要移除这个角色吗? +oidcSettings=OpenID 连接设置 +otpPolicyDigitsHelp=OTP 应该有多少位数? +clientAuthentications.client_secret_post=客户机密作为邮件发送 +prompts.select_account=选择账户 +defaultACRValues=默认 ACR 值 +valueError=必须至少提供一个值。 +noConsents=无许可 +orderChangeSuccessUserFed=成功更改用户联盟供应商的优先顺序 +noUsersEmptyStateDescriptionContinued=查找用户。无法在此添加已将此角色作为有效角色的用户。 +userProviderSaveError=由于:{{error}},无法保存用户联盟供应商 +executorsHelpText=执行器, 将应用于此客户端配置文件 +ldapSearchingAndUpdatingSettings=LDAP 搜索和更新 +authenticationAliasHelp=配置名称 +SSOSessionIdle=SSO会话空闲的时间 +deleteClientPolicyConditionConfirmTitle=删除条件? +initialCounterErrorHint=数值需要在 1 到 120 之间 +connectionTimeout=连接超时 +passLoginHintHelp=将 login_hint 传递给身份供应商。 +monthHelp=定义必须授予策略的月份。您还可以通过填写第二个字段来提供范围。在这种情况下,仅当当前月份介于或等于您提供的两个值时才授予权限。 +eventTypes.CLIENT_LOGIN.description=客户端登录 +registrationAccessToken=注册访问令牌 +headerName=标题名称 +issuerHelp=响应发布者的发布者标识符。如果未提供,则不会执行任何验证。 +uiDisplayNameHelp=在管理 UI 中链接时显示供应商的名称 +titleSessions=会话管理 +dedicatedScopeName={{clientName}}-dedicated +mapperTypeUserAttributeLdapMapper=user-attribute-ldap-mapper +deleteAttributeConfirmTitle=删除属性? +importSkipped_zero=没有记录被跳过。 +rootURL=添加到相对 URL 的根 URL +contentSecurityPolicyHelp=默认值防止页面被非来源 iframe 包含<1>了解更多 +policyUsers=指定此策略允许的用户。 +logoutServicePostBindingURLHelp=客户端单点注销服务的 SAML POST 绑定 URL。如果您使用不同的绑定,可以将此留空 +generatedIdTokenNo=没有生成 id 令牌 +byConfiguration=根据配置 +usersAdded_other={{count}}添加到群组的用户 +userFedUnlinkUsersConfirmTitle=取消链接所有用户? +passCurrentLocale=传递当前语言环境 +realmNameField=领域名称 +roleCreated=已创建角色 +socialProfileJSONFieldPath=社交资料 JSON 字段路径 +noViewRights=没有权限查看该群组. +eventTypes.SEND_RESET_PASSWORD.description=发送重置的密码 +eventTypes.CLIENT_INITIATED_ACCOUNT_LINKING.name=客户端发起的账号关联 +resourceScopeError=由于{{error}},无法删除授权范围 +identityInformation=身份信息 +usermodel.clientRoleMapping.rolePrefix.label=客户端角色前缀 +partialImport=部分导入 +cibaBackhannelTokenDeliveryModes.ping=发送回显信息 +includeInTokenScopeHelp=如果启用,此客户端作用域的名称将添加到访问令牌属性“scope”以及令牌自检端点响应中。如果禁用,此客户端作用域将从令牌和令牌自检端点响应中省略。 +savePassword=保存密码 +noRolesInstructions-user=您尚未为此用户分配任何角色。分配角色以开始。 +signatureKeyNameHelp=签名的 SAML 文档在 KeyName 元素中包含签名密钥的标识。对于 Keycloak / RH-SSO 对应方,使用 KEY_ID。而对于 MS AD FS,则使用 CERT_SUBJECT。对于其他人,如果没有其他有效的选项,请查看并使用 NONE。 +decisionStrategies.UNANIMOUS=无异议 +cacheSettingsDescription=此部分包含对缓存用户有用的选项,这些选项是从此用户存储提供程序加载的。 +groupsPathHelp=将 LDAP 组添加到的 Keycloak 组路径。例如,如果使用值 '/Applications/App1',则 LDAP 组将在组 'App1' 下的 Keycloak 中可用,该组是顶级组'Applications'的子级 。默认值为“/”,因此 LDAP 组将映射到顶层的 Keycloak 组。创建此映射器时,配置的组路径必须已经存在于 Keycloak 中。 +aesGenerated=aes-generated +addPolicy=添加策略 +tokenClaimName.label=令牌声明名称 +executorsTable=执行器列表 +extendToChildren=扩展到子级 +from=发件人 +decisionStrategyHelp=决策策略规定了如何评估权限以及如何获得最终决定。'肯定'意味着至少一个权限必须评估为肯定的决定才能授予对资源及其范围的访问权限。'一致' 意味着所有权限都必须评估为一个肯定的决定,以便最终决定也是正向的。 +deleteClientPolicyProfileError=无法从策略中删除配置文件:{{error}} +greaterThan=必须大于 {{value}} +hideOnLoginPage=在登录页面隐藏 +couldNotCreateGroup=无法创建群组{{error}} +defaultRole=此角色充当领域和客户端默认角色的容器。无法删除。 +eventConfigs=事件设置 +conditionsHelp=条件,将对其进行评估以确定是否应在特定操作期间应用客户端策略。 +disableProvider=禁用供应商? +eventTypes.UNREGISTER_NODE.name=注销节点 +anonymousAccessPoliciesHelp=当未经身份验证的请求调用客户端注册服务时使用这些策略。这意味着该请求不包含初始访问令牌或承载令牌。 +clientScopeError=无法更新作用域映射{{error}} +saveRealmSuccess=已成功创建领域 +createToken=创建初始访问令牌 +clientsClientTypeHelp='OpenID Connect' 允许客户端根据授权服务器执行的身份验证来验证最终用户的身份。'SAML' 启用基于 Web 的身份验证和授权方案,包括跨域单点登录( SSO) 并使用包含断言的安全令牌来传递信息。 +orderChangeSuccess=成功更改身份供应商的显示顺序 +emptyPoliciesInstructions=如果您要创建策略,请点击下面的按钮创建策略。 +createScopeSuccess=授权范围创建成功 +logoUrl=徽标网址 +accessTokenLifespanImplicitFlowHelp=在 OpenID Connect 隐式流期间颁发的访问令牌到期之前的最长时间。建议此值短于 SSO 超时设置。在隐式流期间不可能刷新令牌,这就是为什么有一个单独的超时不同于“访问令牌生命周期” +noRealmRolesToAssign=没有要分配的领域角色 +logoutUrl=注销地址 +regexPatternHelp=指定正则表达式模式。 +searchForUserEvent=搜索用户事件 +usernameLdapAttributeHelp=LDAP 属性的名称,映射为 Keycloak 用户名。对于许多 LDAP 服务器供应商,它可以是 'uid'。对于 Active directory,它可以是 'sAMAccountName' 或 'cn'。应该为您要从 LDAP 导入 Keycloak 的所有 LDAP 用户记录。 +federationLink=联盟链接 +webAuthnPolicyPasswordlessFormHelp=无密码 WebAuthn 身份验证策略。'Webauthn Register Passwordless' 所需操作和'WebAuthn Passwordless Authenticator' 身份验证器将使用此策略。典型用法是,当 WebAuthn 用作第一因素身份验证时。同时具有 ' WebAuthn Policy' 和 'WebAuthn Passwordless Policy' 允许在同一领域中将 WebAuthn 用作第一因素和第二因素身份验证器。 +unlinkUsersError=无法取消链接用户:'{{error}}' +roleHelpHelp=授予用户的角色。单击“选择角色”按钮浏览角色,或直接在文本框中键入。要引用应用程序角色,语法为 appname.approle,即 myapp.myrole。 +storedTokensReadable=存储的令牌可读 +defaultRoleDeleteError=无法删除默认角色。 +unknownUser=匿名 +displayHeaderField=展示名称 +userVerify.not\ specified=未指定 +usermodel.prop.label=特性 +userFedUnlinkUsersConfirm=您想取消所有用户的链接吗?数据库中没有密码的用户将无法再进行身份验证。 +eventTypes.REMOVE_FEDERATED_IDENTITY.name=删除联合身份 +membership=从属关系 +eventTypes.RESET_PASSWORD.description=重置密码 +authenticationOverrides=身份验证流程覆盖 +client-scopes-condition.label=预期范围 +deleteAttributeSuccess=属性已删除 +artifactResolutionService=工件解析服务 +clientProfilesSubTab=客户端配置子标签 +selectEncryptionType=选择加密类型 +mapperTypeMsadLdsUserAccountControlMapper=msad-user-account-control-mapper +realmSettingsExplain=领域设置用于控制当前领域中用户、应用程序、角色和群组的选项。 +mappingUpdatedError=无法更新映射\: {{error}} +manageDisplayOrder=管理显示顺序 +exactSearch=精确搜索 +value=数值 +filenamePlaceholder=上传 PEM 文件或在下方粘贴密钥 +deleteConfirm_one=是否要删除此群组“{{groupName}}”。 +userProfileEnabledHelp=如果启用,允许管理用户配置文件。 +times.seconds=秒 +removeMappingTitle=移除角色? +executorTypeSelectAlgorithm=执行器类型选择算法 +resources=资源 +userRolesRetrieveStrategy=用户角色检索策略 +importKey=导入密钥 +events-disable-title=取消保存事件? +ellipticCurve=椭圆曲线 +forceArtifactBindingHelp=是否应通过 SAML ARTIFACT 绑定系统将响应消息返回给客户端? +forceAuthentication=强制认证 +connectionPoolingHelp=确定 Keycloak 是否应该使用连接池来访问 LDAP 服务器。 +unlink=取消关联 +groupRemove_other=群组已移除 +deletePolicy=永久删除策略? +assertionConsumerServiceRedirectBindingURLHelp=客户端断言消费者服务(登录响应)的 SAML 重定向绑定 URL。如果您没有此绑定的 URL,则可以将其留空。 +apiUrlHelp=覆写此身份供应商的默认 API URL。 +searchFor=按名称搜索角色 +providers=添加供应商 +writeOnly=只写 +noRolesInstructions-clientScopes=您尚未为此客户端作用域创建任何角色。请创建角色以开始。 +removeImportedUsersMessage=您真的要移除所有导入的用户吗?选项"取消链接用户"仅对编辑模式"未同步"有意义,Keycloak 数据库中的密码将无法进行身份验证。 +noGroupsInThisSubGroup=此子组中没有群组 +validateUserObjectClasses=您必须输入一个或多个用户对象类 +encryptionAlgorithm=加密算法 +requiredForLabel.users=仅限用户 +groupUpdated=群组已更新 +hideMetaData=隐藏元数据 +themes=主题 +clientType=客户端类型 +addClientScope=添加客户端范围 +notBeforeSuccess=成功! 为领域设置“不早于” +clientPoliciesSubTab=客户端策略子标签 +quickLoginCheckMilliSecondsHelp=如果故障并发发生得太快,将会锁定用户。 +unanimous=一致 +policy-name=策略的名称。 +syncRegistrations=同步注册 +eventTypes.REMOVE_TOTP.name=删除TOTP +clientHelp=选择发出此授权请求的客户端。如果未提供,将根据您所在的客户端完成授权请求。 +eventTypes.CLIENT_REGISTER_ERROR.name=客户端注册错误 +unlockUsersError=无法解锁所有用户{{error}} +serviceProviderEntityIdHelp=将用于唯一标识此 SAML 服务提供商的实体 ID。 +disabledFeatures=禁用的功能 +eventTypes.UPDATE_CONSENT_ERROR.name=更新许可错误 +noAdminUrlSet=没有发送推送。没有配置管理 URI 或没有可用的注册集群节点 +authData=授权数据 +realmInfo=领域信息 +chooseAPolicyType=选择策略类型 +signOut=退出 +deleteExecutorError=无法删除执行器:{{error}} +userProfileError=无法更新用户资料设置:{{error}} +validatorDialogColNames.colName=角色名称 +clientUpdaterSourceRolesTooltip=在客户端注册/更新请求期间检查条件,如果正在创建/更新客户端的实体(通常是用户)是指定角色的成员,则它评估为真。要参考领域角色,您可以使用领域角色名称,如“my_realm_role”。对于参考客户端角色,您可以使用 client_id.role_name 例如“my_client.my_client_role”引用客户端“my_client”的客户端角色“my_client_role”。 +UPDATE_PASSWORD=更新密码 (UPDATE_PASSWORD) +version=版本 +synchronizationSettings=同步设置 +certificateHelp=用于验证JWT的客户端证书,由客户端私钥从您的密钥库中颁发并签名。 +terms_and_conditions=条款和条件 (terms_and_conditions) +resetPasswordError=重置密码时出错\: {{error}} +associatedPermissions=关联权限 +encryptionKeysConfigExplain=如果启用下面的"加密断言",则必须通过生成或导入密钥来配置加密密钥,SAML 断言将使用 AES 使用客户端的公钥进行加密。 +preserveGroupInheritanceHelp=标记从LDAP继承的群组是否应该传播到Keycloak?如果为假,那么所有LDAP组将被映射为Keycloak中的顶级群组。否则,群组继承将保留到Keycloak中。但如果LDAP结构包含递归或每个子组包含多个父组,则组同步可能会失败。 但组同步可能会失败如果 LDAP 结构包含递归或每个子组包含多个父组。 +createScopeBasedPermission=创建基于范围的权限 +showMore=显示更多 +operationType=操作类型 +userInitiatedActionLifespan=由用户发起的操作的生命周期 +decisionStrategy=决策策略 +roleMappingUpdatedSuccess=已成功更新用户角色映射 +securityDefences=安全防御 +realmSettings=领域设置 +emptyStateInstructions=如果你想添加一个属性组,请点击下面的按钮。 +logoutAllSessionsError=错误!无法注销所有会话\: {{error}}. +eventTypes.VERIFY_EMAIL_ERROR.name=邮箱验证错误 +partialExport=部分导出 +eventTypes.CLIENT_REGISTER.description=客户端注册 +generalOptions=通用选项 +decisionStrategies.AFFIRMATIVE=肯定的 +helpEnabled=开启帮助 +defaultGroupsHelp=默认群组允许您在通过<1>identity brokering创建或导入任何新用户时自动分配组成员资格。 +times.years=年 +userLdapFilterHelp=额外的 LDAP 过滤器,用于过滤搜索到的用户。如果您不需要额外的过滤器,请将此留空。确保它以 '(' 开头并以 ')' 结尾。 +generatedIdToken=生成的 ID 令牌 +effectiveRoleScopeMappings=有效角色范围映射 +clientAuthenticator=客户端验证器 +importAdded_other=已添加 {{count}} 条记录。 +oAuthDeviceCodeLifespanHelp=设备代码和用户代码过期前的最长时间。这个值需要足够长的生命周期才能使用(允许用户检索他们的辅助设备、导航到验证 URI、登录等) , 但也应该足够短以限制为网络钓鱼获得的代码的可用性。 +attributePermissionDescription=这部分包含谁可以编辑和谁可以查看属性的权限。 +providerDetails=供应商详情 +groupDeleteError=删除群组{{error}}时出错 +editGroupText=编辑属性组 +updateFirstLoginHelp=首次登录时更新配置文件 +deleteGroup=删除群组 +eventTypes.VERIFY_EMAIL_ERROR.description=邮箱验证错误 +close=关闭 +usersDNHelp=您的用户所在的 LDAP 树的完整 DN。此 DN 是 LDAP 用户的父级。它可能是例如 'ou\=users,dc\=example,dc\=com' 假设您的典型用户将具有 DN像 'uid\='john',ou\=users,dc\=example,dc\=com'。 +addKeycloakOpenIdProvider=添加 Keycloak OpenID Connect 供应商 +clientSessionMax=客户端会话最长时间 +deleteClientPolicy=删除策略 +authenticatorAttachment.cross-platform=跨平台 +whoCanView=谁可以查看? +lastAccess=最近访问 +emptyClientScopesInstructions=当前没有链接到此客户端的客户端范围。您可以将现有的客户端范围添加到此客户端以共享协议映射器和角色。 +clientAuthentications.private_key_jwt=用私钥签名的 JWT +uiDisplayName=界面显示的名称 +createClientSuccess=客户端创建成功 +adminEventsSettings=管理员事件设置 +cibaInterval=间隔 +totalMemory=内存总量 +usernameTemplateImporter=格式化要导入的用户名。 +times.minutes=分 +disableUserInfo=禁用用户信息 +authorizationEncryptedResponseEnc=授权响应加密内容加密算法 +editCondition=编辑条件 +ssoSessionMaxRememberMe=当用户设置了“记住我”选项时,会话过期前的最长时间。当会话过期时,令牌和浏览器会话将失效。如果未设置,它将使用标准 SSO 会话最大值。 +forcePostBinding=强制 POST 绑定 +usersExplain=用户是当前领域中的用户。 +passMaxAgeHelp=将 max_age 传递给身份供应商。 +exportFail=无法导出领域:'{{error}}' +topLevelFlowType=它是什么类型的顶级流程?客户端类型用于客户端(应用程序)的身份验证,而通用型流程用于用户和其他所有内容的验证。 +flowTypeHelp=它是一种什么样的形式? +targetHelp=映射器的目标字段。LOCAL(默认)表示更改应用于用户导入时存储在本地数据库中的用户名。BROKER_ID 和 BROKER_USERNAME 表示更改存储在用于联合用户的 ID 或用户名中分别查找。 +setPasswordConfirm=设置密码? +attributeDisplayNameHelp=属性的显示名称。它也支持本地化值的键,例如:${profile.attribute.phoneNumber}。 +assignedType=分配类型 +modeHelp=LDAP_ONLY 表示用户的所有组映射都从 LDAP 检索并保存到 LDAP。READ_ONLY 是只读 LDAP 模式,其中组映射从 LDAP 和数据库检索并合并在一起。新的组加入不会保存到LDAP 但到 DB。IMPORT 是只读 LDAP 模式,其中在从 LDAP 导入用户时从 LDAP 检索组映射,然后将它们保存到本地 keycloak DB。 +identityProvider=身份供应商 +dropNoexistingGroupsDuringSync=在同步期间删除不存在的群组 +forgotPasswordHelpText=在登录页面上展示链接以允许用户忘记凭据时点击此链接。 +密码策略.notUsername=密码不能与用户名相同。 +identityProviderLinks=身份供应商链接 +mapperTypeMsadLdsUserAccountControlMapperHelp=特定于 MSAD LDS 的映射器。它能够将 MSAD LDS 用户帐户状态集成到 Keycloak 帐户状态(帐户已启用,密码已过期等)。它使用 msDS-UserAccountDisabled 并且 pwdLastSet 为 0,需要 Keycloak 用户更新密码,如果 msDS-UserAccountDisabled 为“TRUE”,则 Keycloak 用户也被禁用等。Mapper 还能够处理来自 LDAP 用户身份验证的异常代码。 +leave=离开 +loginSettings=登录设置 +deleteMessageBundleError=从包中删除消息时出错,{{error}} +finish=结束 +eventTypes.LOGIN_ERROR.name=登录错误 +validations=验证 +updatedRequiredActionError=无法更新必需的操作:{{error}} +createChildGroup=创建子组 +x509Certificate=X509证书 +addressClaim.formatted.label=格式化地址的用户属性名称 +metadataOfDiscoveryEndpoint=发现终端节点的元数据 +add=添加 +createPolicySuccess=成功创建策略 +notVerified=未验证 +encryptionKeysConfig=加密密钥配置 +updateClientProfileSuccess=客户端配置文件更新成功 +prompts.login=登录 +users=用户管理 +keyTabHelp=包含服务器主体凭据的 Kerberos KeyTab 文件的位置。例如,/etc/krb5.keytab +wantAssertionsEncrypted=需要声明加密 +noClientPoliciesInstructions=没有客户端策略。选择'创建客户端策略'来创建一个新的客户端策略。 +deleteValidatorConfirmMsg=您确定要永久删除验证器 {{validatorName}} 吗? +uris=URIs +jwksUrlConfig=JWKS URL 配置 +forceNameIdFormatHelp=忽略请求的 NameID 主题格式并使用管理 UI 配置的格式。 +validateKeyTab=您必须输入一个键位 +editUsernameAllowed=允许编辑用户名 +saveProviderError=保存供应商时出错:{{error}} +port=端口 +searchForPermission=搜索权限 +ldapFilterHelp=LDAP Filter 为检索 LDAP 组的整个查询添加了一个额外的自定义过滤器。如果不需要额外的过滤并且您想从 LDAP 中检索所有组,请将此留空。否则请确保过滤器以'('开头并以 ')' 结尾。 +clientUpdaterSourceGroupsTooltip=要检查的组的名称。如果创建/更新客户端的实体是某些指定组的成员,则条件评估为真。配置的组由它们的简单名称指定,必须与名称匹配Keycloak 组。此处不支持组层次结构。 +addRequestUri=添加有效的请求 URI +selectACondition=选择条件 +ldapAttributeValue=LDAP 属性值 +jwksUrlHelp=存储 JWK 格式的身份供应商密钥的 URL。有关更多详细信息,请参阅 JWK 规范。如果您使用外部 Keycloak 身份供应商,则可以使用类似“http\://broker-keycloak\:8180/realms/test”的 URL /protocol/openid-connect/certs' 假设您的代理 Keycloak 在 'http\://broker-keycloak\:8180' 上运行并且它的领域是 'test' 。 +eventTypes.CLIENT_DELETE.description=客户端删除 +emptyResources=没有资源 +roleHelp=如果所有属性都存在,则授予用户的角色。单击“选择角色”按钮浏览角色,或直接在文本框中键入。要引用客户端角色,语法为 clientname.clientrole,即 myclient.myrole。 +ldapSynchronizationSettingsDescription=此部分包含与用户从 LDAP 同步到 Keycloak 数据库相关的选项。 +addPredefinedMappers=添加预定义的映射 +updatedRequiredActionSuccess=必需操作,更新成功 +roles=角色 +displayOrder=显示顺序 +registrationAllowed=用户注册 +choose=选择... +appliedByProviders=由以下提供商应用 +saveEventListenersSuccess=事件侦听器已更新。 +eventTypes.IDENTITY_PROVIDER_LINK_ACCOUNT.description=身份提供商关联账号 +eventTypes.TOKEN_EXCHANGE.name=交换令牌 +skipped=已跳过 +eventTypes.RESTART_AUTHENTICATION.description=重启认证 +scopePermissions.users.manage-group-membership-description=决定管理员是否可以管理域中所有用户的组成员身份的策略。这与特定的群组策略一起使用。 +loginTheme=登录页面主题 +eventTypes.UPDATE_PASSWORD_ERROR.description=更新密码错误 +deleteConfirmRealmSetting=如果你删除这个领域,所有关联的数据都将被删除。 +scope=作用域 +evaluateExplain=此页面允许您查看所有协议映射器和角色范围映射 +providerCreateError=由于{{error}}无法创建客户端策略 +includeRepresentationHelp=包括创建和更新请求的 JSON 表示。 +searchForClientScope=搜索客户端作用域 +removeAttribute=移除属性 +deleteProviderSuccess=成功。密钥供应商已被删除。 +sessionsType.offline=离线 +validatorDeletedError=保存用户资料时出错:{{error}} +preserveGroupInheritance=保留群组继承 +selectOrTypeAKey=选择或键入一个键 +resourceDetails=资源详情 +authorizationScopes=授权范围 +fromDisplayNameHelp=“发件人”地址的用户友好名称(可选)。 +identityProviderEntityIdHelp=实体 ID 用于验证收到的 SAML 断言的颁发者。如果为空,则不执行颁发者验证。 +noRoles-client=此客户端没有角色 +eventTypes.EXECUTE_ACTION_TOKEN_ERROR.name=执行动作令牌错误 +eventTypes.USER_INFO_REQUEST_ERROR.description=用户信息请求错误 +policyRoles=指定此策略允许的客户端角色。 +roleMapping=角色映射 +accountLinkingOnlyHelp=如果为真,则用户无法通过此提供程序登录。他们只能链接到此提供程序。当不想允许从提供程序登录,但想与提供程序集成时,这会很有用 +refreshTokenMaxReuseHelp=刷新令牌可以重复使用的最大次数。当使用不同的令牌时,立即撤销。 +eventTypes.REMOVE_FEDERATED_IDENTITY.description=删除联合身份 +childGroups=子组 +eventTypes.IDENTITY_PROVIDER_LOGIN.name=身份供应者登录 +exportAuthDetailsError=导出授权详细信息时出错:{{error}} +clientOfflineSessionIdleHelp=在刷新离线令牌无效之前允许客户端空闲的时间。该选项仅影响令牌时间而不影响全局 SSO 会话。如果未设置,它将使用标准 SSO 会话空闲值。 +selectGroups=选择要加入的群组 +webAuthnPolicyAuthenticatorAttachmentHelp=向身份验证者传达可接受的附件模式。 +密码策略.regexPattern=要求密码匹配一个或多个已定义的正则表达式模式。 +username=用户名 +mappedGroupAttributes=映射组属性 +localization=本地化 +importConfig=从文件导入配置 +replyToDisplayNameHelp=“回复”地址的用户友好名称(可选)。 +webAuthnPolicyRpIdHelp=这是作为 WebAuthn 依赖方的 ID。它必须是源的有效域。 +signingKeysConfigExplain=如果您启用下面的"需要客户端签名",您必须通过生成或导入密钥来配置签名密钥,客户端将签署他们的 saml 请求和响应。签名将被验证。 +newClientProfile=创建客户端配置文件 +consoleDisplayConnectionUrlHelp=您的 LDAP 服务器的连接 URL +enabledWhen=何时启用 +clientAssertionSigningAlg=客户端断言签名算法 +homeURLHelp=当 auth 服务器需要重定向或链接回客户端时使用的默认 URL。 +ldapAttribute=LDAP 属性 +fullScopeAllowedHelp=允许您禁用所有限制。 +eventTypes.SEND_IDENTITY_PROVIDER_LINK_ERROR.description=发送身份供应者链接错误 +otpType=一次性密码类型 +algorithm=算法 +grantedScopes=授权范围 +groupNameLdapAttribute=群组名称的 LDAP 属性 +deleteProviderConfirm=您确定要永久删除密钥供应商 {{provider}} 吗? +removeConfirmTitle_one=移除群组? +includeInTokenScope=包含在令牌作用域中 +eventType=被保存的事件类型 +tokenDeleteConfirmTitle=删除初始访问令牌? +useRefreshTokenForClientCredentialsGrant=使用刷新令牌授予客户端凭据 +userDetails=用户详细信息 +sectorIdentifierUri.label=部分标识 URI +mapperTypeHelp=用于将 LDAP 用户的单个属性映射到 Keycloak DB 中 UserModel 的属性 +importWarning=上面导入的数据和设置可能会覆盖已经存在的数据和设置。 +kerberosRequiredSettingsDescription=此部分包含一些对所有用户存储提供商通用的基本选项。 +resetPasswordFor=重置{{username}}的密码 +duplicateEmailsAllowed=允许重复的电子邮件地址存在 +deleteEventsConfirm=如果清除该领域的所有事件,数据库中的所有记录将被永久清除 +noGroupsInThisRealmInstructions=尚未在此领域中创建任何群组。请创建一个群组以开始。 +eventTypes.REMOVE_TOTP_ERROR.name=移除totp错误 +groupUpdateError=更新群组{{error}}时出错 +logoutAllSessions=注销所有会话 +membershipUserLdapAttribute=会员用户的 LDAP 属性 +noKeysDescription=您还没有创建任何活跃的密钥 +rememberMeHelpText=在登录页面上展示复选框以允许用户在浏览器重新启动之前保持登录状态,直到会话过期。 +eventTypes.UPDATE_EMAIL.name=更新邮箱 +notBeforeHelp=撤销在此时间之前为此客户端颁发的任何令牌。要推送该策略,您应该首先在“设置”选项卡中设置一个有效的管理 URL。 +protocolTypes.saml=SAML +idTokenSignatureAlgorithm=ID令牌签名算法 +providerInfo=供应商信息 +ssoServiceUrl=单点登录服务 URL +appliedByClients=由以下客户应用 +createFlowHelp=您可以在此表单中创建顶级流程 +defaultLocaleHelp=要使用的初始语言环境。它用于登录页面和管理员界面和帐户界面中的其他页面。 +deleteConfirmFlowMessage=您确定要永久删除流程 "<1>{{flow}}}"。 +webAuthnPolicyAuthenticatorAttachment=身份验证器附件 +logoutServiceSoapBindingUrlHelp=客户端单点注销服务的 SAML SOAP 绑定 URL。如果您使用不同的绑定,可以将此留空。 +kerberos=kerberos +noNodesInstructions=没有节点注册,您可以手动添加一个。 +login=登录 +eventTypes.IDENTITY_PROVIDER_RETRIEVE_TOKEN_ERROR.name=身份供应者检索令牌错误 +local=本地 +noGroupsInThisSubGroupInstructions=尚未在此子组中创建任何群组。 +validatorColNames.colName=验证器名称 +userVerify.required=必需 +searchMembers=搜索成员 +keySizeHelp=生成密钥的大小 +otpSupportedApplications.totpAppGoogleName=谷歌验证器 +clientDeleteConfirmTitle=删除客户端? +policyDetails=策略详情 +changedUsersSyncHelp=以秒为单位同步更改或新创建的 LDAP 用户的周期 +trustEmailHelp=如果启用,即使为领域启用了验证,也不会验证此提供商提供的电子邮件。 +editModeKerberosHelp=“只读”表示不允许更新密码,用户始终使用 Kerberos 密码进行身份验证。“未同步”表示用户可以更改 Keycloak 数据库中的密码,并且将使用此密码代替 Kerberos 密码。 +invalidateRotatedSecretExplain=使轮换使用的密码无效后,轮换的秘密将被自动删除 +clientSessionMaxHelp=客户端会话过期前的最长时间。会话过期时令牌失效。如果未设置,它将使用标准 SSO 会话最大值。 +clientScopeDetails=客户端作用域详细信息 +requiredHelp=根据需要设置属性。如果启用,该属性必须由用户和管理员设置。否则,该属性是非必需的。 +clientScopeRemoveError=无法移除范围映射 {{error}} +mapperTypeRoleLdapMapper=role-ldap-mapper +testConnectionHint.withEmail=测试连接时,将向当前用户 ({{email}}) 发送一封电子邮件。 +adminURLHelp=客户端管理界面的 URL。如果客户端支持适配器 REST API,则设置此项。此 REST API 允许 auth 服务器推送撤销策略和其他管理任务。通常将其设置为基本URL客户端。 +otpPolicyPeriodHelp=OTP 令牌应该多少秒有效?默认为 30 秒。 +otpPolicyCodeReusableHelp=验证成功后可以再次使用相同的 OTP 代码。 +parentId=父级ID +storePasswordHelp=访问存档本身的密码 +directAccess=直接访问授权 +logoutServiceSoapBindingUrl=注销服务 SOAP 绑定 URL +userFedDeletedSuccess=用户联盟供应商已被删除。 +eventTypes.UNREGISTER_NODE.description=注销节点 +whoWillAppearPopoverTextRoles=此选项卡仅显示直接分配给此角色的用户。要查看作为关联角色或通过组分配此角色的用户,请转到 +showPassword=以明文展示密码字段 +openshift.baseUrl=OpenShift Online API 的基本 Url +logic=逻辑 +clientScopeSearch.type=赋值类型 +scopePermissions.groups.manage-membership-description=决定管理员是否可以在此群组中添加或删除用户的策略。 +resourceType=资源类型 +copied=授权细节已复制。 +scopeName=此作用域的唯一名称。该名称可用于唯一标识一个作用域,在查询特定作​​用域时很有用。 +userObjectClassesHelp=LDAP 中用户的 LDAP objectClass 属性的所有值,以英文逗号分隔。例如:'inetOrgPerson,organizationalPerson'。新创建的 Keycloak 用户将与所有这些对象类一起写入 L​​DAP,并找到现有的 LDAP 用户记录只要它们包含所有这些对象类。 +userInfoUrlHelp=用户信息 Url。这是可选的。 +clientProfileSearch=搜索 +addSavedTypes=添加被保存的事件类型 +setPasswordFor=设置{{username}}的密码 +eventTypes.CODE_TO_TOKEN.name=用于交换令牌的代码 +updateUserLocale=更新用户区域设置 +whoWillAppearPopoverTextUsers=群组是分层的。选择“直接群组成员资格”时,只会看到用户直接加入的子组,而不包括父级群组。 +mapperCreateError=创建映射器时出错。 +resetBtn=重置 +mode=模式 +kc.realm.name=领域 +userFedDisableConfirmTitle=禁用用户联盟供应商? +impersonate=模拟 +eventTypes.CLIENT_REGISTER.name=客户端注册 +mappingTable=具有预定义映射的表 +requestObject.not\ required=非必需 +adminURL=管理网址 +generatedAccessTokenNo=没有生成访问令牌 +always=总是 +pkceEnabledHelp=使用 PKCE(密钥代码交换证明)进行 IdP 代理 +settings=设置 +webAuthnPolicyUserVerificationRequirement=用户验证要求 +failureFactorHelp=在等待触发之前有多少次失败。 +unlinkAccountTitle=是否取消帐号与{{provider}}的关联? +noNodes=没有节点注册 +singleLogoutServiceUrlHelp=必须用于发送注销请求的 Url。 +authorizationEncryptedResponseAlg=授权响应加密密钥管理算法 +useTruststoreSpi=使用信任库 SPI +noSessions=无会话 +clipboardCopyError=复制到剪贴板时出错。 +storeTokens=存储代币 +usermodel.clientRoleMapping.rolePrefix.tooltip=每个客户端角色的前缀(非必需). +deleteConfirmCurrentUser=是否要永久删除此用户 +eventTypes.CLIENT_REGISTER_ERROR.description=客户端注册错误 +addClientScopesTo=将客户端范围添加到 {{clientName}} +x509=X.509 主题名称 +showDataBtn=显示数据 +dedicatedScopeDescription=此客户端的专用范围和映射器 +Sunday=星期日 +editMode=编辑模式 +updatePasswordPolicySuccess=密码策略更新成功 +passwordHelp=SMTP 密码。该字段可以从 vault 中获取其值,使用 ${vault.ID} 格式。 +clientUpdaterContext=条件检查上下文如何创建/更新客户端以确定是否应用策略。例如,它检查客户端是否使用管理 REST API 或 OIDC 动态客户端注册创建。并且根据大小写判断是否是匿名客户端注册或使用已被验证的初始访问权限的客户端注册。 +removedGroupMembership=已移除群组成员身份 +deleteScopeWarning=以下权限将在不再被其他授权范围使用时删除: +compositeRoleOff=复合角色已关闭 +fullSyncPeriod=全同步周期 +clientsExplain=客户端是可以请求用户身份验证的应用程序和服务。 +addNode=添加节点 +jwksUrl=JWKS 网址 +policy-description=策略的描述。 +defaultPasswordLabel=我的密码 +mapperUserAttributeName=用户属性名称 +importClient=导入客户端 +deleteMapperSuccess=映射器成功删除。 +scopeSaveError=由于{{error}},无法保留授权范围 +used.SPECIFIC_PROVIDERS=特定供应商 +deletedSuccessIdentityProvider=供应商已成功删除。 +reload=重新加载 +eventTypes.CLIENT_INITIATED_ACCOUNT_LINKING_ERROR.description=客户端发起的账号关联错误 +eventTypes.IDENTITY_PROVIDER_LOGIN_ERROR.name=身份供应者登录错误 +scopePermissions.groups.view-description=决定管理员是否可以查看此群组的策略。 +tokens=令牌 +createFlow=创建流程 +encryptAssertionsHelp=SAML 断言是否应该使用 AES 使用客户端的公钥加密? +disabledOff=禁用状态的关闭 +membershipLdapAttributeHelp=组上 LDAP 属性的名称,用于成员映射。通常它将是 'member'。但是当'Membership Attribute Type' 是 'UID' 时,'Membership LDAP Attribute' 通常可以是 'memberUid ', +usersLeftError=无法从群组中移除用户\: {{error}} +addTypes=添加类型 +pushedAuthorizationRequestRequiredHelp=布尔参数,指示授权服务器是否仅通过推送的授权请求方法接受授权请求数据。 +requirement=需求 +any=任何 +minute=分钟 +useJwksUrl=使用 JWKS URL +wantAssertionsSigned=需要签名的声明 +roleSaveSuccess=角色已保存 +scopeParameter=作用域参数 +userGroupsRetrieveStrategy=用户群组检索策略 +addSubFlow=添加子流程 +validatingPublicKeyHelp=必须用于验证外部 IDP 签名的 PEM 格式的公钥。 +client-uris-must-match.label=客户端uri必须匹配 +webAuthnPolicyAcceptableAaguids=可接受的 AAGUID +noRoles-roles=此领域中没有角色 +logoutServiceRedirectBindingURLHelp=客户端单点注销服务的 SAML 重定向绑定 URL。如果您使用不同的绑定,可以将此留空。 +deleteMapperConfirm=您确定要永久删除映射器 {{mapper}} 吗? +scopePermissions.roles.map-role-description=决定管理员是否可以将此角色映射到用户或群组的策略。 +backchannelUrlInvalid=反向通道注销 URL 不是有效的 URL +eventTypes.LOGIN.description=登录 +impersonateConfirm=模拟用户? +scopePermissions.clients.map-roles-client-scope-description=决定管理员是否可以将此客户端定义的角色应用于其他客户端的客户端范围的策略 +accessTokenSuccess=重新生成访问令牌 +includeInIdToken.tooltip=是否应将声明加入到ID令牌? +validRequestURIs=有效的请求 URI +allowPasswordAuthentication=允许密码验证 +federationLinkHelp=用户存储供应商。本地存储的用户由其中导入。 +validateUsernameLDAPAttribute=您必须输入用户名 LDAP 属性 +pairwiseSubAlgorithmSalt.tooltip=计算成对主题标识符时使用的盐值。如果留空,将自动生成一个盐值。 +waitIncrementSecondsHelp=当达到失败阈值时,用户应该被锁定多长时间? +allowKerberosAuthentication=允许 Kerberos 身份验证 +addressClaim.formatted.tooltip=用户属性的名称,将用于映射到'address'令牌声明中的'格式化'子声明。默认为'formatted'。 +predefinedMappingDescription=从此表中选择任何预定义的映射 +allowedClockSkew=允许的时间偏差 +privateRSAKey=私有 RSA 密钥 +createPermission=创建权限 +moveToGroup=将{{group1}}移动到{{group2}} +noRealmRoles=无领域角色 +events-disable-confirm=如果禁用“保存事件”,后续事件将不会展示在“事件”菜单中。 +reqAuthnConstraints=请求的上下文约束 +userProfileEnabled=用户资料 +requirements.ALTERNATIVE=非必需 +credentialResetConfirm=发送电子邮件 +permissionsEnabledHelp=确定是否启用细粒度权限来管理此角色。禁用将删除所有已设置的当前权限。 +consentScreenTextHelp=将此客户端作用域添加到需要许可的某些客户端时,将在许可页面上显示的文本。如果未填充,则默认为客户端作用域的名称 +realmRolesList=领域角色 +roleList=角色列表 +kerberosRealm=Kerberos 领域 +scopePermissions.groups.manage-members-description=决定管理员是否可以管理此群组成员的策略。 +consentRequiredHelp=如果启用,用户必须同意客户端访问。 +flow.direct\ grant=直接授权流程 +googleHelp.offlineAccess=在重定向到谷歌授权端点时将‘access_type’查询参数设置为‘离线’,以获取刷新令牌。如果计划在用户离线时使用令牌交换检索谷歌令牌以访问谷歌 API,则将很有用。 +eventTypes.EXECUTE_ACTION_TOKEN.name=执行动作令牌 +groupName=群组名称 +eventTypes.RESTART_AUTHENTICATION.name=重启认证 +authorizationUrl=授权地址 +eventTypes.VALIDATE_ACCESS_TOKEN.name=验证访问令牌 +contextualAttributes=上下文属性 +replyTo=回复地址 +providerDescription=供应者描述 +downloadAdapterConfig=下载适配器配置 +scopePermissions.clients.view-description=决定管理员是否可以查看此客户端的策略 +setPasswordConfirmText=是否要为用户{{username}}设置密码? +updateErrorIdentityProvider=无法更新供应商 {{error}} +emptyProfiles=没有配置客户端配置文件 +createClientProfileError=无法创建客户端配置文件:'{{error}}' +usermodel.clientRoleMapping.clientId.tooltip=用于角色映射的客户端ID。只有该客户端的客户端角色会被添加到令牌中。如果该项没有被设置,则来自所有客户端的角色都将被添加到令牌中。 +targetOptions.local=本地 +addMessageBundleError=创建消息包时出错,{{error}} +pkceMethodHelp=使用的 PKCE 方法 +encryption=加密 +addExecutorError=未创建执行器 +scopePermissions.clients.manage-description=决定管理员是否可以管理此客户端的策略 +vendor=供应商 +roleRemoveAssociatedText=此操作将从{{roleName}}中移除{{role}}。{{role}}的所有关联角色也将被移除。 +disabled=禁用 +idpInitiatedSsoRelayState=IDP 发起的 SSO 中继状态 +attribute=属性 +clientScopesConditionTooltip=预期客户端范围的列表。如果指定的客户端请求匹配某些客户端范围,则条件评估为真。它还取决于配置的'范围类型',就是它应该是默认的还是可选的客户端范围。 +timestamp=创建日期 +principalAttributeHelp=用于识别外部用户属性的名称或友好的名称。 +nameIdPolicyFormat=NameID 策略格式 +idpInitiatedSsoUrlName=IDP 发起的 SSO URL 名称 +selectMethod=选择方法 +deleteConfirmExecution=删除执行器? +eventTypes.VALIDATE_ACCESS_TOKEN_ERROR.name=验证访问令牌错误 +xFrameOptions=X-Frame-Options +scopeDescriptionHelp=客户作用域说明 +deletedErrorRealmSetting=无法删除领域:{{error}} +copyInitialAccessToken=请在关闭前复制并粘贴初始访问令牌,因为以后无法检索它。 +consensus=共识 +scopePermissions.roles.map-role-composite-description=决定管理员是否可以将此角色作为复合角色应用于其他角色的策略。 +emptyEvents=无可添加的事件 +residentKey.Yes=是 +eventTypes.SEND_IDENTITY_PROVIDER_LINK.name=发送身份供应商链接 +ssoSessionIdleRememberMe=在到期之前“记住我”的会话的空闲的时间。令牌和浏览器会话在会话到期时失效。如果未设置,它将使用标准的 SSO 会话空闲值。 +SSOSessionIdleRememberMe=“记住我”的SSO会话过期前的空闲时间 +cibaBackchannelTokenDeliveryModeHelp=指定 CD(消费设备)如何获取身份验证结果和相关令牌。默认情况下,如果没有明确设置其他模式,则 CIBA 客户端将默认使用此模式。 +eventTypes.REGISTER_NODE.description=注册节点 +supported=已获支持 +deleteAttributeText=删除属性 +deleteNodeSuccess=节点删除成功 +roleImportSuccess=角色导入成功 +tokenUrl=令牌网址 +executionConfig={{name}} 配置 +grantedClientScopes=已授予客户端作用域 +keyError=必须至少提供一个键。 +addAnnotationText=添加注释 +helpToggleInfo=此开关将启用/禁用UI中的部分帮助信息。包括任何帮助文本、链接和弹出窗口 +clientProfileName=客户端配置文件名称 +effectiveProtocolMappers=有效的协议映射器 +userVerify.preferred=首选 +syncModes.legacy=引用 +allowRegexComparisonHelp=如果关闭,则来自给定客户端证书的主题 DN 必须与 RFC8705 规范中描述的‘主题 DN’属性中的给定 DN 完全匹配。主题 DN 可以采用 RFC2553 或 RFC1779 格式。如果打开, 那么来自给定客户端证书的主题 DN 应该与“主题 DN”属性指定的正则表达式相匹配。 +eventTypes.UPDATE_TOTP_ERROR.description=更新totp错误 +titleEvents=事件 +addIdpMapperName=映射器的名称。 +signServiceProviderMetadata=签署服务提供商元数据 +updateClientPoliciesError=提供的 JSON 不正确\: Unexpected token { in JSON +acceptsPromptNoneHelp=这只是与身份供应商验证器一起使用,或者当kc_idp_hint指向这个身份供应商时。如果客户端发送一个prompt\=none的请求并且用户还没有被认证,错误将不会直接返回给客户端, 但带有 prompt\=none 的请求将被转发给这个身份供应商。 +roleDetails=角色详细信息 +eventTypes.USER_INFO_REQUEST.name=用户信息请求 +clientScopeType.none=无 +results=结果 +userRolesRetrieveStrategyHelp=指定如何检索用户的角色。LOAD_ROLES_BY_MEMBER_ATTRIBUTE 表示将通过发送 LDAP 查询来检索用户的角色,以检索 'member' 是否是我们用户的所有角色。GET_ROLES_FROM_USER_MEMBEROF 表示将从 'memberOf' 检索用户的角色' 我们用户的属性。或来自“LDAP 成员属性”指定的其他属性。LOAD_ROLES_BY_MEMBER_ATTRIBUTE 仅适用于 Active Directory,这意味着将使用 LDAP_MATCHING_RULE_IN_CHAIN LDAP 扩展递归检索用户角色。 +roleDeleteError=无法删除角色\: {{error}} +selectScope=选择范围 +attributeDefaultValue=属性默认值 +paypalHelp.sandbox=目标 PayPal 的沙箱环境 +eventTypes.UPDATE_PASSWORD_ERROR.name=更新密码错误 +addGroups=添加群组 +offlineSessionIdle=离线会话空闲时间 +mapperAttributeFriendlyName=友好名称 +addProvider=添加供应商 +readOnlyHelp=只读属性从 LDAP 导入到 UserModel,但当用户在 Keycloak 中更新时,它不会保存回 LDAP。 +resourceDeletedError=无法删除资源 {{error}} +backchannelLogoutUrl=反向通道注销 URL +defaultAdminInitiatedActionLifespan=管理员发送给用户的操作许可过期前的最长时间。建议将该值设置得较长,以允许管理员为当前离线的用户发送电子邮件。默认超时可以在紧接之前被覆盖发行令牌。 +requestObjectEncodingHelp=JWE算法,client在对'request'或'request_uri'参数指定的OIDC请求对象的内容进行加密时需要使用的算法。如果设置为'any',则允许任何算法。 +minimumQuickLoginWaitSeconds=最小快速登录等待秒数 +duplicate=复制 +clientAccesstype=客户端访问类型 +roleDeleteConfirm=是否删除角色? +createClientProfileNameHelperText=名称在领域内必须是唯一的 +disabledHelp=禁用的用户无法登录。 +eventTypes.UPDATE_PROFILE_ERROR.name=更新配置文件错误 +adminThemeHelp=为管理界面选择主题。 +name=名称 +deleteConfirmDialog_other=是否要永久删除{{count}}个选定用户 +targetOptions.brokerUsername=BROKER_USERNAME +clientList=客户端 +eventTypes.REGISTER_ERROR.description=注册错误 +infoDisabledFeatures=显示所有禁用的功能。 +userSession.modelNote.label=用户会话说明 +next=下一步 +userLabel=用户标签 +pagination=分页 +changeAuthenticatorConfirm=如果您将身份验证器更改为 {{clientAuthenticatorType}},Keycloak 数据库将更新,您可能需要为此客户端下载新的适配器配置。 +import=导入 +otpHashAlgorithm=OTP哈希算法 +importFail=导入失败:{{error}} +show=显示 +description=描述 +eventListenersHelpText=配置哪些监听器接收该领域的事件。 +alwaysReadValueFromLdap=始终从 LDAP 读取值 +searchUserEventsBtn=搜索用户事件 +addressClaim.postal_code.tooltip=用户属性的名称,将用于映射到'address'令牌声明中的'postal_code'子声明。默认为'postal_code'。 +generatedUserInfoNo=没有生成用户信息 +allowed-client-scopes.label=允许的客户端范围 +providerId=供应商ID +assignedClientScope=分配的客户范围 +savePasswordSuccess=密码已成功设置。 +Tuesday=星期二 +idTokenEncryptionContentEncryptionAlgorithm=ID令牌加密内容加密算法 +newRoleName=新角色名称 +listExplain=身份供应商是允许用户向 Keycloak 进行身份验证的社交网络或身份代理。 +emptyInstructions=更改搜索条件或添加用户 +tableView=表格视图 +addClientProfile=添加客户端配置文件 +maxFailureWaitSeconds=最长等待时间 +renameAGroup=重命名群组 +eventConfigError=无法保存事件配置{{error}} +confirmAccessTokenTitle=重新生成注册访问令牌? +target=目标 +impersonateConfirmDialog=是否要以此用户身份登录?如果该用户与您处于同一领域,则在您以该用户身份登录之前,您当前的登录会话将被注销。 +alwaysDisplayInUI=始终显示在 UI 中 +protocolMapper=协议映射 +requiredSettings=所需设置 +oneLevel=一级 +userSaved=用户已保存 +useRefreshTokens=使用刷新令牌 +standardFlowHelp=这启用了基于标准 OpenID Connect 重定向的身份验证和授权代码。根据 OpenID Connect 或 OAuth2 规范,这启用了对此客户端的'授权代码流'的支持。 +clientDeleteConfirm=如果您删除此客户端,所有相关数据都将被删除。 +derFormattedHelp=如果证书在 LDAP 中是 DER 格式而不是 PEM 格式,请激活它。 +eventTypes.IDENTITY_PROVIDER_POST_LOGIN.name=身份供应者非首次登录 +scopePermissions.users.view-description=决定管理员是否可以查看领域中所有用户的策略。 +ldapGeneralOptionsSettingsDescription=此部分包含一些对所有用户存储供应商通用的基本选项。 +importSkipped_one=跳过一条记录。 +eventTypes.OAUTH2_DEVICE_AUTH.description=Oauth2设备认证 +notBeforeClearedSuccess=成功! “不早于”的设置被清除。 +policySaveError=由于{{error}}无法更新策略 +experimental=实验性 +idTokenSignatureAlgorithmHelp=用于签署 ID 令牌的 JWA 算法。 +deleteResourceConfirm=如果删除此资源,部分权限将受到影响。 +httpPostBindingResponse=HTTP-POST 绑定响应 +tokenLifespan.inherited=从领域设置继承 +saveEvents=保存事件 +issuer=发行人 +policyEnforcementModeHelp=策略执行模式规定了在评估授权请求时如何执行策略。'强制执行' 意味着默认情况下拒绝请求,即使没有与给定资源关联的策略。'获准使用' 意味着即使有请求也被允许没有与给定资源关联的策略。“禁用”完全禁用策略评估并允许访问任何资源。 +selectAUser=选择一个用户 +groupCreated=已创建群组 +generateError=无法生成新的密钥对和证书 {{error}} +testClusterSuccess=成功验证可用性:{{successNodes}} +whoWillAppearLinkTextRoles=谁将出现在此用户列表中? +attestationPreference.not\ specified=未指定 +importConfigHelp=从下载的 IDP 发现描述符中导入元数据。 +targetClaim=目标声明 +assignRole=分配角色 +accessSettings=访问设置 +updateFlowSuccess=流程更新成功 +xXSSProtectionHelp=此标头在您的浏览器中配置跨站点脚本 (XSS) 过滤器。使用默认行为,浏览器将在检测到 XSS 攻击时阻止呈现页面。<1>了解更多 +authenticatedAccessPolicies=经过身份验证的访问策略 +addExecutor=添加执行器 +selectIfResourceExists=如果资源已存在,请指定应采取的操作 +deleteAttributeGroupError=无法删除用户属性组:{{error}} +trustEmail=信任邮箱 +credentialReset=重置凭据 +eventTypes.CUSTOM_REQUIRED_ACTION_ERROR.name=自定义必要操作错误 +deleteValidatorConfirmTitle=删除验证器? +claimJsonType=应该用于填充令牌中的 JSON 声明的 JSON 类型。long、int、boolean、String和JSON类型都是有效值。 +kc.client.network.ip_address=客户端IPv4地址 +signatureAndEncryption=签名和加密 +hardcodedUserSessionAttribute=当用户从供应商导入时,将一个值硬编码到特定的用户会话属性。 +conditionType=条件类型 +multiValued=指示属性是否支持多个值。如果为是,则此属性的所有值将被设置为声明。如果为否,则只将第一个值设置为声明 +browse=浏览 +duplicateEmailsHelpText=允许多个用户拥有相同的电子邮件地址。更改此设置也会清除用户的缓存。建议在关闭对重复的电子邮件地址的支持后手动更新数据库中现有用户的电子邮件限制。 +importOverwritten_zero=没有记录被覆写。 +usermodel.realmRoleMapping.rolePrefix.label=领域角色前缀 +eventTypes.GRANT_CONSENT.name=授权许可 +noProvidersLinked=没有关联身份供应商。请从下面的列表中选择一个。 +testConnectionSuccess=成功!SMTP 连接成功。电子邮件已发送! +samlSettings=SAML 设置 +userFedDisableConfirm=如果您禁用此用户联盟供应商,它将不会被考虑用于查询,导入的用户将被禁用且只读,直到再次启用该供应商。 +userSessionAttribute=用户会话属性 +enabled=开启 +forgotPassword=忘记密码 +moveGroupError=无法移动群组{{error}} +clientImportSuccess=客户端导入成功 +dragHelp=按空格键或回车键开始拖动,并使用箭头键向上或向下导航。按回车键确认拖动,或按任何其他键取消拖动操作 +startTime=开始时间 +logicHelp=逻辑决定了应该如何做出政策决定。如果是'肯定',则在评估该政策期间获得的结果效果(允许或拒绝)将用于执行决定。如果'否定',则由此产生的效果将被否定,换句话说,许可变为拒绝,反之亦然。 +allowRegexComparison=允许正则表达式模式比较 +noSessionsForUser=此用户当前没有活动会话。 +eventTypes.IDENTITY_PROVIDER_LINK_ACCOUNT_ERROR.description=身份提供商关联账号错误 +implicitFlowHelp=这启用了对基于 OpenID Connect 重定向的身份验证的支持,无需授权代码。根据 OpenID Connect 或 OAuth2 规范,这启用了对此客户端的'隐式流'支持。 +user-events-cleared-error=无法清除用户事件 {{error}} +eventTypes.IMPERSONATE_ERROR.name=角色扮演错误 +executorType=执行器类型 +configureMappingDescription=从此表中选择任何映射 +keystorePassword=密钥库密码 +mapperTypeHardcodedLdapRoleMapperHelp=从 LDAP 导入的用户将自动添加到这个配置的角色中。 +more=还有{{count}}个 +clientNameHelp=指定客户端的显示名称。例如'我的客户'。也支持本地化值的键。例如:${my_client} +mappersList=映射器列表 +rootUrl=根网址 +realmExplain=领域管理用户、凭据、角色和群组。用户属于某个领域并可以登录到该领域。领域彼此独立,只能管理和验证各自控制的用户。 +webAuthnPolicyExtraOrigins=额外的 Origin +samlSignatureKeyName=SAML 签名密钥名称 +validateUsersDn=您必须输入用户DN +importError=无法导入证书 {{error}} +logicType.negative=否定 +otpPolicy=一次性密码策略 +noRolesInstructions-groups=尚未为此群组创建任何角色。请创建角色后开始管理群组。 +cibaBackchannelTokenDeliveryMode=反向通道令牌交付模式 +validateAttributeName=不允许未命名的属性配置。 +eventTypes.RESET_PASSWORD_ERROR.description=重置密码错误 +addUser=添加用户 +eventTypes.REGISTER.description=注册 +includeAuthnStatementHelp=是否应在登录响应中包含指定方法和时间戳的语句? +evaluateError=无法评估,由于\: {{error}} +iconUriHelp=指向图标的 URI。 +eventTypes.OAUTH2_DEVICE_VERIFY_USER_CODE.name=Oauth2设备验证用户代码 +protocol=协议 +permissionsScopeName=作用域名称 +manageAccount=管理帐户 +oauthDeviceAuthorizationGrant=OAuth 2.0 设备授权授予 +copyFlowError=无法复制流程:{{error}} +roleRemoveAssociatedRoleConfirm=是否移除关联角色? +httpPostBindingAuthnRequest=验证请求的 HTTP-POST 绑定 +includeInAccessToken.label=添加到访问令牌 +samlKeysExportSuccess=成功导出密钥 +usersInRole=角色中的用户 +policyProvider.group=为您的权限定义条件,允许一组一个或多个组(及其层次结构)访问一个对象。 +updatedUserProfileError=用户资料的配置尚未保存 +密码策略.lowerCase=密码字符串中要求的小写字母的个数。 +emptyPermissions=无权限 +deletePermission=永久删除权限? +selectUser=选择一个用户,其身份将用于从服务器查询权限。 +resultPermit=结果许可 +userFederationExplain=用户联盟提供对外部数据库和目录的访问,例如 LDAP 和 Active Directory。 +emptyAuthorizationScopes=无授权范围 +noDefaultGroups=没有默认群组 +policyProvider.time=为您的权限定义时间条件。 +updateFlowError=无法更新流程:{{error}} +google.hostedDomain=托管域 +valuePlaceholder=输入一个值 +usersLeft_other={{count}}用户离开了群组 +updateClientContext=更新客户端环境 +removeAssociatedRoles=移除关联角色 +nameIdPolicyFormatHelp=指定与名称标识符格式对应的 URI 引用。 +mappers=映射 +attributeGeneralSettingsDescription=此部分包含一些对所有属性通用的基本设置。 +name-id-format=名称ID格式 +deleteRealm=删除领域 +noRoles-clientScopes=此客户端作用域没有角色 +deleteFlowError=无法删除流程:{{error}} +eventTypes.IDENTITY_PROVIDER_POST_LOGIN.description=身份供应者非首次登录 +roleImportError=无法导入角色 +regexAttributeValuesHelp=如果启用的属性值被解释为正则表达式。 +userCreated=用户已创建 +residentKey.not\ specified=未指定 +clientUpdaterSourceHost=条件检查尝试创建/更新客户端的实体的主机/域以确定是否应用了策略。 +alwaysReadValueFromLdapHelp=如果启用,那么在读取 LDAP 属性值期间将始终使用而不是来自 Keycloak DB 的值。 +usermodel.clientRoleMapping.tokenClaimName.tooltip=插入到令牌中的声明名称。这可以是一个完全限定的名称,如“address.street”。在这种情况下,将创建一个嵌套的json对象。为了防止嵌套并直接使用点,请使用反斜杠(\\.)转义点。可以使用特殊的令牌${client_id},它将被实际的客户端ID替换,例如\:“resource_access.${client_id}.roles”。这是有用的,特别是当您从所有客户端添加角色(当然'客户端ID'开关并未设置),并且您想要每个客户端单独存储的客户端角色。 +scopePermissions.clients.map-roles-description=决定管理员是否可以映射此客户端定义的角色的策略 +signAssertions=签署断言 +disableUserInfoHelp=禁止使用用户信息服务来获取额外的用户信息?默认是使用这个 OIDC 服务。 +xFrameOptionsHelp=默认值防止页面被非来源 iframe 包含<1>了解更多 +copyError=复制授权详情时出错:{{error}} +validateSignatures=启用/禁用 SAML 响应的签名验证。 +authentication=身份验证 +eventTypes.DELETE_ACCOUNT.name=删除账号 +logoutUrlHelp=结束用于从外部 IDP 注销用户的会话端点。 +noUserDetails=无用户详细信息 +attestationPreference.indirect=间接 +frontchannelUrlInvalid=前端通道注销 URL 不是有效 URL +noCredentialsText=此用户没有任何凭据。您可以为此用户设置密码。 +deletePolicyWarning=以下聚合策略将自动删除: +validatingPublicKey=验证公钥 +permissionsListIntro=通过单击作用域名称编辑权限列表。然后重定向到名为的客户端的权限详细信息页面 <1>{{realm}} +deleteClientConditionSuccess=条件删除成功。 +signatureAlgorithm=签名算法 +deleteConfirmIdentityProvider=您确定要永久删除供应商'{{provider}}'吗? +resetActions=复位操作 +cibaExpiresInHelp=自收到身份验证请求以来 "auth_req_id" 的过期时间,时间单位为秒。 +eventTypes.CLIENT_INFO_ERROR.description=客户端信息错误 +batchSize=批量处理的数量 +user=用户 +scopesAsRequested=在此范围内生效 +updateErrorClientScope=无法更新客户端作用域\: '{{error}}' +eventTypes.OAUTH2_DEVICE_VERIFY_USER_CODE.description=Oauth2 设备验证用户代码 +useKerberosForPasswordAuthentication=使用 Kerberos 进行密码验证 +validateUuidLDAPAttribute=您必须输入 UUID LDAP 属性 +client-scopes-condition.tooltip=预期的客户端范围列表。如果指定的客户端请求与某些客户端范围匹配,则条件计算为“真”。它还取决于它应该是默认的还是可选的客户端作用域,这取决于所配置的“作用域类型”。 +anonymousAccessPolicies=匿名访问策略 +createResourceBasedPermission=创建基于资源的权限 +searchForRole=搜索角色 +xXSSProtection=X-XSS-保护 +debugHelp=为 Krb5LoginModule 启用/禁用调试日志记录到标准输出。 +validatorColNames.colConfig=设置 +createClient=创建客户端 +eventTypes.IDENTITY_PROVIDER_FIRST_LOGIN.description=身份供应商首次登录 +usedMemory=已用内存 +validatePasswordPolicyHelp=确定 Keycloak 是否应该在更新之前使用领域密码策略验证密码 +quickLoginCheckMilliSeconds=快速登录检查毫秒数 +createResourceSuccess=资源创建成功 +documentation=文档 +fullNameLdapReadOnlyHelp=对于只读条目,数据从 LDAP 导入到 Keycloak 数据库,但当用户在 Keycloak 中更新时,数据不会保存回 LDAP。 +roleExplain=领域角色是您定义的用于当前领域的角色。 +whatIsDefaultGroups=默认群组的作用是什么? +transient=瞬时 +generalSettings=通用设置 +addClientProfileError=无法创建客户端配置文件:'{{error}}' +overallResults=总体结果 +requiredUserActionsHelp=用户登录时需要执行操作。“验证电子邮件”将向用户发送电子邮件以验证其电子邮件地址。“更新个人资料”要求用户输入新的个人信息。“更新密码”要求用户输入新密码。“配置OTP”需要设置动态密码生成器。 +requestObjectSignatureAlgorithmHelp=JWA算法,客户端在发送'request'或'request_uri'参数指定的OIDC请求对象时需要使用的JWA算法。如果设置为'任何',请求对象可以被任何算法签名(包括'none') +ldapKerberosSettingsDescription=此部分包含对 Kerberos 集成有用的选项。这仅在 LDAP 服务器与 Kerberos/SPNEGO 一起用于用户身份验证时使用。 +deleteEvents=清除事件 +termsOfServiceUrlHelp=依赖方客户端提供给最终用户以阅读依赖方服务条款的 URL +clientSecretError=无法重新生成客户端密码,因为:{{error}} +resourcePath=资源路径 +useJwksUrlHelp=如果开关打开,身份供应商公钥将从给定的 JWKS URL 下载。这具有很大的灵活性,因为当身份供应商生成新的密钥对时,新密钥总是会再次重新下载。如果开关关闭,则使用来自 Keycloak 的公钥(或证书)。因此当身份供应商密钥对发生变化时,您始终需要将新密钥也导入 Keycloak 数据库。 +mapperTypeHardcodedAttributeMapperHelp=当从 LDAP 导入用户时,此映射器将对任何模型用户属性和某些属性(如 emailVerified 或启用)进行硬编码。 +downloadAdaptorTitle=下载适配器配置 +client-roles.label=客户端角色 +keysFilter.PASSIVE=不活跃的密钥 +revocation=撤销 +scopeTypeHelp=客户端作用域,将以默认作用域的形式添加到每个创建的客户端 +search=搜索 +validateEditMode=您必须选择一种编辑模式 +copyFlowSuccess=流程复制成功 +cacheSettings=缓存设置 +密码策略.hashIterations=密码在存储或验证之前被散列的次数。默认值:27,500。 +searchForClient=搜索客户 +permissionDeletedError=由于{{error}}无法删除权限 +密码策略.maxLength=密码中允许的最大字符数。 +eventTypes.UPDATE_PROFILE.name=更新资料 +realmId=领域ID +eventTypes.PERMISSION_TOKEN_ERROR.description=权限令牌错误 +algorithmHelp=密钥的预期算法 +importFile=导入文件 +userVerify.discouraged=不建议 +ldapRolesDn=LDAP 角色的 DN +displayOnClientHelp=仅当此客户端的“需要同意”打开时才适用。如果此开关关闭,则授权页面将仅包含与配置的客户端范围对应的授权。如果打开,授权上还会有一项关于此客户端本身的页面。 +requestObjectRequired=需要请求对象 +protocolHelp=此客户端作用域提供的SSO协议配置 +prompts.none=无 +resourcesHelp=指定此权限必须应用于特定资源实例。 +passwordConfirmation=确认密码 +aggregate.attrs.tooltip=指示属性值是否应该与组属性聚合。如果使用OpenID连接映射器,多值选项也需要启用,以便获得所有值。重复的值将被丢弃,并且该选项不能保证值的顺序。 +helpLabel=更多帮助{{label}} +noRoles=此用户没有角色 +createAttribute=创建属性 +Thursday=星期四 +importOverwritten_one=覆写一条记录。 +tokenDeleteError=无法删除初始访问令牌:'{{error}}' +eventTypes.REGISTER_NODE_ERROR.name=注册节点错误 +isMandatoryInLdap=在 LDAP 中是强制性的 +discoveryEndpoint=发现端点 +claimValue=声明价值 +eventTypes.FEDERATED_IDENTITY_LINK.name=联合身份链接 +authenticationHelp=这定义了 OIDC 客户端的类型。当它打开时,OIDC 类型设置为机密访问类型。当它关闭时,它设置为公共访问类型 +deleteClientConditionError=创建条件时出错:{{error}} +noMappers=没有映射器 +couldNotLinkIdP=无法关联身份供应商{{error}} +otpPolicyPeriod=OTP 令牌周期 +managePriorities=管理优先级 +createClientPolicySuccess=已创建新策略 +frontendUrlHelp=设置领域的前端 URL。与默认主机名提供程序结合使用以覆盖特定领域前端请求的基本 URL。 +used.notInUse=未使用 +emailSettings=电子邮件设置 +samlEntityDescriptorHelp=允许您从配置文件加载外部 IDP 元数据或从 URL 下载它。 +generatedIdTokenHelp=请参阅示例ID Token。当选定的用户通过身份验证时,ID token将被生成并发送给客户端。您可以看到令牌将包含的声明和角色基于有效的协议映射器和角色范围映射,也基于分配给用户自己的声明/角色。 +createClientProfile=创建客户端配置文件 +cachePolicy=缓存策略 +noCredentials=没有凭据 +clientOfflineSessionIdle=客户端离线令牌空闲 +eventListeners=事件监听器 +bindDn=绑定 DN +evictionHourHelp=准入许可将在几点失效 +permissionDetails=权限详情 +Friday=星期五 +密码策略.hashAlgorithm=应用哈希算法的密码不会以明文形式存储。 +saveProviderListSuccess=供应商的优先级已成功更新。 +copyToClipboard=复制到剪贴板 +wantAuthnRequestsSigned=需要签名的验证请求 +usermodel.attr.tooltip=在UserModel.attribute映射中定义的存储用户属性的名称。 +clientPoliciesProfiles=客户端策略配置文件 +eventTypes.SEND_VERIFY_EMAIL.name=发送验证邮件 +requiredForLabel.both=用户和管理员 +eventTypes.REGISTER_NODE.name=注册节点 +CONFIGURE_TOTP=配置OTP (CONFIGURE_TOTP) +eventTypes.EXECUTE_ACTIONS.description=执行动作 +clientUpdaterSourceRolesHelp=条件检查尝试创建/更新客户端的实体的角色以确定是否应用策略。 +userModelAttributeName=用户模型属性名 +importResourceError=由于 {{error}} 无法导入资源 +mapperTypeHardcodedLdapRoleMapper=hardcoded-ldap-role-mapper +validateName=您必须输入一个名字 +flowDetails=流程详情 +never=从不 +addressClaim.region.tooltip=用户属性的名称,将用于映射到“地址”令牌声明中的“区域”子声明。默认为'region'。 +IDK-periodicChangedUsersSyncHelp=新创建的用户应该在 LDAP 存储中创建吗?优先级会影响选择哪个提供商来同步新用户。 +logoutServiceArtifactBindingUrlHelp=客户端单一注销服务的 SAML ARTIFACT 绑定 URL。如果您使用不同的绑定,则可以将此留空。 +claimToRole=如果存在声明,则授予用户指定的领域或客户端角色。 +logoutServicePostBindingURL=注销服务 POST 绑定 URL +eventTypes.REMOVE_FEDERATED_IDENTITY_ERROR.name=删除联合身份错误 +assertionConsumerServicePostBindingURLHelp=客户端断言消费者服务(登录响应)的 SAML POST 绑定 URL。如果您没有此绑定的 URL,则可以将其留空。 +createAuthorizationScope=创建授权范围 +noGroups=没有群组 +backchannelLogoutRevokeOfflineSessionsHelp=指定在使用反向通道注销 URL 时注销令牌中是否包含 "revoke_offline_access" 事件。Keycloak 将在收到带有此事件的注销令牌时撤销离线会话。 +roleID=角色 ID +roleNameLdapAttributeHelp=LDAP 属性的名称,在角色对象中用于角色的名称和 RDN。通常为 'cn'。在这种情况下,典型的组/角色对象可能具有 DN,如 'cn\=role1,ou\=finance,dc\=example,dc\=org'。 +origin=产地 +regexPattern=正则表达式模式 +rowCancelBtnAriaLabel=取消对 {{messageBundle}} 的编辑 +validateSignatureHelp=启用/禁用外部 IDP 签名的签名验证。 +searchForFlow=搜索流程 +verifyEmail=验证邮箱 +notBeforeIntro=为了成功向客户端推送撤销策略,您需要先为此客户端在<1>设置选项卡下设置管理 URL +addressClaim.locality.label=地区的用户属性名称 +formatOption=格式选项 +addAuthnContextClassRef=添加验证上下文类参考 +showPasswordDataName=名称 +clientScopeTypes.none=无 +whoCanEdit=谁可以编辑? +mappingCreatedSuccess=映射创建成功 +eventTypes.GRANT_CONSENT.description=授权许可 +client=客户端 +setToNow=设置到现在 +eventTypes.OAUTH2_DEVICE_AUTH_ERROR.name=Oauth2设备认证错误 +addSubFlowHelp=子级流程可以是一般形式的,也可以是表单形式的。表单类型用于构造子流,为用户生成单个流程。子级流程是一种特殊类型的执行,根据它们包含的执行的评估方式评估流程成功与否。 +implicitFlow=隐式流 +authorizationSignedResponseAlgHelp=当响应模式为 jwt 时,用于签署授权响应令牌的 JWA 算法。 +associatedRolesRemoved=已移除关联的角色 +keyAliasHelp=私钥别名 +whoWillAppearLinkTextUsers=谁将出现在此群组列表中? +tokenClaimName.tooltip=插入到令牌中的声明名称。这可以是一个完全限定的名称,如“address.street”。在这种情况下,将创建一个嵌套的json对象。为了防止嵌套并直接使用点,请使用反斜杠(\\.)转义点。 +userName=用户名 +clientProfileDescription=描述 +ellipticCurveHelp=ECDSA 中使用的椭圆曲线 +fromPredefinedMapper=来自预定义映射 +attributesGroup=属性组 +ssoSessionMax=会话过期前的最长时间。令牌和浏览器会话在会话过期时失效。 +clientDeleteError=无法删除客户端:{{error}} +scopeDisplayName=此作用域的唯一名称。该名称可用于唯一标识一个作用域,在查询特定作​​用域时很有用。 +optimizeLookup=优化重定向签名密钥查找 +joinGroupsFor=将用户{{username}}添加到群组 +temporaryLocked=暂时锁定 +setup=设置 +unlinkAccount=取消关联帐号 +executors=执行器 +eventTypes.CLIENT_UPDATE_ERROR.name=客户端更新错误 +realm=领域 +attributeConsumingServiceIndex=属性消费服务指数 +prompt=提示 +assign=赋予 +disableConfirmRealm=如果领域被禁用,用户和客户端将无法访问它。您确定要继续吗? +showAuthData=显示授权数据 +includeInUserInfo.tooltip=是否应将声明加入用户信息中? +select=选择 +signature-algorithm=JWA算法,客户端在签署JWT进行认证时需要使用的算法。如果留空,则允许客户端使用任何算法。 +advanced=高级 +initialCounter=初始计数器 +revokeRefreshTokenHelp=如果启用刷新令牌最多只能使用'刷新令牌最大重用',并且在使用不同的令牌时被撤销。否则刷新令牌在使用时不会被撤销并且可以多次使用。 +nameField=姓名 +ownerManagedAccessHelp=如果启用,资源所有者可以管理对该资源的访问设置。 +useLowerCaseBearerTypeHelp=如果启用,令牌响应将设置为小写的类型 "bearer"。默认情况下,服务器将类型设置为 RFC6750 定义的 "Bearer"。 +addCondition=添加条件 +updateSuccessClientScope=客户端作用域已更新 +connectionAndAuthentication=连接与认证 +clientScopeType.optional=非必需 +permissionsDisableConfirm=如果禁用权限,将自动删除下面列表中的所有权限。此外,相关的资源和作用域将被删除 +eventTypes.REFRESH_TOKEN.description=刷新令牌 +authorization=授权 +clientProfilesHelpItem=客户端配置文件帮助项 +userSessionAttributeValue=用户会话属性值 +dayMonthHelp=定义必须授予策略的日期。您还可以通过填写第二个字段来提供范围。在这种情况下,仅当月份的当前日期介于或等于两个值时才授予权限。 +fullNameLdapWriteOnlyHelp=对于只写条目,当在 Keycloak 中创建或更新用户时,数据将传播到 LDAP。但此映射器不用于将数据从 LDAP 传播回 Keycloak。如果您配置了单独的 firstName 和lastName 属性映射器,您想使用它们将 LDAP 中的属性读入 Keycloak。 +userFedDeleteError=无法删除用户联盟供应商,因为:'{{error}}' +id=ID +join=加入 +clientUpdaterSourceGroupsHelp=条件检查尝试创建/更新客户端的实体组以确定是否应用了策略。 +idTokenEncryptionContentEncryptionAlgorithmHelp=在加密 ID 令牌时用于内容加密的 JWA 算法。如果您想要加密的 ID 令牌,则需要此选项。如果留空,ID 令牌只是签名,但不加密。 +messageBundleDescription=您可以编辑支持的语言环境。如果您还没有选择支持的语言环境,您只能编辑英文语言环境。 +saveEventListenersError=保存事件侦听器时出错:{{error}} +scopesHelp=请求授权时要发送的范围。它可以是一个以空格分隔的范围列表。默认为'openid'。 +multivalued.tooltip=指示某属性是否支持多个值。如果为是,则此属性的所有值的列表将设置为声明。如果为否,则只将第一个值设置为声明。 +enabledHelp=设置按键是否启用 +admin-events-cleared-error=无法清除管理员事件{{error}} +usersPermissionsHint=用于管理领域中所有用户的细粒度权限。可以定义不同的策略,允许谁管理领域中的用户。 +isBinaryAttribute=这是二进制属性 +clientScopeList=客户端作用域 +displayHeaderHint=用于用户界面表单中呈现一组属性时应使用的用户友好名称,支持本地化值的键。例如:${profile.attribute.group.address} +noValidMetaDataFound=在此 URL 中未找到有效的元数据:'{{error}}' +eventTypes.IDENTITY_PROVIDER_RETRIEVE_TOKEN_ERROR.description=身份供应者检索令牌错误 +usernameLdapAttribute=用户名 LDAP 属性 +updateResourceSuccess=资源更新成功 +displayNameHelp=身份供应商的友好名称。 +idpAccountEmailVerification=IdP 账户邮箱验证 +template=模板 +deleteExecutionSuccess=执行器成功删除 +exportAuthDetailsS​​uccess=成功导出授权详情。 +deleteConfirmTitle_other=是否删除群组? +profilesConfigTypes.jsonEditor=JSON 编辑器 +testingConnection=测试连接 +noUsersFoundError=由于{{error}},找不到用户 +clientUpdaterSourceGroups=群组 +executorDetails=执行器详情 +maxDeltaTimeSeconds=失败复位时间 +backchannelLogoutHelp=外部 IDP 是否支持后台注销? +eventTypes.REMOVE_FEDERATED_IDENTITY_ERROR.description=删除联合身份错误 +usermodel.realmRoleMapping.rolePrefix.tooltip=每个领域角色的前缀(非必需)。 +exportSamlKeyTitle=导出 SAML 密钥 +eventTypes.OAUTH2_DEVICE_VERIFY_USER_CODE_ERROR.description=Oauth2设备验证用户代码错误 +eventTypes.EXECUTE_ACTIONS_ERROR.description=执行动作错误 +SKIP=跳过 +eventTypes.INTROSPECT_TOKEN.description=令牌内部检查 +infoEnabledFeatures=显示已启用的预览和实验功能。 +displayOrderHelp=数字定义供应商在 GUI 中的顺序(例如,在登录页面上)。最小的数字将首先被应用。 +deleteCredentialsConfirm=是否要删除该用户凭据? +requiredClientScope=请至少添加一个客户端范围。 +keysIntro=如果 "Use JWKS URL switch" 被打开,您需要填写一个有效的 JWKS URL。保存后,管理员可以从 JWKS URL 下载密钥,或者密钥将在看到这些东西时由 Keycloak 服务器自动下载匿名的 KID 签名 +logoutServiceArtifactBindingUrl=注销服务 ARTIFACT 绑定 URL +searchForProvider=搜索供应商 +ldapSearchingAndUpdatingSettingsDescription=此部分包含与在 LDAP 服务器中搜索可用用户相关的选项。 +sessionsType.regularSSO=常规 SSO +allowed-client-scopes.tooltip=客户端作用域白名单,可用于新注册的客户端。尝试向未被列入白名单的客户端范围注册客户端将被拒绝。默认情况下,白名单要么为空,要么只包含域默认客户端作用域(基于“允许默认作用域”配置属性)。 +maxDeltaTimeSecondsHelp=失败次数的统计数量何时重置? +executorsHelpItem=执行器帮助项目 +contentSecurityPolicy=内容安全策略 +client-uris-must-match.tooltip=如果开启,所有客户端uri(重定向uri和其他)都是允许的,只要它们匹配了某个受信任的主机或域。 +off=关 +frontchannelLogoutHelp=当为 true 时,注销需要浏览器重定向到客户端。当为 false 时,服务器执行后台调用以注销。 +updateSuccess=供应商更新成功 +hide=隐藏 +isMandatoryInLdapHelp=如果为真,属性在 LDAP 中是强制性的。因此,如果 Keycloak DB 中没有值,则传播到LDAP的值将被设置为空值。 +client-accesstype.label=客户端访问类型 +eventTypes.IDENTITY_PROVIDER_POST_LOGIN_ERROR.description=身份供应者非首次登录错误 +skipCustomizationAndFinish=跳过自定义并完成 +mappingDeletedSuccess=映射删除成功 +addIdentityProvider=添加 {{provider}} 供应商 +flowDescriptionHelp=新流程描述的帮助文本 +kc.time.date_time=日期/时间 (月/天/年 时\:分\:秒) +principalType=主体类型 +ignoreMissingGroupsHelp=忽略群组层次结构中缺失的群组。 +updatedCredentialMoveSuccess=用户凭据设置已保存 +deleteExecutorProfileConfirmTitle=删除执行器? +auth=授权 +accessTokenLifespanImplicitFlow=隐式流程的访问令牌寿命 +createAttributeSuccess=成功!用户资料的配置已保存。 +annotations=注释 +confirmAccessTokenBody=如果您重新生成注册访问令牌,将更新有关客户端注册服务的访问数据。 +remainingCount=剩余数量 +eventTypes.INVALID_SIGNATURE.description=无效签名 +download=下载 +authScopes=授权范围 +requiredWhen=何时为必填项 +updatePasswordPolicyError=无法更新密码策略:'{{error}}' +max-clients.tooltip=如果领域中现有客户端的数量等于或大于配置数量的限制,将不允许注册新客户端。 +uuidLdapAttributeHelp=LDAP 属性的名称,用作 LDAP 中对象的唯一对象标识符 (UUID)。对于许多 LDAP 服务器供应商,它是 'entryUUID';但有些是不同的。例如,对于 Active directory它应该是“objectGUID”。如果您的 LDAP 服务器不支持 UUID 的概念,您可以使用任何其他应该在树中的 LDAP 用户中唯一的属性。例如“uid”或“entryDN”。 +mappingDetails=映射详情 +top-level-flow-type.client-flow=客户端流程 +eventTypes.GRANT_CONSENT_ERROR.description=授权许可错误 +claim=声明 +hardcodedAttribute=当用户从供应商导入时,将一个值硬编码到特定的用户属性。 +permissionSaveError=由于{{error}}无法更新权限 +optimizeLookupHelp=当在 REDIRECT 绑定中为由 Keycloak 适配器保护的 SP 签署 SAML 文档时,签名密钥的 ID 是否应该包含在 元素中的 SAML 协议消息中?这优化了作为验证方的签名验证使用单个密钥而不是尝试每个已知密钥进行验证。 +deleteClientScope_one=删除客户端作用域{{name}} +accessTokenError=无法重新生成访问令牌,因为:{{error}} +joinGroups=加入群组 +scopePermissions.clients.configure-description=减少了管理员的管理权限。无法设置作用域、模板或协议映射器。 +providedBy=提供方 +ms=毫秒 +ipAddress=IP 地址 +keyID=KEY_ID +spi=SPI +emptyValidators=没有验证器。 +plus=加 +browserFlow=浏览器流程 +anyScope=任何范围 +enableDisable=禁用的客户端无法启动登录或获得访问令牌。 +noUsersFound=未找到用户 +serverInfo=服务器信息 +chooseAPolicyTypeInstructions=从下面的列表中选择一个策略类型,然后您可以配置一个新的授权策略。这有一些类型和描述。 +emailThemeHelp=为服务器发送的电子邮件选择主题。 +principalTypeHelp=从断言中识别和跟踪外部用户的方法。默认使用 Subject NameID,或者您可以设置识别属性。 +Wednesday=星期三 +consents=许可 +authDetails=授权详情 +mappingDeletedError=无法删除映射\: {{error}} +minimumQuickLoginWaitSecondsHelp=快速登录失败后等待多长时间。 +mappedGroupAttributesHelp=以英文逗号分隔的属性名称列表。这指向 LDAP 中组的属性列表,它将在 Keycloak 中映射为群组的属性。如果不需要额外的组属性映射,请在Keycloak留空。 +deleteGrantsSuccess=授权已成功撤销。 +mapperTypeGroupLdapMapper=group-ldap-mapper +policyEnforcementModes.DISABLED=禁用 +openIdConnectCompatibilityModes=开放 ID 连接兼容模式 +no=否 +code=代码 +nameHelp=新流程命名的帮助文本 +keys=密钥 +defaultSigAlg=默认签名算法 +signatureKeyName=SAML 签名密钥名称 +notBeforeTooltip=管理员 URL 应该首先在设置选项卡中设置。 +resourcesToImport=要导入的资源 +selectRole.label=选择角色 +isBinaryAttributeHelp=二进制 LDAP 属性应为真。 +whoWillAppearPopoverFooterText=无法在此选项卡上添加将此角色作为有效角色的用户。 +eventTypes.RESTART_AUTHENTICATION_ERROR.name=重启认证错误 +generatedUserInfoIsDisabled=未选择用户时禁用生成的用户信息 +nameHelpHelp=映射器名称 +prompts.consent=许可 +flowNameHelp=新流程命名的帮助文本 +webAuthnPolicyRpEntityName=依赖方的名称 +lastEvaluation=上次评估 +createClientConditionError=创建条件时出错:{{error}} +serverPrincipalHelp=HTTP 服务的服务器主体全名,包括服务器和域名。例如,HTTP/host.foo.org@FOO.ORG +enableStartTlsHelp=使用 STARTTLS 加密与 LDAP 的连接,这将禁用连接池 +resourceScopeSuccess=权限范围删除成功 +userIdHelperText=请输入此身份提供程序的用户的唯一ID。 +forwardParametersHelp=非 OpenID Connect/OAuth 标准查询参数,从初始应用请求到授权端点转发到外部 IDP。可以输入多个参数,以英文逗号 (,) 分隔。 +on=开 +changeAuthenticatorConfirmTitle=更改为 {{clientAuthenticatorType}}? +eventTypes.OAUTH2_DEVICE_AUTH.name=Oauth2设备认证 +admin-events-cleared=管理员事件已清除 +or=或 +deleteDialogTitle=删除属性组? +eventTypes.CLIENT_INITIATED_ACCOUNT_LINKING.description=客户端发起的账号关联 +annotationsText=注释 +密码策略.specialChars=密码字符串中需要的特殊字符的个数。 +ldapAttributeName=LDAP 属性名称 +acceptsPromptNone=接受来自客户端的提示,相当于无转发。 +loginThemeHelp=为登录、OTP、授予、注册和忘记密码页面选择主题。 +AESKeySizeHelp=生成的 AES 密钥的大小(以字节为单位)。16 用于 AES-128, 24 用于 AES-192,32 用于 AES-256。请注意,某些 JDK 实现不允许大于 128 的密钥。 +client-accesstype.tooltip=将会应用该条件的客户端的访问类型。 +oneTimePassword=一次性密码 +invalidateRotatedError=无法删除轮换使用的密码:{{error}} +excludeSessionStateFromAuthenticationResponseHelp=如果启用,参数 'session_state' 将不会包含在 OpenID Connect 身份验证响应中。如果您的客户端使用不支持 'session_state' 参数的旧 OIDC / OAuth2 适配器,这将很有用。 +useRefreshTokenForClientCredentialsGrantHelp=如果启用,如果使用 client_credentials 授权,将创建一个 refresh_token 并将其添加到令牌响应中。OAuth 2.0 RFC6749 第 4.4.3 节指出,在使用 client_credentials 授权时不应生成 refresh_token。如果关闭则不会生成 refresh_token 并且相关的用户会话将被删除。 +userManagedAccess=用户自主访问 +initialAccessToken=初始访问令牌 +rowEditBtnAriaLabel=编辑 {{messageBundle}} +evictionDay=清除的日期 +vendorHelp=LDAP 供应商(供应商) +applyToResourceType=应用于资源类型 +addDefaultGroups=添加默认群组 +selectRole.tooltip=在左侧的文本框中输入角色,或单击此按钮浏览并选择所需的角色。 +filterGroups=筛选群组 +validPostLogoutRedirectUri=有效的注销后重定向 URI +authnContextClassRefs=验证上下文类参考 +deleteCredentialsSuccess=已成功删除凭据。 +eventTypes.PERMISSION_TOKEN_ERROR.name=权限令牌错误 +userProfileSuccess=用户资料设置成功更新。 +attributeDefaultValueHelp=如果 Keycloak 数据库中没有值并且属性在 LDAP 中是强制性的,则该值将传播到 LDAP。 +cibaPolicy=CIBA策略 +Saturday=星期六 +importSkipped_other=跳过 {{count}} 条记录。 +membershipAttributeTypeHelp=DN 表示 LDAP 组以其完整 DN 的形式声明其成员。例如'member\: uid\=john,ou\=users,dc\=example,dc\=com'。UID 表示 LDAP 组具有它的成员以纯用户 uid 的形式声明。例如 'memberUid\: john'。 +emptyResourcesInstructions=如果您想创建资源,请点击下面的按钮。 +save-user-events=如果启用,用户事件将保存到数据库中,从而使事件可用于管理员和帐户的管理页面中。 +otpSupportedApplications.totpAppFreeOTPName=FreeOTP +validPostLogoutRedirectURIs=浏览器在成功注销后可以重定向到的有效 URI 模式。'+' 值或空字段将使用有效重定向 URI 列表。'-' 值将不允许任何注销后重定向uris。允许使用简单的通配符,例如“http\://example.com/*”。也可以指定相对路径,例如/my/relative/path/*。相对路径是相对于客户端根 URL 的,或者如果没有指定使用身份验证服务器根 URL。 +google.userIp=使用 userIp 参数 +composite=复合 +recommendedSsoTimeout=建议此值小于 SSO 会话空闲时间:{{time}} +sessionExplain=会话是指此领域中用户及其在会话中访问的客户端的会话。 +noSearchResults=没有搜索结果 +eventTypes.AUTHREQID_TO_TOKEN.description=认证令牌 +recent=最近 +executeActions=执行操作 +policyProvider.aggregate=重用现有策略来构建更复杂的策略,并使您的权限与授权请求处理期间评估的策略更加分离。 +advancedAttributeToRole=如果属性集存在并且可以匹配,则授予用户指定的领域或客户端角色。 +userEventsSettings=用户事件设置 +RSA=RSA +deny=拒绝 +moveGroupSuccess=群组已迁移 +eventTypes.USER_INFO_REQUEST.description=用户信息请求 +userDeletedError=无法删除用户\: {{error}} +edit=编辑 +authorizationScopeDetails=授权范围详情 +ldapGroupsDnHelp=保存此树的群组的 LDAP DN。例如 'ou\=groups,dc\=example,dc\=org' +readOnly=只读 +client-updater-trusted-hosts.tooltip=受信任的主机列表。如果客户端注册/更新请求来自此配置中指定的主机/域,则条件计算为“真”。您可以使用主机名或IP地址。如果您在开头使用*(例如'*.example.com'),那么整个域名example.com将被信任。 +resultDeny=结果拒绝 +kc.client.network.host=客户端主机 +noResourceCreateHint=没有资源您不能创建基于资源的权限 +directMembership=直接群组成员资格 +addExecutionTitle=添加执行器 +associatedRolesText=关联的角色 +clientIdHelp=向身份供应商注册的客户端标识符。 +eventTypes.INVALID_SIGNATURE_ERROR.name=无效签名错误 +clientSecretSuccess=重新生成客户端密码 +permissionDecisionStrategy=决策策略规定了如何评估与给定权限相关的策略以及如何获得最终决策。'肯定'意味着至少有一个策略必须评估为肯定决策才能做出最终决策也是肯定的。“一致”意味着所有政策都必须评估为肯定的决定,以便最终决定也是肯定的。“共识”意味着肯定决定的数量必须大于否定决定的数量。如果肯定和否定的数量相同,则最终决定是否定的。 +oAuthDeviceCodeLifespan=OAuth 2.0 设备代码寿命 +ldapConnectionAndAuthorizationSettingsDescription=此部分包含与 LDAP 服务器连接配置相关的选项。它还包含与 LDAP 服务器的 LDAP 连接身份验证相关的选项。 +clientSaveSuccess=客户端更新成功 +ecdsaGenerated=ecdsca-generated +flow-type.basic-flow=通用型 +oAuthDevicePollingInterval=OAuth 2.0 设备轮询间隔 +deletedSuccessRealmSetting=属性组已删除。 +webauthnPasswordlessPolicy=Webauthn 无密码策略 +editUserLabel=编辑用户标签按钮 +conditions=条件 +addUri=添加 URI +minus=减 +groupsHelp=群组是用户具有群组成员资格的群组。要离开群组,请选择该群组并单击“离开”。 +includeGroupsAndRoles=包含群组和角色 +groupsPermissionsHint=确定是否为管理此角色启用细粒度权限。禁用将删除当前已设置的所有权限。 +searchForMessageBundle=搜索消息包 +offlineSessionMaxHelp=无论活动如何,离线会话过期前的最长时间。 +resourceSaveError=由于{{error}}无法保留资源 +clientsClientScopesHelp=与此资源关联的范围。 +updateCredentialUserLabelError=更改用户标签时出错\: {{error}} +enableHelpMode=开启帮助模式 +clientPoliciesTab=客户端策略标签 +ldapGroupsDn=LDAP 群组的DN +ldapFullNameAttributeHelp=LDAP 属性的名称,包含用户的全名。通常为'cn'。 +clientRegisterPolicyDeleteConfirm=您确定要永久删除客户端注册策略{{name}} +jsonEditor=JSON 编辑器 +chooseBindingType=选择绑定的类型 +mappingCreatedError=无法创建映射\: {{error}} +deleteClientPolicyProfileConfirmTitle=删除配置文件? +envelopeFromHelp=用于退回的电子邮件地址(非必需)。 +policyDeletedError=无法删除资源 {{error}} +key=键 +email=电子邮件 +groupDeleted_other=已删除群组 +acrToLoAMappingHelp=定义哪个 ACR(身份验证上下文类参考)值映射到哪个 LoA(身份验证级别)。ACR 可以是任何值,而 LoA 必须是数字。 +uploadFile=上传 JSON 文件 +loginActionTimeoutHelp=用户必须完成登录相关操作(如更新密码或配置 totp)的最长时间。建议相对较长,例如 5 分钟或更长时间 +identityProviders=身份供应商 +importUsers=导入用户 +authenticationFlow=认证流程 +leaveGroup_other=离开群组? +deleteClientPolicySuccess=客户端策略已删除 +mapperTypeCertificateLdapMapper=certificate-ldap-mapper +clientAuthentications.client_secret_basic=作为基本身份验证发送的客户端机密 +started=开始 +mapperTypeCertificateLdapMapperHelp=用于将包含来自 LDAP 用户的证书的单个属性映射到 Keycloak DB 中 UserModel 的属性 +userManagedAccessHelp=如果启用,用户可以使用账户管理 UI 管理他们的资源和权限。 +confirm=确认 +policyType.totp=基于时间 +addAttribute=添加属性 +clientScopeSearch.protocol=协议 +initialAccessTokenDetails=初始访问令牌详细信息 +noMessageBundles=没有消息包 +deleteProvider=删除供应商? +createAttributeSubTitle=创建新属性 +eventTypes.CODE_TO_TOKEN_ERROR.name=用于交换令牌的代码错误 +emptyAuthorizationInstructions=如果要创建授权范围,请点击下方按钮创建授权范围 +subjectHelp=用于验证客户端证书中的主题 DN 的正则表达式。使用 "(.*?)(?\:$)" 匹配所有类型的表达式。 +updatePolicySuccess=成功更新策略 +eventTypes.CUSTOM_REQUIRED_ACTION.name=自定义所需操作 +updateExecutorError=执行器未更新 +clientIdHelpHelp=LDAP 角色映射将映射到的客户端的客户端ID。仅当'使用领域角色映射'为假时适用。 +createdAt=创建时间 +moveGroupEmpty=无子级群组 +rolesHelp=选择要与所选用户关联的角色。 +samlEntityDescriptor=SAML 实体描述符 +passwordPolicyHintsEnabled=已启用密码策略提示 +enableLdapv3PasswordHelp=使用 LDAPv3 密码修改扩展操作 (RFC-3062)。密码修改扩展操作通常要求 LDAP 用户已经在 LDAP 服务器中拥有密码。因此当它与“同步注册”一起使用时,它可以是还可以添加带有随机生成的初始密码的“硬编码 LDAP 属性映射器”。 +syncMode=同步模式 +details=详细 +privateRSAKeyHelp=以 PEM 格式编码的私有 RSA 密钥 +onDragStart=开始拖动{{item}} +pushedAuthorizationRequestRequired=需要推送授权请求 +requirements.REQUIRED=必需 +generate=生成 +clientOfflineSessionMaxHelp=离线令牌对客户端无效之前的最长时间。该选项仅影响令牌时间而不影响全局 SSO 会话。如果未设置,它将使用标准 SSO 会话最大值。 +resetPasswordBtn=重置密码 +strictTransportSecurity=HTTP 严格传输安全 (HSTS) +editInfo=编辑信息 +offlineSessionMaxLimited=离线会话最长时间的限制 +providerCreateSuccess=新客户端策略创建成功 +disableSigning=禁用"{{key}}" +periodicChangedUsersSync=定期更改用户同步 +searchScope=搜索范围 +dateFrom=日期(开始时间) +importAdded_one=添加了一条记录。 +clientAccessType=它使用客户端的访问类型(机密、公共、仅承载)来确定是否应用策略。在大多数 OpenID Connect 请求(授权请求、令牌请求、内省端点请求等)期间检查条件。 ) +firstName=名 +emptySecondaryAction=配置新映射 +defaultGroupAdded_one=新群组已被添加到默认群组 +unexpectedError=发生意外错误\: {{error}} +removeAllAssociatedRolesConfirmDialog=此操作将移除{{name}}的关联角色。拥有{{name}}权限的用户将不再有权访问这些角色。 +noRolesInstructions=您尚未为此用户分配任何角色。分配角色以开始。 +authorizationEncryptedResponseEncHelp=当响应模式为 jwt 时,JWA 加密授权响应时用于内容加密的算法。如果您想要加密授权响应,则需要此选项。如果留空,则授权响应只是签名,但不加密。 +permissionName=权限的名称。 +postBrokerLoginFlowAliasHelp=身份验证流程的别名,在每次使用此身份供应商登录后触发。如果您希望对使用此身份供应商(例如 OTP)进行身份验证的每个用户进行额外验证,则很有用。将此设置为“无”,如果使用此身份供应商登录后,您不需要触发任何其他身份验证器。另请注意,身份验证器实现必须假定用户已在用户会话中设置,因为身份供应商已对其进行设置。 +preview=预览 +eventTypes.UNREGISTER_NODE_ERROR.name=注销节点错误 +clientRegisterPolicyDeleteConfirmTitle=删除客户端注册策略? +groupDetails=群组详细信息 +sessionsType.allSessions=所有会话类型 +kid=KID +sessionsType.serviceAccount=服务帐号 +allowKerberosAuthenticationHelp=使用 SPNEGO/Kerberos 令牌启用/禁用用户的 HTTP 身份验证。有关经过身份验证的用户的数据将从该 LDAP 服务器提供。 +oauthDeviceAuthorizationGrantHelp=这启用了对 OAuth 2.0 设备授权授予的支持,这意味着客户端是输入功能有限或缺少合适浏览器的设备上的应用程序。 +clientSignatureHelp=客户端会签署他们的 saml 请求和响应吗?他们应该被验证吗? +importOverwritten_other={{count}} 条记录被覆写。 +requirements.CONDITIONAL=基于一定条件 +leaveGroupConfirmDialog_one=是否要从群组{{groupname}}中移除{{username}}? +kc.client.user_agent=客户端/用户 代理 +frontendUrl=前端网址 +permissionDeletedSuccess=成功删除权限 +clientScopeRemoveSuccess=范围映射成功移除 +addClientScopes=添加客户端范围 +deletePolicyConfirm=如果删除此策略,某些权限或聚合策略将受到影响。 +userCreateError=无法创建用户\: {{error}} +user-events-cleared=用户事件已清除 +resetPasswordConfirm=重置密码? +emailAsUsernameHelpText=允许用户将电子邮件设置为用户名。 +AESKeySize=AES 密钥大小 +fullName={{familyName}}{{givenName}} +deleteConfirm=您确定要永久删除供应商'{{provider}}'吗? +compositesRemovedAlertDescription=已移除所有关联角色 +aliasHelp=别名唯一标识身份供应商,它也用于构建重定向 uri。 +selectRealm=选择领域 +供应商\ ID=ID +roleNameLdapAttribute=角色名称的 LDAP 属性 +javaKeystore=java-keystore +updatedUserProfileSuccess=用户资料的配置已保存 +deleteProviderMapper=删除映射器? +clientsPermissionsHint=细粒度权限,用于管理员管理此客户端或应用此客户端定义的角色。 +usersLeft_one={{count}}用户离开了群组 +saveError=由于:{{error}},无法保存用户联盟供应商 +bruteForceDetection=暴力破解检测 +loginTimeoutHelp=用户完成一次登录的最长时间。建议这个时间比较长,比如30分钟或者更长 +eventTypes.OAUTH2_DEVICE_CODE_TO_TOKEN.name=Oauth2设备用于交换令牌的代码 +searchGroups=搜索群组 +trusted-hosts.tooltip=受信任的主机列表,允许调用客户端注册服务和/或用作客户端uri的值。您可以使用主机名或IP地址。如果您在开头使用*(例如'*.example.com'),那么整个域名example.com将被信任。 +deleteClientProfile=删除此客户端配置文件 +none=无 +type=类型 +createNewUser=创建新用户 +emptyClientProfiles=没有配置文件 +internationalization=国际化 +seconds=秒 +memberofLdapAttributeHelp=仅在“用户角色检索策略”为 GET_GROUPS_FROM_USER_MEMBEROF_ATTRIBUTE 时使用。它指定 LDAP 用户的 LDAP 属性名称,其中包含用户所属的组。通常它将是默认的“memberOf” ', +clientRegisterPolicyDeleteSuccess=客户端注册策略删除成功 +otpPolicyDigits=位数 +apiUrl=API 网址 +keysFilter.ACTIVE=活跃的秘钥 +rsaGenerated=rsa-generated +client-roles-condition.tooltip=客户端角色,将在此条件评估期间检查。如果客户端至少有一个客户端角色,其名称与配置中指定的客户端角色相同,则条件求值为“真”。 +impersonateError=无法模拟用户:{{error}} +keyLabel=键 +syncChangedUsers=同步更改的用户 +stackoverflow.key=密钥 +eventTypes.IDENTITY_PROVIDER_RESPONSE_ERROR.name=身份供应者响应错误 +orderDialogIntro=供应商在登录页面或帐户 UI 中的排列顺序。您可以拖动行句柄来更改顺序。 +clientSessionIdle=客户端会话空闲时间 +push=推送 +targetClaimHelp=指定策略将获取的目标声明。 +periodicFullSyncHelp=是否应启用 LDAP 用户与 Keycloak 的定期完全同步 +scopePermissions.users.user-impersonated-description=决定可以模拟哪些用户的策略。这些策略将应用于被模拟的用户。 +forceNameIdFormat=强制名称 ID 格式 +noMappersInstructions=目前没有此身份供应商的映射器。 +deleteConfirmFlow=删除流程? +addRole=添加角色 +FAIL=导入失败 +userInfoSignedResponseAlgorithmHelp=用于签名用户信息端点响应的 JWA 算法。如果设置为'未签名',则用户信息响应将不会被签名并将以 application/json 格式返回。 +lastName=姓 +google.offlineAccess=请求刷新令牌 +deleteConfirmDialog_one=是否要永久删除{{count}}用户 +eventTypes.AUTHREQID_TO_TOKEN.name=认证令牌 +createError=无法创建身份供应商:{{error}} +eventTypes.AUTHREQID_TO_TOKEN_ERROR.name=认证令牌错误 +deletePermissionConfirm=您确定要删除权限 {{permission}} +artifactResolutionServiceHelp=客户端的 SAML 工件解析服务。这是 Keycloak 将向其发送 SOAP ArtifactResolve 消息的端点。如果您没有此绑定的 URL,则可以将其留空。 +clientUpdaterTrustedHosts=可信主机 +deleteSuccess=属性组已删除。 +attributesDropdown=属性下拉框 +mapperName=映射名称 +ssoServiceUrlHelp=必须用于发送身份验证请求 (SAML验证请求) 的 Url。 +copy=复制 +credentialData=数据 +clientRolesConditionTooltip=客户端角色,将在此条件评估期间检查。如果客户端至少有一个客户端角色名称与配置中指定的客户端角色相同,则条件评估为真。 +invalidateSecret=无效 +emptyPermissionInstructions=如果要创建权限,请点击下方按钮创建基于资源或基于范围的权限。 +webAuthnPolicyAvoidSameAuthenticatorRegisterHelp=避免注册已经被注册过的验证器。 +memberofLdapAttribute=LDAP 成员属性 +supportedLocales=支持的语言环境 +showPasswordDataValue=值 +webAuthnPolicyAttestationConveyancePreference=证明传输偏好 +copyOf={{name}} 的副本 +eventTypes.REMOVE_TOTP.description=删除TOTP +evictionMinute=清除的时间(分钟) +requiredClient=请至少添加一个客户端。 +help=帮助 +passSubject=传递主题 +deleteFlowSuccess=流程成功删除 +nodeReRegistrationTimeoutHelp=指定注册客户端集群节点重新注册的最大时间间隔。如果集群节点在这段时间内不向 Keycloak 发送重新注册请求,它将从 Keycloak 中注销 +rename=重命名 +httpPostBindingLogoutHelp=指示是否使用 HTTP-POST 绑定响应请求。如果为否,将使用 HTTP-REDIRECT 绑定。 +policyProvider.client=定义允许一组一个或多个客户端访问对象的权限条件。 +clientAuthentication=客户端认证 +validatePasswordPolicy=验证密码策略 +registrationEmailAsUsername=以电子邮件作为用户名 +webAuthnPolicyFormHelp=WebAuthn 身份验证策略。'WebAuthn Register' 所需操作和'WebAuthn Authenticator' 身份验证器将使用此策略。典型用法是,当 WebAuthn 用于双因素身份验证时。 +createResource=创建资源 +data=数据 +createNewMapper=创建映射 +mapperTypeMsadUserAccountControlManager=msad-user-account-control-mapper +deleteNodeFail=无法删除节点。因为'{{error}}' +syncModeOverrideHelp=覆盖此映射器的 IDP 的默认同步模式。值是:'引用' 以保持引入此选项之前的行为,'导入' 仅在用户首次登录时导入用户一次身份供应商,“强制”在每次使用此身份供应商登录期间始终更新用户,并“继承”使用身份供应商中为此映射器定义的同步模式。 +eventTypes.TOKEN_EXCHANGE_ERROR.description=令牌交换错误 +strictTransportSecurityHelp=Strict-Transport-Security HTTP 标头告诉浏览器始终使用 HTTPS。一旦浏览器看到此标头,它只会在指定的时间(1 年)内通过 HTTPS 访问站点,包括子域。<1>了解更多 +client-authenticator-type=客户端身份验证,将根据 Keycloak 服务器验证此客户端 +authenticationExplain=身份验证是您可以配置和管理不同凭证类型的区域。 +clientAssertionSigningAlgHelp=签名算法创建JWT断言作为客户端身份验证。需要使用私钥或客户端秘密作为JWT签名的JWT。如果没有指定算法,则适配以下算法。在RS256中适配RS256使用私钥签名的 JWT 的情况。HS256 适用于客户端机密作为 jwt 的情况。 +addProvider_other=添加 {{provider}} 身份供应商 +cibaExpiresIn=过期时间 +updateMessageBundleError=更新消息包时出错。 +resetPasswordConfirmText=是否要重置用户{{username}}的密码? +create=创建 +noAvailableIdentityProviders=没有可用的身份供应商。 +passSubjectHelp=在登录阶段,将可选的 login_hint 查询参数转发给 SAML 验证请求的主题。 +notBeforeSetToNow=不在为客户端设置之前 +resource=资源 +emptyConditions=没有配置条件 +linkedin.profileProjection=开放用户资料 +profiles=配置文件 +userSession.modelNote.tooltip=在UserSessionModel.note映射中存储的用户会话注释的名称。 +filterByRoles=按领域角色筛选 +maxLifespan=最大寿命 +host-sending-registration-request-must-match.label=主机发送客户端注册请求必须匹配 +eventTypes.VERIFY_PROFILE_ERROR.description=验证配置文件错误 +webOriginsHelp=允许的 CORS 来源。要允许有效重定向 URI 的所有来源,请添加 '+'。不过这不包括 '*' 通配符。要允许所有来源,请明确添加 '*'。 +noSessionsForClient=此客户端当前没有活动会话。 +profilesConfigType=配置方式: +enableHelp=帮助已启用 +xRobotsTagHelp=防止页面出现在搜索引擎中<1>了解更多 +client-updater-source-roles.label=更新实体角色 +clientRegisterPolicyDeleteError=无法删除客户端注册策略:'{{error}}' +resourceFile=资源文件 +admin-clearEvents=清除数据库中的所有管理事件。 +hardcodedRole=当用户从供应商导入时,为它硬编码一个角色映射。 +keysFilter.DISABLED=禁用的秘钥 +link=关联 +defaultGroupAddedError=将群组添加到默认群组时出错 {error}。 +eventTypes.INVALID_SIGNATURE_ERROR.description=无效签名错误 +idpUnlinkSuccess=身份供应商关联已删除 +providerType=供应商类型 +clientSessionIdleHelp=允许客户端会话在到期前空闲的时间。当客户端会话到期时,令牌将失效。如果未设置,它将使用标准的 SSO 会话空闲值。 +密码策略.passwordBlacklist=防止使用黑名单文件中的密码。 +scopesSelect=指定此权限必须应用于一个或多个范围。 +selectMethodType.generate=生成 +emailInvalid=请输入有效的电子邮件。 +chooseAPolicyProvider=选择策略供应商 +clientAuthenticationHelp=客户端身份验证方法(参见 https\://openid.net/specs/openid-connect-core-1_0.html\#ClientAuthentication)。如果 JWT 使用私钥签名,则使用领域私钥。 +kerberosRealmHelp=kerberos 领域的名称。例如,FOO.ORG +roleCreateError=无法创建角色\: {{error}} +clientSecretHelp=向身份供应商注册的客户端密码。该字段可以从保险库中获取其值,使用 ${vault.ID} 格式。 +offlineSessionMax=离线会话最长时间 +generatedUserInfoHelp=参见示例用户信息,它将由用户信息端点提供 +webAuthnPolicyExtraOriginsHelp=额外的 Origin 列表,用于非网络应用程序。 +updatePermissionSuccess=成功更新权限 +idpLinkSuccess=身份供应商已关联 +removeAnnotationText=删除注释 +verifyEmailHelpText=要求用户在首次登录后或提交地址更改后验证其电子邮件地址。 +flow.clients=客户端认证流程 +eventTypes.IDENTITY_PROVIDER_FIRST_LOGIN_ERROR.description=身份供应商首次登录错误 +groups=群组管理 +emptyStateText=此领域中没有任何领域角色。创建领域角色以开始。 +includeSubGroups=包含子组用户 +permanentLockoutHelp=当用户超过最大登录失败次数时,将永久锁定用户。 +logicType.positive=肯定 +associatedPolicy=关联政策 +accountTheme=账户页面主题 +webAuthnPolicyAvoidSameAuthenticatorRegister=避免相同的身份验证器注册 +emptyExecutors=没有配置执行器 +notBeforeNowClear=之前未为客户端清除 +selectARole=选择一个角色 +titleAuthentication=身份验证 +category=目录 +startBySearchingAUser=从搜索用户开始 +times.days=天 diff --git a/js/apps/admin-ui/public/locales/ca/translation.json b/js/apps/admin-ui/public/locales/ca/translation.json deleted file mode 100644 index 7951138d7e..0000000000 --- a/js/apps/admin-ui/public/locales/ca/translation.json +++ /dev/null @@ -1,315 +0,0 @@ -{ - "create": "Crea", - "save": "Desar", - "key": "Clau", - "export": "Exporta", - "download": "Descarrega", - "clear": "Neteja", - "on": "Activat", - "edit": "Edita", - "enabled": "Habilitat", - "none": "cap", - "description": "Descripció", - "type": "Tipus", - "category": "Categoria", - "clients": "Clients", - "realmRoles": "Rols de domini", - "sessions": "Sessions", - "mappers": "Assignadors", - "identityProviders": "Proveïdors d''identitat", - "settings": "Ajustos", - "times": { - "seconds": "Segons", - "minutes": "Minuts", - "hours": "Hores", - "days": "Dies" - }, - "credentials": "Credencials", - "clientId": "ID Client", - "clientName": "Nom", - "id": "ID", - "mapperType": "Tipus d''assignador", - "password": "Contrasenya", - "protocol": "Protocol", - "importClient": "Importar Client", - "webOrigins": "Orígens web", - "adminURL": "URL d''administració", - "formatOption": "Format", - "encryptAssertions": "Xifrar afirmacions", - "clientSignature": "Signatura de Client requerida", - "roles": "Rols", - "fullScopeAllowed": "Permet tots els àmbits", - "kc": { - "realm": { - "name": "Domini" - } - }, - "user": "Usuari", - "clientList": "Clients", - "frontchannelLogout": "Desconnexió en primer pla (Front Channel)", - "rootUrl": "URL arrel", - "validRedirectUri": "URIs de redirecció vàlides", - "idpInitiatedSsoRelayState": "Estat de retransmissió d''un SSO iniciat per l''IDP", - "masterSamlProcessingUrl": "URL principal de processament SAML", - "nameIdFormat": "Format de NameID", - "forceNameIdFormat": "Forçar format NameID", - "forcePostBinding": "Forçar enllaços POST", - "includeAuthnStatement": "Incloure AuthnStatement", - "signDocuments": "Signar documents", - "signAssertions": "Signar assercions", - "canonicalization": "Mètode de canonicalització", - "loginTheme": "Tema d''inici de sessió", - "clientAuthenticator": "Client autenticador", - "clientSecret": "Secret de Client", - "revocation": "Revocació", - "clustering": "Clustering", - "notBefore": "No abans de", - "setToNow": "Fixar a ara", - "addNode": "Afegir Node", - "push": "Push", - "nodeReRegistrationTimeout": "Temps d''espera de re-registre de node", - "registeredClusterNodes": "Registrar nodes de clúster", - "nodeHost": "Host del node", - "lastRegistration": "Últim registre", - "testClusterAvailability": "Provar disponibilitat del clúster", - "registerNodeManually": "Registrar node manualment", - "fineGrainSamlEndpointConfig": "Fine Grain SAML Endpoint Configuration", - "assertionConsumerServicePostBindingURL": "Assertion Consumer Service POST Binding URL", - "assertionConsumerServiceRedirectBindingURL": "Assertion Consumer Service Redirect Binding URL", - "logoutServicePostBindingURL": "URL d''enllaç SAML POST per a la desconnexió", - "logoutServiceRedirectBindingURL": "URL d''enllaç SAML de redirecció per a la desconnexió", - "accessTokenLifespan": "Durada del token d''accés", - "certificate": "Certificat", - "generateNewKeys": "Generar noves claus", - "archiveFormat": "Format d''Arxiu", - "keyAlias": "Àlies de clau", - "keyPassword": "Contrasenya de la clau", - "storePassword": "Contrasenya del magatzem", - "importFile": "Arxiu d''Importació", - "clientType": "''OpenID connect'' permet als clients verificar la identitat de l''usuari final basat en l''autenticació realitzada per un servidor d''autorització. ''SAML'' habilita l''autenticació i autorització d''escenaris basats en web incloent cross-domain i single sign-on (SSO) i utilitza tokens de seguretat que contenen afirmacions per passar informació.", - "serviceAccount": "Permetre autenticar aquest client contra Keycloak i rebre un token d''accés dedicat per a aquest client.", - "rootURL": "URL arrel afegida a les URL relatives", - "validRedirectURIs": "Patró d''URI vàlida per a la qual un navegador pot sol·licitar la redirecció després d''un inici o tancament de sessió completat. Es permeten comodins simples p.ex. ''http://example.com/*''. També es poden indicar rutes relatives p.ex. ''/my/relative/path/*''. Les rutes relatives generaran un URI de redirecció fent servir el host i port de la petició. Per SAML, s''han de fixar patrons d''URI vàlids si vols confiar en l''URL del servei del consumidor indicada en la petició d''inici de sessió.", - "nameIdFormatHelp": "El format de NameID que es farà servir per al títol", - "forceNameIdFormatHelp": "Ignorar la petició de subjecte NameID i fer servir la configurada a la consola d''administració.", - "forcePostBindingHelp": "Fer servir sempre POST per a les respostes", - "includeAuthnStatementHelp": "Hauria d''incloure''s una declaració especificant el mètode i la marca de temps en la resposta d''inici de sessió?", - "signDocumentsHelp": "Hauria el domini de signar els documents SAML?", - "signAssertionsHelp": "Haurien de signar-se les assercions en documents SAML? Aquest ajust no és necessari si el document ja s''està signant.", - "signatureAlgorithm": "L''algorisme de signatura usat per signar els documents.", - "canonicalizationHelp": "Mètode de canonicalització per a les signatures XML", - "webOriginsHelp": "Orígens CORS permesos. Per permetre tots els orígens d''URIs de redirecció vàlides afegeix ''+''. Per permetre tots els orígens afegeix ''*''.", - "homeURL": "URL per defecte per utilitzar quan el servidor d''autorització necessita redirigir o enviar de tornada al client.", - "adminURLHelp": "URL a la interfície d''administració del client. Fixa aquest valor si el client suporta l''adaptador de REST. Aquesta API REST permet al servidor d''autenticació enviar al client polítiques de revocació i altres tasques administratives. Normalment es fixa a l''URL base del client.", - "clientIdHelp": "L''identificador del client registrat amb el proveïdor d''identitat.", - "clientNameHelp": "Indica el nom visible del client. Per exemple ''My Client''. També suporta claus per valors localitzats. Per exemple: ${my_client}", - "descriptionHelp": "Indica la descripció del client. Per exemple ''My Client for TimeSheets''. També suporta claus per a valors localitzats. Per exemple: ${my_client_description}", - "loginThemeHelp": "Selecciona el tema per a les pàgines d''inici de sessió, OTP, permisos, registre i recordatori de contrasenya.", - "encryptAssertionsHelp": "Haurien de xifrar-se les afirmacions SAML amb la clau pública del client fent servir AES?", - "clientSignatureHelp": "Signarà el client les seves peticions i respostes SAML? I haurien de ser validades?", - "client-authenticator-type": "Client autenticador usat per autenticar aquest client contra el servidor Keycloak", - "nodeReRegistrationTimeoutHelp": "Indica el màxim interval de temps perquè els nodes del clúster registrats es tornin a registrar. Si el node del clúster no envia una petició de re-registre a Keycloak dins d''aquest interval, serà desregistrat de Keycloak", - "idpInitiatedSsoUrlName": "Nom del fragment de l''URL per referenciar al client quan vols un SSO iniciat per l''IDP. Deixant això buit desactiva els SSO iniciats per l''IDP. L''URL referenciada des del navegador serà: {server-root}/realms/{realm}/protocol/saml/clients/{client-url-name}", - "idpInitiatedSsoRelayStateHelp": "Estat de retransmissió que vols enviar amb una petició SAML quan s''inicia un SSO iniciat per l''IDP", - "masterSamlProcessingUrlHelp": "Si està configurada, aquesta URL es fara servir per a cada enllaç al proveïdor del servei del consumidor d''assercions i serveis de desconnexió únics. Pot ser sobreescrit de forma individual per a cada enllaç i servei en el punt final de configuració fina de SAML.", - "accessTokenLifespanHelp": "Temps màxim abans que un token d''accés expiri. Es recomana que aquest valor sigui curt en relació al temps màxim de SSO", - "assertionConsumerServicePostBindingURLHelp": "SAML POST Binding URL for the client''s assertion consumer service (login responses). You can leave this blank if you do not have a URL for this binding.", - "logoutServicePostBindingURLHelp": "URL d''enllaç SAML POST per a la desconnexió única del client. Pots deixar-ho en blanc si estàs fent servir un enllaç diferent.", - "logoutServiceRedirectBindingURLHelp": "URL d''enllaç SAML de redirecció per a la desconnexió única del client. Pots deixar-ho en blanc si estàs fent servir un enllaç diferent.", - "frontchannelLogoutHelp": "Quan està activat, la desconnexió requereix una redirecció del navegador cap al client. Quan no està activat, el servidor realitza una invovación de desconnexió en segon pla.", - "certificateHelp": "Certificat de client per validar els JWT emesos per aquest client i signats amb la clau privada del client del teu magatzem de claus.", - "archiveFormatHelp": "Format d''arxiu Java keystore o PKCS12", - "keyAliasHelp": "Àlies de l''arxiu de la teva clau privada i certificat.", - "keyPasswordHelp": "Contrasenya per accedir a la clau privada continguda en l''arxiu", - "storePasswordHelp": "Contrasenya per accedir a l''arxiu", - "consentRequired": "Si està habilitat, els usuaris han de consentir l''accés del client.", - "fullScopeAllowedHelp": "Permet deshabilitar totes les restriccions.", - "multiValued": "Indica si l''atribut suporta múltiples valors. Si està habilitat, la llista de tots els valors d''aquest atribut es fixarà com a reclamació. Si està deshabilitat, només el primer valor serà fixat com a reclamació.", - "tokenClaimName": { - "label": "Nom de reclam del token", - "tooltip": "Nom del reclam a inserir en el testimoni. Pot ser un nom complet com ''address.street''. En aquest cas, es crearà un objecte JSON niat." - }, - "claimJsonType": "El tipus de JSON que hauria de fer-se servir per omplir la petició de JSON en el token. long, int, boolean i String són valors vàlids", - "protocolMapper": "Protocol.", - "associatedRolesText": "Rols Associats", - "title": "Sessions", - "addRole": "Afegir rol", - "roleName": "Nom de rol", - "composite": "Compost", - "userName": "Usuari", - "username": "Usuari", - "verifyEmail": "Verificar email", - "credentialType": "Tipus", - "hours": "Hores", - "minutes": "Minuts", - "seconds": "Segons", - "lastAccess": "Últim Accés", - "realm": "Domini", - "general": "General", - "login": "login", - "themes": "Temes", - "from": "Des de", - "host": "Host", - "port": "Port", - "enableSSL": "Habilitar SSL", - "enableStartTLS": "Habilitar StartTLS", - "providerId": "ID", - "provider": "Proveïdor", - "userRegistration": "Registre d''usuari", - "userRegistrationHelpText": "Habilitar/deshabilitar la pàgina de registre. Un enllaç per al registre es mostrarà també a la pàgina d''inici de sessió.", - "rememberMe": "Mantenir connectat", - "rememberMeHelpText": "Mostra la casella de selecció en la pàgina d''inici de sessió per a permetre a l''usuari estar connectat entre reinicis del navegador fins que la sessió expiri.", - "registrationEmailAsUsername": "Email com a nom d''usuari", - "editUsername": "Edita el nom d''usuari", - "requireSsl": "Sol·licitar SSL", - "sslType": { - "all": "totes les peticions", - "external": "peticions externes", - "none": "cap" - }, - "accountTheme": "Tema de compte", - "adminTheme": "Tema de consola d''administració", - "emailTheme": "Tema d''email", - "SSOSessionIdle": "Sessions SSO inactives", - "SSOSessionMax": "Temps màxim sessió SSO", - "offlineSessionIdle": "Inactivitat de sessió sense connexió", - "loginTimeout": "Temps màxim de desconnexió", - "loginActionTimeout": "Temps màxim d''acció en l''inici de sessió", - "revokeRefreshToken": "Revocar el token d''actualització", - "clientLoginTimeout": "Temps màxim d''autenticació", - "clientProfileDescription": "Descripció", - "tokens": "Tokens", - "supportedLocales": "Idiomes suportats", - "defaultLocale": "Idioma per defecte", - "validatorDialogColNames": { - "colName": "Nom de rol" - }, - "securityDefences": "Defenses de seguretat", - "headers": "Capçaleres", - "bruteForceDetection": "Detecció d''atacs per força bruta", - "xFrameOptions": "X-Frame-Options", - "contentSecurityPolicy": "Content-Security-Policy", - "failureFactor": "Nombre màxim d''errors d''inici de sessió", - "waitIncrementSeconds": "Increment d''espera", - "maxFailureWaitSeconds": "Espera màxima", - "maxDeltaTimeSeconds": "Reinici del comptador d''errors", - "minimumQuickLoginWaitSeconds": "Temps mínim entre errors de connexió ràpids", - "requireSslHelp": "És HTTP obligatori? ''cap'' significa que HTTPS no és obligatori per cap direcicón IP de client, ''peticions externes'' indica que localhost i les adreces IP privades poden accedir sense HTTPS, ''totes les peticions'' vol dir que HTTPS és obligatori per a totes les adreces IP.", - "accountThemeHelp": "Selecciona el tema per a les pàgines de gestió del compte d''usuari.", - "adminThemeHelp": "Selecciona el tema per a la consola d''administració.", - "emailThemeHelp": "Selecciona el tema per als correus electrònics que són enviats pel servidor.", - "failureFactorHelp": "Indica quants errors es permeten abans que es dispari una espera.", - "waitIncrementSecondsHelp": "Quan s''ha arribat al llindar d''error, quant de temps ha d''estar un usuari bloquejat?", - "maxFailureWaitSecondsHelp": "Temps màxim que un usuari queda bloquejat.", - "maxDeltaTimeSecondsHelp": "Quan s''ha de reiniciar el comptador d''errors?", - "quickLoginCheckMilliSeconds": "Si ocorren errors de forma concurrent i molt ràpida, bloquejar a l''usuari.", - "minimumQuickLoginWaitSecondsHelp": "Quant de temps s''ha d''esperar després d''un error en un intent ràpid d''identificació", - "ssoSessionIdle": "Temps màxim que una sessió pot estar inactiva abans que expiri. Els tokens i sessions de navegador són invalidades quan la sessió expira.", - "ssoSessionMax": "Temps màxim abans que una sessió expiri. Els tokens i sessions de navegador són invalidats quan una sessió expira.", - "offlineSessionIdleHelp": "Temps màxim inactiu d''una sessió sense connexió abans que expiri. Necessites fer servi un token sense connexió per refrescar almenys una vegada dins d'aquest període, en un altre cas la sessió sense connexió expirarà.", - "revokeRefreshTokenHelp": "Si està activat els tokens d''actualització només poden usar-se una vegada. En un altre cas els tokens d''actualització no es revoquen quan s''utilitzen i poden ser usat múltiples vegades.", - "clientLoginTimeoutHelp": "Temps màxim que un client té per finalitzar el protocol d''obtenció del token d''accés. Hauria de ser normalment de l''ordre d''1 minut.", - "editUsernameHelp": "Si està habilitat, el nom d''usuari és editable, altrament és de només lectura.", - "attestationPreference": { - "none": "cap" - }, - "alias": "Àlies", - "enableStartTls": "Habilitar StartTLS", - "trustEmail": "Confiar en l''email", - "selectRole": { - "label": "Selecciona rol", - "tooltip": "Introdueix el rol a la caixa de text de l''esquerra, o fes clic a aquest botó per navegar i buscar el rol que vols." - }, - "trustEmailHelp": "Si està habilitat, l''email rebut d''aquest proveïdor no es verificarà encara que la verificació estigui habilitada per al domini.", - "addIdPMapper": "Afegeix assignador de proveïdor d''identitat", - "redirectURI": "URI de redirecció", - "ssoServiceUrl": "URL de servei de connexió únic (SSO)", - "singleLogoutServiceUrl": "URL de servei de desconnexió únic", - "nameIdPolicyFormat": "Format de política NameID", - "unspecified": "no especificat", - "httpPostBindingResponse": "HTTP-POST enllaç de resposta", - "httpPostBindingAuthnRequest": "HTTP-POST per AuthnRequest", - "wantAuthnRequestsSigned": "Signar AuthnRequests", - "forceAuthentication": "Forçar autenticació", - "validatingX509Certs": "Validant certificat X509", - "authorizationUrl": "URL d''autorització", - "tokenUrl": "Token URL", - "logoutUrl": "URL de desconnexió", - "backchannelLogout": "Backchannel Logout", - "userInfoUrl": "URL d''informació d''usuari", - "issuer": "Emissor", - "prompt": "Prompt", - "prompts": { - "none": "cap", - "consent": "consentiment", - "login": "login" - }, - "validateSignature": "Validar signatures", - "storeTokens": "Emmagatzemar tokens", - "storedTokensReadable": "Tokens emmagatzemats llegibles", - "userAttribute": "Atribut d''usuari", - "redirectURIHelp": "L''URI de redirecció usada per configurar el proveïdor d''identitat.", - "aliasHelp": "L''àlies que identifica de forma única un proveïdor d''identitat, es far servir també per construir la URI de redirecció.", - "clientSecretHelp": "El secret del client registrat amb el proveïdor d''identitat.", - "discoveryEndpoint": "Importa metadades des d''un descriptor d''un proveïdor d''identitat (IDP) remot.", - "importConfig": "Importa metadades des d''un descriptor d''un proveïdor d''identitat (IDP) descarregat.", - "logoutUrlHelp": "Punt de tancament de sessió per utilitzar en la desconnexió d''usuaris des d''un proveïdor d''identitat (IDP) extern.", - "backchannelLogoutHelp": "Does the external IDP support backchannel logout?", - "userInfoUrlHelp": "L''URL d''informació d''usuari. Opcional.", - "issuerHelp": "L''identificador de l''emissor per a l''emissor de la resposta. Si no s''indica, no es realitzarà cap validació.", - "scopes": "Els àmbits que s''enviaran quan es sol·liciti autorització. Pot ser una llista d''àmbits separats per espais. El valor per defecte és ''openid''.", - "validateSignatureHelp": "Habilitar/deshabilitar la validació de signatures de proveïdors d''identitat (IDP) externs", - "storeTokensHelp": "Habilitar/deshabilitar si els tokens han de ser emmagatzemats després d''autenticar als usuaris.", - "storedTokensReadableHelp": "Habilitar/deshabilitar si els nous usuaris poden llegir els tokens emmagatzemats. Això assigna el rol ''broker.read-token''.", - "useEntityDescriptor": "Importar metadades des d''un descriptor d'entitat remot d''un IDP de SAML", - "samlEntityDescriptor": "Et permet carregar metadades d''un proveïdor d''identitat (IDP) extern d''un arxiu de coniguración o descarregar des d''una URL.", - "ssoServiceUrlHelp": "L''URL que s''ha de fer servir per enviar peticions d''autenticació (SAML AuthnRequest).", - "singleLogoutServiceUrlHelp": "L''URL que ha de fer-se servir per enviar peticions de desconnexió.", - "httpPostBindingAuthnRequestHelp": "Indica si AuthnRequest ha de ser enviat usant HTTP-POST. Si no està activat es fa HTTP-REDIRECT.", - "wantAuthnRequestsSignedHelp": "Indica si el proveïdor d''identitat espera rebre signades les AuthnRequest.", - "forceAuthenticationHelp": "Indica si el proveïdor d''identitat ha d'autenticar en presentar directament les credencials en lloc de dependre d''un context de seguretat previ.", - "validateSignatures": "Habilitar/deshabilitar la validació de signatura en respostes SAML.", - "validatingX509CertsHelp": "El certificat en format PEM que ha de fer-se servir per comprovar les signatures.", - "addIdpMapperName": "Nom de l''assignador.", - "usermodel": { - "prop": { - "label": "Propietat", - "tooltip": "Nom del mètode de propietat en la interfície UserModel. Per exemple, un valor de ''email'' faria referència al mètode UserModel.getEmail()." - }, - "attr": { - "label": "Atribut d''usuari", - "tooltip": "Nom de l''atribut d''usuari emmagatzemat que és el nom de l''atribut dins el map UserModel.attribute." - }, - "clientRoleMapping": { - "clientId": { - "label": "ID Client" - } - } - }, - "userSession": { - "modelNote": { - "label": "Nota sessió usuari", - "tooltip": "Nom de la nota emmagatzemada en la sessió d''usuari dins del mapa UserSessionModel.note" - } - }, - "multivalued": { - "label": "Valors múltiples", - "tooltip": "Indica si l''atribut suporta múltiples valors. Si està habilitat, la llista de tots els valors d''aquest atribut es fixarà com a reclamació. Si està deshabilitat, només el primer valor serà fixat com a reclamació." - }, - "jsonType": { - "label": "Tipus JSON de reclamació", - "tooltip": "El tipus de JSON que hauria de fer-se servir per omplir la petició de JSON en el token. long, int, boolean i String són valors vàlids" - }, - "includeInIdToken": { - "label": "Afegir al token d''ID" - }, - "includeInAccessToken": { - "label": "Afegir al token d''accés", - "tooltip": "S''hauria d'afegir la identitat reclamada al token d''accés?" - }, - "name-id-format": "Format de NameID", - "titleRoles": "Rols de domini", - "titleSessions": "Sessions", - "clientDescriptionHelp": "Indica la descripció del client. Per exemple ''My Client for TimeSheets''. També suporta claus per a valors localitzats. Per exemple: ${my_client_description}", - "clientsClientTypeHelp": "''OpenID connect'' permet als clients verificar la identitat de l''usuari final basat en l''autenticació realitzada per un servidor d''autorització. ''SAML'' habilita l''autenticació i autorització d''escenaris basats en web incloent cross-domain i single sign-on (SSO) i utilitza tokens de seguretat que contenen afirmacions per passar informació." -} diff --git a/js/apps/admin-ui/public/locales/de/translation.json b/js/apps/admin-ui/public/locales/de/translation.json deleted file mode 100644 index cc20d95623..0000000000 --- a/js/apps/admin-ui/public/locales/de/translation.json +++ /dev/null @@ -1,205 +0,0 @@ -{ - "add": "Hinzufügen", - "create": "Erstellen", - "save": "Speichern", - "cancel": "Abbrechen", - "delete": "Löschen", - "reset": "Zurücksetzen", - "remove": "Entfernen", - "search": "Suche", - "key": "Schlüssel", - "value": "Wert", - "action": "Aktion", - "clear": "Zurücksetzen", - "edit": "Bearbeiten", - "enabled": "Aktiv", - "disable": "Deaktivieren", - "signOut": "Abmelden", - "manageAccount": "Konto verwalten", - "serverInfo": "Server-Info", - "learnMore": "Mehr erfahren", - "description": "Beschreibung", - "type": "Typ", - "category": "Kategorie", - "manage": "Verwalten", - "clients": "Clients", - "realmRoles": "Realm-Rollen", - "users": "Benutzer", - "groups": "Gruppen", - "sessions": "Sessions", - "events": "Ereignisse", - "permissions": "Berechtigungen", - "usersPermissionsHint": "Feingranulare Berechtigungen für alle Benutzer in diesem Realm. Es können verschiedene Einstellungen definiert werden, wer in diesem Realm berechtigt ist, Benutzer zu verwalten.", - "permissionsEnabled": "Berechtigungen aktiv", - "configure": "Konfigurieren", - "realmSettings": "Realm-Einstellungen", - "authentication": "Authentifizierung", - "settings": "Einstellungen", - "details": "Details", - "Sunday": "Sonntag", - "Monday": "Montag", - "Tuesday": "Dienstag", - "Wednesday": "Mittwoch", - "Thursday": "Donnerstag", - "Friday": "Freitag", - "Saturday": "Samstag", - "times": { - "seconds": "Sekunden", - "minutes": "Minuten", - "hours": "Stunden", - "days": "Tage" - }, - "attributes": "Attribute", - "addAttribute": "Attribut hinzufügen", - "removeAttribute": "Attribut entfernen", - "keyPlaceholder": "Schlüssel eingeben", - "valuePlaceholder": "Wert eingeben", - "credentials": "Passwörter", - "clientId": "Client-ID", - "clientName": "Name", - "leave": "Verlassen", - "password": "Passwort", - "passwordConfirmation": "Passwort bestätigen", - "temporaryPassword": "Temporär", - "temporaryPasswordHelpText": "Wenn eingeschaltet, ist der Benutzer beim nächsten Login aufgefordert, dass Passwort zu ändern.", - "copy": "Kopieren", - "webOrigins": "Web Origins", - "keys": "Keys", - "roles": "Rollen", - "user": "Benutzer", - "clientList": "Clients", - "created": "Erstellt", - "lastUpdated": "Zuletzt aktualisiert", - "selectMethodType": { - "import": "Importieren" - }, - "certificate": "Zertifikat", - "tokenLifespan": { - "expires": "Läuft ab in" - }, - "validRedirectURIs": "Gültiges URI-Muster, zu dem ein Browser nach einer erfolgreichen An- oder Abmeldung umleiten kann. Einfache Platzhalter sind zulässig, z. B. \"http://example.com/*\". Es kann auch ein relativer Pfad angegeben werden, z. B. /my/relative/path/*. Relative Pfade beziehen sich auf die Root URL des Clients, oder wenn keine angegeben ist, wird die Stamm-URL des Autorisierungsservers verwendet. Für SAML muss man gültige URI-Muster festlegen, wenn man sich auf die in die Anmeldeanforderung eingebettete URL des Verbraucherdienstes verlässt.", - "webOriginsHelp": "Erlaubte CORS Origins. Um alle Origins der Valid Redirect URIs zu erlauben, fügen Sie ein '+' hinzu. Dabei wird der '*' Platzhalter nicht mit übernommen. Um alle Origins zu erlauben, geben Sie explizit einen Eintrag mit '*' an.", - "clientIdHelp": "Legt die Id fest, auf die in URI und Token verwiesen wird. Zum Beispiel 'my-client'. Bei SAML ist dies auch der erwartete Issuer-Wert von authn-Anfragen", - "clientNameHelp": "Legt den Anzeigenamen des Clients fest. Zum Beispiel 'My Client'. Unterstützt auch Keys für lokalisierte Werte. Zum Beispiel: ${my_client}", - "resetActions": "Zurücksetz-Aktionen", - "lifespan": "Läuft ab in", - "permissionsEnabledHelp": "Legt fest, ob feingranulare Berechtigungen für diese Rolle aktiv sein sollen. Wird diese Option deaktiviert, werden alle aktuell aufgesetzten Berechtigungen gelöscht.", - "grantedClientScopes": "Gewährte Client-Scopes", - "createGroup": "Gruppe erstellen", - "groupName": "Gruppenname", - "searchForGroups": "Gruppen suchen", - "deleteGroup": "Gruppe löschen", - "members": "Mitglieder", - "email": "Email", - "lastName": "Nachname", - "firstName": "Vorname", - "groupsDescription": "Eine Gruppe ist eine Sammlung von Attributen und Rollenzuordnungen, die auf einen Benutzer angewendet werden können. Du kannst Gruppen erstellen, bearbeiten und löschen sowie deren Hierarchie von Kind- und Elterngruppen verwalten.", - "title": "Authentifizierung", - "addRole": "Rolle hinzufügen", - "roleName": "Rollenname", - "addUser": "Benutzer hinzufügen", - "userName": "Benutzername", - "usersExplain": "Benutzer in diesem Realm.", - "userList": "Benutzerliste", - "searchForUser": "Benutzer suchen", - "searchType.default": "Standardsuche", - "searchType.attribute": "Attributsuche", - "selectAttribute": "Wähle Attribut", - "selectAttributes": "Wähle Attribute", - "searchUserByAttributeMissingKeyError": "Attributschlüssel angeben", - "searchUserByAttributeKeyAlreadyInUseError": "Attributschlüssel bereits in Verwendung", - "searchUserByAttributeMissingValueError": "Attributwert angeben", - "searchUserByAttributeDescription": "Es unterstützt die Einstellung mehrerer Attribute als Suchfilter, indem verschiedene Schlüssel oder Werte festgelegt werden. Für einen Schlüssel kann nur ein Wert eingegeben werden.", - "join": "Beitreten", - "groupMembership": "Gruppen-Mitglied", - "addedGroupMembership": "Zur Gruppe hinzugefügt.", - "removedGroupMembership": "Aus Gruppe entfernt.", - "createdAt": "Erstellt am", - "username": "Benutzername", - "emailVerified": "E-Mail verifiziert", - "status": "Status", - "requiredUserActions": "Verlangte Benutzeraktionen", - "deleteUser": "Benutzer löschen", - "verifyEmail": "E-Mail verifizieren", - "consents": "Einwilligungen", - "revoke": "Widerrufen", - "confirmPasswordDoesNotMatch": "Die Passwörter stimmen nicht überein.", - "credentialType": "Typ", - "deleteCredentialsConfirm": "Sind Sie sicher, dass Sie die Zugangsdaten löschen möchten?", - "deleteBtn": "Löschen", - "resetPassword": "Passwort zurücksetzen", - "resetPasswordBtn": "Passwort zurücksetzen", - "showPasswordDataValue": "Wert", - "credentialResetBtn": "Zugang zurücksetzen", - "hours": "Stunden", - "minutes": "Minuten", - "seconds": "Sekunden", - "credentialResetConfirm": "E-Mail senden", - "temporaryLocked": "Der Benutzer wurde vorübergehend wegen zuvieler ungültiger Loginversuche gesperrt.", - "emailVerifiedHelp": "Wurde die E-Mail des Benutzers verifiziert?", - "requiredUserActionsHelp": "Verlangt eine Aktion wenn sich der Benutzer einloggt. 'E-Mail Verifizieren' sendet eine E-Mail an den Benutzer, um die Gültigkeit seiner E-Mailadresse zu prüfen. 'Profil aktualisieren' verlangt, dass Benutzer ihre persönlichen Angaben eingeben. 'Passwort aktualisieren' zwingt Benutzer ein neues Passwort zu setzen. 'OTP konfigurieren' zwingt Benutzer einen mobilen Passwort-Generator einzurichten (i.e. Google Authenticator)", - "lastAccess": "Letzter Zugriff", - "time": "Zeit", - "ipAddress": "IP-Adresse", - "from": "Von", - "host": "Host", - "port": "Port", - "enableSSL": "SSL aktivieren", - "active": "Aktiv", - "userRegistration": "Benutzerregistrierung", - "userRegistrationHelpText": "Aktiviere/deaktiviere die Seite zur Benutzerregistrierung. Auf der Loginseite wird ein entsprechender Link angezeigt.", - "rememberMe": "Angemeldet bleiben", - "rememberMeHelpText": "Zeigt eine Auswahlbox auf der Loginseite, die es dem Benutzer erlaubt, zwischen Browser-Neustarts eingeloggt zu bleiben, bis die Session abläuft.", - "registrationEmailAsUsername": "E-Mail-Adresse als Benutzername", - "loginWithEmail": "Anmeldung mit E-Mail", - "loginWithEmailHelpText": "Erlaubt Benutzern, sich mit ihrer E-Mail-Adresse anzumelden.", - "editUsername": "Benutzername editierbar", - "htmlDisplayName": "HTML-Anzeigename", - "endpoints": "Endpoints", - "localization": "Internationalisierung", - "clientProfileDescription": "Beschreibung", - "supportedLocales": "Unterstützte Sprachen", - "validatorDialogColNames": { - "colName": "Rollenname" - }, - "eventTypes": { - "LOGOUT": { - "name": "Ausloggen" - }, - "REGISTER": { - "name": "Registrieren" - }, - "RESET_PASSWORD": { - "name": "Passwort zurücksetzen" - } - }, - "defaultRoles": "Standardrollen", - "defaultGroups": "Standardgruppen", - "requireSsl": "Ist HTTPS erforderlich? 'None' bedeutet, dass HTTPS für keine Client-IP-Adresse erforderlich ist. 'External requests' bedeutet, dass Localhost und private IP-Adressen ohne HTTPS zugreifen können. 'All requests' bedeutet, dass HTTPS für alle IP-Adressen erforderlich ist.", - "userManagedAccess": "Wenn aktiviert, können Benutzer ihre Ressourcen und Berechtigungen über die Account Management UI verwalten.", - "editUsernameHelp": "Wenn aktiv, kann der Benutzername editiert werden.", - "unlinkUsers": "Benutzer entsperren", - "logoutUrl": "Logout-URL", - "syncMode": "Synchronisationsmodus", - "syncModes": { - "inherit": "Standard erben", - "import": "Importieren", - "legacy": "Legacy", - "force": "Erzwingen" - }, - "syncModeOverride": "Überschriebene Synchronisation", - "syncModeHelp": "Standardsyncmodus für alle Mapper. Mögliche Werte sind: 'Legacy' um das alte Verhalten beizubehalten, 'Importieren' um den Nutzer einmalig zu importieren, 'Erzwingen' um den Nutzer immer zu importieren.", - "syncModeOverrideHelp": "Überschreibt den normalen Synchronisationsmodus des IDP für diesen Mapper. Werte sind 'Legacy' um das alte Verhalten beizubehalten, 'Importieren' um den Nutzer einmalig zu importieren, 'Erzwingen' um den Nutzer immer zu updaten.", - "usermodel": { - "clientRoleMapping": { - "client": { - "label": "Client-ID" - } - } - }, - "titleAuthentication": "Authentifizierung", - "titleEvents": "Ereignisse", - "titleRoles": "Realm-Rollen", - "titleUsers": "Benutzer", - "titleSessions": "Sessions" -} diff --git a/js/apps/admin-ui/public/locales/en/translation.json b/js/apps/admin-ui/public/locales/en/translation.json deleted file mode 100644 index 9335f5da43..0000000000 --- a/js/apps/admin-ui/public/locales/en/translation.json +++ /dev/null @@ -1,3311 +0,0 @@ -{ - "fullName": "{{givenName}} {{familyName}}", - "unknownUser": "Anonymous", - "add": "Add", - "yes": "Yes", - "no": "No", - "create": "Create", - "save": "Save", - "revert": "Revert", - "cancel": "Cancel", - "reload": "Reload", - "continue": "Continue", - "close": "Close", - "delete": "Delete", - "reset": "Reset", - "remove": "Remove", - "revoke": "Revoke", - "search": "Search", - "key": "Key", - "value": "Value", - "noSearchResults": "No search results", - "noSearchResultsInstructions": "Click on the search bar above to search for groups", - "clearAllFilters": "Clear all filters", - "next": "Next", - "back": "Back", - "finish": "Finish", - "skipCustomizationAndFinish": "Skip customization and finish", - "export": "Export", - "action": "Action", - "download": "Download", - "resourceFile": "Resource file", - "clear": "Clear", - "clearFile": "Clear this file", - "clearFileExplain": "Are you sure you want to clear this file?", - "on": "On", - "off": "Off", - "edit": "Edit", - "enabled": "Enabled", - "disabled": "Disabled", - "disable": "Disable", - "selectOne": "Select an option", - "select": "Select", - "choose": "Choose...", - "any": "Any", - "none": "None", - "signOut": "Sign out", - "manageAccount": "Manage account", - "serverInfo": "Server info", - "realmInfo": "Realm info", - "help": "Help", - "helpLabel": "More help for '{{label}}'", - "helpEnabled": "Help on", - "helpDisabled": "Help off", - "documentation": "Documentation", - "enableHelpMode": "Enable help mode", - "enableHelp": "Help is enabled", - "learnMore": "Learn more", - "show": "Show", - "hide": "Hide", - "showRemaining": "Show ${remaining}", - "more": "{{count}} more", - "test": "Test", - "testConnection": "Test connection", - "name": "Name", - "role": "Role", - "description": "Description", - "type": "Type", - "category": "Category", - "priority": "Priority", - "unexpectedError": "An unexpected error occurred: '{{error}}'", - "retry": "Press here to refresh and continue", - "plus": "Plus", - "minus": "Minus", - "confirm": "Confirm", - "clientScope": "Client scope", - "allTypes": "All types", - "home": "Home", - "manage": "Manage", - "clients": "Clients", - "clientScopes": "Client scopes", - "realmRoles": "Realm roles", - "clientRoles": "Client roles", - "users": "Users", - "groups": "Groups", - "sessions": "Sessions", - "events": "Events", - "mappers": "Mappers", - "permissions": "Permissions", - "permissionsList": "Permission list", - "permissionsListIntro": "Edit the permission list by clicking the scope-name. It then redirects to the permission details page of the client named <1>{{realm}}", - "usersPermissionsHint": "Fine grained permissions for managing all users in realm. You can define different policies for who is allowed to manage users in the realm.", - "clientsPermissionsHint": "Fine grained permissions for administrators that want to manage this client or apply roles defined by this client.", - "groupsPermissionsHint": "Determines if fine grained permissions are enabled for managing this role. Disabling will delete all current permissions that have been set up.", - "rolesPermissionsHint": "Determines if fine grained permissions are enabled for managing this role. Disabling will delete all current permissions that have been set up.", - "identityProvidersPermissionsHint": "Determines if fine grained permissions are enabled for managing this role. Disabling will delete all current permissions that have been set up.", - "permissionsScopeName": "Scope-name", - "permissionsEnabled": "Permissions enabled", - "permissionsDisable": "Disable permissions?", - "permissionsDisableConfirm": "If you disable the permissions, all the permissions in the list below will be delete automatically. In addition, the resources and scopes that are related will be removed", - "scopePermissions": { - "clients": { - "manage-description": "Policies that decide if an administrator can manage this client", - "configure-description": "Reduced management permissions for administrator. Cannot set scope, template, or protocol mappers.", - "view-description": "Policies that decide if an administrator can view this client", - "map-roles-description": "Policies that decide if an administrator can map roles defined by this client", - "map-roles-client-scope-description": "Policies that decide if an administrator can apply roles defined by this client to the client scope of another client", - "map-roles-composite-description": "Policies that decide if an administrator can apply roles defined by this client as a composite to another role", - "token-exchange-description": "Policies that decide which clients are allowed exchange tokens for a token that is targeted to this client." - }, - "users": { - "view-description": "Policies that decide if an administrator can view all users in realm", - "manage-description": "Policies that decide if an administrator can manage all users in the realm", - "map-roles-description": "Policies that decide if administrator can map roles for all users", - "manage-group-membership-description": "Policies that decide if an administrator can manage group membership for all users in the realm. This is used in conjunction with specific group policy", - "impersonate-description": "Policies that decide if administrator can impersonate other users", - "user-impersonated-description": "Policies that decide which users can be impersonated. These policies are applied to the user being impersonated." - }, - "groups": { - "view-description": "Policies that decide if an administrator can view this group", - "manage-description": "Policies that decide if an administrator can manage this group", - "view-members-description": "Policies that decide if an administrator can view the members of this group", - "manage-members-description": "Policies that decide if an administrator can manage the members of this group", - "manage-membership-description": "Policies that decide if an administrator can add or remove users from this group" - }, - "roles": { - "map-role-description": "Policies that decide if an administrator can map this role to a user or group", - "map-role-client-scope-description": "Policies that decide if an administrator can apply this role to the client scope of a client", - "map-role-composite-description": "Policies that decide if an administrator can apply this role as a composite to another role" - }, - "identityProviders": { - "token-exchange-description": "Policies that decide which clients are allowed exchange tokens for an external token minted by this identity provider." - } - }, - "configure": "Configure", - "realmSettings": "Realm settings", - "authentication": "Authentication", - "identityProviders": "Identity providers", - "userFederation": "User federation", - "settings": "Settings", - "details": "Details", - "required": "Required field", - "maxLength": "Max length {{length}}", - "lessThan": "Must be less than {{value}}", - "greaterThan": "Must be greater than {{value}}", - "createRealm": "Create realm", - "recent": "Recent", - "jumpToSection": "Jump to section", - "Sunday": "Sunday", - "Monday": "Monday", - "Tuesday": "Tuesday", - "Wednesday": "Wednesday", - "Thursday": "Thursday", - "Friday": "Friday", - "Saturday": "Saturday", - "filterByRoles": "Filter by realm roles", - "filterByClients": "Filter by clients", - "assignRole": "Assign role", - "assign": "Assign", - "unAssignRole": "Unassign", - "hideInheritedRoles": "Hide inherited roles", - "assignRolesTo": "Assign roles to {{client}}", - "inherent": "Inherited", - "unitLabel": "Select a time unit", - "times": { - "seconds": "Seconds", - "minutes": "Minutes", - "hours": "Hours", - "days": "Days", - "years": "Years" - }, - "attributes": "Attributes", - "missingAttributes": "No attributes have been defined yet. Click the below button to add attributes, key and value are required for a key pair.", - "addAttribute": "Add an attribute", - "removeAttribute": "Remove attribute", - "editUsernameHelp": "If enabled, the username field is editable, readonly otherwise.", - "keyPlaceholder": "Type a key", - "valuePlaceholder": "Type a value", - "keyError": "A key must be provided.", - "valueError": "A value must be provided.", - "credentials": "Credentials", - "clientId": "Client ID", - "clientName": "Name", - "id": "ID", - "addMapper": "Add mapper", - "createNewMapper": "Create new mapper", - "searchForMapper": "Search for mapper", - "mapperType": "Mapper type", - "mappingDeletedSuccess": "Mapping successfully deleted", - "mappingDeletedError": "Could not delete mapping: '{{error}}'", - "mappingDetails": "Mapper details", - "mappingUpdatedSuccess": "Mapping successfully updated", - "mappingUpdatedError": "Could not update mapping: '{{error}}'", - "mappingCreatedSuccess": "Mapping successfully created", - "mappingCreatedError": "Could not create mapping: '{{error}}'", - "deleteMappingTitle": "Delete mapping?", - "deleteMappingConfirm": "Are you sure you want to delete this mapping?", - "emptyMappers": "No mappers", - "emptyMappersInstructions": "If you want to add mappers, please click the button below to add some predefined mappers or to configure a new mapper.", - "emptyPrimaryAction": "Add predefined mapper", - "leave": "Leave", - "reorder": "Reorder", - "onDragStart": "Dragging started for item {{item}}", - "onDragMove": "Dragging item {{item}}", - "onDragCancel": "Dragging cancelled. List is unchanged.", - "onDragFinish": "Dragging finished {{list}}", - "notFound": "Could not find the resource that you are looking for", - "password": "Password", - "passwordConfirmation": "Password confirmation", - "temporaryPassword": "Temporary", - "temporaryPasswordHelpText": "If enabled, the user must change the password on next login", - "forbidden_one": "Forbidden, permission needed:", - "forbidden_other": "Forbidden, permissions needed:", - "noRealmRolesToAssign": "There are no realm roles to assign", - "loadingRealms": "Loading realms…", - "customAttribute": "Custom Attribute…", - "helpToggleInfo": "This toggle will enable / disable part of the help info in the UI. Includes any help text, links and popovers.", - "showPassword": "Show password field in clear text", - "helpFileUpload": "Upload a JSON file", - "helpFileUploadClient": "Upload a JSON or XML file", - "dragHelp": "Press space or enter to begin dragging, and use the arrow keys to navigate up or down. Press enter to confirm the drag, or any other key to cancel the drag operation.", - "realmName": "Realm name", - "welcome": "Welcome to", - "introduction": "If you want to leave this page and manage this realm, please click the corresponding menu items in the left navigation bar.", - "version": "Version", - "product": "Product", - "profile": "Profile", - "enabledFeatures": "Enabled features", - "experimental": "Experimental", - "preview": "Preview", - "supported": "Supported", - "infoEnabledFeatures": "Shows enabled preview and experimental features.", - "infoDisabledFeatures": "Shows all disabled features.", - "disabledFeatures": "Disabled features", - "providerInfo": "Provider info", - "providers": "Add providers", - "spi": "SPI", - "showMore": "Show more", - "showLess": "Show less", - "memory": "Memory", - "totalMemory": "Total memory", - "freeMemory": "Free memory", - "usedMemory": "Used memory", - "protocolTypes": { - "all": "All", - "saml": "SAML", - "openid-connect": "OpenID Connect" - }, - "protocol": "Protocol", - "copy": "Copy", - "copied": "Authorization details copied.", - "copyError": "Error copying authorization details: {{error}}", - "exportAuthDetailsSuccess": "Successfully exported authorization details.", - "exportAuthDetailsError": "Error exporting authorization details: {{error}}", - "clientType": "Client type", - "clientAuthorization": "Authorization", - "implicitFlow": "Implicit flow", - "createClient": "Create client", - "importClient": "Import client", - "homeURL": "Home URL", - "webOrigins": "Web origins", - "addWebOrigins": "Add web origins", - "adminURL": "Admin URL", - "formatOption": "Format option", - "encryptAssertions": "Encrypt assertions", - "clientSignature": "Client signature required", - "downloadAdaptorTitle": "Download adaptor configs", - "privateKeyMask": "PRIVATE KEY NOT SET UP OR KNOWN", - "keys": "Keys", - "roles": "Roles", - "createRole": "Create role", - "noRoles": "No roles for this user", - "noRolesInstructions": "You haven't assigned any roles to this user. Assign a role to get started.", - "addClientScope": "Add client scope", - "dedicatedScopeName": "{{clientName}}-dedicated", - "dedicatedScopeDescription": "Dedicated scope and mappers for this client", - "dedicatedScopes": "Dedicated scopes", - "fullScopeAllowed": "Full scope allowed", - "addClientScopesTo": "Add client scopes to {{clientName}}", - "clientScopeRemoveSuccess": "Scope mapping successfully removed", - "clientScopeRemoveError": "Could not remove the scope mapping {{error}}", - "clientScopeSuccess": "Scope mapping updated", - "clientScopeError": "Could not update scope mapping {{error}}", - "searchByName": "Search by name", - "setup": "Setup", - "selectAUser": "Select a user", - "selectARole": "Select a role", - "client": "Client", - "evaluateError": "Could not evaluate due to: {{error}}", - "evaluate": "Evaluate", - "reevaluate": "Re-evaluate", - "showAuthData": "Show authorization data", - "authData": "Authorization data", - "authDataDescription": "Represents a token carrying authorization data as a result of the processing of an authorization request. This representation is basically what Keycloak issues to clients asking for permission. Check the `authorization` claim for the permissions that where granted based on the current authorization request. ", - "results": "Results", - "allResults": "All results", - "resultPermit": "Result-Permit", - "resultDeny": "Result-Deny", - "permit": "Permit", - "deny": "Deny", - "unanimous": "Unanimous", - "affirmative": "Affirmative", - "consensus": "Consensus", - "votedToStatus": " voted to {{status}}", - "overallResults": "Overall Results", - "grantedScopes": "Granted scopes", - "deniedScopes": "Denied scopes", - "permission": "Permission", - "lastEvaluation": "Last Evaluation", - "resourcesAndScopes": "Resources and Scopes", - "authScopes": "Authorization scopes", - "authDetails": "Authorization details", - "anyResource": "Any resource", - "anyScope": "Any scope", - "selectScope": "Select a scope", - "applyToResourceType": "Apply to Resource Type", - "contextualInfo": "Contextual Information", - "contextualAttributes": "Contextual Attributes", - "selectOrTypeAKey": "Select or type a key", - "custom": "Custom Attribute...", - "kc": { - "identity": { - "authc": { - "method": "Authentication Method" - } - }, - "realm": { - "name": "Realm" - }, - "time": { - "date_time": "Date/Time (MM/dd/yyyy hh:mm:ss)" - }, - "client": { - "network": { - "ip_address": "Client IPv4 Address", - "host": "Client Host" - }, - "user_agent": "Client/User Agent" - } - }, - "oneTimePassword": "One-Time Password", - "kerberos": "Kerberos", - "removeMappingTitle": "Remove role?", - "removeMappingConfirm_one": "Are you sure you want to remove this role?", - "removeMappingConfirm_other": "Are you sure you want to remove {{count}} roles", - "clientScopeSearch": { - "name": "Name", - "type": "Assigned type", - "protocol": "Protocol" - }, - "authorization": "Authorization", - "policyEnforcementMode": "Policy enforcement mode", - "policyEnforcementModes": { - "ENFORCING": "Enforcing", - "PERMISSIVE": "Permissive", - "DISABLED": "Disabled" - }, - "decisionStrategy": "Decision strategy", - "decisionStrategies": { - "UNANIMOUS": "Unanimous", - "AFFIRMATIVE": "Affirmative", - "CONSENSUS": "Consensus" - }, - "importResources": "The following settings and data will be imported:", - "importWarning": "The data and settings imported above may overwrite the data and settings that already exist.", - "importResourceSuccess": "The resource was successfully imported", - "importResourceError": "Could not import the resource due to {{error}}", - "createResource": "Create resource", - "resourceDetails": "Resource details", - "emptyPermissions": "No permissions", - "emptyPermissionInstructions": "If you want to create a permission, please click the button below to create a resource-based or scope-based permission.", - "noScopeCreateHint": "You'll need to create an authorization scope first.", - "noResourceCreateHint": "There are no resources you can't create resource-based permission", - "createResourceBasedPermission": "Create resource-based permission", - "createScopeBasedPermission": "Create scope-based permission", - "displayName": "Display name", - "addUri": "Add URI", - "authorizationScopes": "Authorization scopes", - "iconUri": "Icon URI", - "ownerManagedAccess": "User-Managed access enabled", - "resourceAttribute": "Resource attribute", - "createResourceSuccess": "Resource created successfully", - "updateResourceSuccess": "Resource successfully updated", - "resourceSaveError": "Could not persist resource due to {{error}}", - "associatedPermissions": "Associated permission", - "allowRemoteResourceManagement": "Remote resource management", - "resources": "Resources", - "resource": "Resource", - "emptyResources": "No resources", - "emptyResourcesInstructions": "If you want to create a resource, please click the button below.", - "scope": "Scope", - "owner": "Owner", - "uris": "URIs", - "scopes": "Scopes", - "policies": "Policies", - "createPermission": "Create permission", - "permissionDetails": "Permission details", - "deleteResource": "Permanently delete resource?", - "deleteResourceConfirm": "If you delete this resource, some permissions will be affected.", - "deleteResourceWarning": "The permissions below will be removed when they are no longer used by other resources:", - "resourceDeletedSuccess": "The resource successfully deleted", - "resourceDeletedError": "Could not remove the resource {{error}}", - "identityInformation": "Identity Information", - "searchForPermission": "Search for permission", - "deleteScope": "Permanently delete authorization scope?", - "deleteScopeConfirm": "If you delete this authorization scope, some permissions will be affected.", - "deleteScopeWarning": "The permissions below will be removed when they are no longer used by other authorization scopes:", - "resourceScopeSuccess": "The authorization scope successfully deleted", - "resourceScopeError": "Could not remove the authorization scope due to {{error}}", - "associatedPolicy": "Associated policy", - "deletePermission": "Permanently delete permission?", - "deletePermissionConfirm": "Are you sure you want to delete the permission {{permission}}", - "permissionDeletedSuccess": "Successfully deleted permission", - "permissionDeletedError": "Could not delete permission due to {{error}}", - "applyToResourceTypeFlag": "Apply to resource type", - "resourceType": "Resource type", - "createPermissionSuccess": "Successfully created the permission", - "updatePermissionSuccess": "Successfully updated the permission", - "permissionSaveError": "Could not update the permission due to {{error}}", - "createAuthorizationScope": "Create authorization scope", - "authorizationScopeDetails": "Authorization scope details", - "emptyAuthorizationScopes": "No authorization scopes", - "emptyAuthorizationInstructions": "If you want to create authorization scopes, please click the button below to create the authorization scope", - "createScopeSuccess": "Authorization scope created successfully", - "updateScopeSuccess": "Authorization scope successfully updated", - "scopeSaveError": "Could not persist authorization scope due to {{error}}", - "createPolicy": "Create client policy", - "policyDetails": "Policy details", - "createPolicyOfType": "Create {{policyType}} policy", - "dependentPermission": "Dependent permission", - "deletePolicy": "Permanently delete policy?", - "deletePolicyConfirm": "If you delete this policy, some permissions or aggregated policies will be affected.", - "deletePolicyWarning": "The aggregated polices below will be removed automatically:", - "policyDeletedSuccess": "The Policy successfully deleted", - "policyDeletedError": "Could not remove the resource {{error}}", - "emptyPolicies": "No policies", - "emptyPoliciesInstructions": "If you want to create a policy, please click the button below to create the policy.", - "chooseAPolicyType": "Choose a policy type", - "chooseAPolicyTypeInstructions": "Choose one policy type from the list below and then you can configure a new policy for authorization. There are some types and description.", - "policyProvider": { - "regex": "Define regex conditions for your permissions.", - "role": "Define conditions for your permissions where a set of one or more roles is permitted to access an object.", - "js": "Define conditions for your permissions using JavaScript. It is one of the rule-based policy types supported by Keycloak, and provides flexibility to write any policy based on the Evaluation API.", - "client": "Define conditions for your permissions where a set of one or more clients is permitted to access an object.", - "time": "Define time conditions for your permissions.", - "user": "Define conditions for your permissions where a set of one or more users is permitted to access an object.", - "client-scope": "Define conditions for your permissions where a set of one or more client scopes is permitted to access an object.", - "aggregate": "Reuse existing policies to build more complex ones and keep your permissions even more decoupled from the policies that are evaluated during the processing of authorization requests.", - "group": "Define conditions for your permissions where a set of one or more groups (and their hierarchies) is permitted to access an object." - }, - "applyPolicy": "Apply policy", - "addClientScopes": "Add client scopes", - "emptyAddClientScopes": "No client scopes", - "emptyAddClientScopesInstructions": "There are no client scopes left to add", - "groupsClaim": "Groups claim", - "addGroups": "Add groups", - "requiredClient": "Please add at least one client.", - "requiredClientScope": "Please add at least one client scope.", - "requiredGroups": "Please add at least one group.", - "requiredRoles": "Please add at least one role.", - "addGroupsToGroupPolicy": "Add groups to group policy", - "extendToChildren": "Extend to children", - "targetClaim": "Target claim", - "regexPattern": "Regex pattern", - "addRoles": "Add roles", - "startTime": "Start time", - "repeat": "Repeat", - "notRepeat": "Not repeat", - "month": "Month", - "dayMonth": "Day", - "hour": "Hour", - "minute": "Minute", - "code": "Code", - "expireTime": "Expire time", - "logic": "Logic", - "logicType": { - "positive": "Positive", - "negative": "Negative" - }, - "createPolicySuccess": "Successfully created the policy", - "updatePolicySuccess": "Successfully updated the policy", - "policySaveError": "Could not update the policy due to {{error}}", - "assignedClientScope": "Assigned client scope", - "assignedType": "Assigned type", - "emptyClientScopes": "This client doesn't have any added client scopes", - "emptyClientScopesInstructions": "There are currently no client scopes linked to this client. You can add existing client scopes to this client to share protocol mappers and roles.", - "emptyClientScopesPrimaryAction": "Add client scopes", - "scopeParameter": "Scope parameter", - "scopeParameterPlaceholder": "Select scope parameters", - "effectiveProtocolMappers": "Effective protocol mappers", - "effectiveRoleScopeMappings": "Effective role scope mappings", - "generatedAccessToken": "Generated access token", - "generatedIdToken": "Generated ID token", - "generatedIdTokenNo": "No generated id token", - "generatedIdTokenIsDisabled": "Generated id token is disabled when no user is selected", - "generatedUserInfo": "Generated user info", - "generatedUserInfoNo": "No generated user info", - "generatedUserInfoIsDisabled": "Generated user info is disabled when no user is selected", - "searchForProtocol": "Search protocol mapper", - "parentClientScope": "Parent client scope", - "searchForRole": "Search role", - "origin": "Origin", - "user": "User", - "generatedAccessTokenNo": "No generated access token", - "generatedAccessTokenIsDisabled": "Generated access token is disabled when no user is selected", - "clientList": "Clients", - "clientsList": "Clients list", - "initialAccessToken": "Initial access token", - "expirationValueNotValid": "Value should should be greater or equal to 1", - "clientSettings": "Client details", - "selectEncryptionType": "Select Encryption type", - "generalSettings": "General settings", - "alwaysDisplayInUI": "Always display in UI", - "capabilityConfig": "Capability config", - "clientsExplain": "Clients are applications and services that can request authentication of a user.", - "explainBearerOnly": "This is a special OIDC type. This client only allows bearer token requests and cannot participate in browser logins.", - "createSuccess": "Identity provider successfully created", - "createError": "Could not create the identity provider: {{error}}", - "clientImportError": "Could not import client: {{error}}", - "clientSaveSuccess": "Client successfully updated", - "clientSaveError": "Client could not be updated: {{error}}", - "clientImportSuccess": "Client imported successfully", - "clientDelete": "Delete {{clientId}} ?", - "clientDeletedSuccess": "The client has been deleted", - "clientDeleteError": "Could not delete client: {{error}}", - "clientDeleteConfirmTitle": "Delete client?", - "disableConfirmTitle": "Disable realm?", - "downloadAdapterConfig": "Download adapter config", - "disableConfirm": "Are you sure you want to disable the provider '{{provider}}'", - "clientDeleteConfirm": "If you delete this client, all associated data will be removed.", - "searchInitialAccessToken": "Search token", - "createToken": "Create initial access token", - "tokenDeleteConfirm": "Are you sure you want to permanently delete the initial access token {{id}}", - "tokenDeleteConfirmTitle": "Delete initial access token?", - "tokenDeleteSuccess": "Initial access token deleted successfully", - "tokenDeleteError": "Could not delete initial access token: '{{error}}'", - "timestamp": "Created date", - "created": "Created", - "lastUpdated": "Last updated", - "expires": "Expires", - "count": "Count", - "remainingCount": "Remaining count", - "expiration": "Expiration", - "noTokens": "No initial access tokens", - "noTokensInstructions": "You haven't created any initial access tokens. Create an initial access token by clicking \"Create\".", - "tokenSaveSuccess": "New initial access token has been created", - "tokenSaveError": "Could not create initial access token {{error}}", - "initialAccessTokenDetails": "Initial access token details", - "copyInitialAccessToken": "Please copy and paste the initial access token before closing as it can not be retrieved later.", - "copySuccess": "Successfully copied to clipboard!", - "clipboardCopyError": "Error copying to clipboard.", - "clipboardCopyDenied": "Your browser is blocking access to the clipboard.", - "copyToClipboard": "Copy to clipboard", - "clientRegistration": "Client registration", - "anonymousAccessPolicies": "Anonymous access polices", - "authenticatedAccessPolicies": "Authenticated access polices", - "provider": "Provider", - "providerId": "Provider ID", - "providerCreateSuccess": "New client policy created successfully", - "providerCreateError": "Could not create client policy due to {{error}}", - "providerUpdatedSuccess": "Client policy updated successfully", - "providerUpdatedError": "Could not update client policy due to {{error}}", - "clientRegisterPolicyDeleteConfirmTitle": "Delete client registration policy?", - "clientRegisterPolicyDeleteConfirm": "Are you sure you want to permanently delete the client registration policy {{name}}", - "clientRegisterPolicyDeleteSuccess": "Client registration policy deleted successfully", - "clientRegisterPolicyDeleteError": "Could not delete client registration policy: '{{error}}'", - "chooseAPolicyProvider": "Choose a policy provider", - "clientAuthentication": "Client authentication", - "authenticationFlow": "Authentication flow", - "standardFlow": "Standard flow", - "directAccess": "Direct access grants", - "serviceAccount": "Service accounts roles", - "oauthDeviceAuthorizationGrant": "OAuth 2.0 Device Authorization Grant", - "oidcCibaGrant": "OIDC CIBA Grant", - "enableServiceAccount": "Enable service account roles", - "searchByRoleName": "Search by role name", - "roleMappingUpdatedSuccess": "Role mapping updated", - "roleMappingUpdatedError": "Could not update role mapping {{error}}", - "displayOnClient": "Display client on screen", - "consentScreenText": "Consent screen text", - "loginSettings": "Login settings", - "logoutSettings": "Logout settings", - "backchannelLogoutUrl": "Backchannel logout URL", - "backchannelUrlInvalid": "Backchannel logout URL is not a valid URL", - "backchannelLogoutSessionRequired": "Backchannel logout session required", - "backchannelLogoutRevokeOfflineSessions": "Backchannel logout revoke offline sessions", - "frontchannelLogout": "Front channel logout", - "frontchannelLogoutUrl": "Front-channel logout URL", - "frontchannelUrlInvalid": "Front-channel logout URL is not a valid URL", - "accessSettings": "Access settings", - "rootUrl": "Root URL", - "rootURLHelp": "Root URL appended to relative URLs", - "validRedirectUri": "Valid redirect URIs", - "validRedirectURIsHelp": "Valid URI pattern a browser can redirect to after a successful login. Simple wildcards are allowed such as 'http://example.com/*'. Relative path can be specified too such as /my/relative/path/*. Relative paths are relative to the client root URL, or if none is specified the auth server root URL is used. For SAML, you must set valid URI patterns if you are relying on the consumer service URL embedded with the login request.", - "validPostLogoutRedirectUri": "Valid post logout redirect URIs", - "validPostLogoutRedirectURIsHelp": "Valid URI pattern a browser can redirect to after a successful logout. A value of '+' or an empty field will use the list of valid redirect uris. A value of '-' will not allow any post logout redirect uris. Simple wildcards are allowed such as 'http://example.com/*'. Relative path can be specified too such as /my/relative/path/*. Relative paths are relative to the client root URL, or if none is specified the auth server root URL is used.", - "idpInitiatedSsoUrlName": "IDP-Initiated SSO URL name", - "unsigned": "Unsigned", - "idpInitiatedSsoUrlNameHelp": "URL fragment name to reference client when you want to do IDP Initiated SSO. Leaving this empty will disable IDP Initiated SSO. The URL you will reference from your browser will be: {server-root}/realms/{realm}/protocol/saml/clients/{client-url-name}", - "idpInitiatedSsoRelayState": "IDP Initiated SSO Relay State", - "masterSamlProcessingUrl": "Master SAML Processing URL", - "samlCapabilityConfig": "SAML capabilities", - "signatureAndEncryption": "Signature and Encryption", - "nameIdFormat": "Name ID format", - "forceNameIdFormat": "Force name ID format", - "forcePostBinding": "Force POST binding", - "forceArtifactBinding": "Force artifact binding", - "includeAuthnStatement": "Include AuthnStatement", - "includeOneTimeUseCondition": "Include OneTimeUse Condition", - "optimizeLookup": "Optimize REDIRECT signing key lookup", - "allowEcpFlow": "Allow ECP flow", - "signDocuments": "Sign documents", - "signAssertions": "Sign assertions", - "signatureKeyName": "SAML signature key name", - "canonicalization": "Canonicalization method", - "addRedirectUri": "Add valid redirect URIs", - "addPostLogoutRedirectUri": "Add valid post logout redirect URIs", - "loginTheme": "Login theme", - "consentRequired": "Consent required", - "clientAuthenticator": "Client Authenticator", - "changeAuthenticatorConfirmTitle": "Change to {{clientAuthenticatorType}}?", - "changeAuthenticatorConfirm": "If you change authenticator to {{clientAuthenticatorType}}, the Keycloak database will be updated and you may need to download a new adapter configuration for this client.", - "signedJWTConfirm": "Generate a private key and certificate for the client from the Keys tab.", - "anyAlgorithm": "Any algorithm", - "clientSecret": "Client Secret", - "regenerate": "Regenerate", - "secretExpiresOn": "Secret expires on {{time}}", - "secretRotated": "Secret rotated", - "invalidateSecret": "Invalidate", - "secretHasExpired": "Secret has expired, please generate a new one by clicking the \"Regenerate\" button above", - "invalidateRotatedSecret": "Invalidate rotated secret?", - "invalidateRotatedSecretExplain": "After invalidating rotated secret, the rotated secret will be removed automatically ", - "invalidateRotatedSuccess": "Rotated secret successfully removed", - "invalidateRotatedError": "Could not remove rotated secret: {{error}}", - "confirmClientSecretTitle": "Regenerate secret for this client?", - "confirmClientSecretBody": "If you regenerate secret, the Keycloak database will be updated and you will need to download a new adapter for this client.", - "confirmAccessTokenTitle": "Regenerate registration access token?", - "confirmAccessTokenBody": "If you regenerate registration access token, the access data regarding the client registration service will be updated.", - "clientSecretSuccess": "Client secret regenerated", - "clientSecretError": "Could not regenerate client secret due to: {{error}}", - "signingKeysConfig": "Signing keys config", - "signingKeysConfigExplain": "If you enable the \"Client signature required\" below, you must configure the signing keys by generating or importing keys, and the client will sign their saml requests and responses. The signature will be validated.", - "encryptionKeysConfig": "Encryption keys config", - "encryptionKeysConfigExplain": "If you enable the \"Encryption assertions\" below, you must configure the encryption keys by generating or importing keys, and the SAML assertions will be encrypted with the client's public key using AES.", - "enableClientSignatureRequired": "Enable \"Client signature required\"?", - "enableClientSignatureRequiredExplain": "If you enable \"Client signature required\", the adapter of this client will be updated. You may need to download a new adapter for this client. You need to generate or import keys for this client otherwise the authentication will not work.", - "selectMethod": "Select method", - "selectMethodType": { - "generate": "Generate", - "import": "Import" - }, - "realmCertificateAlias": "Realm certificate alias", - "exportSamlKeyTitle": "Export SAML Keys", - "samlKeysExportSuccess": "Successfully exported keys", - "samlKeysExportError": "Could not export keys due to: {{error}}", - "browse": "Browse", - "importKey": "Import key", - "disableSigning": "Disable \"{{key}}\"", - "disableSigningExplain": "If you disable \"{{key}}\", the Keycloak database will be updated and you may need to download a new adapter for this client.", - "reGenerateSigning": "Regenerate signing key for this client", - "reGenerateSigningExplain": "If you regenerate signing key for client, the Keycloak database will be updated and you may need to download a new adapter for this client.", - "registrationAccessToken": "Registration access token", - "accessTokenSuccess": "Access token regenerated", - "accessTokenError": "Could not regenerate access token due to: {{error}}", - "signatureAlgorithm": "Signature algorithm", - "allowRegexComparison": "Allow regex pattern comparison", - "subject": "Subject DN", - "searchForClient": "Search for client", - "advanced": "Advanced", - "revocation": "Revocation", - "clustering": "Clustering", - "notBefore": "Not before", - "setToNow": "Set to now", - "noAdminUrlSet": "No push sent. No admin URI configured or no registered cluster nodes available", - "notBeforeSetToNow": "Not Before set for client", - "notBeforeNowClear": "Not Before cleared for client", - "notBeforePushFail": "Failed to push \"not before\" to: {{failedNodes}}", - "notBeforePushSuccess": "Successfully push \"not before\" to: {{successNodes}}", - "testClusterFail": "Failed verified availability for: {{failedNodes}}. Fix or unregister failed cluster nodes and try again", - "testClusterSuccess": "Successfully verified availability for: {{successNodes}}", - "deleteNode": "Delete node?", - "deleteNodeBody": "Are you sure you want to permanently delete the node \"{{node}}\"", - "deleteNodeSuccess": "Node successfully removed", - "deleteNodeFail": "Could not delete node: '{{error}}'", - "addedNodeSuccess": "Node successfully added", - "addedNodeFail": "Could not add node: '{{error}}'", - "addNode": "Add node", - "push": "Push", - "nodeReRegistrationTimeout": "Node Re-registration timeout", - "registeredClusterNodes": "Registered cluster nodes", - "nodeHost": "Node host", - "noNodes": "No nodes registered", - "noNodesInstructions": "There are no nodes registered, you can add one manually.", - "lastRegistration": "Last registration", - "testClusterAvailability": "Test cluster availability", - "registerNodeManually": "Register node manually", - "fineGrainOpenIdConnectConfiguration": "Fine grain OpenID Connect configuration", - "fineGrainSamlEndpointConfig": "Fine Grain SAML Endpoint Configuration", - "logoUrl": "Logo URL", - "policyUrl": "Policy URL", - "termsOfServiceUrl": "Terms of service URL", - "accessTokenSignatureAlgorithm": "Access token signature algorithm", - "idTokenSignatureAlgorithm": "ID token signature algorithm", - "idTokenEncryptionKeyManagementAlgorithm": "ID token encryption key management algorithm", - "userInfoResponseEncryptionKeyManagementAlgorithm": "User info response encryption key management algorithm", - "userInfoResponseEncryptionContentEncryptionAlgorithm": "User info response encryption content encryption algorithm", - "idTokenEncryptionContentEncryptionAlgorithm": "ID token encryption content encryption algorithm", - "userInfoSignedResponseAlgorithm": "User info signed response algorithm", - "requestObjectSignatureAlgorithm": "Request object signature algorithm", - "requestObjectRequired": "Request object required", - "requestObject": { - "not required": "Not required", - "request or request_uri": "Request or Request URI", - "request only": "Request only", - "request_uri only": "Request URI only" - }, - "requestObjectEncryption": "Request object encryption algorithm", - "requestObjectEncoding": "Request object content encryption algorithm", - "validRequestURIs": "Valid request URIs", - "addRequestUri": "Add valid request URIs", - "authorizationSignedResponseAlg": "Authorization response signature algorithm", - "authorizationEncryptedResponseAlg": "Authorization response encryption key management algorithm", - "authorizationEncryptedResponseEnc": "Authorization response encryption content encryption algorithm", - "openIdConnectCompatibilityModes": "Open ID Connect Compatibility Modes", - "excludeSessionStateFromAuthenticationResponse": "Exclude Session State From Authentication Response", - "excludeIssuerFromAuthenticationResponse": "Exclude Issuer From Authentication Response", - "useRefreshTokens": "Use refresh tokens", - "useRefreshTokenForClientCredentialsGrant": "Use refresh tokens for client credentials grant", - "useLowerCaseBearerType": "Use lower-case bearer type in token responses", - "assertionConsumerServicePostBindingURL": "Assertion Consumer Service POST Binding URL", - "assertionConsumerServiceRedirectBindingURL": "Assertion Consumer Service Redirect Binding URL", - "logoutServicePostBindingURL": "Logout Service POST Binding URL", - "logoutServiceRedirectBindingURL": "Logout Service Redirect Binding URL", - "logoutServiceSoapBindingUrl": "Logout Service SOAP Binding URL", - "logoutServiceArtifactBindingUrl": "Logout Service ARTIFACT Binding URL", - "artifactBindingUrl": "Artifact Binding URL", - "artifactResolutionService": "Artifact Resolution Service", - "advancedSettings": "Advanced settings", - "assertionLifespan": "Assertion Lifespan", - "accessTokenLifespan": "Access Token Lifespan", - "clientSessionIdle": "Client Session Idle", - "clientSessionMax": "Client Session Max", - "clientOfflineSessionIdle": "Client Offline Session Idle", - "clientOfflineSessionMax": "Client Offline Session Max", - "oAuthMutual": "OAuth 2.0 Mutual TLS Certificate Bound Access Tokens Enabled", - "oAuthDPoP": "OAuth 2.0 DPoP Bound Access Tokens Enabled", - "keyForCodeExchange": "Proof Key for Code Exchange Code Challenge Method", - "pushedAuthorizationRequestRequired": "Pushed authorization request required", - "acrToLoAMapping": "ACR to LoA Mapping", - "defaultACRValues": "Default ACR Values", - "authenticationOverrides": "Authentication flow overrides", - "browserFlow": "Browser Flow", - "directGrant": "Direct Grant Flow", - "jwksUrlConfig": "JWKS URL configs", - "keysIntro": "If \"Use JWKS URL switch\" is on, you need to fill a valid JWKS URL. After saving, admin can download keys from the JWKS URL or keys will be downloaded automatically by Keycloak server when an unknown KID is seen during client authentication.", - "useJwksUrl": "Use JWKS URL", - "certificate": "Certificate", - "jwksUrl": "JWKS URL", - "generateNewKeys": "Generate new keys", - "generateKeys": "Generate keys?", - "generate": "Generate", - "archiveFormat": "Archive format", - "keyAlias": "Key alias", - "keyPassword": "Key password", - "storePassword": "Store password", - "generateSuccess": "New key pair and certificate generated successfully", - "generateError": "Could not generate new key pair and certificate {{error}}", - "import": "Import", - "importFile": "Import file", - "importSuccess": "New certificate imported", - "importError": "Could not import certificate {{error}}", - "importParseError": "Could not parse the file {{error}}", - "tokenLifespan": { - "inherited": "Inherits from realm settings", - "expires": "Expires in", - "never": "Never expires" - }, - "unsavedChangesTitle": "Unsaved changes", - "unsavedChangesConfirm": "You have unsaved changes. Do you really want to leave the page?", - "enableDisable": "Disabled clients cannot initiate a login or have obtained access tokens.", - "clientTypeHelp": "'OpenID Connect' allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server.'SAML' enables web-based authentication and authorization scenarios including cross-domain single sign-on (SSO) and uses security tokens containing assertions to pass information.", - "serviceAccountHelp": "Allows you to authenticate this client to Keycloak and retrieve access token dedicated to this client. In terms of OAuth2 specification, this enables support of 'Client Credentials Grant' for this client.", - "manageServiceAccountUser": "To manage detail and group mappings, click on the username <1>{{link}}", - "authenticationHelp": "This defines the type of the OIDC client. When it's ON, the OIDC type is set to confidential access type. When it's OFF, it is set to public access type", - "authorizationHelp": "Enable/Disable fine-grained authorization support for a client", - "authDetailsHelp": "Export and download all resource settings for this resource server.", - "directAccessHelp": "This enables support for Direct Access Grants, which means that client has access to username/password of user and exchange it directly with Keycloak server for access token. In terms of OAuth2 specification, this enables support of 'Resource Owner Password Credentials Grant' for this client.", - "standardFlowHelp": "This enables standard OpenID Connect redirect based authentication with authorization code. In terms of OpenID Connect or OAuth2 specifications, this enables support of 'Authorization Code Flow' for this client.", - "implicitFlowHelp": "This enables support for OpenID Connect redirect based authentication without authorization code. In terms of OpenID Connect or OAuth2 specifications, this enables support of 'Implicit Flow' for this client.", - "oauthDeviceAuthorizationGrantHelp": "This enables support for OAuth 2.0 Device Authorization Grant, which means that client is an application on device that has limited input capabilities or lack a suitable browser.", - "oidcCibaGrantHelp": "This enables support for OIDC CIBA Grant, which means that the user is authenticated via some external authentication device instead of the user's browser.", - "rootURL": "Root URL appended to relative URLs", - "validRedirectURIs": "Valid URI pattern a browser can redirect to after a successful login. Simple wildcards are allowed such as 'http://example.com/*'. Relative path can be specified too such as /my/relative/path/*. Relative paths are relative to the client root URL, or if none is specified the auth server root URL is used. For SAML, you must set valid URI patterns if you are relying on the consumer service URL embedded with the login request.", - "validPostLogoutRedirectURIs": "Valid URI pattern a browser can redirect to after a successful logout. A value of '+' or an empty field will use the list of valid redirect uris. A value of '-' will not allow any post logout redirect uris. Simple wildcards are allowed such as 'http://example.com/*'. Relative path can be specified too such as /my/relative/path/*. Relative paths are relative to the client root URL, or if none is specified the auth server root URL is used.", - "nameIdFormatHelp": "The name ID format to use for the subject.", - "alwaysDisplayInUIHelp": "Always list this client in the Account UI, even if the user does not have an active session.", - "forceNameIdFormatHelp": "Ignore requested NameID subject format and use Admin UI configured one.", - "forcePostBindingHelp": "Always use POST binding for responses.", - "forceArtifactBindingHelp": "Should response messages be returned to the client through the SAML ARTIFACT binding system?", - "includeAuthnStatementHelp": "Should a statement specifying the method and timestamp be included in login responses?", - "includeOneTimeUseConditionHelp": "Should a OneTimeUse Condition be included in login responses?", - "optimizeLookupHelp": "When signing SAML documents in REDIRECT binding for SP that is secured by Keycloak adapter, should the ID of the signing key be included in SAML protocol message in element? This optimizes validation of the signature as the validating party uses a single key instead of trying every known key for validation.", - "allowEcpFlowHelp": "This client is allowed to use ECP flow for authenticating users.", - "signDocumentsHelp": "Should SAML documents be signed by the realm?", - "signAssertionsHelp": "Should assertions inside SAML documents be signed? This setting is not needed if document is already being signed.", - "signatureAlgorithmHelp": "The signature algorithm to use to sign documents. Note that 'SHA1' based algorithms are deprecated and can be removed in the future. It is recommended to stick to some more secure algorithm instead of '*_SHA1'", - "signatureKeyNameHelp": "Signed SAML documents contain identification of signing key in KeyName element. For Keycloak / RH-SSO counterparty, use KEY_ID, for MS AD FS use CERT_SUBJECT, for others check and use NONE if no other option works.", - "canonicalizationHelp": "Canonicalization Method for XML signatures.", - "webOriginsHelp": "Allowed CORS origins. To permit all origins of Valid Redirect URIs, add '+'. This does not include the '*' wildcard though. To permit all origins, explicitly add '*'.", - "homeURLHelp": "Default URL to use when the auth server needs to redirect or link back to the client.", - "adminURLHelp": "URL to the admin interface of the client. Set this if the client supports the adapter REST API. This REST API allows the auth server to push revocation policies and other administrative tasks. Usually this is set to the base URL of the client.", - "clientHelp": "Select the client making this authorization request. If not provided, authorization requests would be done based on the client you are in.", - "clientIdHelp": "The client identifier registered with the identity provider.", - "selectUser": "Select a user whose identity is going to be used to query permissions from the server.", - "rolesHelp": "Select the roles you want to associate with the selected user.", - "contextualAttributesHelp": "Any attribute provided by a running environment or execution context.", - "resourceTypeHelp": "Specifies that this permission must be applied to all resource instances of a given type.", - "applyToResourceTypeHelp": "Specifies if this permission should be applied to all resources with a given type. In this case, this permission will be evaluated for all instances of a given resource type.", - "resourcesHelp": "Specifies that this permission must be applied to a specific resource instance.", - "scopesSelect": "Specifies that this permission must be applied to one or more scopes.", - "clientNameHelp": "Specifies display name of the client. For example 'My Client'. Supports keys for localized values as well. For example: ${my_client}", - "descriptionHelp": "Help text for the description of the new flow", - "loginThemeHelp": "Select theme for login, OTP, grant, registration and forgot password pages.", - "encryptAssertionsHelp": "Should SAML assertions be encrypted with client's public key using AES?", - "clientSignatureHelp": "Will the client sign their saml requests and responses? And should they be validated?", - "downloadType": "this is information about the download type", - "detailsHelp": "this is information about the details", - "clientPolicyNameHelp": "Display name of the policy", - "createTokenHelp": "An initial access token can only be used to create clients", - "expirationHelp": "Sets the expiration for events. Expired events are periodically deleted from the database.", - "countHelp": "Specifies how many clients can be created using the token", - "clientAuthenticatorTypeHelp": "Client Authenticator used for authentication of this client against Keycloak server", - "registrationAccessTokenHelp": "The registration access token provides access for clients to the client registration service.", - "signature-algorithm": "JWA algorithm, which the client needs to use when signing a JWT for authentication. If left blank, the client is allowed to use any appropriate algorithm for the particular client authenticator.", - "anonymousAccessPoliciesHelp": "Those Policies are used when the Client Registration Service is invoked by unauthenticated request. This means that the request does not contain Initial Access Token nor Bearer Token.", - "authenticatedAccessPoliciesHelp": "Those Policies are used when Client Registration Service is invoked by authenticated request. This means that the request contains Initial Access Token or Bearer Token.", - "allowRegexComparisonHelp": "If OFF, then the Subject DN from given client certificate must exactly match the given DN from the 'Subject DN' property as described in the RFC8705 specification. The Subject DN can be in the RFC2553 or RFC1779 format. If ON, then the Subject DN from given client certificate should match regex specified by 'Subject DN' property.", - "subjectHelp": "A regular expression for validating Subject DN in the Client Certificate. Use \"(.*?)(?:$)\" to match all kind of expressions.", - "evaluateExplain": "This page allows you to see all protocol mappers and role scope mappings", - "effectiveProtocolMappersHelp": "Contains all default client scopes and selected optional scopes. All protocol mappers and role scope mappings of all those client scopes will be used when generating access token issued for your client", - "effectiveRoleScopeMappingsHelp": "Selected Optional Client Scopes, which will be used when issuing access token for this client. You can see above what value of OAuth Scope Parameter needs to be used when you want to have these optional client scopes applied when the initial OpenID Connect Authentication request will be sent from your client adapter", - "generatedAccessTokenHelp": "See the example access token, which will be generated and sent to the client when selected user is authenticated. You can see claims and roles that the token will contain based on the effective protocol mappers and role scope mappings and also based on the claims/roles assigned to user himself", - "generatedIdTokenHelp": "See the example ID Token, which will be generated and sent to the client when selected user is authenticated. You can see claims and roles that the token will contain based on the effective protocol mappers and role scope mappings and also based on the claims/roles assigned to user himself", - "generatedUserInfoHelp": "See the example User Info, which will be provided by the User Info Endpoint", - "scopeParameterHelp": "You can copy/paste this value of scope parameter and use it in initial OpenID Connect Authentication Request sent from this client adapter. Default client scopes and selected optional client scopes will be used when generating token issued for this client", - "userHelp": "Optionally select user, for whom the example access token will be generated. If you do not select a user, example access token will not be generated during evaluation", - "notBeforeHelp": "Revoke any tokens issued before this time for this client. To push the policy, you should set an effective admin URL in the Settings tab first.", - "notBeforeIntro": "In order to successfully push a revocation policy to the client, you need to set an Admin URL under the <1>Settings tab for this client first", - "notBeforeTooltip": "The admin URL should be set in the Settings tab first.", - "nodeReRegistrationTimeoutHelp": "Interval to specify max time for registered clients cluster nodes to re-register. If cluster node will not send re-registration request to Keycloak within this time, it will be unregistered from Keycloak", - "fineGrainOpenIdConnectConfigurationHelp": "This section is used to configure advanced settings of this client related to OpenID Connect protocol.", - "fineGrainSamlEndpointConfigHelp": "This section to configure exact URLs for Assertion Consumer and Single Logout Service.", - "logoUrlHelp": "URL that references a logo for the Client application", - "policyUrlHelp": "URL that the Relying Party Client provides to the End-User to read about the how the profile data will be used", - "policyUsers": "Specifies which user(s) are allowed by this policy.", - "termsOfServiceUrlHelp": "URL that the Relying Party Client provides to the End-User to read about the Relying Party's terms of service", - "accessTokenSignatureAlgorithmHelp": "JWA algorithm used for signing access tokens.", - "idTokenSignatureAlgorithmHelp": "JWA algorithm used for signing ID tokens.", - "idTokenEncryptionKeyManagementAlgorithmHelp": "JWA Algorithm used for key management in encrypting ID tokens. This option is needed if you want encrypted ID tokens. If left empty, ID Tokens are just signed, but not encrypted.", - "idTokenEncryptionContentEncryptionAlgorithmHelp": "JWA Algorithm used for content encryption in encrypting ID tokens. This option is needed just if you want encrypted ID tokens. If left empty, ID Tokens are just signed, but not encrypted.", - "userInfoSignedResponseAlgorithmHelp": "JWA algorithm used for signed User Info Endpoint response. If set to 'unsigned', User Info Response won't be signed and will be returned in application/json format.", - "userInfoResponseEncryptionKeyManagementAlgorithmHelp": "JWA Algorithm used for key management in encrypting User Info Endpoint responses. This option is needed if you want encrypted User Info Endpoint responses. If left empty, User Info Endpoint responses are not encrypted.", - "userInfoResponseEncryptionContentEncryptionAlgorithmHelp": "JWA Algorithm used for content encryption in encrypting User Info Endpoint responses. If User Info response encryption key management algorithm is specified, the default for this value is A128CBC-HS256.", - "requestObjectSignatureAlgorithmHelp": "JWA algorithm, which client needs to use when sending OIDC request object specified by 'request' or 'request_uri' parameters. If set to 'any', Request object can be signed by any algorithm (including 'none' ).", - "requestObjectRequiredHelp": "Specifies if the client needs to provide a request object with their authorization requests, and what method they can use for this. If set to \"not required\", providing a request object is optional. In all other cases, providing a request object is mandatory. If set to \"request\", the request object must be provided by value. If set to \"request_uri\", the request object must be provided by reference. If set to \"request or request_uri\", either method can be used.", - "requestObjectEncryptionHelp": "JWE algorithm, which client needs to use when sending OIDC request object specified by 'request' or 'request_uri' parameters. If set to 'any', encryption is optional and any algorithm is allowed.", - "requestObjectEncodingHelp": "JWE algorithm, which client needs to use when encrypting the content of the OIDC request object specified by 'request' or 'request_uri' parameters. If set to 'any', any algorithm is allowed.", - "validRequestURIsHelp": "List of valid URIs, which can be used as values of 'request_uri' parameter during OpenID Connect authentication request. There is support for the same capabilities like for Valid Redirect URIs. For example wildcards or relative paths.", - "idpInitiatedSsoRelayStateHelp": "Relay state you want to send with SAML request when you want to do IDP Initiated SSO.", - "masterSamlProcessingUrlHelp": "If configured, this URL will be used for every binding to both the SP's Assertion Consumer and Single Logout Services. This can be individually overridden for each binding and service in the Fine Grain SAML Endpoint Configuration.", - "authorizationSignedResponseAlgHelp": "JWA algorithm used for signing authorization response tokens when the response mode is jwt.", - "authorizationEncryptedResponseAlgHelp": "JWA Algorithm used for key management in encrypting the authorization response when the response mode is jwt. This option is needed if you want encrypted authorization response. If left empty, the authorization response is just signed, but not encrypted.", - "authorizationEncryptedResponseEncHelp": "JWA Algorithm used for content encryption in encrypting the authorization response when the response mode is jwt. This option is needed if you want encrypted authorization response. If left empty, the authorization response is just signed, but not encrypted.", - "openIdConnectCompatibilityModesHelp": "This section is used to configure settings for backward compatibility with older OpenID Connect / OAuth 2 adaptors. It's useful especially if your client uses older version of Keycloak / RH-SSO adapter.", - "excludeSessionStateFromAuthenticationResponseHelp": "If this is on, the parameter 'session_state' will not be included in OpenID Connect Authentication Response. It is useful if the client uses an older OIDC / OAuth2 adapter, which does not support the 'session_state' parameter.", - "excludeIssuerFromAuthenticationResponseHelp": "If this is on, the parameter 'iss' will not be included in OpenID Connect Authentication Response. It is useful if the client uses an older OIDC / OAuth2 adapter, which does not support the 'iss' parameter.", - "useRefreshTokensHelp": "If this is on, a refresh_token will be created and added to the token response. If this is off then no refresh_token will be generated.", - "useRefreshTokenForClientCredentialsGrantHelp": "If this is on, a refresh_token will be created and added to the token response if the client_credentials grant is used. The OAuth 2.0 RFC6749 Section 4.4.3 states that a refresh_token should not be generated when client_credentials grant is used. If this is off then no refresh_token will be generated and the associated user session will be removed.", - "useLowerCaseBearerTypeHelp": "If this is on, token responses will be set the with the type \"bearer\" in lower-case. By default, the server sets the type as \"Bearer\" as defined by RFC6750.", - "advancedSettingsOpenid-connect": "This section is used to configure advanced settings of this client related to OpenID Connect protocol", - "advancedSettingsSaml": "This section is used to configure advanced settings of this client", - "assertionLifespanHelp": "Lifespan set in the SAML assertion conditions. After that time the assertion will be invalid. The \"SessionNotOnOrAfter\" attribute is not modified and continue using the \"SSO Session Max\" time defined at realm level.", - "accessTokenLifespanHelp": "Max time before an access token is expired. This value is recommended to be short relative to the SSO timeout", - "clientSessionIdleHelp": "Time a client session is allowed to be idle before it expires. Tokens are invalidated when a client session is expired. The option does not affect the global user SSO session. If not set, it uses the standard SSO Session Idle value.", - "clientSessionMaxHelp": "Max time before a client session is expired. Tokens are invalidated when a session is expired. The option does not affect the global user SSO session. If not set, it uses the standard SSO Session Max value.", - "clientOfflineSessionIdleHelp": "Time a client offline session is allowed to be idle before it expires. Offline tokens are invalidated when a client offline session is expired. The option does not affect the global user SSO session. If not set, it uses the realm Offline Session Idle value.", - "clientOfflineSessionMaxHelp": "Max time before a client offline session is expired. If Offline Session Max Limited is enabled at realm level, offline tokens are invalidated when a client offline session is expired. The option does not affect the global user SSO session. If not set, it uses the realm Offline Session Max value.", - "oAuthMutualHelp": "This enables support for OAuth 2.0 Mutual TLS Certificate Bound Access Tokens, which means that keycloak bind an access token and a refresh token with a X.509 certificate of a token requesting client exchanged in mutual TLS between keycloak's Token Endpoint and this client. These tokens can be treated as Holder-of-Key tokens instead of bearer tokens.", - "oAuthDPoPHelp": "This enables support for Demonstrating Proof-of-Possession (DPoP) bound tokens. The access and refresh tokens are bound to the key stored on the user agent. In order to prove the possession of the key, the user agent must send a signed proof alongside the token.", - "keyForCodeExchangeHelp": "Choose which code challenge method for PKCE is used. If not specified, keycloak does not applies PKCE to a client unless the client sends an authorization request with appropriate code challenge and code exchange method.", - "pushedAuthorizationRequestRequiredHelp": "Boolean parameter indicating whether the authorization server accepts authorization request data only via the pushed authorization request method.", - "acrToLoAMappingHelp": "Define which ACR (Authentication Context Class Reference) value is mapped to which LoA (Level of Authentication). The ACR can be any value, whereas the LoA must be numeric.", - "defaultACRValuesHelp": "Default values to be used as voluntary ACR in case that there is no explicit ACR requested by 'claims' or 'acr_values' parameter in the OIDC request.", - "assertionConsumerServicePostBindingURLHelp": "SAML POST Binding URL for the client's assertion consumer service (login responses). You can leave this blank if you do not have a URL for this binding.", - "assertionConsumerServiceRedirectBindingURLHelp": "SAML Redirect Binding URL for the client's assertion consumer service (login responses). You can leave this blank if you do not have a URL for this binding.", - "logoutServicePostBindingURLHelp": "SAML POST Binding URL for the client's single logout service. You can leave this blank if you are using a different binding", - "logoutServiceRedirectBindingURLHelp": "SAML Redirect Binding URL for the client's single logout service. You can leave this blank if you are using a different binding.", - "logoutServiceSoapBindingUrlHelp": "SAML SOAP Binding URL for the client's single logout service. You can leave this blank if you are using a different binding.", - "logoutServiceArtifactBindingUrlHelp": "SAML ARTIFACT Binding URL for the client's single logout service. You can leave this blank if you are using a different binding.", - "artifactBindingUrlHelp": "URL to send the HTTP ARTIFACT messages to. You can leave this blank if you are using a different binding. This value should be set when forcing ARTIFACT binding together with IdP initiated login.", - "frontchannelLogoutHelp": "When true, logout requires a browser redirect to client. When false, server performs a background invocation for logout.", - "frontchannelLogoutUrlHelp": "URL that will cause the client to log itself out when a logout request is sent to this realm (via end_session_endpoint). If not provided, it defaults to the base url.", - "backchannelLogoutUrlHelp": "URL that will cause the client to log itself out when a logout request is sent to this realm (via end_session_endpoint). If omitted, no logout request will be sent to the client is this case.", - "backchannelLogoutSessionRequiredHelp": "Specifying whether a sid (session ID) Claim is included in the Logout Token when the Backchannel Logout URL is used.", - "backchannelLogoutRevokeOfflineSessionsHelp": "Specifying whether a \"revoke_offline_access\" event is included in the Logout Token when the Backchannel Logout URL is used. Keycloak will revoke offline sessions when receiving a Logout Token with this event.", - "artifactResolutionServiceHelp": "SAML Artifact resolution service for the client. This is the endpoint to which Keycloak will send a SOAP ArtifactResolve message. You can leave this blank if you do not have a URL for this binding.", - "authenticationOverridesHelp": "Override realm authentication flow bindings.", - "browserFlowHelp": "Select the flow you want to use for browser authentication.", - "directGrantHelp": "Select the flow you want to use for direct grant authentication.", - "useJwksUrlHelp": "If the switch is on, identity provider public keys will be downloaded from given JWKS URL. This allows great flexibility because new keys will be always re-downloaded again when identity provider generates new keypair. If the switch is off, public key (or certificate) from the Keycloak DB is used, so when the identity provider keypair changes, you always need to import the new key to the Keycloak DB as well.", - "certificateHelp": "Client Certificate for validate JWT issued by client and signed by Client private key from your keystore.", - "jwksUrlHelp": "URL where identity provider keys in JWK format are stored. See JWK specification for more details. If you use external Keycloak identity provider, you can use URL like 'http://broker-keycloak:8180/realms/test/protocol/openid-connect/certs' assuming your brokered Keycloak is running on 'http://broker-keycloak:8180' and its realm is 'test' .", - "generateKeysDescription": "If you generate new keys, you can download the keystore with the private key automatically and save it on your client's side. Keycloak server will save just the certificate and public key, but not the private key.", - "archiveFormatHelp": "Java keystore or PKCS12 archive format.", - "keyAliasHelp": "Alias for the private key", - "keyPasswordHelp": "Password for the private key", - "realmCertificateAliasHelp": "Realm certificate is stored in archive too. This is the alias to it.", - "storePasswordHelp": "Password to access the archive itself", - "consentRequiredHelp": "If enabled, users have to consent to client access.", - "displayOnClientHelp": "Applicable only if 'Consent Required' is on for this client. If this switch is off, the consent screen will contain just the consents corresponding to configured client scopes. If on, there will be also one item on the consent screen about this client itself.", - "consentScreenTextHelp": "Text that will be shown on the consent screen when this client scope is added to some client with consent required. Defaults to name of client scope if it is not filled", - "importHelp": "Import a JSON file containing authorization settings for this resource server.", - "policyEnforcementModeHelp": "The policy enforcement mode dictates how policies are enforced when evaluating authorization requests. 'Enforcing' means requests are denied by default even when there is no policy associated with a given resource. 'Permissive' means requests are allowed even when there is no policy associated with a given resource. 'Disabled' completely disables the evaluation of policies and allows access to any resource.", - "decisionStrategyHelp": "The decision strategy dictates how permissions are evaluated and how a final decision is obtained. 'Affirmative' means that at least one permission must evaluate to a positive decision in order to grant access to a resource and its scopes. 'Unanimous' means that all permissions must evaluate to a positive decision in order for the final decision to be also positive.", - "allowRemoteResourceManagementHelp": "Should resources be managed remotely by the resource server? If false, resources can be managed only from this Admin UI.", - "resourceNameHelp": "A unique name for this resource. The name can be used to uniquely identify a resource, useful when querying for a specific resource.", - "displayNameHelp": "Friendly name for Identity Providers.", - "typeHelp": "Client scopes, which will be added as default scopes to each created client", - "urisHelp": "Set of URIs which are protected by resource.", - "scopesHelp": "The scopes to be sent when asking for authorization. It can be a space-separated list of scopes. Defaults to 'openid'.", - "dedicatedScopeExplain": "This is a client scope which includes the dedicated mappers and scope", - "fullScopeAllowedHelp": "Allows you to disable all restrictions.", - "iconUriHelp": "A URI pointing to an icon.", - "ownerManagedAccessHelp": "If enabled, the access to this resource can be managed by the resource owner.", - "resourceAttributeHelp": "The attributes associated wth the resource.", - "resetActions": "Reset Actions", - "lifespan": "Expires In", - "scopeName": "A unique name for this scope. The name can be used to uniquely identify a scope, useful when querying for a specific scope.", - "scopeDisplayNameHelp": "A unique name for this scope. The name can be used to uniquely identify a scope, useful when querying for a specific scope.", - "policy-name": "The name of this policy.", - "policy-description": "A description for this policy.", - "policyDecisionStagey": "The decision strategy dictates how the policies associated with a given permission are evaluated and how a final decision is obtained. 'Affirmative' means that at least one policy must evaluate to a positive decision in order for the final decision to be also positive. 'Unanimous' means that all policies must evaluate to a positive decision in order for the final decision to be also positive. 'Consensus' means that the number of positive decisions must be greater than the number of negative decisions. If the number of positive and negative is the same, the final decision will be negative.", - "applyPolicyHelp": "Specifies all the policies that must be applied to the scopes defined by this policy or permission.", - "policyClientHelp": "Specifies which client(s) are allowed by this policy.", - "groupsClaimHelp": "If defined, the policy will fetch user's groups from the given claim within an access token or ID token representing the identity asking permissions. If not defined, user's groups are obtained from your realm configuration.", - "policyGroups": "Specifies which user(s) are allowed by this policy.", - "targetClaimHelp": "Specifies the target claim which the policy will fetch.", - "regexPatternHelp": "Specifies the regex pattern.", - "policyRoles": "Specifies the client roles allowed by this policy.", - "startTimeHelp": "Defines the time before which the policy MUST NOT be granted. Only granted if current date/time is after or equal to this value.", - "expireTimeHelp": "Defines the time after which the policy MUST NOT be granted. Only granted if current date/time is before or equal to this value.", - "monthHelp": "Defines the month which the policy MUST be granted. You can also provide a range by filling the second field. In this case, permission is granted only if current month is between or equal to the two values you provided.", - "dayMonthHelp": "Defines the day of month when the policy MUST be granted. You can also provide a range by filling the second field. In this case, permission is granted only if current day of month is between or equal to the two values you provided.", - "hourHelp": "Defines the hour when the policy MUST be granted. You can also provide a range by filling the second field. In this case, permission is granted only if current hour is between or equal to the two values you provided.", - "minuteHelp": "Defines the minute when the policy MUST be granted. You can also provide a range by filling the second field. In this case, permission is granted only if current minute is between or equal to the two values you provided.", - "policyCodeHelp": "The JavaScript code providing the conditions for this policy.", - "logicHelp": "The logic dictates how the policy decision should be made. If 'Positive', the resulting effect (permit or deny) obtained during the evaluation of this policy will be used to perform a decision. If 'Negative', the resulting effect will be negated, in other words, a permit becomes a deny and vice-versa.", - "permissionName": "The name of this permission.", - "permissionDescription": "A description for this permission.", - "applyToResourceTypeFlagHelp": "Specifies if this permission should be applied to all resources with a given type. In this case, this permission will be evaluated for all instances of a given resource type.", - "permissionResources": "Specifies that this permission must be applied to a specific resource instance.", - "permissionScopesHelp": "Specifies that this permission must be applied to one or more scopes.", - "permissionPoliciesHelp": "Specifies all the policies that must be applied to the scopes defined by this policy or permission.", - "permissionType": "Specifies that this permission must be applied to all resources instances of a given type.", - "permissionDecisionStrategyHelp": "The decision strategy dictates how the policies associated with a given permission are evaluated and how a final decision is obtained. 'Affirmative' means that at least one policy must evaluate to a positive decision in order for the final decision to be also positive. 'Unanimous' means that all policies must evaluate to a positive decision in order for the final decision to be also positive. 'Consensus' means that the number of positive decisions must be greater than the number of negative decisions. If the number of positive and negative is the same, the final decision will be negative.", - "permissionsEnabledHelp": "Determines if fine grained permissions are enabled for managing this role. Disabling will delete all current permissions that have been set up.", - "createClientScope": "Create client scope", - "clientScopeList": "Client scopes", - "grantedClientScopes": "Granted client scopes", - "clientScopeDetails": "Client scope details", - "clientScopeExplain": "Client scopes are a common set of protocol mappers and roles that are shared between multiple clients.", - "searchFor": "Search role by name", - "dynamicScope": "Dynamic scope", - "dynamicScopeFormat": "Dynamic scope format", - "displayOrder": "Display order", - "deleteClientScope_one": "Delete client scope {{name}}", - "deleteClientScope_other": "Delete {{count}} client scopes", - "deleteConfirm": "Are you sure you want to permanently delete the provider '{{provider}}'?", - "changeTypeTo": "Change type to", - "changeTypeIntro": "{{count}} selected client scopes will be changed to", - "deletedSuccess": "Provider successfully deleted.", - "deleteError": "Could not delete the provider {{error}}", - "includeInTokenScope": "Include in token scope", - "realmRolePrefix": "Realm role prefix", - "userInfo": "User info", - "updateSuccess": "Provider successfully updated", - "updateError": "Could not update the provider {{error}}", - "addMapperExplain": "If you want more fine-grain control, you can create protocol mapper on this client", - "newRoleName": "New role name", - "searchClientByName": "Search client by name", - "mapperCreateSuccess": "Mapper created successfully.", - "mapperCreateError": "Error creating mapper.", - "fromPredefinedMapper": "From predefined mappers", - "byConfiguration": "By configuration", - "emptyBuiltInMappersInstructions": "All built in mappers were added to this client", - "emptySecondaryAction": "Configure a new mapper", - "displayOnConsentScreen": "Display on consent screen", - "guiOrder": "Display Order", - "shouldBeANumber": "Should be a number", - "chooseAMapperType": "Choose a mapper type", - "addPredefinedMappers": "Add predefined mappers", - "predefinedMappingDescription": "Choose any of the predefined mappings from this table", - "configureMappingDescription": "Choose any of the mappings from this table", - "mappingTable": "Table with predefined mapping", - "headerName": "header name", - "nameHelp": "Help text for the name of the new flow", - "dynamicScopeHelp": "If on, this scope will be considered a Dynamic Scope, which will be comprised of a static and a variable portion.", - "dynamicScopeFormatHelp": "This is the regular expression that the system will use to extract the scope name and variable.", - "protocolHelp": "Which SSO protocol configuration is being supplied by this client scope", - "displayOnConsentScreenHelp": "If on, and this client scope is added to some client with consent required, the text specified by 'Consent Screen Text' will be displayed on consent screen. If off, this client scope will not be displayed on the consent screen", - "includeInTokenScopeHelp": "If on, the name of this client scope will be added to the access token property 'scope' as well as to the Token Introspection Endpoint response. If off, this client scope will be omitted from the token and from the Token Introspection Endpoint response.", - "guiOrderHelp": "Specify order of the provider in GUI (such as in Consent page) as integer", - "prefix": "A prefix for each Realm Role (optional).", - "multiValued": "Indicates if attribute supports multiple values. If true, the list of all values of this attribute will be set as claim. If false, just first value will be set as claim", - "tokenClaimName": { - "label": "Token Claim Name", - "tooltip": "Name of the claim to insert into the token. This can be a fully qualified name like 'address.street'. In this case, a nested json object will be created. To prevent nesting and use dot literally, escape the dot with backslash (\\.)." - }, - "claimJsonType": "JSON type that should be used to populate the json claim in the token. long, int, boolean, String and JSON are valid values.", - "protocolMapper": "Protocol...", - "mapperNameHelp": "Name of the mapper", - "roleHelp": "Role to grant to user if all attributes are present. Click 'Select Role' button to browse roles, or just type it in the textbox. To reference a client role the syntax is clientname.clientrole, i.e. myclient.myrole", - "newRoleNameHelp": "The new role name. The new name format corresponds to where in the access token the role will be mapped to. So, a new name of 'myapp.newname' will map the role to that position in the access token. A new name of 'newname' will map the role to the realm roles in the token.", - "rolesScope": "If there is no role scope mapping defined, each user is permitted to use this client scope. If there are role scope mappings defined, the user must be a member of at least one of the roles.", - "groupDetails": "Group details", - "childGroups": "Child groups", - "createGroup": "Create group", - "createChildGroup": "Create child group", - "groupName": "Group name", - "searchForGroups": "Search group", - "global": "Global", - "local": "Local", - "searchGroups": "Search groups", - "filterGroups": "Filter groups", - "searchGroup": "Search group", - "renameGroup": "Rename group", - "deleteGroup": "Delete group", - "usersLeft_one": "{{count}} user left the group", - "usersLeft_other": "{{count}} users left the group", - "usersLeftError": "Could not remove users from the group: {{error}}", - "usersAdded_one": "{{count}} user added to the group", - "usersAdded_other": "{{count}} users added to the group", - "usersAddedError": "Could not add users to the group: {{error}}", - "exactSearch": "Exact search", - "members": "Members", - "searchMembers": "Search members", - "addMember": "Add member", - "includeSubGroups": "Include sub-group users", - "path": "Path", - "moveTo": "Move to", - "moveToGroup": "Move {{group1}} to {{group2}}", - "root": "Root", - "moveHere": "Move here", - "moveGroupEmpty": "No sub groups", - "moveGroupEmptyInstructions": "There are no sub groups, select 'Move here' to move the selected group as a subgroup of this group", - "moveGroupSuccess": "Group moved", - "moveGroupError": "Could not move group {{error}}", - "tableOfGroups": "Table of groups", - "groupsDescription": "A group is a set of attributes and role mappings that can be applied to a user. You can create, edit, and delete groups and manage their child-parent organization.", - "groupCreated": "Group created", - "couldNotCreateGroup": "Could not create group {{error}}", - "createAGroup": "Create a group", - "renameAGroup": "Rename group", - "rename": "Rename", - "email": "Email", - "lastName": "Last name", - "firstName": "First name", - "membership": "Membership", - "noGroupsInThisRealm": "No groups in this realm", - "noGroupsInThisRealmInstructions": "You haven't created any groups in this realm. Create a group to get started.", - "noGroupsInThisSubGroup": "No groups in this sub group", - "noGroupsInThisSubGroupInstructions": "You haven't created any groups in this sub group.", - "deleteConfirmTitle_one": "Delete group?", - "deleteConfirmTitle_other": "Delete groups?", - "deleteConfirm_one": "Are you sure you want to delete this group '{{groupName}}'.", - "deleteConfirm_other": "Are you sure you want to delete these groups.", - "groupDeleted_one": "Group deleted", - "groupDeleted_other": "Groups deleted", - "groupDeleteError": "Error deleting group {{error}}", - "groupUpdated": "Group updated", - "groupUpdateError": "Error updating group {{error}}", - "roleMapping": "Role mapping", - "noViewRights": "You do not have rights to view this group.", - "uploadFile": "Upload JSON file", - "invalidRealmName": "Realm name can't contain special characters", - "realmExplain": "A realm manages a set of users, credentials, roles, and groups. A user belongs to and logs into a realm. Realms are isolated from one another and can only manage and authenticate the users that they control.", - "noRealmRoles": "No realm roles", - "emptyStateText": "There aren't any realm roles in this realm. Create a realm role to get started.", - "saveRealmSuccess": "Realm created successfully", - "saveRealmError": "Could not create realm {{error}}", - "deleteAttributeText": "Delete an attribute", - "associatedRolesText": "Associated roles", - "addAssociatedRolesText": "Add associated roles", - "addAssociatedRolesSuccess": "Associated roles have been added", - "addAssociatedRolesError": "Could not associate roles {{error}}", - "associatedRolesModalTitle": "Add roles to {{name}}", - "title": "Authentication", - "addRole": "Add role", - "importRole": "Import role", - "roleID": "Role ID", - "roleExplain": "Realm roles are the roles that you define for use in the current realm.", - "roleCreateExplain": "This is some description", - "roleName": "Role name", - "roleDetails": "Role details", - "composite": "Composite", - "deleteRole": "Delete this role", - "inheritedFrom": "Inherited from", - "roleList": "Role list", - "realmRolesList": "Realm roles", - "roleImportError": "Could not import role", - "roleCreated": "Role created", - "roleCreateError": "Could not create role: {{error}}", - "roleImportSuccess": "Role import successful", - "roleDeleteConfirm": "Delete role?", - "roleDeleteConfirmDialog": "This action will permanently delete the role \"{{selectedRoleName}}\" and cannot be undone.", - "roleDeletedSuccess": "The role has been deleted", - "roleDeleteError": "Could not delete role: {{error}}", - "defaultRole": "This role serves as a container for both realm and client default roles. It cannot be removed.", - "defaultRoleDeleteError": "You cannot delete a default role.", - "roleSaveSuccess": "The role has been saved", - "roleSaveError": "Could not save role: {{error}}", - "roleAuthentication": "Role authentication", - "removeAllAssociatedRoles": "Remove all associated roles", - "removeAssociatedRoles": "Remove associated roles", - "removeRoles": "Remove roles", - "removeAllAssociatedRolesConfirmDialog": "This action will remove the associated roles of {{name}}. Users who have permission to {{name}} will no longer have access to these roles.", - "roleRemoveAssociatedRoleConfirm": "Remove associated role?", - "roleRemoveAssociatedText": "This action will remove {{role}} from {{roleName}}. All the associated roles of {{role}} will also be removed.", - "compositeRoleOff": "Composite role turned off", - "associatedRolesRemoved": "Associated roles have been removed", - "compositesRemovedAlertDescription": "All the associated roles have been removed", - "whoWillAppearLinkText": "Who will appear in this group list?", - "whoWillAppearPopoverText": "Groups are hierarchical. When you select Direct Membership, you see only the child group that the user joined. Ancestor groups are not included.", - "whoWillAppearPopoverFooterText": "Users who have this role as an effective role cannot be added on this tab.", - "usersInRole": "Users in role", - "addUser": "Add user", - "removeUser": "Remove users", - "removeUserText": "Do you want to remove {{numSelected}} users?. These users will no longer have permissions of the role {{role}} and the associated roles of it.", - "noDirectUsers": "No direct users", - "noUsersEmptyStateDescription": "Only the users with this role directly assigned will appear under this tab. If you need to find users assigned to this role, go to", - "noUsersEmptyStateDescriptionContinued": "to find them. Users that already have this role as an effective role cannot be added here.", - "or": "or", - "userName": "Username", - "noRolesAssociated": "No associated roles", - "noRolesAssociatedInstructions": "To add roles to this role press the 'Add role' button", - "usersExplain": "Users are the users in the current realm.", - "userList": "User list", - "searchForUser": "Search user", - "searchType.default": "Default search", - "searchType.attribute": "Attribute search", - "selectAttribute": "Select attribute", - "selectAttributes": "Select attributes", - "searchAttributes": "Search attributes", - "addToFilter": "Add to filter", - "searchUserByAttributeMissingKeyError": "Specify a attribute key", - "searchUserByAttributeKeyAlreadyInUseError": "Attribute key already in use", - "searchUserByAttributeMissingValueError": "Specify a attribute value", - "searchUserByAttributeDescription": "It supports setting multiple attributes as the search filter by setting different keys or values. Only one value can be typed for a key.", - "startBySearchingAUser": "Start by searching for users", - "searchForUserDescription": "This realm may have a federated provider. Viewing all users may cause the system to slow down, but it can be done by searching for \"*\". Please search for a user above.", - "createUser": "Create user", - "createNewUser": "Create new user", - "noUsersFound": "No users found", - "noUsersFoundError": "No users found due to {{error}}", - "noUsersFoundErrorStorage": "No users found, could be due to wrongly configured federated provider {{error}}", - "noGroups": "No groups", - "noGroupsText": "You haven't added this user to any groups. Join a group to get started.", - "joinGroup": "Join Group", - "joinGroups": "Join Groups", - "join": "Join", - "joinGroupsFor": "Join groups for user {{username}}", - "selectGroups": "Select groups to join", - "leaveGroup_one": "Leave group {{name}}?", - "leaveGroup_other": "Leave groups?", - "leaveGroupConfirmDialog_one": "Are you sure you want to remove {{username}} from the group {{groupname}}?", - "leaveGroupConfirmDialog_other": "Are you sure you want to remove {{username}} from the {{count}} selected groups?", - "directMembership": "Direct membership", - "groupMembership": "Group membership", - "addedGroupMembership": "Added group membership", - "addedGroupMembershipError": "Error adding group membership", - "removedGroupMembership": "Removed group membership", - "removedGroupMembershipError": "Error removing group membership", - "emptyInstructions": "Change your search criteria or add a user", - "createdAt": "Created at", - "username": "Username", - "emailVerified": "Email verified", - "status": "Status", - "temporaryLocked": "Temporarily locked", - "unlockSuccess": "User successfully unlocked", - "unlockError": "Could not unlock user due to {{error}}", - "emailInvalid": "You must enter a valid email.", - "notVerified": "Not verified", - "requiredUserActions": "Required user actions", - "requiredActionPlaceholder": "Select action", - "federationLink": "Federation link", - "impersonate": "Impersonate", - "impersonateConfirm": "Impersonate user?", - "impersonateConfirmDialog": "Are you sure you want to log in as this user? If this user is in the same realm with you, your current login session will be logged out before you log in as this user.", - "impersonateError": "Could not impersonate the user: {{error}}", - "deleteUser": "Delete user", - "deleteConfirmCurrentUser": "Are you sure you want to permanently delete this user", - "deleteConfirmDialog_one": "Are you sure you want to permanently delete {{count}} selected user", - "deleteConfirmDialog_other": "Are you sure you want to permanently delete {{count}} selected users", - "userID": "User ID", - "userCreated": "The user has been created", - "userSaved": "The user has been saved", - "userDetails": "User details", - "userCreateError": "Could not create user: {{error}}", - "userDeletedSuccess": "The user has been deleted", - "userDeletedError": "The user could not be deleted {{error}}", - "linkAccount": "Link account", - "unlink": "Unlink", - "unlinkAccount": "Unlink account", - "unlinkAccountTitle": "Unlink account from {{provider}}?", - "unlinkAccountConfirm": "Are you sure you want to permanently unlink this account from {{provider}}?", - "link": "Link", - "linkAccountTitle": "Link account to {{provider}}", - "idpLinkSuccess": "Identity provider has been linked", - "idpUnlinkSuccess": "The provider link has been removed", - "idpType": { - "social": "Social login", - "custom": "Custom" - }, - "couldNotLinkIdP": "Could not link identity provider {{error}}", - "verifyEmail": "Verify email", - "updateUserLocale": "Update User Locale", - "consents": "Consents", - "noConsents": "No consents", - "noConsentsText": "The consents will only be recorded when users try to access a client that is configured to require consent. In that case, users will get a consent page which asks them to grant access to the client.", - "identityProvider": "Identity provider", - "identityProviderLinks": "Identity provider links", - "noProvidersLinked": "No identity providers linked. Choose one from the list below.", - "noAvailableIdentityProviders": "No available identity providers.", - "linkedIdPs": "Linked identity providers", - "linkedIdPsText": "The identity providers which are already linked to this user account", - "availableIdPs": "Available identity providers", - "availableIdPsText": "All the configured identity providers in this realm are listed here. You can link the user account to any of the IdP accounts.", - "revokeClientScopesTitle": "Revoke all granted client scopes?", - "revokeClientScopes": "Are you sure you want to revoke all granted client scopes for {{clientId}}?", - "deleteGrantsSuccess": "Grants successfully revoked.", - "deleteGrantsError": "Error deleting grants.", - "unlockAllUsers": "Unlock all users", - "unlockUsersConfirm": "All the users that are temporarily locked will be unlocked.", - "unlock": "Unlock", - "unlockUsersSuccess": "Any temporarily locked users are now unlocked", - "unlockUsersError": "Could not unlock all users {{error}}", - "noCredentials": "No credentials", - "noCredentialsText": "This user does not have any credentials. You can set password for this user.", - "setPassword": "Set password", - "setPasswordFor": "Set password for {{username}}", - "defaultPasswordLabel": "My password", - "savePasswordSuccess": "The password has been set successfully.", - "savePasswordError": "Error saving password: {{error}}", - "confirmPasswordDoesNotMatch": "Password and confirmation does not match.", - "credentialType": "Type", - "credentialUserLabel": "User Label", - "credentialData": "Data", - "credentialsList": "Credentials List", - "setPasswordConfirm": "Set password?", - "setPasswordConfirmText": "Are you sure you want to set the password for the user {{username}}?", - "resetPasswordConfirmation": "New password confirmation", - "savePassword": "Save password", - "deleteCredentialsConfirmTitle": "Delete credentials?", - "deleteCredentialsConfirm": "Are you sure you want to delete these users credentials?", - "deleteCredentialsSuccess": "The credentials has been deleted successfully.", - "deleteCredentialsError": "Error deleting users credentials: {{error}}", - "deleteBtn": "Delete", - "updatedCredentialMoveSuccess": "User Credential configuration has been saved", - "updatedCredentialMoveError": "User Credential configuration hasn't been saved", - "resetPasswordFor": "Reset password for {{username}}", - "resetPasswordConfirm": "Reset password?", - "resetPasswordConfirmText": "Are you sure you want to reset the password for the user {{username}}?", - "resetPassword": "Reset password", - "resetCredentialsSuccess": "The password has been reset successfully.", - "resetCredentialsError": "Error resetting users credentials: {{error}}", - "resetPasswordError": "Error resetting password: {{error}}", - "resetPasswordBtn": "Reset password", - "showPasswordDataName": "Name", - "showPasswordDataValue": "Value", - "showDataBtn": "Show data", - "userCredentialsHelpText": "The top level handlers allow you to shift the priority of the credential for the user, the topmost credential having the highest priority. The handlers within one expandable panel allow you to change the visual order of the credentials, the topmost credential will show at the most left.", - "userCredentialsHelpTextLabel": "User Credentials Help Text", - "userLabel": "User label", - "data": "Data", - "providedBy": "Provided by", - "passwordDataTitle": "Password data", - "updateCredentialUserLabelSuccess": "The user label has been changed successfully.", - "updateCredentialUserLabelError": "Error changing user label: {{error}}", - "credentialReset": "Credentials Reset", - "credentialResetBtn": "Credential Reset", - "VERIFY_EMAIL": "Verify Email (VERIFY_EMAIL)", - "UPDATE_PASSWORD": "Update password (UPDATE_PASSWORD)", - "UPDATE_PROFILE": "Update Profile (UPDATE_PROFILE)", - "CONFIGURE_TOTP": "Configure OTP (CONFIGURE_TOTP)", - "TERMS_AND_CONDITIONS": "Terms and Conditions (TERMS_AND_CONDITIONS)", - "hours": "Hours", - "minutes": "Minutes", - "seconds": "Seconds", - "credentialResetConfirm": "Send Email", - "credentialResetConfirmText": "Are you sure you want to send email to user", - "credentialResetEmailSuccess": "Email sent to user.", - "credentialResetEmailError": "Failed: {{error}}", - "editUserLabel": "Edit User Label Button", - "temporaryLockedHelp": "The user may be locked due to multiple failed attempts to log in.", - "disabledHelp": "A disabled user cannot log in.", - "emailVerifiedHelp": "Has the user's email been verified?", - "requiredUserActionsHelp": "Require an action when the user logs in. 'Verify email' sends an email to the user to verify their email address. 'Update profile' requires user to enter in new personal information. 'Update password' requires user to enter in a new password. 'Configure OTP' requires setup of a mobile password generator.", - "groupsHelp": "Groups where the user has membership. To leave a group, select it and click Leave.", - "userIdHelperText": "Enter the unique ID of the user for this identity provider.", - "usernameHelperText": "Enter the username of the user for this identity provider.", - "federationLinkHelp": "UserStorageProvider this locally stored user was imported from.", - "sessionExplain": "Sessions are sessions of users in this realm and the clients that they access within the session.", - "searchForSession": "Search session", - "lastAccess": "Last access", - "started": "Started", - "sessionsType": { - "allSessions": "All session types", - "regularSSO": "Regular SSO", - "offline": "Offline", - "directGrant": "Direct grant", - "serviceAccount": "Service account" - }, - "revocationDescription": "This is a way to revoke all active sessions and access tokens. Not before means you can revoke any tokens issued before the date.", - "notBeforeSuccess": "Success! \"Not before\" set for realm", - "notBeforeError": "Error clearing \"Not Before\" for realm: {{error}}", - "notBeforeClearedSuccess": "Success! \"Not Before\" cleared for realm.", - "signOutAllActiveSessions": "Sign out all active sessions", - "signOutAllActiveSessionsQuestion": "Sign out all active sessions?", - "logoutAllSessions": "Logout all sessions", - "logoutAllDescription": "If you sign out all active sessions, active subjects in this realm will be signed out.", - "logoutAllSessionsError": "Error! Failed to log out of all sessions: {{error}}.", - "setToNowError": "Error! Failed to set notBefore to current date and time.", - "noSessions": "No sessions", - "noSessionsDescription": "There are currently no active sessions in this realm.", - "noSessionsForUser": "There are currently no active sessions for this user.", - "noSessionsForClient": "There are currently no active sessions for this client.", - "eventExplain": "Events are records of user and admin events in this realm. To configure the tracking of these events, go to <1>Event configs.", - "eventConfigs": "Event configs", - "userEvents": "User events", - "adminEvents": "Admin events", - "searchForUserEvent": "Search user event", - "searchForAdminEvent": "Search admin event", - "refresh": "Refresh", - "emptyEvents": "Nothing to add", - "emptyEventsInstructions": "There are no more events types left to add", - "time": "Time", - "userId": "User ID", - "eventType": "Event saved type", - "ipAddress": "IP address", - "dateFrom": "Date(from)", - "dateTo": "Date(to)", - "searchUserEventsBtn": "Search events", - "searchAdminEventsBtn": "Search admin events", - "realm": "Realm", - "resourcePath": "Resource path", - "resourceTypes": "Resource types", - "operationType": "Operation type", - "operationTypes": "Operation types", - "auth": "Auth", - "attribute": "Attribute", - "representation": "Representation", - "noUserDetails": "No user details", - "resetBtn": "Reset", - "createGroupText": "Create attributes group", - "editGroupText": "Edit attributes group", - "tableTitle": "Attributes groups", - "columnName": "Name", - "columnDisplayName": "Display name", - "columnDisplayDescription": "Display description", - "emptyStateMessage": "No attributes groups", - "emptyStateInstructions": "If you want to add an attributes group click the button below.", - "deleteDialogTitle": "Delete attribute group?", - "deleteDialogDescription": "Are you sure you want to permanently delete the attributes group <1>{{group}}?", - "deleteSuccess": "Attributes group deleted.", - "deleteAttributeGroupError": "Could not delete user attributes group: {{error}}", - "nameField": "Name", - "nameHintHelp": "A unique name for the group. This name will be used to reference the group when binding an attribute to a group.", - "displayHeaderField": "Display name", - "displayHeaderHintHelp": "A user-friendly name for the group that should be used when rendering a group of attributes in user-facing forms. Supports keys for localized values as well. For example: ${profile.attribute.group.address}.", - "displayDescriptionField": "Display description", - "displayDescriptionHintHelp": "A text that should be used as a tooltip when rendering user-facing forms.", - "annotationsText": "Annotations", - "inputType": "Input type", - "inputHelperTextBefore": "Helper text (above) the input field", - "inputHelperTextAfter": "Helper text (under) the input field", - "inputOptionLabelsI18nPrefix": "Internationalization key prefix", - "inputTypePlaceholder": "Input placeholder", - "inputTypeSize": "Input size", - "inputTypeCols": "Input cols", - "inputTypeRows": "Input rows", - "inputTypeStep": "Input step size", - "removeAnnotationText": "Remove annotation", - "keyLabel": "Key", - "valueLabel": "Value", - "realmSettingsExplain": "Realm settings are settings that control the options for users, applications, roles, and groups in the current realm.", - "partialImport": "Partial import", - "partialExport": "Partial export", - "deleteRealm": "Delete realm", - "deleteConfirmTitle": "Delete realm?", - "dragInstruction": "Click and drag to change priority", - "deleteProviderTitle": "Delete key provider?", - "deleteProviderConfirm": "Are you sure you want to permanently delete the key provider {{provider}}?", - "deleteProviderSuccess": "Success. The provider has been deleted.", - "deleteProviderError": "Error deleting the provider", - "deleteConditionSuccess": "The condition has been deleted", - "disablePolicyConfirmTitle": "Disable policy?", - "disablePolicyConfirm": "Users and clients can't access the policy if it's disabled. Are you sure you want to continue?", - "editProvider": "Edit provider", - "editableRowsTable": "Editable rows table", - "saveSuccess": "User federation provider successfully saved", - "saveProviderSuccess": "The provider has been saved successfully.", - "saveProviderListSuccess": "The priority of the provider has been updated successfully.", - "saveProviderError": "Error saving provider: {{error}}", - "saveError": "User federation provider could not be saved: {{error}}", - "general": "General", - "login": "Login", - "themes": "Themes", - "eventListeners": "Event listeners", - "eventListenersHelpTextHelp": "Configure what listeners receive events for the realm.", - "saveEventListeners": "Save Event Listeners", - "saveEventListenersSuccess": "Event listener has been updated.", - "saveEventListenersError": "Error saving event listener: {{error}}", - "userEventsSettings": "User events settings", - "adminEventsSettings": "Admin events settings", - "saveEvents": "Save events", - "clearUserEvents": "Clear user events", - "clearAdminEvents": "Clear admin events", - "includeRepresentation": "Include representation", - "template": "Template", - "connectionAndAuthentication": "Connection & Authentication", - "from": "From", - "fromDisplayName": "From display name", - "replyTo": "Reply to", - "replyToDisplayName": "Reply to display name", - "envelopeFrom": "Envelope from", - "host": "Host", - "port": "Port", - "encryption": "Encryption", - "enableSSL": "Enable SSL", - "enableStartTLS": "Enable StartTLS", - "keysList": "Keys list", - "searchKey": "Search key", - "keystore": "Keystore", - "keystorePassword": "Keystore password", - "algorithm": "Algorithm", - "use": "Use", - "aesGenerated": "aes-generated", - "ecdsaGenerated": "ecdsca-generated", - "hmacGenerated": "hmac-generated", - "javaKeystore": "java-keystore", - "rsa": "rsa", - "rsaGenerated": "rsa-generated", - "uiDisplayName": "UI display name", - "AESKeySize": "AES Key Size", - "active": "Active", - "privateRSAKey": "Private RSA Key", - "filenamePlaceholder": "Upload a PEM file or paste key below", - "x509Certificate": "X509 Certificate", - "ellipticCurve": "Elliptic Curve", - "secretSize": "Secret size", - "keySize": "Key size", - "kid": "Kid", - "providerDescription": "Provider description", - "addProvider": "Add provider", - "publicKeys": "Public keys", - "validTo": "Valid to", - "keysFilter": { - "ACTIVE": "Active keys", - "PASSIVE": "Passive keys", - "DISABLED": "Disabled keys" - }, - "noKeys": "No keys", - "noKeysDescription": "You haven't created any active keys", - "userRegistration": "User registration", - "loginScreenCustomization": "Login screen customization", - "registrationAllowed": "User registration", - "userRegistrationHelpText": "Enable/disable the registration page. A link for registration will show on login page too.", - "resetPasswordAllowed": "Forgot password", - "forgotPassword": "Forgot password", - "forgotPasswordHelpText": "Show a link on login page for user to click when they have forgotten their credentials.", - "rememberMe": "Remember me", - "rememberMeHelpText": "Show checkbox on login page to allow user to remain logged in between browser restarts until session expires.", - "emailSettings": "Email settings", - "registrationEmailAsUsername": "Email as username", - "emailAsUsernameHelpText": "Allow users to set email as username.", - "loginWithEmailAllowed": "Login with email", - "loginWithEmailHelpText": "Allow users to log in with their email address.", - "duplicateEmailsAllowed": "Duplicate emails", - "duplicateEmailsHelpText": "Allow multiple users to have the same email address. Changing this setting will also clear the user's cache. It is recommended to manually update email constraints of existing users in the database after switching off support for duplicate email addresses.", - "verifyEmailHelpText": "Require user to verify their email address after initial login or after address changes are submitted.", - "userInfoSettings": "User info settings", - "editUsernameAllowed": "Edit username", - "editUSernameHelp": "If enabled, the username is editable, otherwise it is read-only.", - "enableSwitchSuccess": "{{switch}} changed successfully", - "enableSwitchError": "Could not enable / disable due to {{error}}", - "testingConnection": "Testing connection", - "testConnectionHint": { - "withEmail": "When testing the connection an e-mail will be sent to the current user ({{email}}).", - "withoutEmail": "To test the connection you must first configure an e-mail address for the current user ({{userName}}).", - "withoutEmailAction": "Configure e-mail address" - }, - "testConnectionSuccess": "Success! SMTP connection successful. E-mail was sent!", - "testConnectionError": "Error! {{error}}", - "realmId": "Realm ID", - "htmlDisplayName": "HTML Display name", - "frontendUrl": "Frontend URL", - "requireSsl": "Require SSL", - "sslType": { - "all": "All requests", - "external": "External requests", - "none": "None" - }, - "selectATheme": "Select a theme", - "placeholderText": "Select one", - "userManagedAccess": "User-managed access", - "userProfileEnabled": "User Profile Enabled", - "endpoints": "Endpoints", - "openIDEndpointConfiguration": "OpenID Endpoint Configuration", - "samlIdentityProviderMetadata": "SAML 2.0 Identity Provider Metadata", - "accountTheme": "Account theme", - "adminTheme": "Admin theme", - "emailTheme": "Email theme", - "internationalization": "Internationalization", - "localization": "Localization", - "SSOSessionSettings": "SSO Session Settings", - "SSOSessionIdle": "SSO Session Idle", - "SSOSessionMax": "SSO Session Max", - "SSOSessionIdleRememberMe": "SSO Session Idle Remember Me", - "SSOSessionMaxRememberMe": "SSO Session Max Remember Me", - "clientSessionSettings": "Client session settings", - "offlineSessionSettings": "Offline session settings", - "offlineSessionIdle": "Offline Session Idle", - "offlineSessionMaxLimited": "Offline Session Max Limited", - "offlineSessionMax": "Offline Session Max", - "loginTimeout": "Login timeout", - "loginActionTimeout": "Login action timeout", - "refreshTokens": "Refresh tokens", - "accessTokens": "Access tokens", - "actionTokens": "Action tokens", - "overrideActionTokens": "Override Action Tokens", - "defaultSigAlg": "Default Signature Algorithm", - "revokeRefreshToken": "Revoke Refresh Token", - "refreshTokenMaxReuse": "Refresh Token Max Reuse", - "accessTokenLifespanImplicitFlow": "Access Token Lifespan For Implicit Flow", - "clientLoginTimeout": "Client Login Timeout", - "userInitiatedActionLifespan": "User-Initiated Action Lifespan", - "defaultAdminInitiated": "Default Admin-Initiated Action Lifespan", - "oAuthDeviceCodeLifespan": "OAuth 2.0 Device Code Lifespan", - "oAuthDevicePollingInterval": "OAuth 2.0 Device Polling Interval", - "shortVerificationUri": "Short verification_uri in Device Authorization flow", - "emailVerification": "Email Verification", - "idpAccountEmailVerification": "IdP account email verification", - "executeActions": "Execute actions", - "clientPolicies": "Client policies", - "noClientPolicies": "No client policies", - "noClientPoliciesInstructions": "There are no client policies. Select 'Create client policy' to create a new client policy.", - "createClientPolicy": "Create client policy", - "createClientPolicySuccess": "New policy created", - "updateClientPolicySuccess": "Client policy updated", - "createClientPolicyError": "Could not create policy due to: {{error}}", - "createClientConditionSuccess": "Condition created successfully.", - "createClientConditionError": "Error creating condition: {{error}}", - "updateClientConditionSuccess": "Condition updated successfully.", - "deleteClientConditionSuccess": "Condition deleted successfully.", - "deleteClientConditionError": "Error creating condition: {{error}}", - "clientPolicySearch": "Search client policy", - "policiesConfigType": "Configure via:", - "policiesConfigTypes": { - "formView": "Form view", - "jsonEditor": "JSON editor" - }, - "deleteClientPolicy": "Delete client policy", - "deleteClientPolicyConfirmTitle": "Delete policy?", - "deleteClientPolicyConfirm": "This action will permanently delete the policy {{policyName}}. This cannot be undone.", - "deleteClientPolicySuccess": "Client policy deleted", - "deleteClientPolicyError": "Could not delete policy: {{error}}", - "profiles": "Profiles", - "clientPoliciesProfilesHelpText": "Client Profile allows to setup set of executors, which are enforced for various actions done with the client. Actions can be admin actions like creating or updating client, or user actions like authentication to the client.", - "clientPoliciesProfiles": "Client Policies Profiles", - "clientPoliciesPoliciesHelpText": "Client Policy allows to bind client profiles with various conditions to specify when exactly is enforced behavior specified by executors of the particular client profile.", - "clientPoliciesPolicies": "Client Policies Policies", - "clientPoliciesTab": "Client policies tab", - "clientProfilesSubTab": "Client profiles subtab", - "clientPoliciesSubTab": "Client policies subtab", - "profilesConfigType": "Configure via:", - "profilesConfigTypes": { - "formView": "Form view", - "jsonEditor": "JSON editor" - }, - "clientProfileSearch": "Search", - "searchProfile": "Search profile", - "clientProfileName": "Client profile name", - "clientProfileDescription": "Description", - "emptyClientProfiles": "No profiles", - "emptyClientProfilesInstructions": "There are no profiles, select 'Create client profile' to create a new client profile", - "deleteClientProfileConfirmTitle": "Delete profile?", - "deleteClientProfileConfirm": "This action will permanently delete the profile {{profileName}}. This cannot be undone.", - "deleteClientSuccess": "Client profile deleted", - "deleteClientError": "Could not delete profile: {{error}}", - "deleteClientPolicyProfileConfirmTitle": "Delete profile?", - "deleteClientPolicyProfileConfirm": "This action will permanently delete {{profileName}} from the policy {{policyName}}. This cannot be undone.", - "deleteClientPolicyProfileSuccess": "Profile successfully removed from the policy.", - "deleteClientPolicyProfileError": "Could not delete profile from the policy: {{error}}", - "createClientProfile": "Create client profile", - "deleteClientProfile": "Delete this client profile", - "createClientProfileSuccess": "New client profile created", - "updateClientProfileSuccess": "Client profile updated successfully", - "createClientProfileError": "Could not create client profile: '{{error}}'", - "addClientProfileSuccess": "New client profile added", - "addClientProfileError": "Could not create client profile: '{{error}}'", - "createClientProfileNameHelperText": "The name must be unique within the realm", - "newClientProfile": "Create client profile", - "newClientProfileName": "Client profile name", - "clientProfile": "Client profile details", - "executorDetails": "Executor details", - "executors": "Executors", - "executorsHelpText": "Executors, which will be applied for this client profile", - "executorsHelpItem": "Executors help item", - "addExecutor": "Add executor", - "executorType": "Executor type", - "executorTypeSwitchHelpText": "Executor Type Switch Help Text", - "executorTypeSelectHelpText": "Executor Type Select Help Text", - "executorTypeSelectAlgorithm": "Executor Type Select Algorithm", - "executorTypeTextHelpText": "Executor Type Text Help Text", - "executorAuthenticatorMultiSelectHelpText": "Executor Authenticator MultiSelect Help Text", - "executorClientAuthenticator": "Executor Client Authenticator", - "executorsTable": "Executors table", - "executorName": "Name", - "emptyExecutors": "No executors configured", - "addExecutorSuccess": "Success! Executor created successfully", - "addExecutorError": "Executor not created", - "updateExecutorSuccess": "Executor updated successfully", - "updateExecutorError": "Executor not updated", - "deleteExecutorProfileConfirmTitle": "Delete executor?", - "deleteExecutorProfileConfirm": "The action will permanently delete {{executorName}}. This cannot be undone.", - "deleteExecutorSuccess": "Success! The executor was deleted.", - "deleteExecutorError": "Could not delete executor: {{error}}", - "updateClientProfilesSuccess": "The client profiles configuration was updated", - "updateClientProfilesError": "Provided JSON is incorrect: Unexpected token { in JSON", - "deleteClientPolicyConditionConfirmTitle": "Delete condition?", - "deleteClientPolicyConditionConfirm": "This action will permanently delete {{condition}}. This cannot be undone.", - "selectACondition": "Select a condition", - "conditions": "Conditions", - "conditionType": "Condition type", - "anyClient": "The condition is satisfied by any client on any event.", - "clientAccesstype": "Client Access Type", - "clientScopesCondition": "Expected Scopes", - "updateClientContext": "Update Client Context", - "clientUpdaterSourceGroups": "Groups", - "clientUpdaterTrustedHosts": "Trusted Hosts", - "clientUpdaterSourceRoles": "Updating entity role", - "conditionsHelpItem": "Conditions help item", - "addCondition": "Add condition", - "editCondition": "Edit condition", - "emptyConditions": "No conditions configured", - "updateClientPoliciesSuccess": "The client policies configuration was updated", - "updateClientPoliciesError": "Provided JSON is incorrect: Unexpected token { in JSON", - "clientProfiles": "Client profiles", - "clientProfilesHelpItem": "Client profiles help item", - "addClientProfile": "Add client profile", - "emptyProfiles": "No client profiles configured", - "tokens": "Tokens", - "userProfile": "User profile", - "jsonEditor": "JSON editor", - "attributesGroup": "Attributes group", - "invalidJsonError": "Unable to save user profile, the provided information is not valid JSON.", - "userProfileSuccess": "User profile settings successfully updated.", - "userProfileError": "Could not update user profile settings: {{error}}", - "recommendedSsoTimeout": "It is recommended for this value to be shorter than the SSO session idle timeout: {{time}}", - "supportedLocales": "Supported locales", - "defaultLocale": "Default locale", - "selectLocales": "Select locales", - "searchForMessageBundle": "Search for message bundle", - "addMessageBundle": "Add message bundle", - "addMessageBundleSuccess": "Success! The message bundle has been added.", - "deleteMessageBundleSuccess": "Successfully removed the message from the bundle", - "deleteMessageBundleError": "Error removing the message from the bundle, {{error}}", - "rowEditBtnAriaLabel": "Edit {{messageBundle}}", - "rowSaveBtnAriaLabel": "Save edits for {{messageBundle}}", - "rowCancelBtnAriaLabel": "Cancel edits for {{messageBundle}}", - "updateMessageBundleSuccess": "Success! Message bundle updated.", - "updateMessageBundleError": "Error updating message bundle.", - "addMessageBundleError": "Error creating message bundle, {{error}}", - "allGroups": "All groups", - "attributeName": "Attribute [Name]", - "attributeDisplayName": "Display name", - "attributeGroup": "Attribute group", - "enabledWhen": "Enabled when", - "requiredFor": "Required for", - "requiredWhen": "Required when", - "requiredForLabel": { - "both": "Both users and admins", - "users": "Only users", - "admins": "Only admins" - }, - "whoCanEdit": "Who can edit?", - "whoCanView": "Who can view?", - "admin": "Admin", - "addValidator": "Add validator", - "validatorType": "Validator type", - "addValidatorRole": "Add {{validatorName}} validator", - "validatorDialogColNames": { - "colName": "Role name", - "colDescription": "Description" - }, - "validatorColNames": { - "colName": "Validator name", - "colConfig": "Config" - }, - "deleteValidatorConfirmTitle": "Delete validator?", - "deleteValidatorConfirmMsg": "Are you sure you want to permanently delete the validator {{validatorName}}?", - "validatorDeletedSuccess": "Success! User Profile configuration has been saved.", - "validatorDeletedError": "Error saving User Profile: {{error}}", - "emptyValidators": "No validators.", - "updatedUserProfileSuccess": "User Profile configuration has been saved", - "updatedUserProfileError": "User Profile configuration hasn't been saved", - "createAttribute": "Create attribute", - "editAttribute": "Edit attribute", - "createAttributeSubTitle": "Create a new attribute", - "createAttributeSuccess": "Success! User Profile configuration has been saved.", - "createAttributeError": "Error! User Profile configuration has not been saved {{error}}.", - "attributesDropdown": "Attributes dropdown", - "deleteAttributeConfirmTitle": "Delete attribute?", - "deleteAttributeConfirm": "Are you sure you want to permanently delete the attribute {{attributeName}}?", - "deleteAttributeSuccess": "Attribute deleted", - "deleteAttributeError": "Attribute not deleted", - "always": "Always", - "scopesAsRequested": "Scopes are requested", - "validations": "Validations", - "annotations": "Annotations", - "addAnnotationText": "Add annotation", - "validateName": "You must enter a name", - "searchEventType": "Search saved event type", - "addSavedTypes": "Add saved types", - "addTypes": "Add types", - "eventTypes": { - "SEND_RESET_PASSWORD": { - "name": "Send reset password", - "description": "Send reset password" - }, - "UPDATE_CONSENT_ERROR": { - "name": "Update consent error", - "description": "Update consent error" - }, - "GRANT_CONSENT": { - "name": "Grant consent", - "description": "Grant consent" - }, - "REMOVE_TOTP": { - "name": "Remove totp", - "description": "Remove totp" - }, - "REVOKE_GRANT": { - "name": "Revoke grant", - "description": "Revoke grant" - }, - "UPDATE_TOTP": { - "name": "Update totp", - "description": "Update totp" - }, - "LOGIN_ERROR": { - "name": "Login error", - "description": "Login error" - }, - "CLIENT_LOGIN": { - "name": "Client login", - "description": "Client login" - }, - "RESET_PASSWORD_ERROR": { - "name": "Reset password error", - "description": "Reset password error" - }, - "IMPERSONATE_ERROR": { - "name": "Impersonate error", - "description": "Impersonate error" - }, - "CODE_TO_TOKEN_ERROR": { - "name": "Code to token error", - "description": "Code to token error" - }, - "CUSTOM_REQUIRED_ACTION": { - "name": "Custom required action", - "description": "Custom required action" - }, - "RESTART_AUTHENTICATION": { - "name": "Restart authentication", - "description": "Restart authentication" - }, - "IMPERSONATE": { - "name": "Impersonate", - "description": "Impersonate" - }, - "UPDATE_PROFILE_ERROR": { - "name": "Update profile error", - "description": "Update profile error" - }, - "LOGIN": { - "name": "Login", - "description": "Login" - }, - "UPDATE_PASSWORD_ERROR": { - "name": "Update password error", - "description": "Update password error" - }, - "CLIENT_INITIATED_ACCOUNT_LINKING": { - "name": "Client initiated account linking", - "description": "Client initiated account linking" - }, - "TOKEN_EXCHANGE": { - "name": "Token exchange", - "description": "Token exchange" - }, - "LOGOUT": { - "name": "Logout", - "description": "Logout" - }, - "REGISTER": { - "name": "Register", - "description": "Register" - }, - "DELETE_ACCOUNT_ERROR": { - "name": "Delete account error", - "description": "Delete account error" - }, - "CLIENT_REGISTER": { - "name": "Client register", - "description": "Client register" - }, - "IDENTITY_PROVIDER_LINK_ACCOUNT": { - "name": "Identity provider link account", - "description": "Identity provider link account" - }, - "DELETE_ACCOUNT": { - "name": "Delete account", - "description": "Delete account" - }, - "UPDATE_PASSWORD": { - "name": "Update password", - "description": "Update password" - }, - "CLIENT_DELETE": { - "name": "Client delete", - "description": "Client delete" - }, - "FEDERATED_IDENTITY_LINK_ERROR": { - "name": "Federated identity link error", - "description": "Federated identity link error" - }, - "IDENTITY_PROVIDER_FIRST_LOGIN": { - "name": "Identity provider first login", - "description": "Identity provider first login" - }, - "CLIENT_DELETE_ERROR": { - "name": "Client delete error", - "description": "Client delete error" - }, - "VERIFY_EMAIL": { - "name": "Verify email", - "description": "Verify email" - }, - "CLIENT_LOGIN_ERROR": { - "name": "Client login error", - "description": "Client login error" - }, - "RESTART_AUTHENTICATION_ERROR": { - "name": "Restart authentication error", - "description": "Restart authentication error" - }, - "EXECUTE_ACTIONS": { - "name": "Execute actions", - "description": "Execute actions" - }, - "REMOVE_FEDERATED_IDENTITY_ERROR": { - "name": "Remove federated identity error", - "description": "Remove federated identity error" - }, - "TOKEN_EXCHANGE_ERROR": { - "name": "Token exchange error", - "description": "Token exchange error" - }, - "PERMISSION_TOKEN": { - "name": "Permission token", - "description": "Permission token" - }, - "SEND_IDENTITY_PROVIDER_LINK_ERROR": { - "name": "Send identity provider link error", - "description": "Send identity provider link error" - }, - "EXECUTE_ACTION_TOKEN_ERROR": { - "name": "Execute action token error", - "description": "Execute action token error" - }, - "SEND_VERIFY_EMAIL": { - "name": "Send verify email", - "description": "Send verify email" - }, - "EXECUTE_ACTIONS_ERROR": { - "name": "Execute actions error", - "description": "Execute actions error" - }, - "REMOVE_FEDERATED_IDENTITY": { - "name": "Remove federated identity", - "description": "Remove federated identity" - }, - "IDENTITY_PROVIDER_POST_LOGIN": { - "name": "Identity provider post login", - "description": "Identity provider post login" - }, - "IDENTITY_PROVIDER_LINK_ACCOUNT_ERROR": { - "name": "Identity provider link account error", - "description": "Identity provider link account error" - }, - "UPDATE_EMAIL": { - "name": "Update email", - "description": "Update email" - }, - "REGISTER_ERROR": { - "name": "Register error", - "description": "Register error" - }, - "REVOKE_GRANT_ERROR": { - "name": "Revoke grant error", - "description": "Revoke grant error" - }, - "EXECUTE_ACTION_TOKEN": { - "name": "Execute action token", - "description": "Execute action token" - }, - "LOGOUT_ERROR": { - "name": "Logout error", - "description": "Logout error" - }, - "UPDATE_EMAIL_ERROR": { - "name": "Update email error", - "description": "Update email error" - }, - "CLIENT_UPDATE_ERROR": { - "name": "Client update error", - "description": "Client update error" - }, - "UPDATE_PROFILE": { - "name": "Update profile", - "description": "Update profile" - }, - "CLIENT_REGISTER_ERROR": { - "name": "Client register error", - "description": "Client register error" - }, - "FEDERATED_IDENTITY_LINK": { - "name": "Federated identity link", - "description": "Federated identity link" - }, - "SEND_IDENTITY_PROVIDER_LINK": { - "name": "Send identity provider link", - "description": "Send identity provider link" - }, - "SEND_VERIFY_EMAIL_ERROR": { - "name": "Send verify email error", - "description": "Send verify email error" - }, - "RESET_PASSWORD": { - "name": "Reset password", - "description": "Reset password" - }, - "CLIENT_INITIATED_ACCOUNT_LINKING_ERROR": { - "name": "Client initiated account linking error", - "description": "Client initiated account linking error" - }, - "UPDATE_CONSENT": { - "name": "Update consent", - "description": "Update consent" - }, - "REMOVE_TOTP_ERROR": { - "name": "Remove totp error", - "description": "Remove totp error" - }, - "VERIFY_EMAIL_ERROR": { - "name": "Verify email error", - "description": "Verify email error" - }, - "SEND_RESET_PASSWORD_ERROR": { - "name": "Send reset password error", - "description": "Send reset password error" - }, - "CLIENT_UPDATE": { - "name": "Client update", - "description": "Client update" - }, - "CUSTOM_REQUIRED_ACTION_ERROR": { - "name": "Custom required action error", - "description": "Custom required action error" - }, - "IDENTITY_PROVIDER_POST_LOGIN_ERROR": { - "name": "Identity provider post login error", - "description": "Identity provider post login error" - }, - "UPDATE_TOTP_ERROR": { - "name": "Update totp error", - "description": "Update totp error" - }, - "CODE_TO_TOKEN": { - "name": "Code to token", - "description": "Code to token" - }, - "GRANT_CONSENT_ERROR": { - "name": "Grant consent error", - "description": "Grant consent error" - }, - "IDENTITY_PROVIDER_FIRST_LOGIN_ERROR": { - "name": "Identity provider first login error", - "description": "Identity provider first login error" - }, - "REGISTER_NODE_ERROR": { - "name": "Register node error", - "description": "Register node error" - }, - "PERMISSION_TOKEN_ERROR": { - "name": "Permission token error", - "description": "Permission token error" - }, - "IDENTITY_PROVIDER_RETRIEVE_TOKEN_ERROR": { - "name": "Identity provider retrieve token error", - "description": "Identity provider retrieve token error" - }, - "CLIENT_INFO": { - "name": "Client info", - "description": "Client info" - }, - "VALIDATE_ACCESS_TOKEN": { - "name": "Validate access token", - "description": "Validate access token" - }, - "IDENTITY_PROVIDER_LOGIN": { - "name": "Identity provider login", - "description": "Identity provider login" - }, - "CLIENT_INFO_ERROR": { - "name": "Client info error", - "description": "Client info error" - }, - "INTROSPECT_TOKEN_ERROR": { - "name": "Introspect token error", - "description": "Introspect token error" - }, - "INTROSPECT_TOKEN": { - "name": "Introspect token", - "description": "Introspect token" - }, - "UNREGISTER_NODE": { - "name": "Unregister node", - "description": "Unregister node" - }, - "REGISTER_NODE": { - "name": "Register node", - "description": "Register node" - }, - "INVALID_SIGNATURE": { - "name": "Invalid signature", - "description": "Invalid signature" - }, - "USER_INFO_REQUEST_ERROR": { - "name": "User info request error", - "description": "User info request error" - }, - "REFRESH_TOKEN": { - "name": "Refresh token", - "description": "Refresh token" - }, - "IDENTITY_PROVIDER_RESPONSE": { - "name": "Identity provider response", - "description": "Identity provider response" - }, - "IDENTITY_PROVIDER_RETRIEVE_TOKEN": { - "name": "Identity provider retrieve token", - "description": "Identity provider retrieve token" - }, - "UNREGISTER_NODE_ERROR": { - "name": "Unregister node error", - "description": "Unregister node error" - }, - "VALIDATE_ACCESS_TOKEN_ERROR": { - "name": "Validate access token error", - "description": "Validate access token error" - }, - "INVALID_SIGNATURE_ERROR": { - "name": "Invalid signature error", - "description": "Invalid signature error" - }, - "USER_INFO_REQUEST": { - "name": "User info request", - "description": "User info request" - }, - "IDENTITY_PROVIDER_RESPONSE_ERROR": { - "name": "Identity provider response error", - "description": "Identity provider response error" - }, - "IDENTITY_PROVIDER_LOGIN_ERROR": { - "name": "Identity provider login error", - "description": "Identity provider login error" - }, - "REFRESH_TOKEN_ERROR": { - "name": "Refresh token error", - "description": "Refresh token error" - }, - "VERIFY_PROFILE": { - "name": "Verify profile", - "description": "Verify profile" - }, - "VERIFY_PROFILE_ERROR": { - "name": "Verify profile error", - "description": "Verify profile error" - }, - "OAUTH2_DEVICE_CODE_TO_TOKEN": { - "name": "Oauth2 device code to token", - "description": "Oauth2 device code to token" - }, - "OAUTH2_DEVICE_CODE_TO_TOKEN_ERROR": { - "name": "Oauth2 device code to token error", - "description": "Oauth2 device code to token error" - }, - "OAUTH2_DEVICE_VERIFY_USER_CODE": { - "name": "Oauth2 device verify user code", - "description": "Oauth2 device verify user code" - }, - "OAUTH2_DEVICE_VERIFY_USER_CODE_ERROR": { - "name": "Oauth2 device verify user code error", - "description": "Oauth2 device verify user code error" - }, - "AUTHREQID_TO_TOKEN": { - "name": "Authreqid to token", - "description": "Authreqid to token" - }, - "AUTHREQID_TO_TOKEN_ERROR": { - "name": "Authreqid to token error", - "description": "Authreqid to token error" - }, - "OAUTH2_DEVICE_AUTH": { - "name": "Oauth2 device authentication", - "description": "Oauth2 device authentication" - }, - "OAUTH2_DEVICE_AUTH_ERROR": { - "name": "Oauth2 device authentication error", - "description": "Oauth2 device authentication error" - }, - "PUSHED_AUTHORIZATION_REQUEST": { - "name": "Pushed authorization request", - "description": "Pushed authorization request" - }, - "PUSHED_AUTHORIZATION_REQUEST_ERROR": { - "name": "Pushed authorization request error", - "description": "Pushed authorization request error" - }, - "USER_DISABLED_BY_PERMANENT_LOCKOUT": { - "name": "User disabled by permanent lockout", - "description": "User disabled by permanent lockout" - } - }, - "userEventsRegistered": "User events registered", - "eventConfigSuccessfully": "Successfully saved configuration", - "eventConfigError": "Could not save event configuration {{error}}", - "deleteEvents": "Clear events", - "deleteEventsConfirm": "If you clear all events of this realm, all records will be permanently cleared in the database", - "admin-events-cleared": "The admin events have been cleared", - "admin-events-cleared-error": "Could not clear the admin events {{error}}", - "user-events-cleared": "The user events have been cleared", - "user-events-cleared-error": "Could not clear the user events {{error}}", - "events-disable-title": "Unsave events?", - "events-disable-confirm": "If \"Save events\" is disabled, subsequent events will not be displayed in the \"Events\" menu", - "noMessageBundles": "No message bundles", - "noMessageBundlesInstructions": "Add a message bundle to get started.", - "messageBundleDescription": "You can edit the supported locales. If you haven't selected supported locales yet, you can only edit the English locale.", - "defaultRoles": "Default roles", - "defaultGroups": "Default groups", - "whatIsDefaultGroups": "What is the function of default groups?", - "addDefaultGroups": "Add default groups", - "removeConfirmTitle_one": "Remove group?", - "removeConfirmTitle_other": "Remove groups?", - "removeConfirm_one": "Are you sure you want to remove this group", - "removeConfirm_other": "Are you sure you want to remove these groups.", - "groupRemove_one": "Group removed", - "groupRemove_other": "Groups removed", - "groupRemoveError": "Error removing group {error}", - "defaultGroupAdded_one": "New group added to the default groups", - "defaultGroupAdded_other": "Added {{count}} groups to the default groups", - "defaultGroupAddedError": "Error adding group(s) to the default group {error}", - "noDefaultGroups": "No default groups", - "noDefaultGroupsInstructions": "Default groups allow you to automatically assign group membership whenever any new user is created or imported throughout <1>identity brokering. Add default groups to get started", - "securityDefences": "Security defenses", - "headers": "Headers", - "bruteForceDetection": "Brute force detection", - "xFrameOptions": "X-Frame-Options", - "contentSecurityPolicy": "Content-Security-Policy", - "contentSecurityPolicyReportOnly": "Content-Security-Policy-Report-Only", - "xContentTypeOptions": "X-Content-Type-Options", - "xRobotsTag": "X-Robots-Tag", - "xXSSProtection": "X-XSS-Protection", - "strictTransportSecurity": "HTTP Strict Transport Security (HSTS)", - "referrerPolicy": "Referrer Policy", - "failureFactor": "Max login failures", - "permanentLockout": "Permanent lockout", - "waitIncrementSeconds": "Wait increment", - "maxFailureWaitSeconds": "Max wait", - "maxDeltaTimeSeconds": "Failure reset time", - "quickLoginCheckMilliSeconds": "Quick login check milliseconds", - "minimumQuickLoginWaitSeconds": "Minimum quick login wait", - "partialExportHeaderText": "Partial export allows you to export realm configuration, and other associated resources into a json file.", - "includeGroupsAndRoles": "Include groups and roles", - "includeClients": "Include clients", - "exportWarningTitle": "Export with caution", - "exportWarningDescription": "If there is a great number of groups, roles or clients in your realm, the operation may make server unresponsive for a while.", - "exportSuccess": "Realm successfully exported.", - "exportFail": "Could not export realm: '{{error}}'", - "partialImportHeaderText": "Partial import allows you to import users, clients, and other resources from a previously exported json file.", - "selectRealm": "Select realm", - "chooseResources": "Choose the resources you want to import", - "selectIfResourceExists": "If a resource already exists, specify what should be done", - "resourcesToImport": "Resources to import", - "importFail": "Import failed: {{error}}", - "FAIL": "Fail import", - "SKIP": "Skip", - "OVERWRITE": "Overwrite", - "added": "Added", - "skipped": "Skipped", - "overwritten": "Overwritten", - "importAdded_zero": "No records added.", - "importAdded_one": "One record added.", - "importAdded_other": "{{count}} records added.", - "importOverwritten_zero": "No records overwritten.", - "importOverwritten_one": "One record overwritten.", - "importOverwritten_other": "{{count}} records overwritten.", - "importSkipped_zero": "No records skipped.", - "importSkipped_one": "One record skipped.", - "importSkipped_other": "{{count}} records skipped.", - "fromDisplayNameHelp": "A user-friendly name for the 'From' address (optional).", - "replyToDisplayNameHelp": "A user-friendly name for the 'Reply-To' address (optional).", - "envelopeFromHelp": "An email address used for bounces (optional).", - "passwordHelp": "SMTP password. This field is able to obtain its value from vault, use ${vault.ID} format.", - "frontendUrlHelp": "Set the frontend URL for the realm. Use in combination with the default hostname provider to override the base URL for frontend requests for a specific realm.", - "requireSslHelp": "Is HTTPS required? 'None' means HTTPS is not required for any client IP address. 'External requests' means localhost and private IP addresses can access without HTTPS. 'All requests' means HTTPS is required for all IP addresses.", - "userManagedAccessHelp": "If enabled, users are allowed to manage their resources and permissions using the Account Management UI.", - "userProfileEnabledHelp": "If enabled, allows managing user profiles.", - "endpointsHelp": "Shows the configuration of the Service Provider endpoint", - "accountThemeHelp": "Select a theme for the user account management console.", - "adminThemeHelp": "Select a theme for administration console.", - "emailThemeHelp": "Select a theme for emails that are sent by the server.", - "priorityHelp": "Priority of the provider", - "enabledHelp": "Set if the keys are enabled", - "activeHelp": "Set if the keys can be used for signing", - "AESKeySizeHelp": "Size in bytes for the generated AES key. Size 16 is for AES-128, Size 24 for AES-192, and Size 32 for AES-256. WARN: Bigger keys than 128 are not allowed on some JDK implementations.", - "save-user-events": "If enabled, user events are saved to the database, which makes events available to the admin and account management UIs.", - "save-admin-events": "If enabled, admin events are saved to the database, which makes events available to the Admin UI.", - "admin-clearEvents": "Deletes all admin events in the database.", - "includeRepresentationHelp": "Include JSON representation for create and update requests.", - "user-clearEvents": "Deletes all user events in the database.", - "ellipticCurveHelp": "Elliptic curve used in ECDSA", - "secretSizeHelp": "Size in bytes for the generated secret", - "keySizeHelp": "Size for the generated keys", - "algorithmHelp": "Intended algorithm for the key", - "keystoreHelp": "Path to keys file", - "keystorePasswordHelp": "Password for the keys", - "privateRSAKeyHelp": "Private RSA Key encoded in PEM format", - "x509CertificateHelp": "X509 Certificate encoded in PEM format", - "xFrameOptionsHelp": "Default value prevents pages from being included by non-origin iframes <1>Learn more", - "contentSecurityPolicyHelp": "Default value prevents pages from being included by non-origin iframes <1>Learn more", - "contentSecurityPolicyReportOnlyHelp": "For testing Content Security Policies <1>Learn more", - "xContentTypeOptionsHelp": "Default value prevents Internet Explorer and Google Chrome from MIME-sniffing a response away from the declared content-type <1>Learn more", - "xRobotsTagHelp": "Prevent pages from appearing in search engines <1>Learn more", - "xXSSProtectionHelp": "This header configures the Cross-site scripting (XSS) filter in your browser. Using the default behaviour, the browser will prevent rendering of the page when a XSS attack is detected. <1>Learn more", - "strictTransportSecurityHelp": "The Strict-Transport-Security HTTP header tells browsers to always use HTTPS. Once a browser sees this header, it will only visit the site over HTTPS for the time specified (1 year) at max-age, including the subdomains. <1>Learn more", - "failureFactorHelp": "How many failures before wait is triggered.", - "permanentLockoutHelp": "Lock the user permanently when the user exceeds the maximum login failures.", - "waitIncrementSecondsHelp": "When failure threshold has been met, how much time should the user be locked out?", - "maxFailureWaitSecondsHelp": "Max time a user will be locked out.", - "maxDeltaTimeSecondsHelp": "When will failure count be reset?", - "quickLoginCheckMilliSecondsHelp": "If a failure happens concurrently too quickly, lock out the user.", - "minimumQuickLoginWaitSecondsHelp": "How long to wait after a quick login failure.", - "ssoSessionIdle": "Time a session is allowed to be idle before it expires. Tokens and browser sessions are invalidated when a session is expired.", - "ssoSessionMax": "Max time before a session is expired. Tokens and browser sessions are invalidated when a session is expired.", - "ssoSessionIdleRememberMe": "Time a remember me session is allowed to be idle before it expires. Tokens and browser sessions are invalidated when a session is expired. If not set it uses the standard SSO Session Idle value.", - "ssoSessionMaxRememberMe": "Max time before a session is expired when a user has set the remember me option. Tokens and browser sessions are invalidated when a session is expired. If not set it uses the standard SSO Session Max value.", - "offlineSessionIdleHelp": "Time an offline session is allowed to be idle before it expires. You need to use offline token to refresh at least once within this period; otherwise offline session will expire.", - "offlineSessionMaxLimitedHelp": "Enable offline session max", - "offlineSessionMaxHelp": "Max time before an offline session is expired regardless of activity.", - "loginTimeoutHelp": "Max time a user has to complete a login. This is recommended to be relatively long, such as 30 minutes or more", - "loginActionTimeoutHelp": "Max time a user has to complete login related actions like update password or configure totp. This is recommended to be relatively long, such as 5 minutes or more", - "defaultSigAlgHelp": "Default algorithm used to sign tokens for the realm", - "revokeRefreshTokenHelp": "If enabled a refresh token can only be used up to 'Refresh Token Max Reuse' and is revoked when a different token is used. Otherwise refresh tokens are not revoked when used and can be used multiple times.", - "refreshTokenMaxReuseHelp": "Maximum number of times a refresh token can be reused. When a different token is used, revocation is immediate.", - "accessTokenLifespanImplicitFlowHelp": "Max time before an access token issued during OpenID Connect Implicit Flow is expired. This value is recommended to be shorter than the SSO timeout. There is no possibility to refresh token during implicit flow, that's why there is a separate timeout different to 'Access Token Lifespan'", - "clientLoginTimeoutHelp": "Max time a client has to finish the access token protocol. This should normally be 1 minute.", - "userInitiatedActionLifespanHelp": "Maximum time before an action permit sent by a user (such as a forgot password e-mail) is expired. This value is recommended to be short because it's expected that the user would react to self-created action quickly.", - "defaultAdminInitiatedActionLifespanHelp": "Maximum time before an action permit sent to a user by administrator is expired. This value is recommended to be long to allow administrators to send e-mails for users that are currently offline. The default timeout can be overridden immediately before issuing the token.", - "oAuthDeviceCodeLifespanHelp": "Max time before the device code and user code are expired. This value needs to be a long enough lifetime to be usable (allowing the user to retrieve their secondary device, navigate to the verification URI, login, etc.), but should be sufficiently short to limit the usability of a code obtained for phishing.", - "oAuthDevicePollingIntervalHelp": "The minimum amount of time in seconds that the client should wait between polling requests to the token endpoint.", - "shortVerificationUriTooltipHelp": "If set, this value will be return as verification_uri in Device Authorization flow. This uri need to redirect to {server-root}/realms/{realm}/device", - "overrideActionTokensHelp": "Override default settings of maximum time before an action permit sent by a user (such as a forgot password e-mail) is expired for specific action. This value is recommended to be short because it's expected that the user would react to self-created action quickly.", - "internationalizationHelp": "If enabled, you can choose which locales you support for this realm and which locale is the default.", - "supportedLocalesHelp": "The locales to support for this realm. The user chooses one of these locales on the login screen.", - "defaultLocaleHelp": "The initial locale to use. It is used on the login screen and other screens in the Admin UI and Account UI.", - "conditionsHelp": "Conditions, which will be evaluated to determine if client policy should be applied during particular action or not.", - "clientProfilesHelp": "Client profiles applied on this policy.", - "clientAccessType": "It uses the client's access type (confidential, public, bearer-only) to determine whether the policy is applied. Condition is checked during most of OpenID Connect requests (Authorization requests, token requests, introspection endpoint request, etc.). Confidential client has enabled client authentication when public client has disabled client authentication. Bearer-only is a deprecated client type.", - "clientAccesstypeTooltip": "Access Type of the client, for which the condition will be applied.", - "clientRolesHelp": "The condition checks whether one of the specified client roles exists on the client to determine whether the policy is applied. This effectively allows client administrator to create client role of specified name on the client to make sure that particular client policy will be applied on requests of this client. Condition is checked during most of OpenID Connect requests (Authorization requests, token requests, introspection endpoint request, etc.)", - "clientRolesConditionTooltip": "Client roles, which will be checked during this condition evaluation. Condition evaluates to true if client has at least one client role with the name as the client roles specified in the configuration.", - "clientScopesHelp": "It uses the scopes requested or assigned in advance to the client to determine whether the policy is applied to this client. Condition is evaluated during OpenID Connect authorization request and/or token request.", - "clientScopesConditionTooltip": "The list of expected client scopes. Condition evaluates to true if specified client request matches some of the client scopes. It depends also whether it should be default or optional client scope based on the 'Scope Type' configured.", - "clientUpdaterContext": "The condition checks the context how is client created/updated to determine whether the policy is applied. For example it checks if client is created with admin REST API or OIDC dynamic client registration. And for the letter case if it is ANONYMOUS client registration or AUTHENTICATED client registration with Initial access token or Registration access token and so on.", - "clientUpdaterSourceGroupsHelp": "The condition checks the group of the entity who tries to create/update the client to determine whether the policy is applied.", - "clientUpdaterSourceGroupsTooltip": "Name of groups to check. Condition evaluates to true if the entity, who creates/updates client is member of some of the specified groups. Configured groups are specified by their simple name, which must match to the name of the Keycloak group. No support for group hierarchy is used here.", - "clientUpdaterSourceHost": "The condition checks the host/domain of the entity who tries to create/update the client to determine whether the policy is applied.", - "clientUpdaterTrustedHostsTooltip": "List of Hosts, which are trusted. In case that client registration/update request comes from the host/domain specified in this configuration, condition evaluates to true. You can use hostnames or IP addresses. If you use star at the beginning (for example '*.example.com' ) then whole domain example.com will be trusted.", - "clientUpdaterSourceRolesHelp": "The condition checks the role of the entity who tries to create/update the client to determine whether the policy is applied.", - "clientUpdaterSourceRolesTooltip": "The condition is checked during client registration/update requests and it evaluates to true if the entity (usually user), who is creating/updating client is member of the specified role. For reference the realm role, you can use the realm role name like 'my_realm_role' . For reference client role, you can use the client_id.role_name for example 'my_client.my_client_role' will refer to client role 'my_client_role' of client 'my_client'. ", - "defaultGroupsHelp": "Default groups allow you to automatically assign groups membership whenever any new user is created or imported through <1>identity brokering.", - "attributeGeneralSettingsDescription": "This section contains a few basic settings common to all attributes.", - "attributeNameHelp": "Name of attribute to search for in assertion. You can leave this blank and specify a friendly name instead.", - "attributeDisplayNameHelp": "Display name for the attribute. Supports keys for localized values as well. For example: ${profile.attribute.phoneNumber}.", - "attributeGroupHelp": "user.profile.attribute.group.tooltip", - "requiredHelp": "Set the attribute as required. If enabled, the attribute must be set by users and administrators. Otherwise, the attribute is optional.", - "attributePermissionDescription": "This section contains permissions for who can edit and who can view the attribute.", - "whoCanEditHelp": "If enabled, users or administrators can view and edit the attribute. Otherwise, users or administrators don't have access to write to the attribute.", - "whoCanViewHelp": "If enabled, users or administrators can view the attribute. Otherwise, users or administrators don't have access to the attribute.", - "editUsername": "If enabled, the username field is editable, readonly otherwise.", - "authenticationExplain": "Authentication is the area where you can configure and manage different credential types.", - "flows": "Flows", - "requiredActions": "Required actions", - "passwordPolicy": "Password policy", - "otpPolicy": "OTP Policy", - "webauthnPolicy": "Webauthn Policy", - "webauthnPasswordlessPolicy": "Webauthn Passwordless Policy", - "noPasswordPolicies": "No password policies", - "noPasswordPoliciesInstructions": "You haven't added any password policies to this realm. Add a policy to get started.", - "updatePasswordPolicySuccess": "Password policies successfully updated", - "updatePasswordPolicyError": "Could not update the password policies: '{{error}}'", - "webAuthnPolicyRpEntityName": "Relying party entity name", - "addPolicy": "Add policy", - "otpType": "OTP type", - "policyType": { - "totp": "Time based", - "hotp": "Counter based" - }, - "otpHashAlgorithm": "OTP hash algorithm", - "otpPolicyDigits": "Number of digits", - "lookAround": "Look around window", - "otpPolicyPeriod": "OTP Token period", - "otpPolicyPeriodErrorHint": "Value needs to be between 1 second and 2 minutes", - "otpPolicyCodeReusable": "Reusable token", - "initialCounter": "Initial counter", - "initialCounterErrorHint": "Value needs to be between 1 and 120", - "supportedApplications": "Supported applications", - "otpSupportedApplications": { - "totpAppFreeOTPName": "FreeOTP", - "totpAppGoogleName": "Google Authenticator", - "totpAppMicrosoftAuthenticatorName": "Microsoft Authenticator" - }, - "updateOtpSuccess": "OTP policy successfully updated", - "updateOtpError": "Could not update OTP policy: {{error}}", - "cibaPolicy": "CIBA Policy", - "cibaBackchannelTokenDeliveryMode": "Backchannel Token Delivery Mode", - "cibaBackhannelTokenDeliveryModes": { - "poll": "Poll", - "ping": "Ping" - }, - "cibaExpiresIn": "Expires In", - "cibaInterval": "Interval", - "cibaAuthRequestedUserHint": "Authentication Requested User Hint", - "updateCibaSuccess": "CIBA policy successfully updated", - "updateCibaError": "Could not update CIBA policy: {{error}}", - "webAuthnPolicySignatureAlgorithms": "Signature algorithms", - "webAuthnPolicyRpId": "Relying party ID", - "webAuthnPolicyAttestationConveyancePreference": "Attestation conveyance preference", - "attestationPreference": { - "not specified": "Not specified", - "none": "None", - "indirect": "Indirect", - "direct": "Direct" - }, - "webAuthnPolicyAuthenticatorAttachment": "Authenticator Attachment", - "authenticatorAttachment": { - "not specified": "Not specified", - "platform": "Platform", - "cross-platform": "Cross platform" - }, - "webAuthnPolicyRequireResidentKey": "Require resident key", - "residentKey": { - "not specified": "Not specified", - "Yes": "Yes", - "No": "No" - }, - "webAuthnPolicyUserVerificationRequirement": "User verification requirement", - "userVerify": { - "not specified": "Not specified", - "required": "Required", - "preferred": "Preferred", - "discouraged": "Discouraged" - }, - "webAuthnPolicyCreateTimeout": "Timeout", - "webAuthnPolicyCreateTimeoutHint": "Timeout needs to be between 0 seconds and 8 hours", - "webAuthnPolicyAvoidSameAuthenticatorRegister": "Avoid same authenticator registration", - "webAuthnPolicyAcceptableAaguids": "Acceptable AAGUIDs", - "webAuthnPolicyExtraOrigins": "Extra Origins", - "addAaguids": "Add AAGUID", - "addOrigins": "Add Origin", - "webAuthnUpdateSuccess": "Updated webauthn policies successfully", - "webAuthnUpdateError": "Could not update webauthn policies due to {{error}}", - "flowName": "Flow name", - "searchForFlow": "Search for flow", - "usedBy": "Used by", - "flowUsedBy": "Use of this flow", - "flowUsedByDescription": "This flow is used by the following {{value}}", - "buildIn": "Built-in", - "appliedByProviders": "Applied by the following providers", - "appliedByClients": "Applied by the following clients", - "used": { - "SPECIFIC_PROVIDERS": "Specific providers", - "SPECIFIC_CLIENTS": "Specific clients", - "DEFAULT": "Default", - "notInUse": "Not in use" - }, - "duplicate": "Duplicate", - "bindFlow": "Bind flow", - "chooseBindingType": "Choose binding type", - "flow": { - "browser": "Browser flow", - "registration": "Registration flow", - "direct grant": "Direct grant flow", - "reset credentials": "Reset credentials flow", - "clients": "Client authentication flow", - "docker auth": "Docker authentication flow" - }, - "editInfo": "Edit info", - "editFlow": "Edit flow", - "deleteConfirmFlow": "Delete flow?", - "deleteConfirmFlowMessage": "Are you sure you want to permanently delete the flow \"<1>{{flow}}\".", - "deleteFlowSuccess": "Flow successfully deleted", - "deleteFlowError": "Could not delete flow: {{error}}", - "duplicateFlow": "Duplicate flow", - "deleteConfirmExecution": "Delete execution?", - "deleteConfirmExecutionMessage": "Are you sure you want to permanently delete the execution \"<1>{{name}}\".", - "deleteExecutionSuccess": "Execution successfully deleted", - "deleteExecutionError": "Could not delete execution: {{error}}", - "updateFlowSuccess": "Flow successfully updated", - "updateFlowError": "Could not update flow: {{error}}", - "copyOf": "Copy of {{name}}", - "copyFlowSuccess": "Flow successfully duplicated", - "copyFlowError": "Could not duplicate flow: {{error}}", - "createFlow": "Create flow", - "flowType": "Flow type", - "flow-type": { - "basic-flow": "Generic", - "form-flow": "Form" - }, - "top-level-flow-type": { - "basic-flow": "Basic flow", - "client-flow": "Client flow" - }, - "flowCreatedSuccess": "Flow created", - "flowCreateError": "Could not create flow: {{error}}", - "flowDetails": "Flow details", - "tableView": "Table view", - "diagramView": "Diagram view", - "emptyExecution": "No steps", - "emptyExecutionInstructions": "You can start defining this flow by adding a sub-flow or an execution", - "addExecutionTitle": "Add an execution", - "addExecution": "Add execution", - "addSubFlowTitle": "Add a sub-flow", - "addSubFlow": "Add sub-flow", - "addStep": "Add step", - "addStepTo": "Add step to {{name}}", - "steps": "Steps", - "requirement": "Requirement", - "requirements": { - "REQUIRED": "Required", - "ALTERNATIVE": "Alternative", - "DISABLED": "Disabled", - "CONDITIONAL": "Conditional" - }, - "executionConfig": "{{name}} config", - "alias": "Alias", - "configSaveSuccess": "Successfully saved the execution config", - "configSaveError": "Could not save the execution config: {{error}}", - "setAsDefaultAction": "Set as default action", - "disabledOff": "Disabled off", - "updatedRequiredActionSuccess": "Updated required action successfully", - "updatedRequiredActionError": "Could not update required action: {{error}}", - "createFlowHelp": "You can create a top level flow within this from", - "flowTypeHelp": "What kind of form is it", - "topLevelFlowTypeHelp": "What kind of top level flow is it? Type 'client' is used for authentication of clients (applications) when generic is for users and everything else", - "addExecutionHelp": "Execution can have a wide range of actions, from sending a reset email to validating an OTP", - "addSubFlowHelp": "Sub-Flows can be either generic or form. The form type is used to construct a sub-flow that generates a single flow for the user. Sub-flows are a special type of execution that evaluate as successful depending on how the executions they contain evaluate.", - "aliasHelp": "The alias uniquely identifies an identity provider and it is also used to build the redirect uri.", - "authDefaultActionTooltip": "If enabled, any new user will have this required action assigned to it.", - "otpTypeHelp": "totp is Time-Based One Time Password. 'hotp' is a counter base one time password in which the server keeps a counter to hash against.", - "webAuthnPolicyRpEntityNameHelp": "Human-readable server name as WebAuthn Relying Party", - "otpHashAlgorithmHelp": "What hashing algorithm should be used to generate the OTP.", - "otpPolicyDigitsHelp": "How many digits should the OTP have?", - "lookAroundHelp": "How far around should the server look just in case the token generator and server are out of time sync or counter sync?", - "otpPolicyPeriodHelp": "How many seconds should an OTP token be valid? Defaults to 30 seconds.", - "otpPolicyCodeReusableHelp": "Possibility to use the same OTP code again after successful authentication.", - "supportedApplicationsHelp": "Applications that are known to work with the current OTP policy", - "webauthnIntro": "What is this form used for?", - "webAuthnPolicyFormHelp": "Policy for WebAuthn authentication. This one will be used by 'WebAuthn Register' required action and 'WebAuthn Authenticator' authenticator. Typical usage is, when WebAuthn will be used for the two-factor authentication.", - "webAuthnPolicyPasswordlessFormHelp": "Policy for passwordless WebAuthn authentication. This one will be used by 'Webauthn Register Passwordless' required action and 'WebAuthn Passwordless Authenticator' authenticator. Typical usage is, when WebAuthn will be used as first-factor authentication. Having both 'WebAuthn Policy' and 'WebAuthn Passwordless Policy' allows to use WebAuthn as both first factor and second factor authenticator in the same realm.", - "webAuthnPolicySignatureAlgorithmsHelp": "What signature algorithms should be used for Authentication Assertion.", - "webAuthnPolicyRpIdHelp": "This is ID as WebAuthn Relying Party. It must be origin's effective domain.", - "webAuthnPolicyAttestationConveyancePreferenceHelp": "Communicates to an authenticator the preference of how to generate an attestation statement.", - "webAuthnPolicyAuthenticatorAttachmentHelp": "Communicates to an authenticator an acceptable attachment pattern.", - "webAuthnPolicyRequireResidentKeyHelp": "It tells an authenticator create a public key credential as Resident Key or not.", - "webAuthnPolicyUserVerificationRequirementHelp": "Communicates to an authenticator to confirm actually verifying a user.", - "webAuthnPolicyCreateTimeoutHelp": "Timeout value for creating user's public key credential in seconds. if set to 0, this timeout option is not adapted.", - "webAuthnPolicyAvoidSameAuthenticatorRegisterHelp": "Avoid registering the authenticator that has already been registered.", - "webAuthnPolicyAcceptableAaguidsHelp": "The list of AAGUID of which an authenticator can be registered.", - "webAuthnPolicyExtraOriginsHelp": "The list of extra origin for non-web application.", - "passwordPoliciesHelp": { - "forceExpiredPasswordChange": "The number of days the password is valid before a new password is required.", - "hashIterations": "The number of times a password is hashed before storage or verification. Default: 27,500.", - "passwordHistory": "Prevents a recently used password from being reused.", - "passwordBlacklist": "Prevents the use of a password that is in a blacklist file.", - "regexPattern": "Requires that the password matches one or more defined Java regular expression patterns.", - "length": "The minimum number of characters required for the password.", - "notUsername": "The password cannot match the username.", - "notEmail": "The password cannot match the email address of the user.", - "specialChars": "The number of special characters required in the password string.", - "upperCase": "The number of uppercase letters required in the password string.", - "lowerCase": "The number of lowercase letters required in the password string.", - "digits": "The number of numerical digits required in the password string.", - "hashAlgorithm": "Applies a hashing algorithm to passwords, so they are not stored in clear text.", - "maxLength": "The maximum number of characters allowed in the password." - }, - "cibaBackchannelTokenDeliveryModeHelp": "Specifies how the CD (Consumption Device) gets the authentication result and related tokens. This mode will be used by default for the CIBA clients, which do not have other mode explicitly set.", - "cibaExpiresInHelp": "The expiration time of the \"auth_req_id\" in seconds since the authentication request was received.", - "cibaIntervalHelp": "The minimum amount of time in seconds that the CD (Consumption Device) must wait between polling requests to the token endpoint. If set to 0, the CD must use 5 as the default value according to the CIBA specification.", - "cibaAuthRequestedUserHintHelp": "The way of identifying the end-user for whom authentication is being requested. Currently only \"login_hint\" is supported.", - "descriptionLanding": "This is the description for the user federation landing page", - "userFederationExplain": "User federation provides access to external databases and directories, such as LDAP and Active Directory.", - "getStarted": "To get started, select a provider from the list below.", - "addProvider_one": "Add {{provider}} provider", - "addProvider_other": "Add {{provider}} providers", - "addKerberosWizardTitle": "Add Kerberos user federation provider", - "addLdapWizardTitle": "Add LDAP user federation provider", - "syncChangedUsers": "Sync changed users", - "syncAllUsers": "Sync all users", - "syncLDAPGroupsSuccessful": "Data successfully synced {{result}}", - "syncLDAPGroupsError": "Data could not be synced due {{error}}", - "unlinkUsers": "Unlink users", - "removeImported": "Remove imported", - "deleteProvider": "Delete provider?", - "generalOptions": "General options", - "vendor": "Vendor", - "connectionAndAuthenticationSettings": "Connection and authentication settings", - "connectionURL": "Connection URL", - "enableStartTls": "Enable StartTLS", - "useTruststoreSpi": "Use Truststore SPI", - "connectionPooling": "Connection pooling", - "connectionTimeout": "Connection timeout", - "bindType": "Bind type", - "bindDn": "Bind DN", - "bindCredentials": "Bind credentials", - "ldapSearchingAndUpdatingSettings": "LDAP searching and updating", - "editMode": "Edit mode", - "usersDN": "Users DN", - "usernameLdapAttribute": "Username LDAP attribute", - "rdnLdapAttribute": "RDN LDAP attribute", - "uuidLdapAttribute": "UUID LDAP attribute", - "userObjectClasses": "User object classes", - "userLdapFilter": "User LDAP filter", - "searchScope": "Search scope", - "readTimeout": "Read timeout", - "pagination": "Pagination", - "synchronizationSettings": "Synchronization settings", - "syncRegistrations": "Sync Registrations", - "importUsers": "Import users", - "batchSize": "Batch size", - "periodicFullSync": "Periodic full sync", - "fullSyncPeriod": "Full sync period", - "periodicChangedUsersSync": "Periodic changed users sync", - "changedUsersSyncPeriod": "Changed users sync period", - "kerberosIntegration": "Kerberos integration", - "allowKerberosAuthentication": "Allow Kerberos authentication", - "useKerberosForPasswordAuthentication": "Use Kerberos for password authentication", - "cacheSettings": "Cache settings", - "cachePolicy": "Cache policy", - "evictionDay": "Eviction day", - "evictionHour": "Eviction hour", - "evictionMinute": "Eviction minute", - "maxLifespan": "Max lifespan", - "ms": "milliseconds", - "enableLdapv3Password": "Enable the LDAPv3 password modify extended operation", - "validatePasswordPolicy": "Validate password policy", - "trustEmail": "Trust Email", - "requiredSettings": "Required Settings", - "kerberosRealm": "Kerberos realm", - "serverPrincipal": "Server principal", - "keyTab": "Key tab", - "krbPrincipalAttribute": "Kerberos principal attribute", - "debug": "Debug", - "allowPasswordAuthentication": "Allow password authentication", - "updateFirstLogin": "Update first login", - "never": "Never", - "oneLevel": "One Level", - "subtree": "Subtree", - "queryExtensions": "Query Supported Extensions", - "testAuthentication": "Test authentication", - "testSuccess": "Successfully connected to LDAP", - "testError": "Error when trying to connect to LDAP: '{{error}}'", - "managePriorities": "Manage priorities", - "managePriorityOrder": "Manage priority order", - "managePriorityInfo": "Priority is the order of providers when doing a user lookup. You can drag the row handlers to change the priorities.", - "orderChangeSuccess": "Successfully changed display order of identity providers", - "orderChangeError": "Could not change display order of identity providers {{error}}", - "addNewProvider": "Add new provider", - "addCustomProvider": "Add custom provider", - "providerDetails": "Provider details", - "userFedDeletedSuccess": "The user federation provider has been deleted.", - "userFedDeleteError": "Could not delete user federation provider: '{{error}}'", - "userFedDeleteConfirmTitle": "Delete user federation provider?", - "userFedDeleteConfirm": "If you delete this user federation provider, all associated data will be removed.", - "userFedDisableConfirmTitle": "Disable user federation provider?", - "userFedDisableConfirm": "If you disable this user federation provider, it will not be considered for queries and imported users will be disabled and read-only until the provider is enabled again.", - "userFedUnlinkUsersConfirmTitle": "Unlink all users?", - "userFedUnlinkUsersConfirm": "Do you want to unlink all the users? Any users without a password in the database will not be able to authenticate anymore.", - "removeImportedUsers": "Remove imported users?", - "removeImportedUsersMessage": "Do you really want to remove all imported users? The option \"Unlink users\" makes sense just for the Edit Mode \"Unsynced\" and there should be a warning that \"unlinked\" users without the password in Keycloak database won't be able to authenticate.", - "removeImportedUsersSuccess": "Imported users have been removed.", - "removeImportedUsersError": "Could not remove imported users: '{{error}}'", - "syncUsersSuccess": "Sync of users finished successfully.", - "syncUsersError": "Could not sync users: '{{error}}'", - "unlinkUsersSuccess": "Unlink of users finished successfully.", - "unlinkUsersError": "Could not unlink users: '{{error}}'", - "validateRealm": "You must enter a realm", - "validateServerPrincipal": "You must enter a server principal", - "validateKeyTab": "You must enter a key tab", - "validateConnectionUrl": "You must enter a connection URL", - "validateBindDn": "You must enter the DN of the LDAP admin", - "validateBindCredentials": "You must enter the password of the LDAP admin", - "validateUuidLDAPAttribute": "You must enter a UUID LDAP attribute", - "validateUserObjectClasses": "You must enter one or more user object classes", - "validateEditMode": "You must select an edit mode", - "validateUsersDn": "You must enter users DN", - "validateUsernameLDAPAttribute": "You must enter a username LDAP attribute", - "validateRdnLdapAttribute": "You must enter an RDN LDAP attribute", - "validateCustomUserSearchFilter": "Filter must be enclosed in parentheses, for example: (filter)", - "mapperTypeMsadUserAccountControlManager": "msad-user-account-control-mapper", - "mapperTypeMsadLdsUserAccountControlMapper": "msad-user-account-control-mapper", - "mapperTypeGroupLdapMapper": "group-ldap-mapper", - "mapperTypeUserAttributeLdapMapper": "user-attribute-ldap-mapper", - "mapperTypeRoleLdapMapper": "role-ldap-mapper", - "mapperTypeHardcodedAttributeMapper": "hardcoded-attribute-mapper", - "mapperTypeHardcodedLdapRoleMapper": "hardcoded-ldap-role-mapper", - "mapperTypeCertificateLdapMapper": "certificate-ldap-mapper", - "mapperTypeFullNameLdapMapper": "full-name-ldap-mapper", - "mapperTypeHardcodedLdapGroupMapper": "hardcoded-ldap-group-mapper", - "mapperTypeLdapAttributeMapper": "hardcoded-ldap-attribute-mapper", - "ldapMappersList": "LDAP Mappers", - "ldapFullNameAttribute": "LDAP full name attribute", - "writeOnly": "Write only", - "ldapGroupsDn": "LDAP groups DN", - "groupNameLdapAttribute": "Group name LDAP attribute", - "groupObjectClasses": "Group object classes", - "preserveGroupInheritance": "Preserve group inheritance", - "ignoreMissingGroups": "Ignore missing groups", - "userGroupsRetrieveStrategy": "User groups retrieve strategy", - "mappedGroupAttributes": "Mapped group attributes", - "dropNonexistingGroupsDuringSync": "Drop non-existing groups during sync", - "groupsPath": "Groups path", - "membershipLdapAttribute": "Membership LDAP attribute", - "membershipAttributeType": "Membership attribute type", - "membershipUserLdapAttribute": "Membership user LDAP attribute", - "ldapFilter": "LDAP filter", - "mode": "Mode", - "memberofLdapAttribute": "Member-of LDAP attribute", - "ldapRolesDn": "LDAP roles DN", - "roleNameLdapAttribute": "Role name LDAP attribute", - "roleObjectClasses": "Role object classes", - "userRolesRetrieveStrategy": "User roles retrieve strategy", - "useRealmRolesMapping": "Use realm roles mapping", - "ldapAttributeName": "LDAP attribute name", - "ldapAttributeValue": "LDAP attribute value", - "userModelAttribute": "User model attribute", - "ldapAttribute": "LDAP attribute", - "readOnly": "Read only", - "alwaysReadValueFromLdap": "Always read value from LDAP", - "isMandatoryInLdap": "Is mandatory in LDAP", - "attributeDefaultValue": "Attribute default value", - "isBinaryAttribute": "Is binary attribute", - "derFormatted": "DER formatted", - "passwordPolicyHintsEnabled": "Password policy hints enabled", - "userModelAttributeName": "User model attribute name", - "attributeValue": "Attribute Value", - "selectRole": { - "label": "Select Role", - "tooltip": "Enter role in the textbox to the left, or click this button to browse and select the role you want." - }, - "group": "Group", - "providerType": "Provider Type", - "parentId": "Parent ID", - "kerberosPrincipal": "Kerberos Principal", - "kerberosKeyTab": "Kerberos Key Tab", - "sync-ldap-roles-to-keycloak": "Sync LDAP roles to Keycloak", - "sync-keycloak-roles-to-ldap": "Sync Keycloak roles to LDAP", - "sync-ldap-groups-to-keycloak": "Sync LDAP groups to Keycloak", - "sync-keycloak-groups-to-ldap": "Sync Keycloak groups to LDAP", - "addKerberosWizardDescription": "Text needed here", - "addLdapWizardDescription": "Text needed here", - "ldapGeneralOptionsSettingsDescription": "This section contains a few basic options common to all user storage providers.", - "uiDisplayNameHelp": "Display name of provider when linked in the Admin UI", - "vendorHelp": "LDAP vendor (provider)", - "ldapConnectionAndAuthorizationSettingsDescription": "This section contains options related to the configuration of the connection to the LDAP server. It also contains options related to authentication of the LDAP connection to the LDAP server.", - "consoleDisplayConnectionUrlHelp": "Connection URL to your LDAP server", - "enableStartTlsHelp": "Encrypts the connection to LDAP using STARTTLS, which will disable connection pooling", - "useTruststoreSpiHelp": "Specifies whether LDAP connection will use the Truststore SPI with the truststore configured in command-line options. 'Always' means that it will always use it. 'Never' means that it will not use it. Note that even if Keycloak truststore is not configured, the default java cacerts or certificate specified by 'javax.net.ssl.trustStore' property will be used.", - "connectionPoolingHelp": "Determines if Keycloak should use connection pooling for accessing LDAP server.", - "connectionTimeoutHelp": "LDAP connection timeout in milliseconds", - "bindTypeHelp": "Type of the authentication method used during LDAP bind operation. It is used in most of the requests sent to the LDAP server. Currently only 'none' (anonymous LDAP authentication) or 'simple' (bind credential + bind password authentication) mechanisms are available.", - "bindDnHelp": "DN of the LDAP admin, which will be used by Keycloak to access LDAP server", - "bindCredentialsHelp": "Password of LDAP admin. This field is able to obtain its value from vault, use ${vault.ID} format.", - "ldapSearchingAndUpdatingSettingsDescription": "This section contains options related to searching the LDAP server for the available users.", - "editModeLdapHelp": "READ_ONLY is a read-only LDAP store. WRITABLE means data will be synced back to LDAP on demand. UNSYNCED means user data will be imported, but not synced back to LDAP.", - "usersDNHelp": "Full DN of LDAP tree where your users are. This DN is the parent of LDAP users. It could be for example 'ou=users,dc=example,dc=com' assuming that your typical user will have DN like 'uid='john',ou=users,dc=example,dc=com'.", - "usernameLdapAttributeHelp": "Name of the LDAP attribute, which is mapped as Keycloak username. For many LDAP server vendors it can be 'uid'. For Active directory it can be 'sAMAccountName' or 'cn'. The attribute should be filled for all LDAP user records you want to import from LDAP to Keycloak.", - "rdnLdapAttributeHelp": "Name of the LDAP attribute, which is used as RDN (top attribute) of typical user DN. Usually it's the same as the Username LDAP attribute, however it is not required. For example for Active directory, it is common to use 'cn' as RDN attribute when username attribute might be 'sAMAccountName'.", - "uuidLdapAttributeHelp": "Name of the LDAP attribute, which is used as a unique object identifier (UUID) for objects in LDAP. For many LDAP server vendors, it is 'entryUUID'; however some are different. For example, for Active directory it should be 'objectGUID'. If your LDAP server does not support the notion of UUID, you can use any other attribute that is supposed to be unique among LDAP users in tree. For example 'uid' or 'entryDN'.", - "userObjectClassesHelp": "All values of LDAP objectClass attribute for users in LDAP, divided by commas. For example: 'inetOrgPerson, organizationalPerson'. Newly created Keycloak users will be written to LDAP with all those object classes and existing LDAP user records are found just if they contain all those object classes.", - "userLdapFilterHelp": "Additional LDAP filter for filtering searched users. Leave this empty if you don't need an additional filter. Make sure that it starts with '(' and ends with ')'.", - "searchScopeHelp": "For one level, the search applies only for users in the DNs specified by User DNs. For subtree, the search applies to the whole subtree. See LDAP documentation for more details.", - "readTimeoutHelp": "LDAP read timeout in milliseconds. This timeout applies for LDAP read operations.", - "paginationHelp": "Whether the LDAP server supports pagination", - "ldapSynchronizationSettingsDescription": "This section contains options related to synchronization of users from LDAP to the Keycloak database.", - "syncRegistrationsHelp": "Should newly created users be created within LDAP store? Priority effects which provider is chosen to sync the new user. This setting is effectively appplied only with WRITABLE edit mode.", - "importUsersHelp": "If true, LDAP users will be imported into the Keycloak DB and synced by the configured sync policies.", - "batchSizeHelp": "Count of LDAP users to be imported from LDAP to Keycloak within a single transaction", - "periodicFullSyncHelp": "Whether periodic full synchronization of LDAP users to Keycloak should be enabled or not", - "fullSyncPeriodHelp": "Period for full synchronization in seconds", - "periodicChangedUsersSyncHelp": "Whether periodic synchronization of changed or newly created LDAP users to Keycloak should be enabled or not", - "changedUsersSyncHelp": "Period for synchronization of changed or newly created LDAP users in seconds", - "ldapKerberosSettingsDescription": "This section contains options useful for the Kerberos integration. This is used only when the LDAP server is used together with Kerberos/SPNEGO for user authentication.", - "allowKerberosAuthenticationHelp": "Enable/disable HTTP authentication of users with SPNEGO/Kerberos tokens. The data about authenticated users will be provisioned from this LDAP server.", - "useKerberosForPasswordAuthenticationHelp": "User Kerberos login module for authenticating username/password against Kerberos server instead of authenticating against LDAP server with Directory Service API", - "cacheSettingsDescription": "This section contains options useful for caching users, which were loaded from this user storage provider.", - "cachePolicyHelp": "Cache Policy for this storage provider. 'DEFAULT' is whatever the default settings are for the global cache. 'EVICT_DAILY' is a time of day every day that the cache will be invalidated. 'EVICT_WEEKLY' is a day of the week and time the cache will be invalidated. 'MAX_LIFESPAN' is the time in milliseconds that will be the lifespan of a cache entry.", - "evictionDayHelp": "Day of the week the entry will become invalid", - "evictionHourHelp": "Hour of the day the entry will become invalid", - "evictionMinuteHelp": "Minute of the hour the entry will become invalid", - "maxLifespanHelp": "Max lifespan of cache entry in milliseconds", - "ldapAdvancedSettingsDescription": "This section contains all the other options for more fine-grained configuration of the LDAP storage provider.", - "enableLdapv3PasswordHelp": "Use the LDAPv3 Password Modify Extended Operation (RFC-3062). The password modify extended operation usually requires that LDAP user already has password in the LDAP server. So when this is used with 'Sync Registrations', it can be good to add also 'Hardcoded LDAP attribute mapper' with randomly generated initial password.", - "validatePasswordPolicyHelp": "Determines if Keycloak should validate the password with the realm password policy before updating it. For the case when user's password is saved in LDAP, some Keycloak password policies will not work (Not Recently Used, Expire Password, Hashing Iterations, Hashing Algorithm) due the fact that Keycloak does not have direct control over the password storage. It is needed to enable password policies at the LDAP server layer if you want to leverage those password policies.", - "trustEmailHelp": "If enabled, email provided by this provider is not verified even if verification is enabled for the realm.", - "IDK-periodicChangedUsersSyncHelp": "Should newly created users be created within LDAP store? Priority affects which provider is chosen to sync the new user.", - "kerberosWizardDescription": "Text needed here.", - "kerberosRequiredSettingsDescription": "This section contains a few basic options common to all user storage providers.", - "kerberosRealmHelp": "Name of kerberos realm. For example, FOO.ORG", - "serverPrincipalHelp": "Full name of server principal for HTTP service including server and domain name. For example, HTTP/host.foo.org@FOO.ORG", - "keyTabHelp": "Location of Kerberos KeyTab file containing the credentials of server principal. For example, /etc/krb5.keytab", - "krbPrincipalAttributeHelp": "Name of the LDAP attribute, which refers to Kerberos principal. This is used to lookup appropriate LDAP user after successful Kerberos/SPNEGO authentication in Keycloak. When this is empty, the LDAP user will be looked based on LDAP username corresponding to the first part of his Kerberos principal. For instance, for principal 'john@KEYCLOAK.ORG', it will assume that LDAP username is 'john'.", - "debugHelp": "Enable/disable debug logging to standard output for Krb5LoginModule.", - "allowPasswordAuthenticationHelp": "Enable/disable possibility of username/password authentication against Kerberos database", - "editModeKerberosHelp": "READ_ONLY means that password updates are not allowed and user always authenticates with Kerberos password. UNSYNCED means that the user can change the password in the Keycloak database and this one will be used instead of the Kerberos password.", - "updateFirstLoginHelp": "Update profile on first login", - "mapperTypeMsadUserAccountControlManagerHelp": "Mapper specific to MSAD. It's able to integrate the MSAD user account state into Keycloak account state (account enabled, password is expired etc). It's using userAccountControl and pwdLastSet MSAD attributes for that. For example if pwdLastSet is 0, the Keycloak user is required to update the password; if userAccountControl is 514 (disabled account) the Keycloak user is disabled as well etc. Mapper is also able to handle the exception code from LDAP user authentication.", - "mapperTypeMsadLdsUserAccountControlMapperHelp": "Mapper specific to MSAD LDS. It's able to integrate the MSAD LDS user account state into Keycloak account state (account enabled, password is expired etc). It's using msDS-UserAccountDisabled and pwdLastSet is 0, the Keycloak user is required to update password, if msDS-UserAccountDisabled is 'TRUE' the Keycloak user is disabled as well etc. Mapper is also able to handle exception code from LDAP user authentication.", - "mapperTypeGroupLdapMapperHelp": "Used to map group mappings of groups from some LDAP DN to Keycloak group mappings", - "mapperTypeRoleLdapMapperHelp": "Used to map role mappings of roles from some LDAP DN to Keycloak role mappings of either realm roles or client roles of particular client", - "mapperTypeHardcodedAttributeMapperHelp": "This mapper will hardcode any model user attribute and some property (like emailVerified or enabled) when importing user from LDAP.", - "mapperTypeHardcodedLdapRoleMapperHelp": "Users imported from LDAP will be automatically added into this configured role.", - "mapperTypeCertificateLdapMapperHelp": "Used to map single attribute which contains a certificate from LDAP user to attribute of UserModel in Keycloak DB", - "mapperTypeFullNameLdapMapperHelp": "Used to map the full-name of a user from single attribute in LDAP (usually 'cn' attribute) to firstName and lastName attributes of UserModel in Keycloak DB", - "mapperTypeHardcodedLdapGroupMapperHelp": "Users imported from LDAP will be automatically added into this configured group.", - "mapperTypeLdapAttributeMapperHelp": "This mapper is supported just if syncRegistrations is enabled. New users registered in Keycloak will be written to the LDAP with the hardcoded value of some specified attribute.", - "passwordPolicyHintsEnabledHelp": "Applicable just for writable MSAD. If on, then updating password of MSAD user will use LDAP_SERVER_POLICY_HINTS_OID extension, which means that advanced MSAD password policies like 'password history' or 'minimal password age' will be applied. This extension works just for MSAD 2008 R2 or newer.", - "nameHelpHelp": "Name of the mapper", - "mapperTypeHelp": "Used to map single attribute from LDAP user to attribute of UserModel in Keycloak DB", - "userModelAttributeHelp": "Name of the UserModel property or attribute you want to map the LDAP attribute into. For example 'firstName', 'lastName, 'email', 'street' etc.", - "ldapAttributeHelp": "Name of mapped attribute on LDAP object. For example 'cn', 'sn', 'mail', 'street', etc.", - "readOnlyHelp": "Read-only attribute is imported from LDAP to UserModel, but it's not saved back to LDAP when user is updated in Keycloak.", - "alwaysReadValueFromLdapHelp": "If on, then during reading of the LDAP attribute value will always used instead of the value from Keycloak DB.", - "isMandatoryInLdapHelp": "If true, attribute is mandatory in LDAP. Hence if there is no value in Keycloak DB, the empty value will be set to be propagated to LDAP.", - "attributeDefaultValueHelp": "If there is no value in Keycloak DB and attribute is mandatory in LDAP, this value will be propagated to LDAP.", - "isBinaryAttributeHelp": "Should be true for binary LDAP attributes.", - "derFormattedHelp": "Activate this if the certificate is DER formatted in LDAP and not PEM formatted.", - "ldapFullNameAttributeHelp": "Name of the LDAP attribute, which contains the fullName of the user. Usually it will be 'cn'.", - "fullNameLdapReadOnlyHelp": "For Read-only, data is imported from LDAP to Keycloak DB, but it's not saved back to LDAP when the user is updated in Keycloak.", - "fullNameLdapWriteOnlyHelp": "For Write-only, data is propagated to LDAP when a user is created or updated in Keycloak. But this mapper is not used to propagate data from LDAP back into Keycloak. This setting is useful if you configured separate firstName and lastName attribute mappers and you want to use those to read the attribute from LDAP into Keycloak.", - "ldapGroupsDnHelp": "LDAP DN where groups of this tree are saved. For example 'ou=groups,dc=example,dc=org'", - "groupNameLdapAttributeHelp": "Name of LDAP attribute, which is used in group objects for name and RDN of group. Usually it will be 'cn'. In this case typical group/role object may have DN like 'cn=Group1,ouu=groups,dc=example,dc=org'.", - "groupObjectClassesHelp": "Object class (or classes) of the group object. It's divided by commas if more classes needed. In typical LDAP deployment it could be 'groupOfNames'. In Active Directory it's usually 'group'.", - "preserveGroupInheritanceHelp": "Flag whether group inheritance from LDAP should be propagated to Keycloak. If false, then all LDAP groups will be mapped as flat top-level groups in Keycloak. Otherwise group inheritance is preserved into Keycloak, but the group sync might fail if LDAP structure contains recursions or multiple parent groups per child groups.", - "ignoreMissingGroupsHelp": "Ignore missing groups in the group hierarchy.", - "userGroupsRetrieveStrategyHelp": "Specify how to retrieve groups of user. LOAD_GROUPS_BY_MEMBER_ATTRIBUTE means that roles of user will be retrieved by sending LDAP query to retrieve all groups where 'member' is our user. GET_GROUPS_FROM_USER_MEMBEROF_ATTRIBUTE means that groups of user will be retrieved from 'memberOf' attribute of our user or from the other attribute specified by 'Member-Of LDAP Attribute'.", - "mappedGroupAttributesHelp": "List of names of attributes divided by commas. This points to the list of attributes on LDAP group, which will be mapped as attributes of Group in Keycloak. Leave this empty if no additional group attributes are required to be mapped in Keycloak.", - "dropNonexistingGroupsDuringSyncHelp": "If this flag is true, then during sync of groups from LDAP to Keycloak, we will keep just those Keycloak groups that still exist in LDAP. The rest will be deleted.", - "groupsPathHelp": "Keycloak group path the LDAP groups are added to. For example if value '/Applications/App1' is used, then LDAP groups will be available in Keycloak under group 'App1', which is child of top level group 'Applications'. The default value is '/' so LDAP groups will be mapped to the Keycloak groups at the top level. The configured group path must already exist in the Keycloak when creating this mapper.", - "ldapRolesDnHelp": "LDAP DN where roles of this tree are saved. For example, 'ou=finance,dc=example,dc=org'", - "roleNameLdapAttributeHelp": "Name of LDAP attribute, which is used in role objects for name and RDN of role. Usually it will be 'cn'. In this case typical group/role object may have DN like 'cn=role1,ou=finance,dc=example,dc=org'.", - "roleObjectClassesHelp": "Object class (or classes) of the role object. It's divided by commas if more classes are needed. In typical LDAP deployment it could be 'groupOfNames'. In Active Directory it's usually 'group'.", - "userRolesRetrieveStrategyHelp": "Specify how to retrieve roles of user. LOAD_ROLES_BY_MEMBER_ATTRIBUTE means that roles fo user will be retrieved by sending LDAP query to retrieve all roles where 'member' is our user. GET_ROLES_FROM_USER_MEMBEROF means that roles of user will be retrieved from 'memberOf' attribute of our user. Or from the other attributes specified by 'Member-Of LDAP Attribute'. LOAD_ROLES_BY_MEMBER_ATTRIBUTE is applicable just in Active Directory and it means that roles of user will be retrieved recursively with usage of LDAP_MATCHING_RULE_IN_CHAIN LDAP extension.", - "useRealmRolesMappingHelp": "If true, then LDAP role mappings will be mapped to realm role mappings in Keycloak. Otherwise it will be mapped to client role mappings.", - "clientIdHelpHelp": "Client ID of client to which LDAP role mappings will be mapped. Applicable only if 'Use Realm Roles Mapping' is false.", - "membershipLdapAttributeHelp": "Name of LDAP attribute on group, which is used for membership mappings. Usually it will be 'member'. However when 'Membership Attribute Type' is 'UID', then 'Membership LDAP Attribute' could be typically 'memberUid'.", - "membershipAttributeTypeHelp": "DN means that LDAP group has it's members declared in form of their full DN. For example 'member: uid=john,ou=users,dc=example,dc=com'. UID means that LDAP group has it's members declared in form of pure user uids. For example 'memberUid: john'.", - "membershipUserLdapAttributeHelp": "Used just if Membership Attribute Type is UID. It is the name of the LDAP attribute on user, which is used for membership mappings. Usually it will be 'uid'. For example if the value of 'Membership User LDAP Attribute' is 'uid' and LDAP group has 'memberUid: john', then it is expected that particular LDAP user will have attribute 'uid: john'.", - "ldapFilterHelp": "LDAP Filter adds an additional custom filter to the whole query for retrieve LDAP groups. Leave this empty if no additional filtering is needed and you want to retrieve all groups from LDAP. Otherwise make sure that filter starts with '(' and ends with ')'.", - "modeHelp": "LDAP_ONLY means that all group mappings of users are retrieved from LDAP and saved into LDAP. READ_ONLY is Read-only LDAP mode where group mappings are retrieved from both LDAP and DB and merged together. New group joins are not saved to LDAP but to DB. IMPORT is Read-only LDAP mode where group mappings are retrieved from LDAP just at the time when user is imported from LDAP and then they are saved to local keycloak DB.", - "memberofLdapAttributeHelp": "Used just when 'User Roles Retrieve Strategy' is GET_GROUPS_FROM_USER_MEMBEROF_ATTRIBUTE. It specifies the name of the LDAP attribute on the LDAP user, which contains the groups, which the user is member of. Usually it will be the default 'memberOf'.", - "userModelAttributeNameHelp": "Name of the model attribute to be added when importing user from LDAP", - "attributeValueHelp": "Value the attribute must have. If the attribute is a list, then the value must be contained in the list.", - "roleHelpHelp": "Role to grant to user. Click 'Select Role' button to browse roles, or just type it in the textbox. To reference an application role the syntax is appname.approle, i.e. myapp.myrole.", - "groupHelp": "Group to add the user in. Fill the full path of the group including path. For example: '/root-group/child-group'.", - "ldapAttributeNameHelp": "Name of the LDAP attribute, which will be added to the new user during registration", - "ldapAttributeValueHelp": "Value of the LDAP attribute, which will be added to the new user during registration. You can either hardcode any value like 'foo' but you can also use some special tokens. Only supported token right now is '${RANDOM}', which will be replaced with some randomly generated string.", - "listExplain": "Identity providers are social networks or identity brokers that allow users to authenticate to Keycloak.", - "searchForProvider": "Search for provider", - "addIdPMapper": "Add Identity Provider Mapper", - "editIdPMapper": "Edit Identity Provider Mapper", - "mappersList": "Mappers list", - "noMappers": "No Mappers", - "noMappersInstructions": "There are currently no mappers for this identity provider.", - "addKeycloakOpenIdProvider": "Add Keycloak OpenID Connect provider", - "addOpenIdProvider": "Add OpenID Connect provider", - "addSamlProvider": "Add SAML provider", - "manageDisplayOrder": "Manage display order", - "deleteProviderMapper": "Delete mapper?", - "deleteMapperConfirm": "Are you sure you want to permanently delete the mapper {{mapper}}?", - "deleteMapperSuccess": "Mapper successfully deleted.", - "disableProvider": "Disable provider?", - "disableSuccess": "Provider successfully disabled", - "disableError": "Could not disable the provider {{error}}", - "addIdentityProvider": "Add {{provider}} provider", - "redirectURI": "Redirect URI", - "samlEndpointsLabel": "SAML 2.0 Service Provider Metadata", - "orderDialogIntro": "The order that the providers are listed in the login page or the Account UI. You can drag the row handles to change the order.", - "manageOrderTableAria": "List of identity providers in the order listed on the login page", - "useDiscoveryEndpoint": "Use discovery endpoint", - "discoveryEndpoint": "Discovery endpoint", - "useEntityDescriptor": "Use entity descriptor", - "samlEntityDescriptor": "SAML entity descriptor", - "ssoServiceUrl": "Single Sign-On service URL", - "singleLogoutServiceUrl": "Single logout service URL", - "nameIdPolicyFormat": "NameID policy format", - "persistent": "Persistent", - "transient": "Transient", - "x509": "X.509 Subject Name", - "windowsDomainQN": "Windows Domain Qualified Name", - "unspecified": "Unspecified", - "principalType": "Principal type", - "principalAttribute": "Principal attribute", - "allowCreate": "Allow create", - "subjectNameId": "Subject NameID", - "attributeFriendlyName": "Attribute [Friendly Name]", - "claim": "Claim", - "claimValue": "Claim Value", - "claims": "Claims", - "socialProfileJSONFieldPath": "Social Profile JSON Field Path", - "mapperAttributeName": "Attribute Name", - "mapperUserAttributeName": "User Attribute Name", - "mapperAttributeFriendlyName": "Friendly name", - "httpPostBindingResponse": "HTTP-POST binding response", - "httpPostBindingAuthnRequest": "HTTP-POST binding for AuthnRequest", - "httpPostBindingLogout": "HTTP-POST binding logout", - "wantAuthnRequestsSigned": "Want AuthnRequests signed", - "encryptionAlgorithm": "Encryption Algorithm", - "samlSignatureKeyName": "SAML signature key name", - "wantAssertionsSigned": "Want Assertions signed", - "wantAssertionsEncrypted": "Want Assertions encrypted", - "forceAuthentication": "Force authentication", - "validatingX509Certs": "Validating X509 certificates", - "signServiceProviderMetadata": "Sign service provider metadata", - "passSubject": "Pass subject", - "serviceProviderEntityId": "Service provider entity ID", - "identityProviderEntityId": "Identity provider entity ID", - "importConfig": "Import config from file", - "showMetaData": "Show metadata", - "hideMetaData": "Hide metadata", - "noValidMetaDataFound": "No valid metadata was found at this URL: '{{error}}'", - "metadataOfDiscoveryEndpoint": "Metadata of the discovery endpoint", - "authorizationUrl": "Authorization URL", - "passLoginHint": "Pass login_hint", - "passMaxAge": "Pass max_age", - "passCurrentLocale": "Pass current locale", - "tokenUrl": "Token URL", - "logoutUrl": "Logout URL", - "backchannelLogout": "Backchannel logout", - "disableUserInfo": "Disable user info", - "isAccessTokenJWT": "Access Token is JWT", - "userInfoUrl": "User Info URL", - "doNotStoreUsers": "Do not store users", - "issuer": "Issuer", - "prompt": "Prompt", - "prompts": { - "unspecified": "Unspecified", - "none": "None", - "consent": "Consent", - "login": "Login", - "select_account": "Select account" - }, - "clientAuthentications": { - "client_secret_post": "Client secret sent as post", - "client_secret_basic": "Client secret sent as basic auth", - "client_secret_jwt": "JWT signed with client secret", - "private_key_jwt": "JWT signed with private key" - }, - "clientAssertionAudience": "Client assertion audience", - "clientAssertionSigningAlg": "Client assertion signature algorithm", - "algorithmNotSpecified": "Algorithm not specified", - "acceptsPromptNone": "Accepts prompt=none forward from client", - "validateSignature": "Validate Signatures", - "validatingPublicKey": "Validating public key", - "validatingPublicKeyId": "Validating public key id", - "pkceEnabled": "Use PKCE", - "pkceMethod": "PKCE Method", - "allowedClockSkew": "Allowed clock skew", - "attributeConsumingServiceIndex": "Attribute Consuming Service Index", - "attributeConsumingServiceName": "Attribute Consuming Service Name", - "forwardParameters": "Forwarded query parameters", - "oidcSettings": "OpenID Connect settings", - "samlSettings": "SAML settings", - "reqAuthnConstraints": "Requested AuthnContext Constraints", - "keyID": "KEY_ID", - "NONE": "NONE", - "certSubject": "CERT_SUBJECT", - "storeTokens": "Store tokens", - "storedTokensReadable": "Stored tokens readable", - "comparison": "Comparison", - "authnContextClassRefs": "AuthnContext ClassRefs", - "addAuthnContextClassRef": "Add AuthnContext ClassRef", - "authnContextDeclRefs": "AuthnContext DeclRefs", - "addAuthnContextDeclRef": "Add AuthnContext DeclRef", - "accountLinkingOnly": "Account linking only", - "hideOnLoginPage": "Hide on login page", - "filteredByClaim": "Verify essential claim", - "claimFilterName": "Essential claim", - "claimFilterValue": "Essential claim value", - "firstBrokerLoginFlowAlias": "First login flow", - "postBrokerLoginFlowAlias": "Post login flow", - "syncMode": "Sync mode", - "syncModes": { - "inherit": "Inherit", - "import": "Import", - "legacy": "Legacy", - "force": "Force" - }, - "syncModeOverride": "Sync mode override", - "regexAttributeValues": "Regex Attribute Values", - "regexClaimValues": "Regex Claim Values", - "mapperSaveSuccess": "Mapper saved successfully.", - "mapperSaveError": "Error saving mapper: {{error}}", - "userAttribute": "User Attribute", - "userAttributeValue": "User Attribute Value", - "userSessionAttribute": "User Session Attribute", - "userSessionAttributeValue": "User Session Attribute Value", - "target": "Target", - "targetOptions": { - "local": "LOCAL", - "brokerId": "BROKER_ID", - "brokerUsername": "BROKER_USERNAME" - }, - "redirectURIHelp": "The redirect uri to use when configuring the identity provider.", - "clientSecretHelp": "The client secret registered with the identity provider. This field is able to obtain its value from vault, use ${vault.ID} format.", - "displayOrderHelp": "Number defining the order of the providers in GUI (for example, on the Login page). The lowest number will be applied first.", - "useDiscoveryEndpointHelp": "If this setting is enabled, the discovery endpoint will be used to fetch the provider config. Keycloak can load the config from the endpoint and automatically update the config if the source has any updates", - "discoveryEndpointHelp": "Import metadata from a remote IDP discovery descriptor.", - "importConfigHelp": "Import metadata from a downloaded IDP discovery descriptor.", - "passLoginHintHelp": "Pass login_hint to identity provider.", - "passMaxAgeHelp": "Pass max_age to identity provider.", - "passCurrentLocaleHelp": "Pass the current locale to the identity provider as a ui_locales parameter.", - "logoutUrlHelp": "End session endpoint to use to logout user from external IDP.", - "backchannelLogoutHelp": "Does the external IDP support backchannel logout?", - "disableUserInfoHelp": "Disable usage of User Info service to obtain additional user information? Default is to use this OIDC service.", - "isAccessTokenJWTHelp": "The Access Token received from the Identity Provider is a JWT and its claims will be accessible for mappers.", - "userInfoUrlHelp": "The User Info Url. This is optional.", - "doNotStoreUsersHelp": "When enabled, users from this broker are not persisted in internal database.", - "issuerHelp": "The issuer identifier for the issuer of the response. If not provided, no validation will be performed.", - "promptHelp": "Specifies whether the Authorization Server prompts the End-User for re-authentication and consent.", - "acceptsPromptNoneHelp": "This is just used together with Identity Provider Authenticator or when kc_idp_hint points to this identity provider. In case that client sends a request with prompt=none and user is not yet authenticated, the error will not be directly returned to client, but the request with prompt=none will be forwarded to this identity provider.", - "validateSignatureHelp": "Enable/disable signature validation of external IDP signatures.", - "validatingPublicKeyHelp": "The public key in PEM format that must be used to verify external IDP signatures.", - "validatingPublicKeyIdHelp": "Explicit ID of the validating public key given above if the key ID. Leave blank if the key above should be used always, regardless of key ID specified by external IDP; set it if the key should only be used for verifying if the key ID from external IDP matches.", - "pkceEnabledHelp": "Use PKCE (Proof of Key-code exchange) for IdP Brokering", - "pkceMethodHelp": "PKCE Method to use", - "allowedClockSkewHelp": "Clock skew in seconds that is tolerated when validating identity provider tokens. Default value is zero.", - "attributeConsumingServiceIndexHelp": "Index of the Attribute Consuming Service profile to request during authentication.", - "attributeConsumingServiceNameHelp": "Name of the Attribute Consuming Service profile to advertise in the SP metadata.", - "forwardParametersHelp": "Non OpenID Connect/OAuth standard query parameters to be forwarded to external IDP from the initial application request to Authorization Endpoint. Multiple parameters can be entered, separated by comma (,).", - "clientAuthenticationHelp": "The client authentication method (cfr. https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication). In case of JWT signed with private key, the realm private key is used.", - "clientAssertionAudienceHelp": "The audience to use for the client assertion. The default value is the IDP's token endpoint URL.", - "clientAssertionSigningAlgHelp": "Signature algorithm to create JWT assertion as client authentication. In the case of JWT signed with private key or JWT signed with client secret, it is required. If no algorithm is specified, the following algorithm is adapted. RS256 is adapted in the case of JWT signed with private key. HS256 is adapted in the case of JWT signed with client secret.", - "storeTokensHelp": "Enable/disable if tokens must be stored after authenticating users.", - "storedTokensReadableHelp": "Enable/disable if new users can read any stored tokens. This assigns the broker.read-token role.", - "accountLinkingOnlyHelp": "If true, users cannot log in through this provider. They can only link to this provider. This is useful if you don't want to allow login from the provider, but want to integrate with a provider", - "hideOnLoginPageHelp": "If hidden, login with this provider is possible only if requested explicitly, for example using the 'kc_idp_hint' parameter.", - "filteredByClaimHelp": "If true, ID tokens issued by the identity provider must have a specific claim. Otherwise, the user can not authenticate through this broker.", - "claimFilterNameHelp": "Name of the essential claim", - "claimFilterValueHelp": "Value of the essential claim (with regex support)", - "firstBrokerLoginFlowAliasHelp": "Alias of authentication flow, which is triggered after first login with this identity provider. Term 'First Login' means that no Keycloak account is currently linked to the authenticated identity provider account.", - "postBrokerLoginFlowAliasHelp": "Alias of authentication flow, which is triggered after each login with this identity provider. Useful if you want additional verification of each user authenticated with this identity provider (for example OTP). Leave this to \"None\" if you need no any additional authenticators to be triggered after login with this identity provider. Also note that authenticator implementations must assume that user is already set in ClientSession as identity provider already set it.", - "syncModeHelp": "Default sync mode for all mappers. The sync mode determines when user data will be synced using the mappers. Possible values are: 'legacy' to keep the behaviour before this option was introduced, 'import' to only import the user once during first login of the user with this identity provider, 'force' to always update the user during every login with this identity provider.", - "serviceProviderEntityIdHelp": "The Entity ID that will be used to uniquely identify this SAML Service Provider.", - "identityProviderEntityIdHelp": "The Entity ID used to validate the Issuer for received SAML assertions. If empty, no Issuer validation is performed.", - "useEntityDescriptorHelp": "Import metadata from a remote IDP SAML entity descriptor.", - "samlEntityDescriptorHelp": "Allows you to load external IDP metadata from a config file or to download it from a URL.", - "ssoServiceUrlHelp": "The Url that must be used to send authentication requests (SAML AuthnRequest).", - "singleLogoutServiceUrlHelp": "The Url that must be used to send logout requests.", - "nameIdPolicyFormatHelp": "Specifies the URI reference corresponding to a name identifier format.", - "principalTypeHelp": "Way to identify and track external users from the assertion. Default is using Subject NameID, alternatively you can set up identifying attribute.", - "principalAttributeHelp": "Name or Friendly Name of the attribute used to identify external users.", - "allowCreateHelp": "Allow the external identity provider to create a new identifier to represent the principal.", - "httpPostBindingResponseHelp": "Indicates whether to respond to requests using HTTP-POST binding. If false, HTTP-REDIRECT binding will be used.", - "httpPostBindingAuthnRequestHelp": "Indicates whether the AuthnRequest must be sent using HTTP-POST binding. If false, HTTP-REDIRECT binding will be used.", - "httpPostBindingLogoutHelp": "Indicates whether to respond to requests using HTTP-POST binding. If false, HTTP-REDIRECT binding will be used.", - "wantAuthnRequestsSignedHelp": "Indicates whether the identity provider expects a signed AuthnRequest.", - "encryptionAlgorithmHelp": "Encryption algorithm, which is used by SAML IDP for encryption of SAML documents, assertions or IDs. The corresponding decryption key for decrypt SAML document parts will be chosen based on this configured algorithm and should be available in realm keys for the encryption (ENC) usage. If algorithm is not configured, then any supported algorithm is allowed and decryption key will be chosen based on the algorithm configured in SAML document itself.", - "samlSignatureKeyNameHelp": "Signed SAML documents contain identification of signing key in KeyName element. For Keycloak / RH-SSO counter-party, use KEY_ID, for MS AD FS use CERT_SUBJECT, for others check and use NONE if no other option works.", - "wantAssertionsSignedHelp": "Indicates whether this service provider expects a signed Assertion.", - "wantAssertionsEncryptedHelp": "Indicates whether this service provider expects an encrypted Assertion.", - "forceAuthenticationHelp": "Indicates whether the identity provider must authenticate the presenter directly rather than rely on a previous security context.", - "validateSignatures": "Enable/disable signature validation of SAML responses.", - "validatingX509CertsHelp": "The certificate in PEM format that must be used to check for signatures. Multiple certificates can be entered, separated by comma (,).", - "signServiceProviderMetadataHelp": "Enable/disable signature of the provider SAML metadata.", - "passSubjectHelp": "During login phase, forward an optional login_hint query parameter to SAML AuthnRequest's Subject.", - "comparisonHelp": "Specifies the comparison method used to evaluate the requested context classes or statements. The default is \"Exact\".", - "authnContextClassRefsHelp": "Ordered list of requested AuthnContext ClassRefs.", - "authnContextDeclRefsHelp": "Ordered list of requested AuthnContext DeclRefs.", - "addIdpMapperNameHelp": "Name of the mapper.", - "syncModeOverrideHelp": "Overrides the default sync mode of the IDP for this mapper. Values are: 'legacy' to keep the behaviour before this option was introduced, 'import' to only import the user once during first login of the user with this identity provider, 'force' to always update the user during every login with this identity provider and 'inherit' to use the sync mode defined in the identity provider for this mapper.", - "advancedAttributeToRole": "If the set of attributes exists and can be matched, grant the user the specified realm or client role.", - "usernameTemplateImporter": "Format the username to import.", - "hardcodedUserSessionAttribute": "When a user is imported from a provider, hardcode a value to a specific user session attribute.", - "externalRoleToRole": "Looks for an external role in a keycloak access token. If external role exists, grant the user the specified realm or client role.", - "advancedClaimToRole": "If all claims exist, grant the user the specified realm or client role.", - "claimToRole": "If a claim exists, grant the user the specified realm or client role.", - "oidcAttributeImporter": "Import declared claim if it exists in ID, access token, or the claim set returned by the user profile endpoint into the specified user property or attribute.", - "attributeImporter": "Import declared SAML attribute if it exists in assertion into the specified user property or attribute.", - "hardcodedRole": "When user is imported from provider, hardcode a role mapping for it.", - "hardcodedAttribute": "When user is imported from provider, hardcode a value to a specific user attribute.", - "samlAttributeToRole": "If an attribute exists, grant the user the specified realm or client role.", - "templateHelp": "Template to use to format the username to import. Substitutions are enclosed in ${}. For example: '${ALIAS}.${CLAIM.sub}'. ALIAS is the provider alias. CLAIM. references an ID or Access token claim. The substitution can be converted to upper or lower case by appending |uppercase or |lowercase to the substituted value, e.g. '${CLAIM.sub | lowercase}", - "targetHelp": "Destination field for the mapper. LOCAL (default) means that the changes are applied to the username stored in local database upon user import. BROKER_ID and BROKER_USERNAME means that the changes are stored into the ID or username used for federation user lookup, respectively.", - "userSessionAttributeHelp": "Name of user session attribute you want to hardcode", - "userAttributeHelp": "Name of user attribute you want to hardcode", - "claimHelp": "Name of claim to search for in token. You can reference nested claims by using a '.', i.e. 'address.locality'. To use dot (.) literally, escape it with backslash. (\\.)", - "socialProfileJSONFieldPathHelp": "Path of field in Social Provider User Profile JSON data to get value from. You can use dot notation for nesting and square brackets for array index. E.g. 'contact.address[0].country'.", - "userAttributeValueHelp": "Value you want to hardcode", - "friendlyName": "Friendly name of attribute to search for in assertion. You can leave this blank and specify a name instead.", - "userAttributeName": "User attribute name to store SAML attribute. Use email, lastName, and firstName to map to those predefined user properties.", - "socialUserAttributeName": "User attribute name to store information.", - "attributesHelp": "Name and (regex) value of the attributes to search for in token. The configured name of an attribute is searched in SAML attribute name and attribute friendly name fields. Every given attribute description must be met to set the role. If the attribute is an array, then the value must be contained in the array. If an attribute can be found several times, then one match is sufficient.", - "regexAttributeValuesHelp": "If enabled attribute values are interpreted as regular expressions.", - "addMultivaluedLabel": "Add {{fieldLabel}}", - "selectGroup": "Select group", - "usermodel": { - "prop": { - "label": "Property", - "tooltip": "Name of the property method in the UserModel interface. For example, a value of 'email' would reference the UserModel.getEmail() method." - }, - "attr": { - "label": "User Attribute", - "tooltip": "Name of stored user attribute which is the name of an attribute within the UserModel.attribute map." - }, - "clientRoleMapping": { - "clientId": { - "label": "Client ID", - "tooltip": "Client ID for role mappings. Just client roles of this client will be added to the token. If this is unset, client roles of all clients will be added to the token." - }, - "rolePrefix": { - "label": "Client Role prefix", - "tooltip": "A prefix for each client role (optional)." - }, - "tokenClaimName": { - "tooltip": "Name of the claim to insert into the token. This can be a fully qualified name like 'address.street'. In this case, a nested json object will be created. To prevent nesting and use dot literally, escape the dot with backslash (\\.). The special token ${client_id} can be used and this will be replaced by the actual client ID. Example usage is 'resource_access.${client_id}.roles'. This is useful especially when you are adding roles from all the clients (Hence 'Client ID' switch is unset) and you want client roles of each client stored separately." - } - }, - "realmRoleMapping": { - "rolePrefix": { - "label": "Realm Role prefix", - "tooltip": "A prefix for each Realm Role (optional)." - } - } - }, - "userSession": { - "modelNote": { - "label": "User Session Note", - "tooltip": "Name of stored user session note within the UserSessionModel.note map." - } - }, - "multivalued": { - "label": "Multivalued", - "tooltip": "Indicates if attribute supports multiple values. If true, the list of all values of this attribute will be set as claim. If false, just first value will be set as claim" - }, - "aggregate": { - "attrs": { - "label": "Aggregate attribute values", - "tooltip": "Indicates if attribute values should be aggregated with the group attributes. If using OpenID Connect mapper the multivalued option needs to be enabled too in order to get all the values. Duplicated values are discarded and the order of values is not guaranteed with this option." - } - }, - "jsonType": { - "label": "Claim JSON Type", - "tooltip": "JSON type that should be used to populate the json claim in the token. long, int, boolean, String and JSON are valid values." - }, - "includeInIdToken": { - "label": "Add to ID token", - "tooltip": "Should the claim be added to the ID token?" - }, - "includeInAccessToken": { - "label": "Add to access token", - "tooltip": "Should the claim be added to the access token?" - }, - "includeInAccessTokenResponse": { - "label": "Add to access token response", - "tooltip": "Should the claim be added to the access token response? Should only be used for informative and non-sensitive data" - }, - "includeInUserInfo": { - "label": "Add to userinfo", - "tooltip": "Should the claim be added to the userinfo?" - }, - "includeInIntrospection": { - "label": "Add to token introspection", - "tooltip": "Should the claim be added to the token introspection?" - }, - "sectorIdentifierUri": { - "label": "Sector Identifier URI", - "tooltip": "Providers that use pairwise sub values and support Dynamic Client Registration SHOULD use the sector_identifier_uri parameter. It provides a way for a group of websites under common administrative control to have consistent pairwise sub values independent of the individual domain names. It also provides a way for Clients to change redirect_uri domains without having to reregister all their users." - }, - "pairwiseSubAlgorithmSalt": { - "label": "Salt", - "tooltip": "Salt used when calculating the pairwise subject identifier. If left blank, a salt will be generated." - }, - "addressClaim": { - "street": { - "label": "User Attribute Name for Street", - "tooltip": "Name of User Attribute, which will be used to map to 'street_address' subclaim inside 'address' token claim. Defaults to 'street' ." - }, - "locality": { - "label": "User Attribute Name for Locality", - "tooltip": "Name of User Attribute, which will be used to map to 'locality' subclaim inside 'address' token claim. Defaults to 'locality' ." - }, - "region": { - "label": "User Attribute Name for Region", - "tooltip": "Name of User Attribute, which will be used to map to 'region' subclaim inside 'address' token claim. Defaults to 'region' ." - }, - "postal_code": { - "label": "User Attribute Name for Postal Code", - "tooltip": "Name of User Attribute, which will be used to map to 'postal_code' subclaim inside 'address' token claim. Defaults to 'postal_code' ." - }, - "country": { - "label": "User Attribute Name for Country", - "tooltip": "Name of User Attribute, which will be used to map to 'country' subclaim inside 'address' token claim. Defaults to 'country' ." - }, - "formatted": { - "label": "User Attribute Name for Formatted Address", - "tooltip": "Name of User Attribute, which will be used to map to 'formatted' subclaim inside 'address' token claim. Defaults to 'formatted' ." - } - }, - "included": { - "client": { - "audience": { - "label": "Included Client Audience", - "tooltip": "The Client ID of the specified audience client will be included in audience (aud) field of the token. If there are existing audiences in the token, the specified value is just added to them. It won't override existing audiences." - } - }, - "custom": { - "audience": { - "label": "Included Custom Audience", - "tooltip": "This is used just if 'Included Client Audience' is not filled. The specified value will be included in audience (aud) field of the token. If there are existing audiences in the token, the specified value is just added to them. It won't override existing audiences." - } - } - }, - "name-id-format": "Name ID Format", - "mapper": { - "nameid": { - "format": { - "tooltip": "Name ID Format using Mapper" - } - } - }, - "client-scopes-condition": { - "label": "Expected Scopes", - "tooltip": "The list of expected client scopes. Condition evaluates to true if specified client request matches some of the client scopes. It depends also whether it should be default or optional client scope based on the 'Scope Type' configured." - }, - "client-accesstype": { - "label": "Client Access Type", - "tooltip": "Access Type of the client, for which the condition will be applied. Confidential client has enabled client authentication when public client has disabled client authentication. Bearer-only is a deprecated client type." - }, - "client-roles": { - "label": "Client Roles" - }, - "client-roles-condition": { - "tooltip": "Client roles, which will be checked during this condition evaluation. Condition evaluates to true if client has at least one client role with the name as the client roles specified in the configuration." - }, - "client-updater-source-groups": { - "label": "Groups", - "tooltip": "Name of groups to check. Condition evaluates to true if the entity, who creates/updates client is member of some of the specified groups. Configured groups are specified by their simple name, which must match to the name of the Keycloak group. No support for group hierarchy is used here." - }, - "client-updater-trusted-hosts": { - "label": "Trusted hosts", - "tooltip": "List of Hosts, which are trusted. In case that client registration/update request comes from the host/domain specified in this configuration, condition evaluates to true. You can use hostnames or IP addresses. If you use star at the beginning (for example '*.example.com' ) then whole domain example.com will be trusted." - }, - "client-updater-source-roles": { - "label": "Updating entity role", - "tooltip": "The condition is checked during client registration/update requests and it evaluates to true if the entity (usually user), who is creating/updating client is member of the specified role. For reference the realm role, you can use the realm role name like 'my_realm_role' . For reference client role, you can use the client_id.role_name for example 'my_client.my_client_role' will refer to client role 'my_client_role' of client 'my_client'." - }, - "allowed-client-scopes": { - "label": "Allowed Client Scopes", - "tooltip": "Whitelist of the client scopes, which can be used on a newly registered client. Attempt to register client with some client scope, which is not whitelisted, will be rejected. By default, the whitelist is either empty or contains just realm default client scopes (based on 'Allow Default Scopes' configuration property)" - }, - "allow-default-scopes": { - "label": "Allow Default Scopes", - "tooltip": "If on, newly registered clients will be allowed to have client scopes mentioned in realm default client scopes or realm optional client scopes" - }, - "allowed-protocol-mappers": { - "label": "Allowed Protocol Mappers", - "tooltip": "Whitelist of allowed protocol mapper providers. If there is an attempt to register client, which contains some protocol mappers, which were not whitelisted, registration request will be rejected." - }, - "max-clients": { - "label": "Max Clients Per Realm", - "tooltip": "It will not be allowed to register a new client if count of existing clients in realm is same or bigger than the configured limit." - }, - "trusted-hosts": { - "label": "Trusted Hosts", - "tooltip": "List of Hosts, which are trusted and are allowed to invoke Client Registration Service and/or be used as values of Client URIs. You can use hostnames or IP addresses. If you use star at the beginning (for example '*.example.com' ) then whole domain example.com will be trusted." - }, - "host-sending-registration-request-must-match": { - "label": "Host Sending Client Registration Request Must Match", - "tooltip": "If on, any request to Client Registration Service is allowed just if it was sent from some trusted host or domain." - }, - "client-uris-must-match": { - "label": "Client URIs Must Match", - "tooltip": "If on, all Client URIs (Redirect URIs and others) are allowed just if they match some trusted host or domain." - }, - "clientScopeType": { - "default": "Default", - "optional": "Optional", - "none": "None" - }, - "createIdentityProviderSuccess": "Identity provider successfully created", - "createIdentityProviderError": "Could not create the identity provider: {{error}}", - "createClientError": "Could not create client: '{{error}}'", - "createClientSuccess": "Client created successfully", - "createClientScopeSuccess": "Client scope created", - "createClientScopeError": "Could not create client scope: '{{error}}'", - "createUserProviderSuccess": "User federation provider successfully created", - "createUserProviderError": "User federation provider could not be created: {{error}}", - "flowNameHelp": "Help text for the name of the new flow", - "flowDescriptionHelp": "Help text for the description of the new flow", - "flowNameDescriptionHelp": "Help text for the name description of the new flow", - "noRoles-clientScopes": "No roles for this client scope", - "noRolesInstructions-clientScopes": "You haven't created any roles for this client scope. Create a role to get started.", - "noRoles-user": "No roles for this user", - "noRolesInstructions-user": "You haven't assigned any roles to this user. Assign a role to get started.", - "noRoles-client": "No roles for this client", - "noRolesInstructions-client": "You haven't created any roles for this client. Create a role to get started.", - "noRoles-groups": "No roles for this group", - "noRolesInstructions-groups": "You haven't created any roles for this group. Create a role to get started.", - "noRoles-roles": "No roles in this realm", - "noRolesInstructions-roles": "You haven't created any roles in this realm. Create a role to get started.", - "userRoleMappingUpdatedSuccess": "User role mapping successfully updated", - "realmNameField": "Realm name", - "searchForClientScope": "Search for client scope", - "searchForRoles": "Search role by name", - "titleAuthentication": "Authentication", - "titleEvents": "Events", - "titleRoles": "Realm roles", - "titleUsers": "Users", - "titleSessions": "Sessions", - "deleteConfirmClientScopes": "Are you sure you want to delete this client scope", - "deleteConfirmUsers": "Delete user?", - "deleteConfirmGroup_one": "Are you sure you want to delete this group '{{groupName}}'.", - "deleteConfirmGroup_other": "Are you sure you want to delete these groups.", - "deleteConfirmIdentityProvider": "Are you sure you want to permanently delete the provider '{{provider}}'?", - "deleteConfirmRealmSetting": "If you delete this realm, all associated data will be removed.", - "whoWillAppearLinkTextRoles": "Who will appear in this user list?", - "whoWillAppearLinkTextUsers": "Who will appear in this group list?", - "whoWillAppearPopoverTextRoles": "This tab shows only the users who are assigned directly to this role. To see users who are assigned this role as an associated role or through a group, go to", - "whoWillAppearPopoverTextUsers": "Groups are hierarchical. When you select Direct Membership, you see only the child group that the user joined. Ancestor groups are not included.", - "deletedSuccessClientScope": "The client scope has been deleted", - "deletedSuccessIdentityProvider": "Provider successfully deleted.", - "deletedSuccessRealmSetting": "The realm has been deleted", - "deletedErrorClientScope": "Could not delete client scope: {{error}}", - "deletedErrorIdentityProvider": "Could not delete the provider {{error}}", - "deletedErrorRealmSetting": "Could not delete realm: {{error}}", - "realmSaveSuccess": "Realm successfully updated", - "userProviderSaveSuccess": "User federation provider successfully saved", - "realmSaveError": "Realm could not be updated: {{error}}", - "userProviderSaveError": "User federation provider could not be saved: {{error}}", - "validateAttributeName": "Attribute configuration without name is not allowed.", - "disableConfirmIdentityProvider": "Are you sure you want to disable the provider '{{provider}}'", - "disableConfirmRealm": "User and clients can't access the realm if it's disabled. Are you sure you want to continue?", - "updateSuccessClientScope": "Client scope updated", - "updateErrorClientScope": "Could not update client scope: '{{error}}'", - "updateSuccessIdentityProvider": "Provider successfully updated", - "updateErrorIdentityProvider": "Could not update the provider {{error}}", - "orderChangeSuccessUserFed": "Successfully changed the priority order of user federation providers", - "orderChangeErrorUserFed": "Could not change the priority order of user federation providers {{error}}", - "disableNonceHelp": "Do not send the nonce parameter in the authentication request. The nonce parameter is sent and verified by default.", - "disableNonce": "Disable nonce", - "authenticationAliasHelp": "Name of the configuration", - "authenticationFlowTypeHelp": "What kind of form is it", - "authenticationCreateFlowHelp": "Create flow", - "clientScopesRolesScope": "If there is no role scope mapping defined, each user is permitted to use this client scope. If there are role scope mappings defined, the user must be a member of at least one of the roles.", - "scopeNameHelp": "Name of the client scope. Must be unique in the realm. Name should not contain space characters as it is used as value of scope parameter", - "scopeDescriptionHelp": "Description of the client scope", - "clientScopeTypes": { - "default": "Default", - "optional": "Optional", - "none": "None" - }, - "realmNameTitle": "{{name}} realm", - "scopeTypeHelp": "Client scopes, which will be added as default scopes to each created client", - "clientDescriptionHelp": "Specifies description of the client. For example 'My Client for TimeSheets'. Supports keys for localized values as well. For example: ${my_client_description}", - "clientsClientTypeHelp": "'OpenID Connect' allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server.'SAML' enables web-based authentication and authorization scenarios including cross-domain single sign-on (SSO) and uses security tokens containing assertions to pass information.", - "clientsClientScopesHelp": "The scopes associated with this resource." -} diff --git a/js/apps/admin-ui/public/locales/es/translation.json b/js/apps/admin-ui/public/locales/es/translation.json deleted file mode 100644 index 8d2a314d9d..0000000000 --- a/js/apps/admin-ui/public/locales/es/translation.json +++ /dev/null @@ -1,315 +0,0 @@ -{ - "create": "Crear", - "save": "Guardar", - "key": "Clave", - "export": "Exportar", - "download": "Descargar", - "clear": "Limpiar", - "on": "Activado", - "edit": "Editar", - "enabled": "Habilitado", - "none": "ninguno", - "description": "Descripción", - "type": "Tipo", - "category": "Categoría", - "clients": "Clientes", - "realmRoles": "Roles de dominio", - "sessions": "Sesiones", - "mappers": "Asignadores", - "identityProviders": "Proveedores de identidad", - "settings": "Ajustes", - "times": { - "seconds": "Segundos", - "minutes": "Minutos", - "hours": "Horas", - "days": "Días" - }, - "credentials": "Credenciales", - "clientId": "ID Cliente", - "clientName": "Nombre", - "id": "ID", - "mapperType": "Tipo de asignador", - "password": "Contraseña", - "protocol": "Protocolo", - "importClient": "Importar Cliente", - "webOrigins": "Orígenes web", - "adminURL": "URL de administración", - "formatOption": "Formato", - "encryptAssertions": "Cifrar afirmaciones", - "clientSignature": "Firma de Cliente requerida", - "roles": "Roles", - "fullScopeAllowed": "Permitir todos los ámbitos", - "kc": { - "realm": { - "name": "Dominio" - } - }, - "user": "Usuario", - "clientList": "Clientes", - "frontchannelLogout": "Desonexión en primer plano (Front Channel)", - "rootUrl": "URL raíz", - "validRedirectUri": "URIs de redirección válidas", - "idpInitiatedSsoRelayState": "Estado de retransmisión de un SSO iniciado por el IDP", - "masterSamlProcessingUrl": "URL principal de procesamiento SAML", - "nameIdFormat": "Formato de NameID", - "forceNameIdFormat": "Forzar formato NameID", - "forcePostBinding": "Forzar enlaces POST", - "includeAuthnStatement": "Incluir AuthnStatement", - "signDocuments": "Firmar documentos", - "signAssertions": "Firmar aserciones", - "canonicalization": "Método de canonicalización", - "loginTheme": "Tema de inicio de sesión", - "clientAuthenticator": "Cliente autenticador", - "clientSecret": "Secreto de Cliente", - "revocation": "Revocación", - "clustering": "Clustering", - "notBefore": "No antes de", - "setToNow": "Fijar a ahora", - "addNode": "Añadir Nodo", - "push": "Push", - "nodeReRegistrationTimeout": "Tiempo de espera de re-registro de nodo", - "registeredClusterNodes": "Registrar nodos de cluster", - "nodeHost": "Host del nodo", - "lastRegistration": "Último registro", - "testClusterAvailability": "Probar disponibilidad del cluster", - "registerNodeManually": "Registrar nodo manualmente", - "fineGrainSamlEndpointConfig": "Fine Grain SAML Endpoint Configuration", - "assertionConsumerServicePostBindingURL": "Assertion Consumer Service POST Binding URL", - "assertionConsumerServiceRedirectBindingURL": "Assertion Consumer Service Redirect Binding URL", - "logoutServicePostBindingURL": "URL de enlace SAML POST para la desconexión", - "logoutServiceRedirectBindingURL": "URL de enlace SAML de redirección para la desconexión", - "accessTokenLifespan": "Duración del token de acceso", - "certificate": "Certificado", - "generateNewKeys": "Generar nuevas claves", - "archiveFormat": "Formato de Archivo", - "keyAlias": "Alias de clave", - "keyPassword": "Contraseña de la clave", - "storePassword": "Contraseña del almacén", - "importFile": "Archivo de Importación", - "clientType": "''OpenID connect'' permite a los clientes verificar la identidad del usuario final basado en la autenticación realizada por un servidor de autorización. ''SAML'' habilita la autenticación y autorización de escenarios basados en web incluyendo cross-domain y single sign-on (SSO) y utiliza tokens de seguridad que contienen afirmaciones para pasar información.", - "serviceAccount": "Permitir autenticar este cliente contra Keycloak y recibir un token de acceso dedicado para este cliente.", - "rootURL": "URL raíz añadida a las URLs relativas", - "validRedirectURIs": "Patrón de URI válida para la cual un navegador puede solicitar la redirección tras un inicio o cierre de sesión completado. Se permiten comodines simples p.ej. ''http://example.com/*''. También se pueden indicar rutas relativas p.ej. ''/my/relative/path/*''. Las rutas relativas generarán una URI de redirección usando el host y puerto de la petición. Para SAML, se deben fijar patrones de URI válidos si quieres confiar en la URL del servicio del consumidor indicada en la petición de inicio de sesión.", - "nameIdFormatHelp": "El formato de NameID que se usará para el título", - "forceNameIdFormatHelp": "Ignorar la petición de sujeto NameID y usar la configurada en la consola de administración.", - "forcePostBindingHelp": "Usar siempre POST para las respuestas", - "includeAuthnStatementHelp": "¿Debería incluirse una declaración especificando el método y la marca de tiempo en la respuesta de inicio de sesión?", - "signDocumentsHelp": "¿Debería el dominio firmar los documentos SAML?", - "signAssertionsHelp": "¿Deberían firmarse las aserciones en documentos SAML? Este ajuste no es necesario si el documento ya está siendo firmado.", - "signatureAlgorithm": "El algoritmo de firma usado para firmar los documentos.", - "canonicalizationHelp": "Método de canonicalización para las firmas XML", - "webOriginsHelp": "Orígenes CORS permitidos. Para permitir todos los orígenes de URIs de redirección válidas añade ''+''. Para permitir todos los orígenes añade ''*''.", - "homeURL": "URL por defecto para usar cuando el servidor de autorización necesita redirigir o enviar de vuelta al cliente.", - "adminURLHelp": "URL a la interfaz de administración del cliente. Fija este valor si el cliente soporta el adaptador de REST. Esta API REST permite al servidor de autenticación enviar al cliente políticas de revocación y otras tareas administrativas. Normalment se fija a la URL base del cliente.", - "clientIdHelp": "El identificador del cliente registrado con el proveedor de identidad.", - "clientNameHelp": "Indica el nombre visible del cliente. Por ejemplo ''My Client''. También soporta claves para valores localizados. Por ejemplo: ${my_client}", - "descriptionHelp": "Indica la descripción del cliente. Por ejemplo ''My Client for TimeSheets''. También soporta claves para valores localizados. Por ejemplo: ${my_client_description}", - "loginThemeHelp": "Selecciona el tema para las páginas de inicio de sesión, OTP, permisos, registro y recordatorio de contraseña.", - "encryptAssertionsHelp": "¿Deberían cifrarse las afirmaciones SAML con la clave pública del cliente usando AES?", - "clientSignatureHelp": "¿Firmará el cliente sus peticiones y respuestas SAML? ¿Y deberían ser validadas?", - "client-authenticator-type": "Cliente autenticador usado para autenticar este cliente contra el servidor Keycloak", - "nodeReRegistrationTimeoutHelp": "Indica el máximo intervalo de tiempo para que los nodos del cluster registrados se vuelvan a registrar. Si el nodo del cluster no envía una petición de re-registro a Keycloak dentro de este intervalo, será desregistrado de Keycloak", - "idpInitiatedSsoUrlName": "Nombre del fragmento de la URL para referenciar al cliente cuando quieres un SSO iniciado por el IDP. Dejando esto vacío deshabilita los SSO iniciados por el IDP. La URL referenciada desde el navegador será: {server-root}/realms/{realm}/protocol/saml/clients/{client-url-name}", - "idpInitiatedSsoRelayStateHelp": "Estado de retransmisión que quieres enviar con una petición SAML cuando se inicia un SSO iniciado por el IDP", - "masterSamlProcessingUrlHelp": "Si está configurada, esta URL se usará para cada enlace al proveedor del servicio del consumidor de aserciones y servicios de desconexión únicos. Puede ser sobreescrito de forma individual para cada enlace y servicio en el punto final de configuración fina de SAML.", - "accessTokenLifespanHelp": "Tiempo máximo antes de que un token de acceso expire. Se recomienda que este valor sea corto en relación al tiempo máximo de SSO", - "assertionConsumerServicePostBindingURLHelp": "SAML POST Binding URL for the client''s assertion consumer service (login responses). You can leave this blank if you do not have a URL for this binding.", - "logoutServicePostBindingURLHelp": "URL de enlace SAML POST para la desconexión única del cliente. Puedes dejar esto en blanco si estás usando un enlace distinto.", - "logoutServiceRedirectBindingURLHelp": "URL de enlace SAML de redirección para la desconexión única del cliente. Puedes dejar esto en blanco si estás usando un enlace distinto.", - "frontchannelLogoutHelp": "Cuando está activado, la desconexión require una redirección del navegador hacia el cliente. Cuando no está activado, el servidor realiza una invovación de desconexión en segundo plano.", - "certificateHelp": "Certificado de cliente para validar los JWT emitidos por este cliente y firmados con la clave privada del cliente de tu almacén de claves.", - "archiveFormatHelp": "Formato de archivo Java keystore o PKCS12", - "keyAliasHelp": "Alias del archivo de tu clave privada y certificado.", - "keyPasswordHelp": "Contraseña para acceder a la clave privada contenida en el archivo", - "storePasswordHelp": "Contraseña para acceder al archivo", - "consentRequired": "Si está habilitado, los usuarios tienen que consentir el acceso del cliente.", - "fullScopeAllowedHelp": "Permite deshabilitar todas las restricciones.", - "multiValued": "Indica si el atributo soporta múltiples valores. Si está habilitado, la lista de todos los valores de este atributo se fijará como reclamación. Si está deshabilitado, solo el primer valor será fijado como reclamación.", - "tokenClaimName": { - "label": "Nombre de reclamo del token", - "tooltip": "Nombre del reclamo a insertar en el token. Puede ser un nombre completo como ''address.street''. En este caso, se creará un objeto JSON anidado." - }, - "claimJsonType": "El tipo de JSON que debería ser usado para rellenar la petición de JSON en el token. long, int, boolean y String son valores válidos", - "protocolMapper": "Protocolo.", - "associatedRolesText": "Roles Asociados", - "title": "Sesiones", - "addRole": "Añadir rol", - "roleName": "Nombre de rol", - "composite": "Compuesto", - "userName": "Usuario", - "username": "Usuario", - "verifyEmail": "Verificar email", - "credentialType": "Tipo", - "hours": "Horas", - "minutes": "Minutos", - "seconds": "Segundos", - "lastAccess": "Último Acceso", - "realm": "Dominio", - "general": "General", - "login": "login", - "themes": "Temas", - "from": "De", - "host": "Host", - "port": "Puerto", - "enableSSL": "Habilitar SSL", - "enableStartTLS": "Habilitar StartTLS", - "providerId": "ID", - "provider": "Proveedor", - "userRegistration": "Registro de usuario", - "userRegistrationHelpText": "Habilitar/deshabilitar la página de registro. Un enlace para el registro se mostrará también en la página de inicio de sesión.", - "rememberMe": "Seguir conectado", - "rememberMeHelpText": "Muestra la casilla de selección en la página de inicio de sesión para permitir al usuario permanecer conectado entre reinicios del navegador hasta que la sesión expire.", - "registrationEmailAsUsername": "Email como nombre de usuario", - "editUsername": "Editar nombre de usuario", - "requireSsl": "Solicitar SSL", - "sslType": { - "all": "todas las peticiones", - "external": "peticiones externas", - "none": "ninguno" - }, - "accountTheme": "Tema de cuenta", - "adminTheme": "Tema de consola de administración", - "emailTheme": "Tema de email", - "SSOSessionIdle": "Sesiones SSO inactivas", - "SSOSessionMax": "Tiempo máximo sesión SSO", - "offlineSessionIdle": "Inactividad de sesión sin conexión", - "loginTimeout": "Tiempo máximo de desconexión", - "loginActionTimeout": "Tiempo máximo de acción en el inicio de sesión", - "revokeRefreshToken": "Revocar el token de actualización", - "clientLoginTimeout": "Tiempo máximo de autenticación", - "clientProfileDescription": "Descripción", - "tokens": "Tokens", - "supportedLocales": "Idiomas soportados", - "defaultLocale": "Idioma por defecto", - "validatorDialogColNames": { - "colName": "Nombre de rol" - }, - "securityDefences": "Defensas de seguridad", - "headers": "Cabeceras", - "bruteForceDetection": "Detección de ataques por fuerza bruta", - "xFrameOptions": "X-Frame-Options", - "contentSecurityPolicy": "Content-Security-Policy", - "failureFactor": "Número máximo de fallos de inicio de sesión", - "waitIncrementSeconds": "Incremento de espera", - "maxFailureWaitSeconds": "Espera máxima", - "maxDeltaTimeSeconds": "Reinicio del contador de errores", - "minimumQuickLoginWaitSeconds": "Tiempo mínimo entre fallos de conexión rápidos", - "requireSslHelp": "¿Es HTTP obligatorio? ''ninguna'' significa que HTTPS no es obligatorio para ninguna direcicón IP de cliente, ''peticiones externas'' indica que localhost y las direcciones IP privadas pueden acceder sin HTTPS, ''todas las peticiones'' significa que HTTPS es obligatorio para todas las direcciones IP.", - "accountThemeHelp": "Selecciona el tema para las páginas de gestión de la cuenta de usuario.", - "adminThemeHelp": "Selecciona el tema para la consola de administración.", - "emailThemeHelp": "Selecciona el tema para los emails que son enviados por el servidor.", - "failureFactorHelp": "Indica cuantos fallos se permiten antes de que se dispare una espera.", - "waitIncrementSecondsHelp": "Cuando se ha alcanzado el umbral de fallo, ¿cuanto tiempo debe estar un usuario bloqueado?", - "maxFailureWaitSecondsHelp": "Tiempo máximo que un usuario quedará bloqueado.", - "maxDeltaTimeSecondsHelp": "¿Cuando se debe reiniciar el contador de errores?", - "quickLoginCheckMilliSeconds": "Si ocurren errores de forma concurrente y muy rápida, bloquear al usuario.", - "minimumQuickLoginWaitSecondsHelp": "Cuanto tiempo se debe esperar tras un fallo en un intento rápido de identificación", - "ssoSessionIdle": "Tiempo máximo que una sesión puede estar inactiva antes de que expire. Los tokens y sesiones de navegador son invalidadas cuando la sesión expira.", - "ssoSessionMax": "Tiempo máximo antes de que una sesión expire. Los tokens y sesiones de navegador son invalidados cuando una sesión expira.", - "offlineSessionIdleHelp": "Tiempo máximo inactivo de una sesión sin conexión antes de que expire. Necesitas usar un token sin conexión para refrescar al menos una vez dentro de este periodo, en otro caso la sesión sin conexión expirará.", - "revokeRefreshTokenHelp": "Si está activado los tokens de actualización solo pueden usarse una vez. En otro caso los tokens de actualización no se revocan cuando se utilizan y pueden ser usado múltiples veces.", - "clientLoginTimeoutHelp": "Tiempo máximo que un cliente tiene para finalizar el protocolo de obtención del token de acceso. Debería ser normalmente del orden de 1 minuto.", - "editUsernameHelp": "Si está habilitado, el nombre de usuario es editable, en otro caso es de solo lectura.", - "attestationPreference": { - "none": "ninguno" - }, - "alias": "Alias", - "enableStartTls": "Habilitar StartTLS", - "trustEmail": "Confiar en el email", - "selectRole": { - "label": "Selecciona rol", - "tooltip": "Introduce el rol en la caja de texto de la izquierda, o haz clic en este botón para navegar y buscar el rol que quieres." - }, - "trustEmailHelp": "Si está habilitado, el email recibido de este proveedor no se verificará aunque la verificación esté habilitada para el dominio.", - "addIdPMapper": "Añadir asignador de proveedor de identidad", - "redirectURI": "URI de redirección", - "ssoServiceUrl": "URL de servicio de conexión único (SSO)", - "singleLogoutServiceUrl": "URL de servicio de desconexión único", - "nameIdPolicyFormat": "Formato de política NameID", - "unspecified": "no especificado", - "httpPostBindingResponse": "HTTP-POST enlace de respuesta", - "httpPostBindingAuthnRequest": "HTTP-POST para AuthnRequest", - "wantAuthnRequestsSigned": "Firmar AuthnRequests", - "forceAuthentication": "Forzar autenticación", - "validatingX509Certs": "Validando certificado X509", - "authorizationUrl": "URL de autorización", - "tokenUrl": "Token URL", - "logoutUrl": "URL de desconexión", - "backchannelLogout": "Backchannel Logout", - "userInfoUrl": "URL de información de usuario", - "issuer": "Emisor", - "prompt": "Prompt", - "prompts": { - "none": "ninguno", - "consent": "consentimiento", - "login": "login" - }, - "validateSignature": "Validar firmas", - "storeTokens": "Almacenar tokens", - "storedTokensReadable": "Tokens almacenados legibles", - "userAttribute": "Atributo de usuario", - "redirectURIHelp": "La URI de redirección usada para configurar el proveedor de identidad.", - "aliasHelp": "El alias que identifica de forma única un proveedor de identidad, se usa también para construir la URI de redirección.", - "clientSecretHelp": "El secreto del cliente registrado con el proveedor de identidad.", - "discoveryEndpoint": "Importar metadatos desde un descriptor de un proveedor de identidad (IDP) remoto.", - "importConfig": "Importar metadatos desde un descriptor de un proveedor de identidad (IDP) descargado.", - "logoutUrlHelp": "Punto de cierre de sesión para usar en la desconexión de usuarios desde un proveedor de identidad (IDP) externo.", - "backchannelLogoutHelp": "Does the external IDP support backchannel logout?", - "userInfoUrlHelp": "La URL de información de usuario. Opcional.", - "issuerHelp": "El identificador del emisor para el emisor de la respuesta. Si no se indica, no se realizará ninguna validación.", - "scopes": "Los ámbitos que se enviarán cuando se solicite autorización. Puede ser una lista de ámbitos separados por espacios. El valor por defecto es ''openid''.", - "validateSignatureHelp": "Habilitar/deshabilitar la validación de firmas de proveedores de identidad (IDP) externos", - "storeTokensHelp": "Habilitar/deshabilitar si los tokens deben ser almacenados después de autenticar a los usuarios.", - "storedTokensReadableHelp": "Habilitar/deshabilitar si los nuevos usuarios pueden leer los tokens almacenados. Esto asigna el rol ''broker.read-token''.", - "useEntityDescriptor": "Importar metadatos desde un descriptor de entidad remoto de un IDP de SAML", - "samlEntityDescriptor": "Te permite cargar metadatos de un proveedor de identidad (IDP) externo de un archivo de coniguración o descargarlo desde una URL.", - "ssoServiceUrlHelp": "La URL que debe ser usada para enviar peticiones de autenticación (SAML AuthnRequest).", - "singleLogoutServiceUrlHelp": "La URL que debe usarse para enviar peticiones de desconexión.", - "httpPostBindingAuthnRequestHelp": "Indica si AuthnRequest debe ser enviada usando HTTP-POST. Si no está activado se hace HTTP-REDIRECT.", - "wantAuthnRequestsSignedHelp": "Indica si el proveedor de identidad espera recibir firmadas las AuthnRequest.", - "forceAuthenticationHelp": "Indica si el proveedor de identidad debe autenticar al presentar directamente las credenciales en lugar de depender de un contexto de seguridad previo.", - "validateSignatures": "Habilitar/deshabilitar la validación de firma en respuestas SAML.", - "validatingX509CertsHelp": "El certificado en formato PEM que debe usarse para comprobar las firmas.", - "addIdpMapperName": "Nombre del asignador.", - "usermodel": { - "prop": { - "label": "Propiedad", - "tooltip": "Nombre del método de propiedad en la interfaz UserModel. Por ejemplo, un valor de ''email'' referenciaría al método UserModel.getEmail()." - }, - "attr": { - "label": "Atributo de usuario", - "tooltip": "Nombre del atributo de usuario almacenado que es el nombre del atributo dentro del map UserModel.attribute." - }, - "clientRoleMapping": { - "clientId": { - "label": "ID Cliente" - } - } - }, - "userSession": { - "modelNote": { - "label": "Nota sesión usuario", - "tooltip": "Nombre de la nota almacenada en la sesión de usuario dentro del mapa UserSessionModel.note" - } - }, - "multivalued": { - "label": "Valores múltiples", - "tooltip": "Indica si el atributo soporta múltiples valores. Si está habilitado, la lista de todos los valores de este atributo se fijará como reclamación. Si está deshabilitado, solo el primer valor será fijado como reclamación." - }, - "jsonType": { - "label": "Tipo JSON de reclamación", - "tooltip": "El tipo de JSON que debería ser usado para rellenar la petición de JSON en el token. long, int, boolean y String son valores válidos" - }, - "includeInIdToken": { - "label": "Añadir al token de ID" - }, - "includeInAccessToken": { - "label": "Añadir al token de acceso", - "tooltip": "¿Debería añadirse la identidad reclamada al token de acceso?" - }, - "name-id-format": "Formato de NameID", - "titleRoles": "Roles de dominio", - "titleSessions": "Sesiones", - "clientDescriptionHelp": "Indica la descripción del cliente. Por ejemplo ''My Client for TimeSheets''. También soporta claves para valores localizados. Por ejemplo: ${my_client_description}", - "clientsClientTypeHelp": "''OpenID connect'' permite a los clientes verificar la identidad del usuario final basado en la autenticación realizada por un servidor de autorización. ''SAML'' habilita la autenticación y autorización de escenarios basados en web incluyendo cross-domain y single sign-on (SSO) y utiliza tokens de seguridad que contienen afirmaciones para pasar información." -} diff --git a/js/apps/admin-ui/public/locales/fr/translation.json b/js/apps/admin-ui/public/locales/fr/translation.json deleted file mode 100644 index 8b52ed0ab0..0000000000 --- a/js/apps/admin-ui/public/locales/fr/translation.json +++ /dev/null @@ -1,102 +0,0 @@ -{ - "add": "Ajouter", - "save": "Sauver", - "clear": "Effacer", - "enabled": "Actif", - "manage": "Gérer", - "clients": "Clients", - "sessions": "Sessions", - "events": "Évènements", - "configure": "Configurer", - "realmSettings": "Configurations du domaine", - "authentication": "Authentification", - "userFederation": "Regroupement Utilisateur", - "times": { - "seconds": "Secondes", - "minutes": "Minutes", - "hours": "Heures", - "days": "Jours" - }, - "password": "Mot de passe", - "clientList": "Clients", - "loginTheme": "Thème de connexion", - "revocation": "Révocation", - "notBefore": "Pas avant", - "setToNow": "Mettre à maintenant", - "push": "Appuyer", - "accessTokenLifespan": "Durée de vie du jeton d''accès", - "certificate": "Certificat", - "loginThemeHelp": "Sélectionnez le thème pour les pages de connexion, de mot de passe à usage unique basé sur le temps, des droits, de l''enregistrement, et du mot passe oublié.", - "accessTokenLifespanHelp": "Durée maximale avant que le jeton d''accès n''expire. Cette valeur devrait être relativement plus petite que la durée d''inactivité (timeout) du SSO.", - "userName": "Nom de l''utilisateur", - "impersonate": "Usurper l''identité", - "username": "Nom de l''utilisateur", - "verifyEmail": "Vérification du courriel", - "hours": "Heures", - "minutes": "Minutes", - "seconds": "Secondes", - "title": "Authentification", - "general": "Général", - "themes": "Thèmes", - "from": "De", - "host": "Hôte", - "port": "Port", - "enableSSL": "Activer SSL/TLS", - "enableStartTLS": "Activer StartTLS", - "userRegistration": "Enregistrement d''utilisateur", - "userRegistrationHelpText": "Activer/désactiver la page d''enregistrement. Un lien pour l''enregistrement sera visible sur la page de connexion.", - "rememberMe": "Se souvenir de moi", - "rememberMeHelpText": "Affiche une case à cocher sur la page de connexion pour permettre aux utilisateurs de rester connectés entre deux redémarrages de leur navigateur, jusqu''à expiration de la session.", - "registrationEmailAsUsername": "Courriel comme nom d''utilisateur", - "loginWithEmail": "Authentification avec courriel", - "loginWithEmailHelpText": "Autorise l''utilisateur à s''authentifier avec son adresse de courriel.", - "duplicateEmails": "Doublon courriel", - "duplicateEmailsHelpText": "Autorise plusieurs utilisateurs à avoir la même adresse de courriel. Changer cette configuration va vider le cache. Il est recommandé de mettre à jour manuellement les contraintes sur le courriel dans la base de données après la désactivation du support des doublons.", - "editUsername": "Éditez le nom de l''utilisateur", - "htmlDisplayName": "HTML Display name", - "requireSsl": "SSL requis", - "sslType": { - "all": "toutes les requêtes", - "external": "les requêtes externes" - }, - "endpoints": "Endpoints", - "accountTheme": "Thème du compte", - "adminTheme": "Thème de la UI d''administration", - "emailTheme": "Thème pour le courriel", - "SSOSessionIdle": "Sessions SSO inactives", - "SSOSessionMax": "Maximum de sessions SSO", - "loginTimeout": "Durée d''inactivité de connexion", - "loginActionTimeout": "Durée d''inactivité des actions de connexions", - "clientLoginTimeout": "Durée d''inactivité de connexion (timeout)", - "tokens": "Jetons", - "supportedLocales": "Locales supportées", - "defaultLocale": "Locale par défaut", - "securityDefences": "Mesures de sécurité", - "headers": "En-têtes", - "bruteForceDetection": "Détection des attaques par force brute", - "xFrameOptions": "X-Frame-Options", - "contentSecurityPolicy": "Content-Security-Policy", - "failureFactor": "Nombre maximal d''erreurs de connexion", - "waitIncrementSeconds": "Temps d''attente", - "maxFailureWaitSeconds": "Durée maximale d''attente", - "maxDeltaTimeSeconds": "Durée de remise à zéro des erreurs", - "minimumQuickLoginWaitSeconds": "Durée minimale d''attente entre deux connexions", - "requireSslHelp": "Niveau d''exigence HTTPS : ''aucun'' signifie que le HTTPS n''est requis pour aucune adresse IP cliente. ''les requêtes externes'' signifie que localhost et les adresses IP privées peuvent accéder sans HTTPS. ''toutes les requêtes'' signifie que le protocole HTTPS est obligatoire pour toutes les adresses IP.", - "accountThemeHelp": "Sélectionnez le thème pour la gestion des comptes.", - "adminThemeHelp": "Sélectionnez le thème de la UI d''administration.", - "emailThemeHelp": "Sélectionnez le thème pour les courriels envoyées par le serveur.", - "failureFactorHelp": "Nombre d''erreurs avant de déclencher le temps d''attente.", - "waitIncrementSecondsHelp": "Quand le seuil des erreurs est atteint, combien de temps l''utilisateur est-il bloqué ?", - "maxFailureWaitSecondsHelp": "Durée maximale de blocage du compte utilisateur", - "maxDeltaTimeSecondsHelp": "Quand les erreurs sont-elles remises à zéro ?", - "quickLoginCheckMilliSeconds": "Si une erreur apparait trop rapidement, bloquer le compte utilisateur.", - "minimumQuickLoginWaitSecondsHelp": "Durée d''attente demandée après une erreur entre deux connexions.", - "ssoSessionIdle": "Temps d''inactivité autorisé avant expiration de la session. Les jetons et les sessions navigateurs sont invalidées quand la session expire.", - "ssoSessionMax": "Durée maximale avant que la session n''expire. Les jetons et les sessions navigateurs sont invalidées quand la session expire.", - "clientLoginTimeoutHelp": "Durée maximale qu''a un client pour finir le protocole du jeton d''accès. Devrait être de l''ordre de la minute (1 min).", - "editUsernameHelp": "Si actif, le champ du nom de l''utilisateur est modifiable.", - "enableStartTls": "Activer StartTLS", - "titleAuthentication": "Authentification", - "titleEvents": "Évènements", - "titleSessions": "Sessions" -} diff --git a/js/apps/admin-ui/public/locales/it/translation.json b/js/apps/admin-ui/public/locales/it/translation.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/it/translation.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/ja/translation.json b/js/apps/admin-ui/public/locales/ja/translation.json deleted file mode 100644 index 3757d93505..0000000000 --- a/js/apps/admin-ui/public/locales/ja/translation.json +++ /dev/null @@ -1,938 +0,0 @@ -{ - "add": "追加", - "create": "作成", - "save": "保存", - "continue": "続ける", - "remove": "削除", - "key": "キー", - "value": "値", - "next": "次へ", - "back": "戻る", - "export": "エクスポート", - "action": "アクション", - "download": "ダウンロード", - "clear": "クリア", - "on": "オン", - "off": "オフ", - "edit": "編集", - "enabled": "有効", - "disabled": "無効", - "disable": "無効", - "none": "none", - "signOut": "サインアウト", - "manageAccount": "アカウントの管理", - "serverInfo": "サーバー情報", - "testConnection": "接続テスト", - "description": "説明", - "type": "タイプ", - "category": "カテゴリー", - "priority": "優先度", - "clientScope": { - "default": "DEFAULT" - }, - "allTypes": "すべてのタイプ", - "manage": "管理", - "clients": "クライアント", - "clientScopes": "クライアント・スコープ", - "realmRoles": "レルムロール", - "users": "ユーザー", - "sessions": "セッション", - "events": "イベント", - "mappers": "マッパー", - "permissions": "パーミッション", - "usersPermissionsHint": "レルム内のすべてのユーザーを管理するきめ細かいパーミッション。レルム内のユーザーを管理できるユーザーには、さまざまなポリシーを定義できます。", - "clientsPermissionsHint": "このクライアントを管理したり、このクライアントによって定義されたロールを適用したりする管理者のきめ細かいパーミッションです。", - "permissionsEnabled": "パーミッションが有効", - "scopePermissions": { - "clients": { - "manage-description": "管理者がこのクライアントを管理できるかどうかを決定するポリシー", - "view-description": "管理者がこのクライアントを表示できるかどうかを決定するポリシー", - "map-roles-description": "管理者がこのクライアントによって定義されたロールをマップできるかどうかを決定するポリシー", - "map-roles-client-scope-description": "管理者がこのクライアントによって定義されたロールを別のクライアントのクライアント・スコープに適用できるかどうかを決定するポリシー", - "map-roles-composite-description": "管理者がこのクライアントによって定義されたロールをコンポジットとして別のロールに適用できるかどうかを決定するポリシー", - "token-exchange-description": "このクライアントを対象とするトークンのトークン交換を許可するクライアントを決定するポリシー。" - }, - "users": { - "view-description": "管理者がレルム内のすべてのユーザーを表示できるかどうかを決定するポリシー", - "manage-description": "管理者がレルム内のすべてのユーザーを管理できるかどうかを決定するポリシー", - "map-roles-description": "管理者がすべてのユーザーのロールをマップできるかどうかを決定するポリシー", - "manage-group-membership-description": "管理者がレルム内のすべてのユーザーのグループ・メンバーシップを管理できるかどうかを決定するポリシー。これは、特定のグループポリシーと組み合わせて使用??されます", - "impersonate-description": "管理者が他のユーザーを偽装できるかどうかを決定するポリシー", - "user-impersonated-description": "どのユーザーを偽装するかを決定するポリシー。これらのポリシーは、偽装されているユーザーに適用されます。" - } - }, - "configure": "設定", - "realmSettings": "レルムの設定", - "authentication": "認証", - "identityProviders": "アイデンティティー・プロバイダー", - "userFederation": "ユーザー・フェデレーション", - "settings": "設定", - "details": "詳細", - "Sunday": "日", - "Monday": "月", - "Tuesday": "火", - "Wednesday": "水", - "Thursday": "木", - "Friday": "金", - "Saturday": "土", - "times": { - "seconds": "秒", - "minutes": "分", - "hours": "時", - "days": "日" - }, - "attributes": "属性", - "credentials": "クレデンシャル", - "clientId": "クライアントID", - "clientName": "名前", - "id": "ID", - "mapperType": "マッパータイプ", - "leave": "外す", - "password": "パスワード", - "passwordConfirmation": "新しいパスワード(確認)", - "temporaryPassword": "一時的", - "temporaryPasswordHelpText": "有効の場合は、ユーザーは次のログイン時にパスワードの変更が必要となります。", - "profile": "プロファイル", - "disabledFeatures": "使用できない機能", - "protocol": "プロトコル", - "copy": "コピー", - "clientAuthorization": "認可", - "importClient": "クライアントのインポート", - "webOrigins": "Webオリジン", - "adminURL": "管理URL", - "formatOption": "フォーマット・オプション", - "encryptAssertions": "アサーションを暗号化する", - "clientSignature": "クライアント署名が必須", - "keys": "鍵", - "roles": "ロール", - "addClientScope": "クライアント・スコープの追加", - "fullScopeAllowed": "フルスコープを許可", - "setup": "セットアップ", - "selectAUser": "ユーザーを選択", - "client": "client", - "evaluate": "評価", - "reevaluate": "再評価", - "showAuthData": "認可データを表示", - "unanimous": "Unanimous", - "affirmative": "Affirmative", - "consensus": "Consensus", - "authScopes": "認可スコープ", - "anyResource": "任意のリソース", - "anyScope": "任意のスコープ", - "selectScope": "スコープを選択", - "applyToResourceType": "リソースタイプに適用", - "contextualInfo": "コンテキスト情報", - "contextualAttributes": "コンテキスト属性", - "kc": { - "realm": { - "name": "レルム" - } - }, - "policyEnforcementMode": "ポリシー施行モード", - "policyEnforcementModes": { - "ENFORCING": "実施", - "PERMISSIVE": "許容", - "DISABLED": "無効" - }, - "decisionStrategy": "決定戦略", - "iconUri": "アイコンURI", - "ownerManagedAccess": "User-Managed Accessの有効", - "allowRemoteResourceManagement": "リモートリソース管理", - "resources": "リソース", - "resource": "リソース", - "scope": "スコープ", - "owner": "オーナー", - "uris": "URI", - "scopes": "スコープ", - "policies": "ポリシー", - "createPermission": "パーミッションを作成", - "identityInformation": "アイデンティティー情報", - "resourceType": "リソースタイプ", - "createPolicy": "ポリシーを作成", - "applyPolicy": "ポリシーの適用", - "groupsClaim": "グループクレーム", - "month": "月", - "hour": "時", - "minute": "分", - "code": "コード", - "logic": "ロジック", - "logicType": { - "positive": "Positive", - "negative": "Negative" - }, - "scopeParameter": "スコープ・パラメーター", - "effectiveProtocolMappers": "有効なプロトコル・マッパー", - "effectiveRoleScopeMappings": "有効なロールスコープ・マッピング", - "generatedAccessToken": "生成されたアクセストークン", - "parentClientScope": "親クライアント・スコープ", - "user": "ユーザー", - "clientList": "クライアント", - "initialAccessToken": "初期アクセストークン", - "alwaysDisplayInUI": "常にコンソールに表示", - "created": "作成日", - "lastUpdated": "最終更新日", - "expires": "有効期限", - "count": "カウント", - "remainingCount": "残りのカウント", - "expiration": "有効期限", - "clientAuthentication": "クライアント認証", - "frontchannelLogout": "フロントチャンネル・ログアウト", - "rootUrl": "ルートURL", - "validRedirectUri": "有効なリダイレクトURI", - "idpInitiatedSsoRelayState": "IDP Initiated SSOのRelayState", - "masterSamlProcessingUrl": "SAMLを処理するマスターURL", - "nameIdFormat": "Name IDフォーマット", - "forceNameIdFormat": "Name IDフォーマットを強制", - "forcePostBinding": "POSTバインディングを強制", - "includeAuthnStatement": "AuthnStatementを含める", - "includeOneTimeUseCondition": "OneTimeUse条件を含める", - "optimizeLookup": "REDIRECT署名鍵検索の最適化", - "signDocuments": "ドキュメントを署名する", - "signAssertions": "アサーションを署名する", - "signatureKeyName": "SAML署名鍵名", - "canonicalization": "正規化方式", - "loginTheme": "ログインテーマ", - "clientAuthenticator": "クライアント認証", - "clientSecret": "クライアント・シークレット", - "selectMethodType": { - "import": "インポート" - }, - "registrationAccessToken": "登録用アクセストークン", - "subject": "サブジェクトDN", - "revocation": "無効化", - "clustering": "クラスタリング", - "notBefore": "この日時より前", - "setToNow": "現在日時を設定", - "addNode": "ノードを追加", - "push": "プッシュ", - "nodeReRegistrationTimeout": "ノード再登録のタイムアウト", - "registeredClusterNodes": "登録済みクラスターノード", - "nodeHost": "ノードホスト", - "lastRegistration": "最終登録", - "testClusterAvailability": "クラスターの可用性をテスト", - "registerNodeManually": "ノードを手動で登録", - "fineGrainOpenIdConnectConfiguration": "OpenID Connectの詳細設定", - "fineGrainSamlEndpointConfig": "SAMLエンドポイントの詳細設定", - "accessTokenSignatureAlgorithm": "アクセストークン署名アルゴリズム", - "idTokenSignatureAlgorithm": "IDトークン署名アルゴリズム", - "idTokenEncryptionKeyManagementAlgorithm": "IDトークン暗号化鍵管理アルゴリズム", - "idTokenEncryptionContentEncryptionAlgorithm": "IDトークン暗号化コンテンツの暗号化アルゴリズム", - "userInfoSignedResponseAlgorithm": "署名付きUserInfoレスポンスのアルゴリズム", - "requestObjectSignatureAlgorithm": "リクエスト・オブジェクトの署名アルゴリズム", - "requestObjectRequired": "リクエスト・オブジェクトが必要", - "excludeSessionStateFromAuthenticationResponse": "認証レスポンスからセッション状態を除外", - "assertionConsumerServicePostBindingURL": "アサーション・コンシューマー・サービスのPOSTバインディングURL", - "assertionConsumerServiceRedirectBindingURL": "アサーション・コンシューマー・サービスのRedirectバインディングURL", - "logoutServicePostBindingURL": "ログアウト・サービスのPOSTバインディングURL", - "logoutServiceRedirectBindingURL": "ログアウト・サービスのRedirectバインディングURL", - "assertionLifespan": "アサーションの有効期限", - "accessTokenLifespan": "アクセストークン生存期間", - "oAuthMutual": "OAuth 2.0相互TLS証明書バインド・アクセストークンが有効", - "keyForCodeExchange": "Proof Key for Code Exchangeのコードチャレンジ方式", - "authenticationOverrides": "認証フローのオーバーライド", - "browserFlow": "ブラウザーフロー", - "directGrant": "ダイレクト・グラント・フロー", - "useJwksUrl": "JWKS URLの使用", - "certificate": "証明書", - "jwksUrl": "JWKS URL", - "generateNewKeys": "新しい鍵を生成", - "archiveFormat": "アーカイブ形式", - "keyAlias": "キーエイリアス", - "keyPassword": "鍵のパスワード", - "storePassword": "ストアのパスワード", - "importFile": "ファイルをインポート", - "tokenLifespan": { - "expires": "有効期限" - }, - "clientType": "「OpenID Connect」により、クライアントは認可サーバーによって実行される認証に基づいてエンドユーザーのアイデンティティーを検証できます。「SAML」は、クロスドメインのシングル・サインオン(SSO)を含むWebベースの認証および認可のシナリオを可能にし、アサーションを含むセキュリティー・トークンを使用して情報を渡します。", - "serviceAccount": "このクライアントをKeycloakで認証し、このクライアント専用のアクセストークンの取得ができるようになります。OAuth2の仕様における「クライアント・クレデンシャル・グラント」のサポートを有効にします。", - "authorization": "きめ細かい認可のサポートを有効/無効にします。", - "directAccess": "ダイレクト・アクセス・グラントのサポートを有効にします。これは、アクセストークンの取得のためにKeycloakサーバーとユーザーのユーザー名/パスワードで直接アクセスを行います。OAuth2の仕様における「リソース・オーナー・パスワード・クレデンシャル・グラント」のサポートを有効にします。", - "standardFlow": "OpenID Connectの標準的な、認可コードによるリダイレクト・ベースの認証を有効にします。OpenID ConnectまたはOAuth2の仕様における「認可コードフロー」のサポートを有効にします。", - "implicitFlow": "OpenID Connectの認可コードなしのリダイレクト・ベース認証のサポートを有効にします。OpenID ConnectまたはOAuth2の仕様における「インプリシット・フロー」のサポートを有効にします。", - "rootURL": "相対URLに追加するルートURLを設定します。", - "validRedirectURIs": "ログインまたはログインの成功後にブラウザーがリダイレクト可能とする、有効なURIパターンを設定します。「http://example.com/*」のような単純なワイルドカードが使用可能です。相対パス、つまり「/my/relative/path/*」も指定可能です。相対パスはクライアントのルートURLを基準とします。または、未指定の場合は認証サーバーのルートURLが使用されます。SAMLでは、ログイン・リクエストに埋め込まれたコンシューマー・サービスのURLに依存している場合は、有効なURIパターンを設定する必要があります。", - "nameIdFormatHelp": "サブジェクトに使用するName IDフォーマットを設定します。", - "alwaysDisplayInUIHelp": "ユーザーのアクティブなセッションがない場合でも、このクライアントを常にアカウント・コンソールに一覧表示します。", - "forceNameIdFormatHelp": "要求されたNameIDサブジェクト・フォーマットを無視し、管理コンソールで設定された物を使用します。", - "forcePostBindingHelp": "レスポンスに常にPOSTバインディングを使用します。", - "includeAuthnStatementHelp": "認証方式とタイムスタンプを含めたステートメントをログイン・レスポンスに含めるべきか設定します。", - "includeOneTimeUseConditionHelp": "OneTimeUse条件をログイン・レスポンスに含めるべきか設定します。", - "optimizeLookupHelp": "Keycloakアダプターによって保護されたSPのREDIRECTバインディングでSAMLドキュメントに署名する際、署名鍵のIDを要素のSAMLプロトコルメッセージに含める必要があるかどうかを設定します。これにより、検証のために既知のすべてのキーを試行する代わりに単一のキーを使用するため、署名の検証が最適化されます。", - "signDocumentsHelp": "SAMLドキュメントをレルムで署名すべきか設定します。", - "signAssertionsHelp": "SAMLドキュメント内のアサーションを署名すべきか設定します。もしドキュメントが既に署名済みの場合は、この設定は不要です。", - "signatureAlgorithm": "ドキュメントの署名に使用する署名アルゴリズムです。", - "signatureKeyNameHelp": "署名されたSAML文書には、KeyName要素の署名鍵の識別情報が含まれています。Keycloak / RH-SSOカウンター・パーティーの場合は、KEY_IDを使用し、MS AD FSの場合はCERT_SUBJECTを使用します。他のオプションが動作しない場合はNONEをチェックして使用します。", - "canonicalizationHelp": "XML署名の正規化方式(Canonicalization Method)を設定します。", - "webOriginsHelp": "許可されるCORSオリジンを設定します。有効なリダイレクトURIのすべてのオリジンを許可するには「+」を追加してください。ただし、これには「*」ワイルドカードは含まれません。すべてのオリジンを許可するには、明示的に「*」を追加してください。", - "homeURL": "認証サーバーがクライアントへのリダイレクトまたは戻るリンクを必要とする際に使用するデフォルトURLを設定します。", - "adminURLHelp": "クライアントの管理インターフェイスのURLを設定します。クライアントがアダプターのREST APIをサポートしている場合に設定してください。このREST APIにより、認証サーバーは無効化ポリシーや他の管理タスクをプッシュすることができます。通常、クライアントのベースURLを設定します。", - "clientHelp": "認可リクエストを作成するクライアントを選択してください。提供されない場合は、認可リクエストは今いるページのクライアントで行われることになります。", - "clientIdHelp": "アイデンティティー・プロバイダーで登録されているクライアント識別子を設定します。", - "selectUser": "サーバーからパーミッションを検索するためにIDが使用されるユーザーを選択します。", - "rolesHelp": "選択されたユーザーに関連付けたいロールを選択してください。", - "contextualAttributesHelp": "実行環境や実行コンテキストによって提供される任意の属性を設定します。", - "applyToResourceTypeHelp": "このパーミッションが、特定タイプの全リソースに適用されるべきかどうかを指定します。この場合、パーミッションは特定リソースタイプの全インスタンスに対して評価されます。", - "resourcesHelp": "このパーミッションが適用されるリソース・インスタンスを指定します。", - "scopesSelect": "このパーミッションは1つまたは複数のスコープに適用されるように指定してください。", - "clientNameHelp": "クライアントの表示名を指定します。例えば、「My Client」です。ローカライズ用のキーもサポートしています。例: ${my_client}", - "descriptionHelp": "クライアント・スコープの説明", - "loginThemeHelp": "ログイン、OTP、グラント、登録、およびパスワード忘れに使用するページのテーマを選択します。", - "encryptAssertionsHelp": "SAMLアサーションをクライアントの公開鍵でAESを使い暗号化すべきか設定します。", - "clientSignatureHelp": "クライアントがSAMLリクエストとレスポンスを署名するか、そしてそれらを検証すべきどうかか設定します。", - "expirationHelp": "イベントの有効期限を設定します。期限切れのイベントはデータベースから定期的に削除されます。", - "countHelp": "このトークンを利用してクライアントをいくつ作成可能か指定します。", - "client-authenticator-type": "Keycloakサーバーに対してこのクライアントの認証に使用するクライアント認証方式を設定します。", - "registration-access-token": "登録用アクセストークンにより、クライアントはクライアント登録サービスにアクセスできます。", - "effectiveProtocolMappersHelp": "すべてのデフォルトのクライアント・スコープと選択されたオプションのスコープが含まれます。クライアントに発行されたアクセストークンを生成するときに、すべてのクライアント・スコープのすべてのプロトコル・マッパーとロールスコープのマッピングが使用されます", - "scopeParameterHelp": "このスコープ・パラメーターの値をコピー/ペーストし、このクライアント・アダプターから送信された最初のOpenID Connect認証リクエストで使用できます。このクライアントに発行されたトークンを生成するときは、デフォルトのクライアント・スコープと選択されたオプションのクライアント・スコープが使用されます", - "userHelp": "必要に応じて、サンプルのアクセストークンを生成するユーザーを選択します。ユーザーを選択しないと、評価中にサンプルのアクセストークンは生成されません", - "nodeReRegistrationTimeoutHelp": "登録されたクライアントをクラスターノードへ再登録する際の最大時間間隔を設定します。クラスターノードがこの時間内にKeycloakに再登録リクエストを送信しない場合は、Keycloakから登録解除されます。", - "accessTokenSignatureAlgorithmHelp": "アクセストークンの署名に使用されるJWAアルゴリズム。", - "idTokenSignatureAlgorithmHelp": "IDトークンの署名に使用されるJWAアルゴリズム。", - "idTokenEncryptionKeyManagementAlgorithmHelp": "IDトークンの暗号化鍵の管理に使用されるJWAアルゴリズム。このオプションは、暗号化されたIDトークンが必要な場合に必須です。空のままにすると、IDトークンは署名されますが、暗号化されません。", - "idTokenEncryptionContentEncryptionAlgorithmHelp": "IDトークンの暗号化の際に、コンテンツの暗号化に使用されるJWAアルゴリズム。このオプションは、暗号化されたIDトークンが必要な場合にのみ必須です。空のままにすると、IDトークンは署名されますが、暗号化されません。", - "userInfoSignedResponseAlgorithmHelp": "署名付きUserInfoエンドポイントのレスポンスに使用するJWAアルゴリズムを設定します。「unsigned」に設定した場合は、UserInfoレスポンスは署名されず、application/json形式で返されます。", - "requestObjectSignatureAlgorithmHelp": "クライアントが「request」または「request_uri」パラメーターで指定されたOIDCリクエスト・オブジェクトを送信する際に使用する必要がある、JWAアルゴリズムを設定します。「any」に設定した場合は、リクエスト・オブジェクトは任意のアルゴリズム(「none」を含む)で署名されます。", - "requestObjectRequiredHelp": "クライアントが認可リクエストとともにリクエスト・オブジェクトを提供する必要があるかどうか、およびそのためにどの方法を使用できるかを指定します。「not required」に設定されている場合、リクエスト・オブジェクトの提供はオプションです。それ以外のケースでは、リクエスト・オブジェクトを提供する必要があります。「request」に設定されている場合、リクエスト・オブジェクトは値で提供される必要があります。「request_uri」に設定されている場合、リクエスト・オブジェクトは参照によって提供される必要があります。「requestまたはrequest_uri」に設定されている場合、いずれの方法も使用できます。", - "idpInitiatedSsoUrlName": "IDP Initiated SSOを行う際にクライアントを参照するためのURLフラグメント名を設定します。空にするとIDP Initiated SSOは無効になります。ブラウザーから参照するURLは「{server-root}/realms/{realm}/protocol/saml/clients/{client-url-name}」になります。", - "idpInitiatedSsoRelayStateHelp": "IDP Initiated SSOを行う際のSAMLリクエストで送信したいRelayStateを設定します。", - "masterSamlProcessingUrlHelp": "設定された場合は、このURLがSPのアサーション・コンシューマーおよびシングル・ログアウト・サービスの両方のBindingに使われます。これは、SAMLエンドポイントの詳細設定にある各Bindingやサービスの設定にて個別に上書きすることができます。", - "excludeSessionStateFromAuthenticationResponseHelp": "これがオンの場合、パラメーター「session_state」はOpenID Connect認証レスポンスに含まれません。クライアントが「session_state」パラメーターをサポートしていない古いOIDC / OAuth2アダプターを使用している場合に便利です。", - "assertionLifespanHelp": "SAMLアサーション条件に設定された有効期限。その後、アサーションは無効になります。「SessionNotOnOrAfter」属性は変更されず、レルムレベルで定義された「SSOセッション最大」時間を引き続き使用します。", - "accessTokenLifespanHelp": "アクセストークンが有効期限切れとなる最大時間です。この値はSSOタイムアウトと比べて短くすることをお勧めします。", - "oAuthMutualHelp": "これにより、OAuth 2.0相互TLS証明書バインド・アクセストークンがサポートされます。つまり、Keycloakは、Keycloakのトークン・エンドポイントとこのクライアントの間で相互TLSにより交換されるクライアントのX.509証明書と、アクセストークンおよびリフレッシュ・トークンをバインドします。これらのトークンは、ベアラートークンの代わりにHolder-of-Keyトークンとして扱うことができます。", - "keyForCodeExchangeHelp": "PKCEのどのコードチャレンジ方式を使用するかを選択します。指定しない場合、Keycloakは、クライアントが適切なコードチャレンジとコード交換の方式で認可リクエストを送信しない限り、クライアントにPKCEを適用しません。", - "assertionConsumerServicePostBindingURLHelp": "アサーション・コンシューマー・サービス(ログイン・レスポンス)のSAML POSTバインディングURLを設定します。このBindingのためのURLがない場合は空でよいです。", - "assertionConsumerServiceRedirectBindingURLHelp": "アサーション・コンシューマー・サービス(ログイン・レスポンス)のSAML RedirectバインディングURLを設定します。このBindingのためのURLがない場合は空でよいです。", - "logoutServicePostBindingURLHelp": "シングル・ログアウト・サービスのSAMLPOSTバインディングURLを設定します。異なるBindingを使用している場合は空でよいです。", - "logoutServiceRedirectBindingURLHelp": "シングル・ログアウト・サービスのSAMLRedirectバインディングURLを設定します。異なるBindingを使用している場合は空でよいです。", - "frontchannelLogoutHelp": "有効の場合は、ログアウトはクライアントへのブラウザー・リダイレクトが必要になります。無効の場合は、サーバーはログアウトのバックグラウンド呼び出しを行います。", - "authenticationOverridesHelp": "レルム認証フロー・バインディングをオーバーライドします。", - "browserFlowHelp": "ブラウザー認証で使用したいフローを選択してください。", - "directGrantHelp": "ダイレクト・グラント認証で使用したいフローを選択してください。", - "certificateHelp": "クライアントで発行され、キーストアの秘密鍵で署名されたJWTを検証するためのクライアント証明書です。", - "jwksUrlHelp": "JWK形式のクライアント鍵が格納されているURLを設定します。詳細はJWKの仕様を参照してください。「jwt」クレデンシャルを持つKeycloakクライアント・アダプターを使用している場合は、アプリケーションに「/k_jwks」という接尾辞を付けたURLを使用することができます。例えば、「http://www.myhost.com/myapp/k_jwks」です。", - "archiveFormatHelp": "JavaキーストアまたはPKCS12アーカイブ形式", - "keyAliasHelp": "秘密鍵と証明書のアーカイブ・エイリアスです。", - "keyPasswordHelp": "アーカイブ内の秘密鍵にアクセスするためのパスワード", - "storePasswordHelp": "アーカイブ自身にアクセスするためのパスワード", - "consentRequired": "有効の場合は、ユーザーはクライアント・アクセスに同意する必要があります。", - "import": "リソースサーバーの認可設定を含むJSONファイルをインポートします。", - "policyEnforcementModeHelp": "ポリシー施行モードは、認可リクエストを評価する際に適用される方法を決定します。「Enforcing」は、与えられたリソースに関連するポリシーが存在しない場合でも、リクエストはデフォルトで拒否されることを意味します。「Permissive」は、与えられたリソースに関連するポリシーが存在しない場合でも、リクエストは許可されることを意味します。「Disabled」は、完全にポリシーの評価を無効にし、任意のリソースへのアクセスを許可します。", - "decisionStrategyHelp": "決定戦略は、パーミッションの評価方法と最終的な判定の取得方法を決定します。「Affirmative」とは、リソースおよびそのスコープへのアクセスを許可するために、少なくとも1つのパーミッションが肯定的な判定に評価される必要があることを意味します。「Unanimous」とは、最終的な判定も肯定的であるために、すべてのパーミッションが肯定的な判定に評価される必要があることを意味します。", - "allowRemoteResourceManagementHelp": "リソースは、リソースサーバーによりリモートで管理すべきかどうかを設定します。オフの場合は、リソースはこの管理コンソールだけで管理されます。", - "resourceName": "このリソースの一意な名前。この名前は、リソースを一意に識別するために使用でき、特定のリソースを照会するときに便利です。", - "typeHelp": "作成された各クライアントにデフォルト・スコープとして追加されるクライアント・スコープ", - "urisHelp": "リソースによって保護されているURIのセット。", - "scopesHelp": "認可リクエストの際に送信されるスコープです。スペース区切りでスコープのリストを設定します。デフォルトは「openid」です。", - "fullScopeAllowedHelp": "全ての制限の無効を許可します。", - "ownerManagedAccessHelp": "有効にすると、このリソースへのアクセスをリソースオーナーが管理できます。", - "resourceAttribute": "リソースに関連付けられた属性。", - "resetActions": "リセット・アクション", - "lifespan": "有効期限", - "scopeName": "このスコープのユニークな名前を設定します。名前はスコープの一意な識別に使用され、特定のスコープを照会する際に使用することができます。", - "policy-name": "このポリシーの名前を設定します。", - "policy-description": "このポリシーの説明を設定します。", - "policyDecisionStagey": "決定戦略は、ポリシーの評価方法と最終的な判定方法を決定します。「Affirmative」は、最終判定がpositiveとなるためには、少なくとも1つのポリシーがpositiveと評価する必要がある、ということを意味します。「Unanimous」は、全体の判定がpositiveとなるためには、すべてのポリシーがpositiveと評価する必要がある、ということを意味します。「Consensus」は、positiveの数がnegativeの数より多くなければならないことを意味します。positiveとnegativeの数が同じ場合は、最終的な判定はnegativeになります。", - "applyPolicyHelp": "このポリシーやパーミッションで定義されたスコープに適用するすべてのポリシーを設定します。", - "policyClient": "このポリシーで許可されるクライアントを指定します。", - "groupsClaimHelp": "定義されている場合、ポリシーは、パーミッションを要求するアイデンティティーを表すアクセストークンまたはIDトークン内の特定のクレームから、ユーザーのグループを取得します。定義されていない場合、ユーザーのグループはレルム設定から取得されます。", - "policyGroups": "どのユーザーがこのポリシーで許可されるか指定してください。", - "policyRoles": "このポリシーで許可されるクライアント・ロールを指定してください。", - "startTime": "ポリシーを許可しない日時を定義します。現在日時がこの値より後か、等しい場合にのみ許可されます。", - "expireTime": "ポリシーを許可しない日時を定義します。現在日時がこの値より前か、等しい場合にのみ許可されます。", - "monthHelp": "ポリシーが許可される月を定義します。2番目のフィールドに値を入力して範囲を指定することもできます。この場合、現在の月が指定した2つの値の間にあるか、等しい場合のみ許可されます。", - "dayMonth": "ポリシーが許可される日を定義します。2番目のフィールドに値を入力して範囲を指定することもできます。この場合、現在の日が指定した2つの値の間にあるか、等しい場合のみ許可されます。", - "hourHelp": "ポリシーが許可される時を定義します。2番目のフィールドに値を入力して範囲を指定することもできます。この場合、現在の時が指定した2つの値の間にあるか、等しい場合のみ許可されます。", - "minuteHelp": "ポリシーが許可される分を定義します。2番目のフィールドに値を入力して範囲を指定することもできます。この場合、現在の分が指定した2つの値の間にあるか、等しい場合のみ許可されます。", - "policyCode": "このポリシーに対する条件を提供するJavaScriptコード。", - "logicHelp": "ロジックは、ポリシーの判定方法を決定します。「Positive」の場合は、このポリシーの評価中に得られた結果(許可または拒否)が判定の実行に使用されます。「Negative」の場合は、結果は反転されます。つまり、許可は拒否になり、拒否は許可になります。", - "permissionName": "このパーミッションの名前を設定します。", - "permissionDescription": "このパーミッションの説明を設定します。", - "permissionType": "このパーミッションが適用されるリソースタイプを指定します。", - "permissionsEnabledHelp": "このロールを管理するために、きめ細かいパーミッションを有効にするかどうかを決定します。無効にすると、設定されている現在のパーミッションがすべて削除されます。", - "clientScopeList": "クライアント・スコープ", - "grantedClientScopes": "付与されたクライアント・スコープ", - "includeInTokenScope": "トークンスコープに含める", - "realmRolePrefix": "レルムロールのプレフィックス", - "displayOnConsentScreen": "同意画面で表示する", - "consentScreenText": "同意画面のテキスト", - "name": "クライアント・スコープの名前。レルム内でユニークでなければなりません。スコープ・パラメーターの値として使用されるため、名前には空白文字を含めないでください", - "protocolHelp": "このクライアント・スコープによって提供されているSSOプロトコル設定がどれか", - "displayOnConsentScreenHelp": "オンで、同意が必要なクライアントにこのクライアント・スコープが追加された場合、「同意画面のテキスト」で指定されたテキストが同意画面に表示されます。オフの場合、このクライアント・スコープは同意画面に表示されません", - "consentScreenTextHelp": "このクライアント・スコープが同意が必要なクライアントに追加された場合に、同意画面に表示されるテキスト。指定しない場合は、デフォルトでクライアント・スコープの名前になります", - "includeInTokenScopeHelp": "オンの場合、このクライアント・スコープの名前がアクセストークン・プロパティーの「scope」と同様にトークン・イントロスペクション・エンドポイントのレスポンスに追加されます。オフの場合、このクライアント・スコープはトークンとトークン・イントロスペクション・エンドポイントのレスポンスから除外されます。", - "guiOrder": "GUI(同意ページのような)でのプロバイダーの順序を整数で指定します。", - "prefix": "各レルムロールのプレフィックスを設定します(オプション)。", - "multiValued": "属性がマルチバリューをサポートしているかどうかを示します。サポートしている場合は、この属性のすべての値リストがクレームとして設定されます。サポートしていない場合は、最初の値だけがクレームとして設定されます。", - "tokenClaimName": { - "label": "トークンクレーム名", - "tooltip": "トークン内に挿入するクレームの名前を設定します。「address.street」のように完全修飾名で設定します。この場合、ネストされたJSONオブジェクトが作成されます。ネスティングを防ぎ、ドットを文字通りに使用するには、ドットをバックスラッシュ(\\.)でエスケープします。" - }, - "claimJsonType": "トークンへのJSONクレームの追加で使用されるJSONタイプを設定します。long、int、boolean、String、JSONが有効な値です。", - "protocolMapper": "プロトコルです。", - "createGroup": "グループの作成", - "members": "メンバー", - "email": "Eメール", - "lastName": "姓", - "firstName": "名", - "associatedRolesText": "関連ロール", - "title": "認証", - "addRole": "ロールの追加", - "roleName": "ロール名", - "composite": "複合", - "usersInRole": "ロールのユーザー", - "addUser": "ユーザーの追加", - "userName": "ユーザー名", - "join": "参加", - "groupMembership": "グループ・メンバーシップ", - "createdAt": "作成日", - "username": "ユーザー名", - "emailVerified": "Eメールが確認済み", - "status": "ステータス", - "requiredUserActions": "必要なユーザー・アクション", - "impersonate": "代理ログイン", - "verifyEmail": "Eメールの確認", - "consents": "同意", - "identityProvider": "アイデンティティー・プロバイダー", - "identityProviderLinks": "アイデンティティー・プロバイダーのリンク", - "revoke": "無効化", - "setPassword": "パスワードを設定", - "credentialType": "タイプ", - "credentialUserLabel": "ユーザーラベル", - "credentialData": "データ", - "resetPassword": "パスワードをリセット", - "showPasswordDataValue": "値", - "credentialResetBtn": "クレデンシャルのリセット", - "hours": "時", - "minutes": "分", - "seconds": "秒", - "credentialResetConfirm": "Eメールを送信", - "temporaryLocked": "ユーザーは、ログインに複数回失敗したため、ロックされている可能性があります。", - "emailVerifiedHelp": "ユーザーのEメールが確認済みかどうかを設定します。", - "requiredUserActionsHelp": "ユーザーがログインするときに必要なアクションです。「Verify email」は、Eメールアドレスを確認するためのEメールをユーザーに送信します。「Update profile」は、新しい個人情報を入力する必要があります。「Update password」は、ユーザーが新しいパスワードを入力する必要があります。「Configure OTP」は、モバイル・パスワード・ジェネレーターの設定が必要です。", - "groups": "メンバーであるグループです。グループから外すには、グループを選択して「外す」ボタンをクリックしてください。", - "lastAccess": "最終アクセス", - "adminEvents": "管理イベント", - "time": "日時", - "eventType": "イベントタイプ", - "ipAddress": "IPアドレス", - "realm": "レルム", - "resourcePath": "リソースパス", - "resourceTypes": "リソースタイプ", - "operationType": "操作タイプ", - "operationTypes": "操作タイプ", - "auth": "認証", - "representation": "Representation", - "partialImport": "部分インポート", - "partialExport": "部分エクスポート", - "general": "一般", - "login": "login", - "themes": "テーマ", - "eventListeners": "イベントリスナー", - "eventListenersHelpText": "どのリスナーがレルムのイベントを受け取るか設定します。", - "adminEventsSettings": "管理イベントの設定", - "saveEvents": "イベントの保存", - "clearAdminEvents": "管理イベントのクリア", - "includeRepresentation": "Representationを含める", - "from": "差出人", - "fromDisplayName": "差出人の表示名", - "replyTo": "返信先", - "replyToDisplayName": "返信先の表示名", - "envelopeFrom": "Envelope From", - "host": "ホスト", - "port": "ポート", - "enableSSL": "SSLの有効", - "enableStartTLS": "StartTLSの有効", - "keystore": "キーストア", - "providers": "プロバイダー", - "algorithm": "アルゴリズム", - "uiDisplayName": "コンソール表示名", - "active": "アクティブ", - "providerId": "ID", - "kid": "Kid", - "provider": "プロバイダー", - "providerDescription": "プロバイダーの説明", - "publicKeys": "公開鍵", - "userRegistration": "ユーザー登録", - "userRegistrationHelpText": "登録ページの有効/無効。ログインページに登録のリンクも表示されるようになります。", - "forgotPassword": "パスワード忘れ", - "rememberMe": "ログイン状態の保存", - "rememberMeHelpText": "セッションの有効期限が切れるまではブラウザーの再起動でもログイン状態を保存するチェックボックスをログインページに表示します。", - "registrationEmailAsUsername": "Eメールをユーザー名とする", - "loginWithEmail": "Eメールでログイン", - "loginWithEmailHelpText": "ユーザーがEメールアドレスでログインできるようにします。", - "duplicateEmails": "メールの重複", - "duplicateEmailsHelpText": "複数のユーザーが同じEメールアドレスを持つことを許可します。この設定を変更すると、ユーザーのキャッシュもクリアされます。重複するEメールアドレスのサポートを無効にした後で、データベース内の既存ユーザーのEメールの制約を手動で更新することをお勧めします。", - "editUsername": "ユーザー名の編集", - "htmlDisplayName": "HTML表示名", - "frontendUrl": "フロントエンドURL", - "requireSsl": "SSLの要求", - "sslType": { - "all": "全てのリクエスト", - "external": "外部リクエスト", - "none": "none" - }, - "userManagedAccess": "User-Managed Access", - "endpoints": "エンドポイント", - "openIDEndpointConfiguration": "OpenIDエンドポイントの設定", - "samlIdentityProviderMetadata": "SAML 2.0アイデンティティー・プロバイダー・メタデータ", - "accountTheme": "アカウントテーマ", - "adminTheme": "管理コンソールテーマ", - "emailTheme": "Eメールテーマ", - "SSOSessionIdle": "SSOセッション・アイドル", - "SSOSessionMax": "SSOセッション最大", - "SSOSessionIdleRememberMe": "SSOセッション・アイドル・リメンバーミー", - "SSOSessionMaxRememberMe": "SSOセッション最大リメンバーミー", - "clientSessionIdle": "クライアント・セッション・アイドル", - "clientSessionMax": "クライアント・セッション最大", - "offlineSessionIdle": "オフライン・セッション・アイドル", - "offlineSessionMaxLimited": "オフライン・セッション最大制限", - "offlineSessionMax": "オフライン・セッション最大", - "loginTimeout": "ログイン・タイムアウト", - "loginActionTimeout": "ログイン・アクション・タイムアウト", - "defaultSigAlg": "デフォルトの署名アルゴリズム", - "revokeRefreshToken": "リフレッシュ・トークンの無効化", - "refreshTokenMaxReuse": "リフレッシュ・トークンの最大再利用回数", - "accessTokenLifespanImplicitFlow": "インプリシット・フローにおけるアクセストークン生存期間", - "clientLoginTimeout": "クライアントのログイン・タイムアウト", - "userInitiatedActionLifespan": "ユーザー起動アクションの有効期間", - "defaultAdminInitiated": "デフォルトの管理者起動アクションの有効期間", - "executeActions": "アクションの実行", - "clientProfileDescription": "説明", - "tokens": "トークン", - "supportedLocales": "サポートされるロケール", - "defaultLocale": "デフォルト・ロケール", - "validatorDialogColNames": { - "colName": "ロール名" - }, - "validatorColNames": { - "colConfig": "設定" - }, - "eventTypes": { - "IMPERSONATE": { - "name": "代理ログイン" - }, - "LOGOUT": { - "name": "ログアウト" - }, - "REGISTER": { - "name": "登録" - }, - "RESET_PASSWORD": { - "name": "パスワードをリセット" - } - }, - "deleteEvents": "イベントのクリア", - "defaultRoles": "デフォルトロール", - "defaultGroups": "デフォルト・グループ", - "securityDefences": "セキュリティー防御", - "headers": "ヘッダー", - "bruteForceDetection": "ブルートフォースの検出", - "xFrameOptions": "X-Frame-Options", - "contentSecurityPolicy": "Content-Security-Policy", - "contentSecurityPolicyReportOnly": "Content-Security-Policy-Report-Only", - "xContentTypeOptions": "X-Content-Type-Options", - "xRobotsTag": "X-Robots-Tag", - "xXSSProtection": "X-XSS-Protection", - "strictTransportSecurity": "HTTP Strict Transport Security(HSTS)", - "failureFactor": "最大ログイン失敗回数", - "permanentLockout": "永久ロックアウト", - "waitIncrementSeconds": "連続失敗時の待機時間", - "maxFailureWaitSeconds": "最大待機時間", - "maxDeltaTimeSeconds": "ログイン失敗回数のリセット時間", - "minimumQuickLoginWaitSeconds": "クイックログイン失敗時の最小待機時間", - "fromDisplayNameHelp": "差出人のアドレスのユーザー・フレンドリーな名前です(オプション)。", - "replyToDisplayNameHelp": "返信先のアドレスのユーザー・フレンドリーな名前です(オプション)。", - "envelopeFromHelp": "バウンスに使用されるEメールアドレス(オプション)。", - "passwordHelp": "SMTPパスワード。このフィールドは、ボールトから値を取得できます。${vault.ID}形式を使用します。", - "frontendUrlHelp": "レルムのフロントエンドURLを設定します。デフォルトのホスト名プロバイダーと組み合わせて使用し、特定のレルムのフロントエンド・リクエストのベースURLをオーバーライドします。", - "requireSslHelp": "HTTPSが必須かどうか。「なし」は、HTTPSがどのIPアドレスのクライアントにも要求されないことを意味します。「外部リクエスト」は、ローカルホストとプライベートIPアドレスのクライアントがHTTPSなしでアクセスできることを意味します。「すべてのリクエスト」は、HTTPSがすべてのIPアドレスのクライアントに要求されることを意味します。", - "userManagedAccessHelp": "有効にすると、ユーザーはアカウント管理コンソールを使用してリソースとパーミッションを管理できます。", - "endpointsHelp": "プロトコル・エンドポイントの設定を表示します。", - "accountThemeHelp": "ユーザー・アカウント管理画面のテーマを選択します。", - "adminThemeHelp": "管理コンソールのテーマを選択します。", - "emailThemeHelp": "サーバーから送信されるEメールのテーマを選択します。", - "save-user-events": "有効の場合は、ログインイベントがデータベースに保存され、管理コンソールとアカウント管理で使用することができます。", - "save-admin-events": "有効の場合は、管理イベントがデータベースに保存され、管理コンソールで使用可能になります。", - "admin-clearEvents": "データベース内のすべての管理イベントを削除します。", - "includeRepresentationHelp": "作成または更新リクエストのJSON Representationを含めるかどうかを設定します。", - "failureFactorHelp": "検出するまでの失敗回数です。", - "permanentLockoutHelp": "最大ログイン失敗回数を超えたときに、ユーザーを永久にロックします。", - "waitIncrementSecondsHelp": "失敗回数が閾値に達した場合、どれくらいの時間ユーザーはロックアウトされるか設定します。", - "maxFailureWaitSecondsHelp": "ユーザーがロックアウトされる最大待機時間を設定します。", - "maxDeltaTimeSecondsHelp": "いつ失敗回数がリセットされるか設定します。", - "quickLoginCheckMilliSeconds": "クイックログイン失敗があまりにも頻繁に発生した場合は、ユーザーをロックアウトします。", - "minimumQuickLoginWaitSecondsHelp": "クイックログイン失敗後にどれくらいの時間待機するか設定します。", - "ssoSessionIdle": "セッションの有効期限が切れるまでのアイドル時間です。セッションの有効期限が切れると、トークンとブラウザー・セッションは無効化されます。", - "ssoSessionMax": "セッションの有効期限が切れるまでの最大時間です。セッションの有効期限が切れると、トークンとブラウザー・セッションは無効化されます。", - "ssoSessionIdleRememberMe": "リメンバーミー・セッションの有効期限が切れるまでのアイドル時間です。セッションが期限切れになると、トークンおよびブラウザー・セッションは無効になります。設定されていない場合は、標準のSSOセッション・アイドル値が使用されます。", - "clientSessionIdleHelp": "クライアント・セッションが期限切れになるまでアイドル状態にできる時間。トークンは、クライアント・セッションが期限切れになると無効になります。設定しない場合、標準のSSOセッション・アイドルの値が使用されます。", - "offlineSessionIdleHelp": "セッションの有効期限が切れるまでのオフライン時間です。この期限内に少なくとも1回はオフライン・トークンを使用してリフレッシュしないと、オフライン・セッションは有効期限切れとなります。", - "defaultSigAlgHelp": "このレルムでトークンの署名に使用されるデフォルトのアルゴリズム", - "revokeRefreshTokenHelp": "有効にすると、リフレッシュ・トークンは「リフレッシュ・トークンの最大再利用回数」までしか使用できず、別のトークンが使用されると無効化されます。無効にすると、リフレッシュ・トークンは使用後に無効化されず、複数回使用できます。", - "refreshTokenMaxReuseHelp": "リフレッシュ・トークンを再利用できる最大回数。別のトークンが使用された場合、即時に無効化されます。", - "clientLoginTimeoutHelp": "クライアントがアクセストークン・プロトコルを終了するまでの最大時間。これは通常1分です。", - "editUsernameHelp": "有効の場合はユーザー名フィールドが編集可能になり、そうでない場合は読み取り専用になります。", - "flows": "フロー", - "requiredActions": "必須アクション", - "passwordPolicy": "パスワード・ポリシー", - "otpPolicy": "OTPポリシー", - "webauthnPolicy": "WebAuthnポリシー", - "webauthnPasswordlessPolicy": "WebAuthnパスワードレス・ポリシー", - "webAuthnPolicyRpEntityName": "リライング・パーティー・エンティティー名", - "otpType": "OTPタイプ", - "policyType": { - "totp": "タイムベース", - "hotp": "カウンターベース" - }, - "otpHashAlgorithm": "OTPハッシュ・アルゴリズム", - "otpPolicyDigits": "桁数", - "otpPolicyPeriod": "OTPトークンの期間", - "initialCounter": "初期カウンター", - "webAuthnPolicySignatureAlgorithms": "署名アルゴリズム", - "webAuthnPolicyRpId": "リライング・パーティー・エンティティーID", - "webAuthnPolicyAttestationConveyancePreference": "期待する構成証明伝達", - "attestationPreference": { - "none": "none" - }, - "webAuthnPolicyAuthenticatorAttachment": "オーセンティケーター・アタッチメント", - "webAuthnPolicyRequireResidentKey": "常駐鍵が必要", - "webAuthnPolicyUserVerificationRequirement": "ユーザー検証要件", - "webAuthnPolicyCreateTimeout": "タイムアウト", - "webAuthnPolicyAvoidSameAuthenticatorRegister": "オーセンティケーターの重複登録回避", - "webAuthnPolicyAcceptableAaguids": "許容可能なAAGUID", - "webAuthnPolicyExtraOrigins": "エクストラオリジンズ", - "addOrigins": "オリジンを追加", - "default": "DEFAULT", - "flow": { - "browser": "ブラウザーフロー", - "registration": "登録フロー", - "direct grant": "ダイレクト・グラント・フロー" - }, - "flowType": "フロータイプ", - "flow-type": { - "basic-flow": "generic", - "form-flow": "form" - }, - "addExecution": "エグゼキューションを追加", - "requirement": "必要条件", - "requirements": { - "DISABLED": "無効" - }, - "alias": "エイリアス", - "flowTypeHelp": "どの種類のフォームかを設定します。", - "topLevelFlowType": "どの種類のトップレベル・フローを作成するか設定します。「client」タイプは、クライアント(アプリケーション)の認証で使用します。「generic」はユーザーと他のすべてで使用します。", - "aliasHelp": "エイリアスは一意にアイデンティティー・プロバイダーを識別するもので、リダイレクトURIの構築にも使用されます。", - "otpTypeHelp": "「totp」はタイムベースのワンタイム・パスワードです。「hotp」は、サーバーでハッシュに対してカウンターを保持するカウンターベースのワンタイム・パスワードです。", - "webAuthnPolicyRpEntityNameHelp": "WebAuthnリライング・パーティーとしての人間が読み取れるサーバー名", - "otpHashAlgorithmHelp": "OTPを生成するのにどのハッシュ・アルゴリズムを使用するか設定します。", - "otpPolicyDigitsHelp": "OTPの桁数を設定します。", - "otpPolicyPeriodHelp": "OTPトークンが有効な秒数を設定します。デフォルトは30秒です。", - "supportedApplications": "現在のOTPポリシーで動作することが分かっているアプリケーション", - "webAuthnPolicyFormHelp": "WebAuthn認証のポリシー。これは、「WebAuthn Register」必須アクションと「WebAuthn Authenticator」オーセンティケーターで使用されます。一般的な用途は、2要素認証にWebAuthnを使用する場合です。", - "webAuthnPolicyPasswordlessFormHelp": "パスワードレスWebAuthn認証のポリシー。これは、「Webauthn Register Passwordless」必須アクションおよび「WebAuthn Passwordless Authenticator」オーセンティケーターによって使用されます。一般的な使用法は、WebAuthnが一要素認証として使用される場合です。「WebAuthnポリシー」と「WebAuthnパスワードレス・ポリシー」の両方を使用すると、WebAuthnを同じレルムの第1要素オーセンティケーターと第2要素オーセンティケーターの両方として使用できます。", - "webAuthnPolicySignatureAlgorithmsHelp": "認証アサーションに使用する署名アルゴリズム。", - "webAuthnPolicyRpIdHelp": "これは、WebAuthnリライング・パーティーとしてのIDです。オリジンの有効なドメインでなければなりません。", - "webAuthnPolicyAttestationConveyancePreferenceHelp": "認証ステートメントを生成する方法の優先権をオーセンティケーターに通知します。", - "webAuthnPolicyAuthenticatorAttachmentHelp": "受け入れ可能なアタッチメント・パターンでオーセンティケーターと通信します。", - "webAuthnPolicyRequireResidentKeyHelp": "これは、オーセンティケーターに公開鍵クレデンシャルを常駐鍵として作成するかどうかを指示します。", - "webAuthnPolicyUserVerificationRequirementHelp": "ユーザーを実際に検証することを確認するためにオーセンティケーターと通信します。", - "webAuthnPolicyCreateTimeoutHelp": "ユーザーの公開鍵クレデンシャルの作成に対するタイムアウト値(秒単位)。0に設定すると、このタイムアウト・オプションは適応されません。", - "webAuthnPolicyAvoidSameAuthenticatorRegisterHelp": "すでに登録されているオーセンティケーターの登録を避けるかどうかを設定します。", - "webAuthnPolicyAcceptableAaguidsHelp": "登録可能なオーセンティケーターのAAGUIDのリスト。", - "webAuthnPolicyExtraOriginsHelp": "非 Web アプリケーションの追加オリジンのリスト。", - "unlinkUsers": "ユーザーのリンクを解除する", - "removeImported": "インポートを削除", - "vendor": "ベンダー", - "connectionURL": "接続URL", - "enableStartTls": "StartTLSの有効", - "useTruststoreSpi": "トラストストアSPIを使用", - "connectionPooling": "接続プーリング", - "connectionTimeout": "接続タイムアウト", - "bindType": "バインドタイプ", - "bindDn": "バインドDN", - "editMode": "編集モード", - "usersDN": "ユーザーDN", - "usernameLdapAttribute": "ユーザー名のLDAP属性", - "rdnLdapAttribute": "RDN LDAP属性", - "uuidLdapAttribute": "UUID LDAP属性", - "userObjectClasses": "ユーザー・オブジェクト・クラス", - "searchScope": "検索スコープ", - "readTimeout": "読み取りタイムアウト", - "pagination": "ページネーション", - "importUsers": "ユーザーのインポート", - "batchSize": "バッチサイズ", - "periodicFullSync": "定期的なフル同期", - "fullSyncPeriod": "フル同期の周期", - "periodicChangedUsersSync": "定期的な変更ユーザーの同期", - "changedUsersSyncPeriod": "変更ユーザーの同期周期", - "kerberosIntegration": "Kerberosと統合", - "allowKerberosAuthentication": "Kerberos認証を許可", - "useKerberosForPasswordAuthentication": "パスワード認証にKerberosを使用", - "cacheSettings": "キャッシュ設定", - "cachePolicy": "キャッシュ・ポリシー", - "evictionDay": "エビクションの日", - "evictionHour": "エビクションの時", - "evictionMinute": "エビクションの分", - "maxLifespan": "最大生存期間", - "validatePasswordPolicy": "パスワード・ポリシーの検証", - "trustEmail": "Eメールを信頼", - "requiredSettings": "必要な設定", - "kerberosRealm": "Kerberosレルム", - "serverPrincipal": "サーバー・プリンシパル", - "debug": "デバッグ", - "allowPasswordAuthentication": "パスワード認証を許可", - "testAuthentication": "認証テスト", - "ldapMappersList": "LDAPマッパー", - "ldapFilter": "LDAPフィルター", - "selectRole": { - "label": "ロールの選択", - "tooltip": "左側にあるテキストボックスにロールを入力するか、ブラウズして必要なロールを選択するためにこのボタンをクリックしてください。" - }, - "vendorHelp": "LDAPベンダー(プロバイダー)", - "consoleDisplayConnectionUrlHelp": "LDAPサーバーへの接続URL", - "connectionTimeoutHelp": "LDAP接続タイムアウト(ミリ秒単位)", - "bindCredentialsHelp": "LDAP管理者のパスワードを設定します。このフィールドは、ボールトから値を取得できます。${vault.ID}形式を使用します。", - "editModeLdapHelp": "READ_ONLYの場合、LDAPストアに読み取り専用でアクセスします。WRITABLEは、必要に応じてデータをLDAPに同期させることを意味します。UNSYNCEDは、ユーザーデータをインポートするが、LDAPに同期しないことを意味します。", - "fullSyncPeriodHelp": "フル同期の周期を秒で設定します。", - "changedUsersSyncHelp": "変更または新規作成されたLDAPユーザーの同期周期を秒で設定します。", - "trustEmailHelp": "有効とした場合は、このレルムでEメールの確認が有効となっている場合でも、このプロバイダーが提供するEメールは確認されなくなります。", - "debugHelp": "Krb5LoginModuleの標準出力へのデバッグロギングの有効/無効を設定します。", - "allowPasswordAuthenticationHelp": "Kerberosデータベースに対するユーザー名/パスワード認証の有効/無効を設定します。", - "updateFirstLoginHelp": "初回ログイン時のプロファイル更新の有効/無効を設定します。", - "addIdPMapper": "アイデンティティー・プロバイダー・マッパーを追加", - "redirectURI": "リダイレクトURI", - "ssoServiceUrl": "シングル・サインオン・サービスのURL", - "singleLogoutServiceUrl": "シングル・ログアウト・サービスのURL", - "nameIdPolicyFormat": "Name IDポリシー・フォーマット", - "unspecified": "未定義", - "principalType": "プリンシパル・タイプ", - "principalAttribute": "プリンシパル属性", - "httpPostBindingResponse": "HTTP-POSTバインディング・レスポンス", - "httpPostBindingAuthnRequest": "AuthnRequestのHTTP-POSTバインディング", - "httpPostBindingLogout": "HTTP-POSTバインディング・ログアウト", - "wantAuthnRequestsSigned": "AuthnRequestの署名が必要", - "samlSignatureKeyName": "SAML署名鍵名", - "wantAssertionsSigned": "アサーションの署名が必要", - "wantAssertionsEncrypted": "アサーションの暗号化が必要", - "forceAuthentication": "認証を強制", - "validatingX509Certs": "検証用のX509証明書", - "authorizationUrl": "認可URL", - "passLoginHint": "login_hintを渡す", - "passCurrentLocale": "現在のロケールを渡す", - "tokenUrl": "トークンURL", - "logoutUrl": "ログアウトURL", - "backchannelLogout": "バックチャンネル・ログアウト", - "disableUserInfo": "UserInfoの無効", - "userInfoUrl": "UserInfo URL", - "issuer": "発行者(Issuer)", - "prompt": "プロンプト(prompt)", - "prompts": { - "none": "none", - "consent": "consent", - "login": "login" - }, - "clientAuthentications": { - "client_secret_post": "POSTで送信されたクライアント・シークレット", - "client_secret_basic": "基本認証で送信されたクライアント・シークレット", - "client_secret_jwt": "JWTでクライアント・シークレット", - "private_key_jwt": "秘密鍵で署名されたJWT" - }, - "clientAssertionSigningAlg": "クライアントアサーション署名アルゴリズム", - "algorithmNotSpecified": "アルゴリズムの指定なし", - "acceptsPromptNone": "クライアントから転送されるprompt=noneを受け入れる", - "validateSignature": "署名検証", - "allowedClockSkew": "許容されるクロックスキュー", - "forwardParameters": "転送されるクエリー・パラメーター", - "storeTokens": "トークンの格納", - "storedTokensReadable": "読み取り可能なトークンを格納", - "accountLinkingOnly": "アカウントのリンクのみ", - "hideOnLoginPage": "ログインページで非表示", - "firstBrokerLoginFlowAlias": "初回ログインフロー", - "postBrokerLoginFlowAlias": "ログイン後のフロー", - "syncMode": "同期モード", - "syncModes": { - "inherit": "継承", - "import": "インポート", - "legacy": "レガシー", - "force": "強制" - }, - "syncModeOverride": "同期モードのオーバーライド", - "userAttribute": "ユーザー属性", - "redirectURIHelp": "アイデンティティー・プロバイダーの設定で使用するリダイレクトURIです。", - "displayName": "アイデンティティー・プロバイダーの分かりやすい名前を設定します。", - "clientSecretHelp": "アイデンティティー・プロバイダーで登録されているクライアント・シークレットを設定します。このフィールドは、ボールトから値を取得できます。${vault.ID}形式を使用します。", - "discoveryEndpoint": "リモートIDPディスカバリー・ディスクリプターよりメタデータをインポートします。", - "importConfig": "ダウンロードしたIDPディスカバリー・ディスクリプターよりメタデータをインポートします。", - "passLoginHintHelp": "アイデンティティー・プロバイダーにlogin_hintを渡します。", - "passCurrentLocaleHelp": "現在のロケールをui_localesパラメーターとしてアイデンティティー・プロバイダーに渡します。", - "logoutUrlHelp": "外部IDPからユーザーのログアウトに使用するセッション終了エンドポイントを設定します。", - "backchannelLogoutHelp": "外部IDPがバックチャンネル・ログアウトをサポートするどうかを設定します。", - "disableUserInfoHelp": "追加のユーザー情報を取得するUserInfoサービスの使用を無効にするかどうかを設定します。デフォルトではこのOIDCサービスを使用します。", - "userInfoUrlHelp": "UserInfoのURLを設定します。これはオプションです。", - "issuerHelp": "レスポンス内の発行者の識別子(Issuer Identifier)を設定します。未設定の場合は、検証は実行されません。", - "acceptsPromptNoneHelp": "これは、アイデンティティー・プロバイダー・オーセンティケーターとともに使用されるか、またはkc_idp_hintがこのアイデンティティー・プロバイダーを指す場合に使用されます。クライアントがprompt=noneでリクエストを送信し、ユーザーがまだ認証されていない場合、エラーは直接クライアントに返されませんが、prompt=noneのリクエストはこのアイデンティティー・プロバイダーに転送されます。", - "validateSignatureHelp": "外部IDPの署名検証の有効/無効を設定します。", - "useJwksUrlHelp": "有効とした場合は、アイデンティティー・プロバイダーの公開鍵が指定されたJWKS URLからダウンロードされます。アイデンティティー・プロバイダーが新しい鍵ペアを生成する際に、新しい鍵が常に再ダウンロードされるため、柔軟性が大幅に向上します。無効とした場合は、Keycloak DBの公開鍵(または証明書)が使用されるため、アイデンティティー・プロバイダーの鍵ペアが変更された際には、常にKeycloak DBに新しい鍵をインポートする必要があります。", - "allowedClockSkewHelp": "アイデンティティー・プロバイダーのトークンの検証時に許容されるクロックスキュー(秒単位)。デフォルト値は0です。", - "forwardParametersHelp": "最初のアプリケーションへのリクエストから取得し、外部IDPの認可エンドポイントへ転送されるOpenID Connect/OAuth標準以外のクエリー・パラメーター。複数のパラメーターをカンマ(,)で区切って入力できます。", - "clientAuthenticationHelp": "クライアント認証方法(参照:https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication)。秘密鍵で署名されたJWTの場合、レルム秘密鍵が使用されます。", - "clientAssertionSigningAlgHelp": "クライアント認証でJWTアサーションを利用するときの署名アルゴリズム。クライアント認証が 秘密鍵で署名されたJWT もしくは JWTでクライアント・シークレット の場合に設定します。アルゴリズムの指定をしなかった場合、 秘密鍵で署名されたJWT ではRS256 JWTでクライアント・シークレット ではHS256のアルゴリズムが使用されます。", - "storeTokensHelp": "ユーザー認証後のトークン格納の有効/無効を設定します。", - "storedTokensReadableHelp": "新しいユーザーが格納されたトークンを読み取り可能かどうかの有効/無効設定です。broker.read-tokenロールをアサインします。", - "accountLinkingOnlyHelp": "オンの場合、ユーザーはこのプロバイダーからログインできません。このプロバイダーにリンクすることのみできます。これは、プロバイダーからのログインを許可したくないが、プロバイダーと統合したい場合に便利です", - "hideOnLoginPageHelp": "非表示の場合、明示的に要求されていれば(例えば、「kc_idp_hint」パラメーターを使用していれば)、このプロバイダーによるログインが可能です。", - "firstBrokerLoginFlowAliasHelp": "このアイデンティティー・プロバイダーでの初回ログイン後に起動させる認証フローのエイリアスです。「初回ログイン」という用語は、認証したアイデンティティー・プロバイダー・アカウントに現在関連付けられているKeycloakアカウントがない状態であることを意味します。", - "syncModeHelp": "すべてのマッパーのデフォルトの同期モード。同期モードは、マッパーを使用してユーザーデータを同期するタイミングを決定します。可能な値は次のとおりです。このオプションが導入される前の動作を維持する「レガシー」、このアイデンティティー・プロバイダーを使用したユーザーの初回ログイン時に一度だけユーザーをインポートする「インポート」、このアイデンティティー・プロバイダーでログインするたびにユーザーを常に更新する「強制」。", - "useEntityDescriptor": "リモートIDPのSAMLエンティティー・ディスクリプターからメタデータをインポートします。", - "samlEntityDescriptor": "外部IDPメタデータを設定ファイルよりロード、またはURLよりダウンロードして設定します。", - "ssoServiceUrlHelp": "認証リクエスト(SAML AuthnRequest)の送信に使用するURLを設定します。", - "singleLogoutServiceUrlHelp": "ログアウト・リクエストの送信に使用するURLを設定します。", - "principalTypeHelp": "アサーションから外部ユーザーを識別し、追跡する方法。デフォルトではSubject NameIDを使用しますが、識別属性を設定することもできます。", - "principalAttributeHelp": "外部ユーザーを識別するために使用される属性の名前またはフレンドリー名。", - "httpPostBindingResponseHelp": "HTTP-POSTバインディングを使用してリクエストに応答するかどうかを設定します。オフの場合は、HTTP-REDIRECTバインディングが使用されます。", - "httpPostBindingAuthnRequestHelp": "HTTP-POSTバインディングを使用してAuthnRequestを送信するかどうかを設定します。オフの場合は、HTTP-REDIRECTバインディングが使用されます。", - "wantAuthnRequestsSignedHelp": "アイデンティティー・プロバイダーが署名付きAuthnRequestを要求するかどうかを設定します。", - "wantAssertionsSignedHelp": "このサービス・プロバイダーが署名付きアサーションを要求するかどうかを設定します。", - "wantAssertionsEncryptedHelp": "このサービス・プロバイダーが暗号化されたアサーションを期待するかどうかを設定します。", - "forceAuthenticationHelp": "アイデンティティー・プロバイダーが以前のセキュリティー・コンテキストに頼るのではなく、プレゼンターを直接認証すべきかどうかを設定します。", - "validateSignatures": "SAMLレスポンスの署名検証の有効/無効を設定します。", - "validatingX509CertsHelp": "署名の確認に使用するPEM形式の証明書を設定します。", - "addIdpMapperName": "マッパーの名前です。", - "syncModeOverrideHelp": "このマッパーのIDPのデフォルトの同期モードをオーバーライドします。値は次のとおりです。このオプションが導入される前の動作を維持する「レガシー」、このアイデンティティー・プロバイダーを使用したユーザーの初回ログイン時に一度だけユーザーをインポートする「インポート」、このアイデンティティー・プロバイダーでログインするたびにユーザーを常に更新する「強制」、このマッパーのアイデンティティー・プロバイダーで定義された同期モードを使用する「継承」。", - "selectARole": "ロールを選択してください", - "usermodel": { - "prop": { - "label": "プロパティー", - "tooltip": "UserModelインターフェイスのプロパティー・メソッドの名前です。例えば、「email」の値はUserModel.getEmail()メソッドを参照しています。" - }, - "attr": { - "label": "ユーザー属性", - "tooltip": "格納されるユーザー属性名、UserMode.attributeマップ内の属性名です。" - }, - "clientRoleMapping": { - "clientId": { - "label": "クライアントID", - "tooltip": "ロールマッピング用のクライアントID。このクライアントのクライアント・ロールだけがトークンに追加されます。これが設定されていない場合は、すべてのクライアントのクライアント・ロールがトークンに追加されます。" - }, - "rolePrefix": { - "label": "クライアント・ロールのプレフィックス", - "tooltip": "各クライアント・ロールのプレフィックスを設定します(オプション)。" - }, - "tokenClaimName": { - "tooltip": "トークン内に挿入するクレームの名前を設定します。「address.street」のように完全修飾名で設定します。この場合、ネストされたJSONオブジェクトが作成されます。ネスティングを防ぎ、ドットを文字通りに使用するには、ドットをバックスラッシュ(\\.)でエスケープします。特別なトークン${client_id}を使うことができ、これは実際のクライアントIDに置き換えられます。使用例は「resource_access.${client_id}.roles」です。これは、すべてのクライアントからロールを追加する場合(特に「Client ID」スイッチが設定されていない場合)や、各クライアントのクライアント・ロールを別々の場所に保存する場合に、特に便利です。" - } - }, - "realmRoleMapping": { - "rolePrefix": { - "label": "レルムロールのプレフィックス", - "tooltip": "各レルムロールのプレフィックスを設定します(オプション)。" - } - } - }, - "userSession": { - "modelNote": { - "label": "ユーザー・セッション・ノート", - "tooltip": "UserSessionModel.noteマップ内のユーザー・セッション・ノート名です。" - } - }, - "multivalued": { - "label": "マルチバリュー", - "tooltip": "属性がマルチバリューをサポートしているかどうかを示します。サポートしている場合は、この属性のすべての値リストがクレームとして設定されます。サポートしていない場合は、最初の値だけがクレームとして設定されます。" - }, - "aggregate": { - "attrs": { - "label": "属性値の集約", - "tooltip": "属性値をグループ属性と集約する必要があるかどうかを示します。OpenID Connectマッパーを使用している場合は、すべての値を取得するためにマルチバリューのオプションも有効にする必要があります。重複した値は破棄され、値の順序はこのオプションでは保証されません。" - } - }, - "jsonType": { - "label": "クレームJSONタイプ", - "tooltip": "トークンへのJSONクレームの追加で使用されるJSONタイプを設定します。long、int、boolean、String、JSONが有効な値です。" - }, - "includeInIdToken": { - "label": "IDトークンに追加", - "tooltip": "クレームをIDトークンに追加すべきかどうかを設定します。" - }, - "includeInAccessToken": { - "label": "アクセストークンに追加", - "tooltip": "クレームをアクセストークンに追加すべきかどうかを設定します。" - }, - "includeInUserInfo": { - "label": "UserInfoに追加", - "tooltip": "クレームをUserInfoに追加すべきかどうかを設定します。" - }, - "sectorIdentifierUri": { - "label": "セクター識別子URI", - "tooltip": "pairwise sub値を使用し、かつ動的クライアント登録をサポートするプロバイダーは、sector_identifier_uriパラメーターを使用すべきです(SHOULD)。これは、共通の管理下にあるWebサイト群に対し、個々のドメイン名とは独立してparwise sub値の一貫性を保持する方法を提供します。また、クライアントに対し、すべてのユーザーを再登録させることなしにredirect_uriを変更する方法も提供します。" - }, - "pairwiseSubAlgorithmSalt": { - "label": "ソルト", - "tooltip": "ペアワイズ対象識別子を計算する際に使用するソルトを設定します。空白のままにするとソルトは生成されます。" - }, - "addressClaim": { - "street": { - "label": "その他住所のユーザー属性名", - "tooltip": "「address」トークンクレーム内の「street_address」サブクレームにマップするために使用されるユーザー属性の名前。デフォルトは「street」です。" - }, - "locality": { - "label": "市区町村のユーザー属性名", - "tooltip": "「address」トークンクレーム内の「locality」サブクレームにマップするために使用されるユーザー属性の名前。デフォルトは「locality」です。" - }, - "region": { - "label": "都道府県のユーザー属性名", - "tooltip": "「address」トークンクレーム内の「region」サブクレームにマップするために使用されるユーザー属性の名前。デフォルトは「region」です。" - }, - "postal_code": { - "label": "郵便番号のユーザー属性名", - "tooltip": "「address」トークンクレーム内の「postal_code」サブクレームにマップするために使用されるユーザー属性の名前。デフォルトは「postal_code」です。" - }, - "country": { - "label": "国のユーザー属性名", - "tooltip": "「address」トークンクレーム内の「country」サブクレームにマップするために使用されるユーザー属性の名前。デフォルトは「country」です。" - }, - "formatted": { - "label": "整形された住所のユーザー属性名", - "tooltip": "「address」トークンクレーム内の「formatted」サブクレームにマップするために使用されるユーザー属性の名前。デフォルトは「formatted」です。" - } - }, - "included": { - "client": { - "audience": { - "label": "含まれるクライアント・オーディエンス", - "tooltip": "指定されたオーディエンス・クライアントのクライアントIDが、トークンのオーディエンス(aud)フィールドに含まれます。トークンに既存のオーディエンスが存在する場合は、指定された値が単にそれらに追加されます。既存のオーディエンスを上書きすることはありません。" - } - }, - "custom": { - "audience": { - "label": "含まれるカスタム・オーディエンス", - "tooltip": "これは「含まれるクライアント・オーディエンス」が入力されていない場合にのみ使用されます。指定された値が、トークンのオーディエンス(aud)フィールドに含まれます。トークンに既存のオーディエンスが存在する場合は、指定された値が単にそれらに追加されます。既存のオーディエンスを上書きすることはありません。" - } - } - }, - "name-id-format": "Name IDフォーマット", - "mapper": { - "nameid": { - "format": { - "tooltip": "マッパーを適用するName IDフォーマット" - } - } - }, - "clientScopeType": { "default": "DEFAULT" }, - "titleAuthentication": "認証", - "titleEvents": "イベント", - "titleRoles": "レルムロール", - "titleUsers": "ユーザー", - "titleSessions": "セッション", - "authenticationAliasHelp": "この設定の名前を設定します。", - "clientScopeTypes": { "default": "DEFAULT" }, - "authenticationFlowTypeHelp": "どの種類のフォームかを設定します。", - "scopeNameHelp": "クライアント・スコープの名前。レルム内でユニークでなければなりません。スコープ・パラメーターの値として使用されるため、名前には空白文字を含めないでください", - "scopeDescriptionHelp": "クライアント・スコープの説明", - "scopeTypeHelp": "作成された各クライアントにデフォルト・スコープとして追加されるクライアント・スコープ", - "clientDescriptionHelp": "クライアントの説明を指定します。例えば「タイムシート用のクライアント」です。ローカライズ用のキーもサポートしています。例: ${my_client_description}", - "clientsClientTypeHelp": "「OpenID Connect」により、クライアントは認可サーバーによって実行される認証に基づいてエンドユーザーのアイデンティティーを検証できます。「SAML」は、クロスドメインのシングル・サインオン(SSO)を含むWebベースの認証および認可のシナリオを可能にし、アサーションを含むセキュリティー・トークンを使用して情報を渡します。", - "clientsClientScopesHelp": "このリソースに関連付けるスコープを設定します。" -} diff --git a/js/apps/admin-ui/public/locales/lt/translation.json b/js/apps/admin-ui/public/locales/lt/translation.json deleted file mode 100644 index d26b071978..0000000000 --- a/js/apps/admin-ui/public/locales/lt/translation.json +++ /dev/null @@ -1,645 +0,0 @@ -{ - "add": "Pridėti", - "create": "Sukurti", - "save": "Saugoti", - "continue": "Tęsti", - "remove": "Šalinti", - "key": "Raktas", - "value": "Reikšmė", - "back": "Atgal", - "export": "Eksportuoti", - "action": "Veiksmas", - "download": "Atsisiųsti", - "clear": "Išvalyti", - "on": "On", - "edit": "Redaguoti", - "enabled": "Įgalintas", - "disable": "Išjungti", - "none": "jokio", - "signOut": "Atsijungti", - "manageAccount": "Valdyti paskyrą", - "serverInfo": "Serverio informacija", - "testConnection": "Tikrinti jungtį", - "description": "Aprašymas", - "type": "Tipas", - "category": "Kategorija", - "priority": "Prioritetas", - "allTypes": "Visi tipai", - "manage": "Valdyti", - "clients": "Klientai", - "realmRoles": "Srities rolės", - "users": "Naudotojai", - "sessions": "Sesijos", - "events": "Įvykiai", - "mappers": "Atributų atitikmenys", - "permissions": "Leidimai", - "configure": "Konfigūruoti", - "realmSettings": "Srities nustatymai", - "authentication": "Autentifikavimas", - "identityProviders": "Tapatybės teikėjai", - "userFederation": "Naudotojų federavimas", - "settings": "Nustatymai", - "details": "Detaliau", - "Sunday": "Sekmadienis", - "Monday": "Pirmadienis", - "Tuesday": "Antradienis", - "Wednesday": "Trečiadienis", - "Thursday": "Ketvirtadienis", - "Friday": "Penktadienis", - "Saturday": "Šeštadienis", - "times": { - "seconds": "Sekundės", - "minutes": "Minutės", - "hours": "Valandos", - "days": "Dienos" - }, - "attributes": "Atributai", - "credentials": "Prisijungimo duomenys", - "clientId": "Kliento ID", - "clientName": "Vardas", - "id": "ID", - "mapperType": "Atitikmens tipas", - "leave": "Palikti", - "password": "Slaptažodis", - "passwordConfirmation": "Pakartotas slaptažodis", - "temporaryPassword": "Laikinas", - "temporaryPasswordHelpText": "Jei įgalinta, tuomet naudotojas privalės pasikeisti slaptažodį sekančio prisijungimo metu", - "protocol": "Protokolas", - "copy": "Kopijuoti", - "clientAuthorization": "Autorizacija", - "importClient": "Įdiegti programos nustatymus", - "webOrigins": "Šakninės nuorodos", - "adminURL": "Administravimo URL", - "formatOption": "Formato pasirinkimas", - "encryptAssertions": "Užkoduoti sprendinius", - "clientSignature": "Privalomas kliento parašas", - "keys": "Raktai", - "roles": "Rolės", - "addClientScope": "Kliento šablono kūrimas", - "fullScopeAllowed": "Taikymas pilna apimtimi", - "selectAUser": "Parinkite naudotoją", - "client": "client", - "evaluate": "Vertinti", - "reevaluate": "Vertinti pakartotinai", - "showAuthData": "Rodyti autorizacijos duomenis", - "unanimous": "Vienbalsė", - "affirmative": "Pozityvi", - "consensus": "Daugumos", - "authScopes": "Autorizacijos taikymo sritys", - "anyResource": "Bet kuris resursas", - "anyScope": "Bet kuri taikymo sritis", - "selectScope": "Parinkite taikymo sritį", - "applyToResourceType": "Pritaikyti resurso tipui", - "contextualInfo": "Kontekstinė informacija", - "contextualAttributes": "Kontekstiniai atributai", - "kc": { - "realm": { - "name": "Sritis" - } - }, - "policyEnforcementMode": "Taisyklių vykdymo rėžimas", - "policyEnforcementModes": { - "ENFORCING": "Taikyti", - "PERMISSIVE": "Liberalus" - }, - "decisionStrategy": "Sprendimo strategija", - "iconUri": "Ikonos URI", - "allowRemoteResourceManagement": "Nuotolinis resursų valdymas", - "resources": "Resursai", - "resource": "Resursas", - "scope": "Taikymo sritis", - "owner": "Savininkas", - "scopes": "Taikymo sritys", - "policies": "Taisyklės", - "createPermission": "Sukurti leidimą", - "identityInformation": "Tapatybės informacija", - "resourceType": "Resurso tipas", - "createPolicy": "Sukurti taisyklę", - "applyPolicy": "Pritaikyti taisyklę", - "month": "Mėnesis", - "hour": "Valanda", - "minute": "Minutė", - "code": "Programinis kodas", - "logic": "Logika", - "logicType": { - "positive": "Teigiama", - "negative": "Neigiama" - }, - "user": "Naudotojas", - "clientList": "Klientai", - "initialAccessToken": "Pradinis prieigos raktas", - "created": "Sukurta", - "lastUpdated": "Pask. kartą atnaujinta", - "expires": "Galioja iki", - "count": "Kiekis", - "remainingCount": "Likęs kiekis", - "expiration": "Galiojimas", - "clientAuthentication": "Klientų autentifikacijos seka", - "frontchannelLogout": "Išregistravimas per naršyklę", - "rootUrl": "Šakninis URL", - "validRedirectUri": "Leidžiamos nukreipimo nuorodos", - "idpInitiatedSsoRelayState": "IDP inicijuotos SSO būsenos perdavimas", - "masterSamlProcessingUrl": "Šakninis SAML apdorojimo URL", - "nameIdFormat": "NameID formatas", - "forceNameIdFormat": "Priverstinai naudoti NameID formatą", - "forcePostBinding": "Priverstinai naudoti POST sąryšį", - "includeAuthnStatement": "Įtraukti AuthnStatement", - "optimizeLookup": "Optimizuoti REDIRECT pasirašymo rakto paiešką", - "signDocuments": "Pasirašyti dokumentus", - "signAssertions": "Pasirašyti sprendinius", - "canonicalization": "Standartizavimo metodas", - "loginTheme": "Prisijungimo lango tema", - "clientAuthenticator": "Kliento autentifikavimo priemonės", - "clientSecret": "Kliento slaptas kodas", - "registrationAccessToken": "Registracijos prieigos raktas", - "revocation": "Atšaukimai", - "clustering": "Klasteriai", - "notBefore": "Ne anksčiau", - "setToNow": "Parinkti dabartinę datą", - "addNode": "Pridėti mazgą", - "push": "Informuoti apie atšaukimą", - "nodeReRegistrationTimeout": "Mazgo persiregistravimui skirtas laikas", - "registeredClusterNodes": "Registruoti klasterio mazgus", - "nodeHost": "Mazgo serveris", - "lastRegistration": "Vėliausia registracija", - "testClusterAvailability": "Tikrinti ar mazgas prieinamas", - "registerNodeManually": "Registruoti mazgą rankiniu būdu", - "fineGrainOpenIdConnectConfiguration": "Detalioji OpenID prisijungimo konfigūracija", - "fineGrainSamlEndpointConfig": "Detalioji SAML prieigos taškų konfigūracija", - "userInfoSignedResponseAlgorithm": "Naudotojo informacijos pasirašyto atsako algoritmas", - "requestObjectSignatureAlgorithm": "Užklausos objekto parašo algoritmas", - "assertionConsumerServicePostBindingURL": "Sprendinių naudotojo paslaugos POST jungties URL", - "assertionConsumerServiceRedirectBindingURL": "Sprendinių priėmimo paslaugos nukreipimo jungties URL", - "logoutServiceRedirectBindingURL": "Atsijungimo paslaugos nukreipimo jungties URL", - "accessTokenLifespan": "Prisijungimo rakto galiojimo laikas", - "browserFlow": "Autentifikacijos seka", - "directGrant": "Tiesioginių teisių seka", - "useJwksUrl": "Naudoti JWKS URL", - "certificate": "Sertifikatas", - "jwksUrl": "JWKS URL", - "generateNewKeys": "Generuoti naujus raktus", - "archiveFormat": "Archyvo formatas", - "keyAlias": "Rakto pseudonimas", - "keyPassword": "Rakto slaptažodis", - "storePassword": "Saugyklos slaptažodis", - "importFile": "Importuoti rinkmeną", - "clientType": "'OpenID connect' leidžia klientams tikrinti galutinio naudotojo tapatybę remiantis autorizacijos serverio atlikta autentifikacija. 'SAML' įgalina žiniatinklio, įskaitant skirtingų domenų atvejus, vieningos autentifikacijos ir autorizacijos scenarijus perduodant informaciją saugiose žinutėse.", - "serviceAccount": "Įgalina klientą autentifikuotis su Keycloak serveriu ir gauti dedikuotą prieigos raktą skirtą šiam klientui. OAuth2 specifikacijos terminais, tai reiškia 'Client Credentials Grant' teisę šiam klientui.", - "authorization": "Įgalinti detalų kliento autorizacijos palaikymą", - "directAccess": "Įgalina tiesioginį prieigos suteikimą, kuomet klientas turi prieigą prie naudotojo vardo ir slaptažodžio ir prieigos raktų gavimui šiais duomenimis gali tiesiogiai apsikeisti su Keycloak serveriu. OAuth2 specifikacijos terminais, šiam klientui įgalinimas 'Resource Owner Password Credentials Grant'.", - "standardFlow": "Įgalina standartinį OpenID Connect nukreipimą, kuomet autentifikacijos metu yra perduodamas autorizacijos kodas. OpenID Connect arba OAuth2 specifikacijos terminais tai reiškia 'Authorization Code Flow' įgalinimą šiam klientui.", - "implicitFlow": "Įgalina OpenID Connect nukreipimą, kuomet autentifikacijos metu nėra perduodamas autorizacijos kodas. OpenID Connect arba OAuth2 specifikacijos terminais tai reiškia 'Implicit Flow' įgalinimą šiam klientui.", - "rootURL": "Prie reliatyvių nuorodų pridedamas šakninis URL", - "validRedirectURIs": "Nukreipimo URI šablonas, kuomet naršyklei leidžiama nukreipti naudotoją po sėkmingos autentifikacijos ar atsijungimo metu. Leidžiami pakaitos simboliai, pvz. 'http://pavyzdys.lt/*'. Leidžiami reliatyvūs keliai pvz. /mano/reliatyvus/kelias/*. Reliatyvumas skaičiuojamas nuo kliento šakninio URL (jei nurodyta) arba nuo autentifikacijos serverio šakninio adreso. SAML atveju, kuomet tikimasi gavėjo paslaugos URL įtraukimo į prisijungimo užklausą, privaloma nurodyti teisingus URI šablonus.", - "nameIdFormatHelp": "Koks tapatybės identifikatoriaus formatas turi būti naudojamas.", - "forceNameIdFormatHelp": "Ignoruoti NameID tapatybės identifikatoriaus formatą, naudojant administratoriaus konsolėje nurodytą formatą.", - "forcePostBindingHelp": "Visuomet naudoti POST sąryšį siunčiant atsakymus.", - "includeAuthnStatementHelp": "Ar prisijungimo būdas ir laikas šurėtų būti įtraukiami į prisijungimo operacijos atsakymą?", - "optimizeLookupHelp": "Ar privalo būti itrauktas pasirašymo rakto ID į SAML protokolo žinutės elementą kuomet pasirašomi Keycloak REDIRECT SP sąsajos dokumentai? Tokiu būdu tikrinančioji pusė optimizuoja tikrinimo proceą naudodama tik vieną raktą vietoj to, kad bandytų visų raktų kombinacijas.", - "signDocumentsHelp": "Ar SAML dokumentai turi būtį pasirašomi šios srities?", - "signAssertionsHelp": "Ar SAML sprendiniai SAML dokumentuose turi būti pasirašomi? Šis nustatymas nebūtinas, kuomet naudojamas viso dokumento pasirašymas.", - "signatureAlgorithm": "Parašo algoritmas naudojamas dokumentų pasirašymui.", - "canonicalizationHelp": "XML parašo metodas.", - "webOriginsHelp": "Leidžiamos CORS nuorodos. Norėdami leisti nukreipimą į teisingas nuorodas, naudokite '+'. Norėdami leisti visas nuorodas, naudokite '*'.", - "homeURL": "Numatytas URL, kuris turi būti naudojamas naudotojo nukreipimui atgal į klientą.", - "adminURLHelp": "Kliento administravimo tinklinės sąsajos URL. Įrašyti tuomet, kai klientas palaiko adapterio REST API. Šis REST API leidžia autentifikacijos serveriui perduoti atšaukimo ir kitas su administravimu susijusias taisykles. Dažniausiai šis URL sutampa su kliento pagrindiniu URL.", - "clientHelp": "Nurodykite klientą, kuris atlieka autorizacijos užklausas. Nei nenurodyta, tuomet autorizacijos užklausa bus vertinama naudojant dabartinį klientą.", - "clientIdHelp": "Kliento identifikatorius užregistruotas tapatybės teikėjo sistemoje.", - "selectUser": "Nurodykite naudotoją, kurio vardu atliekamas teisių serveryje filtravimas.", - "rolesHelp": "Nurodykite pasirinkto naudotojo roles.", - "contextualAttributesHelp": "Galite pateikti vykdymo aplinkos arba vykdymo konteksto atributus.", - "applyToResourceTypeHelp": "Nurodykite ar šis leidimas turi būti pritaikomas visiems šio tipo resursams. Jei įgalinta, tuomet leidimo tikrinimas bus atliekamas visiems nurodyto tipo resursams.", - "resourcesHelp": "Nurodykite, kad šis leidimas turi būti taikomas tik tam tikriems resursams.", - "scopesSelect": "Nurodo, kad šis leidimas turi būti pritaikytas vienai ar daugiau taikymo sričių.", - "clientNameHelp": "Reikšmė, kuri rodoma naudotojams. Pavyzdžiui 'My Client'. Galimos lokalizuotos reikšmės - pavyzdžiui: ${my_client}", - "descriptionHelp": "Kliento šablono aprašymas", - "loginThemeHelp": "Pasirinkite kaip atrodys Jūsų prisijungimo, OTP, teisių suteikimo, naudotojų registracijos ir slaptažodžių priminimo langai.", - "encryptAssertionsHelp": "Ar SAML sprendiniai turi būti užkoduojami kliento viešuoju raktu naudojant AES?", - "clientSignatureHelp": "Ar kliento siunčiamos SAML užklausos ir atsakymai bus pasirašyti? Jei taip, tuomet ar juos privaloma tikrinti?", - "expirationHelp": "Nustato įvykių galiojimo laiką. Nebegaliojantys įvykiai periodiškai ištrinami iš duomenų bazės.", - "countHelp": "Nurodykite kiek klientų gali būti sukurti naudojant prieigos raktą", - "client-authenticator-type": "Kliento autentifikavimo priemonės naudojamos kliento autentifikavimuisi į Keycloak serverį", - "registration-access-token": "Registracijos prieigos raktas klientams suteikia prieigą prie klientų registracijos paslaugos ", - "nodeReRegistrationTimeoutHelp": "Nurodykite maksimalų laiko intervalą, per kurį mazgai privalo iš naujo prisiregistruoti. Jei mazgas neatsiųs persiregistravimo užklausos per nurodytą laiką, tuomet šis mazgas bus išregistruojamas iš Keycloak ", - "userInfoSignedResponseAlgorithmHelp": "JWA algoritmas naudojamas pasirašyti naudotojo informacijos prieigos taško atsaką. Jei nustatyta 'unsigned', tuomet naudotojo informacijos atsakas nebus pasirašytas ir bus grąžintas application/json formatu.", - "requestObjectSignatureAlgorithmHelp": "JWA algoritmas, kurį klientas naudoja siunčiant OIDC užklausos objektą, nusakytą 'request' arba 'request_uri' parameterais. Jei nustatyta 'any', tuomet užklausos objektas gali būti nepasirašytas arba pasirašytas bet kuriuo algoritmu.", - "idpInitiatedSsoUrlName": "Pavadinimas, kuris IDP inicijuoto SSO prisijungimo metu, perduodamas klientui per URL fragmentą. Palikus tuščią reikšmę IDP inicjuojamą SSO prisijungimo funkcionalumas išjungiamas. Šis fragmentas buv naudojamas formuojant šią nuorodą: {server-root}/realms/{realm}/protocol/saml/clients/{client-url-name}", - "idpInitiatedSsoRelayStateHelp": "SSO būsenos parametro (RelayState) perdavimas kartu su IDP inicijuota SSO SAML užklausa.", - "masterSamlProcessingUrlHelp": "Kuomet sukonfigūruotas, šis URL bus naudojamas visoms, 'SP Assertion Consumer' ir 'Single Logout Services' užklausoms. Detalioje SAML prieigos adresų konfigūravimo skyriuje šios reikšmės gali būti atskirai pakeistos.", - "accessTokenLifespanHelp": "Laikas, po kurio prisijungimui naudojamas raktas (Access Token) nustoja galioti. Rekomenduojama, kad šios reikšmės galiojimas būtų reliatyviai trumpas palyginus su SSO galiojimo laiku.", - "assertionConsumerServicePostBindingURLHelp": "Kliento sprendinių priėmimo paslaugos (prisijungimo rezultatų) SAML POST jungties URL. Jei tokių jungčių neturite, tuomet palikite tuščias reikšmes.", - "assertionConsumerServiceRedirectBindingURLHelp": "Kliento sprendinio priėmimo paslaugos SAML nukreipimo jungties URL (prisijungimo atsakymams). Jei tokių jungčių neturite, tuomet palikite tuščias reikšmes.", - "logoutServiceRedirectBindingURLHelp": "Kliento vieningo atsijungimo paslaugos SAML nukreipimo jungties. Jei naudojate kitas jungtis, tuomet šias reikšmes galite palikti neužpildytas.", - "frontchannelLogoutHelp": "Jei įgalinta, tuomet atsijungimas atliekamas naršyklės nukreipimu į kliento puslapį. Kitu atveju, atsijungimas atliekamas perduodant serveris-serveris užklausą.", - "browserFlowHelp": "Pasirinkite autentifikacijos naršyklėje seką", - "directGrantHelp": "Pasirinkite tiesioginių teisių seką (direct grant authentication).", - "certificateHelp": "Kliento sertifikatas naudojamas kliento išduotų ir privačiu raktu pasirašytų JWT prieigos raktų tikrinimui.", - "jwksUrlHelp": "URL, kuriuo pasiekiami kliento JWK formatu saugomi raktai. Žiūrėkite JWK specifikaciją detalesnei informacijai. Jei naudojamas kliento adapteris su \"jwt\" kredencialais, tuomet galite naudoti jūsų programos URL su '/k_jwks' sufiksu. Pavyzdžiui 'http://www.myhost.com/myapp/k_jwks' .", - "archiveFormatHelp": "Java raktų saugykla (keystore) arba PKCS12 formato rinkmena.", - "keyAliasHelp": "Privataus rakto ir sertifikato rinkmenos pseudonimas.", - "keyPasswordHelp": "Slaptažodžių saugykloje esančio privataus rakto slaptažodis", - "storePasswordHelp": "Slaptažodis, reikalingas norint atidaryti slaptažodžių saugyklą", - "consentRequired": "Jei įgalinta, tuomet naudotojai privalo patvirtinti, kad pageidauja prisijungti prie kliento (programos).", - "import": "Importuoti šio resursų serverio autorizacijos nustatymų JSON rinkmeną.", - "policyEnforcementModeHelp": "Taisyklių vykdymo rėžimas nusako kaip turi būti tenkinamos autorizacijos užklausų taisyklės. 'Taikyti' reiškia, kad tuo atveju kai nėra sukonfigūruota nei viena su resursu susijusi taisyklė, prieiga draudžiama. 'Liberalus' reiškia, kad tuo atveju kai nėra sukonfigūruota nei viena su resursu susijusi taisyklė, prieiga leidžiama. 'Išjungta' reiškia, kad neatliekamas taisyklių tikrinimas ir prieiga leidžiama prie visų resursų.", - "allowRemoteResourceManagementHelp": "Ar leidžiama nuotoliniu būdu resursų serveriui valdyti resursus? Jei neįgalinta, tuomet resursai gali būti valdomi tik per šią administravimo konsolę.", - "resourceName": "Unikalus resurso vardas. Vardas turi unikaliai identifikuoti resursą. Naudingas, kuomet ieškoma specifinių resursų.", - "typeHelp": "Šio resurso tipas. Reikšmė leidžia sugrupuoti skirtingus resursus turinčius tą patį tipą.", - "uris": "URI kuris taip pat gali būti naudojamas vienareikšmiškam resurso identifikavimui.", - "scopesHelp": "Taikymos sritys, kurios siunčiamos autorizavimo užklausoje. Reikšmės turi būti atskirtos tarpo simboliu. Numatyta reikšmė - 'openid'.", - "fullScopeAllowedHelp": "Įgalinimo atveju visi apribojimai išjungiami", - "resetActions": "Atkurti veiksmus", - "scopeName": "Unikalus taikymo srities pavadinimas. Šis pavadinimas gali vienareikšmiškai identifikuoti taikymo sritį. Naudingas kuomet ieškoma šios tam tikros srities. ", - "policy-name": "Šios taisyklės pavadinimas.", - "policy-description": "Šios taisyklės aprašymas.", - "policyDecisionStagey": "Sprendimo strategija nurodo kaip priimamas galutinis sprendimas, kuomet yra vykdomos visos šio leidimo taisyklės. 'Pozityvi' reiškia, kad galutiniam teigiamam sprendimui turi būti tenkinama bent viena taisyklė. 'Vienbalsė' reiškia, kad galutiniam teigiamam sprendimui visos taisyklės turi būti teigiamos. 'Daugumos' reiškia, kad galutinis teigiamas sprendimas bus priimtas tuomet, kai teigiamų taisyklių bus daugiau nei neigiamų. Jei teigiamų ir neigiamų taisyklių skaičius yra vienodas, tuomet galutinis rezultatas bus neigiamas.", - "applyPolicyHelp": "Nurodo visas taisykles, kurios turi būti įvertintos šios taisyklės ar leidimo taikymo sričiai.", - "policyGroups": "Nurodo kurie naudotojai tenkina šią taisyklę.", - "policyRoles": "Nurodo *kliento* rolė(įs) kurios tenkina šią taisyklę.", - "startTime": "Nurodykite laiką iki kurio ši taisyklė NETENKINAMA. Teigiamas rezultatas duodamas tik tuo atveju, kuomet dabartinė data ir laikas yra vėlesnė arba lygi šiai reikšmei.", - "expireTime": "Nurodykite laiką po kurio ši taisyklė NETENKINAMA. Teigiamas rezultatas duodamas tik tuo atveju, kuomet dabartinė data ir laikas yra ankstesni arba lygi šiai reikšmei.", - "monthHelp": "Nurodykite mėnesį iki kurio ši taisyklė TENKINAMA. Užpildžius antrąjį laukelį, taisyklė bus TENKINAMA jei mėnesis patenka į nurodytą intervalą. Reikšmės nurodomos imtinai.", - "dayMonth": "Nurodykite mėnesio dieną iki kurios ši taisyklė TENKINAMA. Užpildžius antrąjį laukelį, taisyklė bus TENKINAMA jei diena patenka į nurodytą intervalą. Reikšmės nurodomos imtinai.", - "hourHelp": "Nurodykite valandą iki kurios ši taisyklė TENKINAMA. Užpildžius antrąjį laukelį, taisyklė bus TENKINAMA jei valanda patenka į nurodytą intervalą. Reikšmės nurodomos imtinai.", - "minuteHelp": "Nurodykite minutę iki kurios ši taisyklė TENKINAMA. Užpildžius antrąjį laukelį, taisyklė bus TENKINAMA jei minutė patenka į nurodytą intervalą. Reikšmės nurodomos imtinai.", - "policyCode": "JavaScript kodas kuriame aprašytos šios taisyklės sąlygos.", - "logicHelp": "Logika nurodo kaip turi būti tenkinama taisyklė. Jei nurodyta 'Teigiama', tuomet šios taisyklės vykdymo metu gautas rezultatas (leisti arba drausti) bus naudojamas sprendinio priėmimui. Jei nurodyta 'Neigiama', tuomet šios taisyklės vykdymo rezultatas bus paneigtas, t.y. leidžiama taps draudžiama ir atvirkščiai.", - "permissionName": "Šio leidimo pavadinimas.", - "permissionDescription": "Šio leidimo aprašymas.", - "permissionType": "Nurodykite, kad ši taisyklė turi būti taikoma visiems šio tipo resursams.", - "realmRolePrefix": "Srities rolės prefiksas", - "name": "Kliento šablono pavadinimas. Privalo būti unikalus šioje srityje", - "protocolHelp": "Kurio SSO protokolo konfigūracija teikia šis šablonas", - "prefix": "Prefiksas, pridedamas prieš kiekvieną srities rolę (neprivalomas)", - "multiValued": "Nurodo, kad atributas gali turėti daugiau nei vieną reikšmę. Jei pažymėtas, tuomet visos reikšmės nustatomos kaip privalomos. Kitu atveju privaloma tik pirmoji reikšmė.", - "tokenClaimName": { - "label": "Reikalaujamo rakto pavadinimas", - "tooltip": "Į raktą įterpiamas privalomas atributas. Galite nurodyte pilną kelią iki atributo, pavyzdžiui 'address.street'. Pateiktu atveju bus sukuriamas sudėtinis (nested) JSON objektas." - }, - "claimJsonType": "Naudojamas JSON lauko tipas, kuris turi būti užpildomas rakto privalomoje JSON informacijoje. Galimi tipai: long, int, boolean ir String.", - "protocolMapper": "Protokolas...", - "createGroup": "Sukurti grupę", - "members": "Nariai", - "email": "El. paštas", - "lastName": "Pavardė", - "firstName": "Vardas", - "associatedRolesText": "Priskirtos rolės", - "title": "Autentifikavimas", - "addRole": "Pridėti rolę", - "roleName": "Rolės pavadinimas", - "composite": "Sudėtinis", - "addUser": "Pridėti naudotoją", - "userName": "Naudotojo vardas", - "join": "Prijungti", - "groupMembership": "Narystė grupėse", - "createdAt": "Sukūrimo data", - "username": "Naudotojo vardas", - "emailVerified": "El. paštas patvirtintas", - "status": "Būsena", - "requiredUserActions": "Privalomi veiksmai naudotojui", - "impersonate": "Įkūnyti", - "verifyEmail": "El. pašto patvirtinimas", - "consents": "Sutikimai", - "identityProvider": "Tapatybės teikėjas", - "identityProviderLinks": "Sąsajos su tapatybės teikėjais", - "revoke": "Atšaukti", - "credentialType": "Tipas", - "resetPassword": "Pakeisti slaptažodį", - "showPasswordDataValue": "Reikšmė", - "credentialResetBtn": "Prisijungimo duomenų atkūrimas", - "hours": "Valandos", - "minutes": "Minutės", - "seconds": "Sekundės", - "credentialResetConfirm": "Siųsti el. pašto laišką", - "temporaryLocked": "Naudotojas laikintai užrakintas, nes per daug klydo prisijungiant prie sistemos.", - "emailVerifiedHelp": "Ar naudotojo el. pašto adresas yra patvirtintas?", - "requiredUserActionsHelp": "Nurodykite kuriuos veiksmus po prisijungimo naudotojas privalo atlikti. 'Patvirtinti el. pašto adresą' į naudotojo el. pašto adresą siunčia patvirtinimo nuorodą. 'Atnaujinti profilio informaciją' reikalauja naudotojo peržiūrėti ir atnaujinti profilio informaciją. 'Atnaujinti slaptažodį' reikalauja naudotojo pasikeisti slaptažodį. 'Konfigūruoti OTP' reikalauja atnaujinti mobilaus slaptažodžių generatoriaus konfigūraciją.", - "groups": "Visos grupės, kurių narys yra šis naudotojas. Pažymėkite grupę ir paspauskite 'Palikti' norėdami pašalinti naudotoją iš grupės.", - "lastAccess": "Vėliausios prieigos laikas", - "adminEvents": "Administravimo įvykiai", - "time": "Laikas", - "eventType": "Įvykio tipas", - "ipAddress": "IP adresas", - "realm": "Sritis", - "resourcePath": "Resurso kelias", - "resourceTypes": "Resurso tipas", - "operationType": "Veiksmo tipas", - "operationTypes": "Veiksmas", - "auth": "Autentifikacijos informacija", - "representation": "Reprezentacija", - "partialImport": "Dalinis duomenų importavimas", - "general": "Bendra informacija", - "login": "prisijungimas", - "themes": "Temos", - "eventListeners": "Įvykių gavėjai", - "eventListenersHelpText": "Nurodykite srities įvykių gavėjus.", - "adminEventsSettings": "Administravimo veiksmų nustatymai", - "saveEvents": "Saugoti įvykius", - "clearAdminEvents": "Išvalyti administravimo įvykius", - "includeRepresentation": "Išsaugoti reprezentaciją", - "from": "Nuo", - "host": "Serveris", - "port": "Prievadas", - "enableSSL": "Įgalinti SSL", - "enableStartTLS": "Įgalinti StartTLS", - "keystore": "Raktų saugykla", - "providers": "Teikėjai", - "uiDisplayName": "Konsolėje rodomas pavadinimas", - "active": "Aktyvus", - "providerId": "ID", - "kid": "KID", - "provider": "Teikėjas", - "userRegistration": "Naudotojų registracija", - "userRegistrationHelpText": "Įgalina naudotojų registravimosi sąsają. Prisijungimo lange rodoma nuoroda į registravimosi puslapį.", - "rememberMe": "Prisiminti mane", - "rememberMeHelpText": "Prisijungimo lange rodyti pasirinkimą leidžiantį naudotojui likti prisijungus netgi tuomet, kai naršyklė yra išjungiama/įjungiama tol, kol nepasibaigia prisijungimo sesija.", - "registrationEmailAsUsername": "El. paštas kaip naudojo vardas", - "editUsername": "Naudotojo vardo redagavimas", - "htmlDisplayName": "Rodomas pavadinimas HTML formatu", - "requireSsl": "Reikalauti SSL", - "sslType": { - "all": "visoms užklausoms", - "external": "išorinėms užklausoms", - "none": "jokio" - }, - "endpoints": "Prieigos adresai", - "accountTheme": "Naudotojo profilio tema", - "adminTheme": "Administravimo konsolės tema", - "emailTheme": "El. pašto tema", - "SSOSessionIdle": "SSO sesijos neveikimo laikas", - "SSOSessionMax": "SSO sesijos maksimalus laikas", - "offlineSessionIdle": "Neprisijungusios sesijos neveikimo laikas", - "loginTimeout": "Naudotojo prisijungimui skirtas laikas", - "loginActionTimeout": "Naudotojo prisijungimo veiksmui skirtas laikas", - "revokeRefreshToken": "Prieigos raktą naudoti tik kartą", - "accessTokenLifespanImplicitFlow": "Prisijungimo rakto galiojimo laikas (Implicit Flow)", - "clientLoginTimeout": "Kliento prisijungimui skirtas laikas", - "clientProfileDescription": "Aprašymas", - "tokens": "Raktai", - "supportedLocales": "Palaikomos kalbos", - "defaultLocale": "Numatyta kalba", - "validatorDialogColNames": { - "colName": "Rolės pavadinimas" - }, - "validatorColNames": { - "colConfig": "Konfigūruoti" - }, - "eventTypes": { - "IMPERSONATE": { - "name": "Įkūnyti" - }, - "LOGOUT": { - "name": "Seanso pabaiga" - }, - "REGISTER": { - "name": "Registracijos" - }, - "RESET_PASSWORD": { - "name": "Pakeisti slaptažodį" - } - }, - "deleteEvents": "Išvalyti įvykius", - "defaultRoles": "Numatytosios rolės", - "defaultGroups": "Numatytos grupės", - "securityDefences": "Saugos priemonės", - "headers": "Antraštės", - "bruteForceDetection": "Grubios jėgos ataka", - "xFrameOptions": "X-Frame-Options", - "contentSecurityPolicy": "Content-Security-Policy", - "xContentTypeOptions": "X-Content-Type-Options", - "failureFactor": "Maksimalus bandymų prisijungimų skaičius", - "waitIncrementSeconds": "Laukimo laiko didinimas po", - "maxFailureWaitSeconds": "Maksimalus užrakinimo laikas", - "maxDeltaTimeSeconds": "Pamiršti nepavykusius prisijungimus po", - "minimumQuickLoginWaitSeconds": "Per greito bandymo prisijungti užrakinimo laikas", - "requireSslHelp": "Ar HTTPS privalomas? 'niekada' - HTTPS nereikalaujamas. 'išorinėms užklausoms' - jungiantis iš localhost ar serverio IP adresų galima prieiti ir per HTTP. 'visoms užklausoms' - HTTPS reikalaujamas jungiantis iš visų IP adresų.", - "accountThemeHelp": "Pasirinkite kaip atrodys naudotojo profilio valdymo langai.", - "adminThemeHelp": "Pasirinkite kaip atrodys administravimo konsolės langai.", - "emailThemeHelp": "Pasirinkite kaip atrodys siunčiami el. pašto laiškai.", - "save-user-events": "Jei įgalinta, tuomet su prisijungimu susiję veiksmai saugomi duomenų bazėje ir tampa prieinami per administravimo bei naudotojo paskyros valdymo skydus. ", - "save-admin-events": "Jei įgalinta, tuomet administravimo veiksmai saugomi duomenų bazėje ir tampa prieinami per administravimo valdymo skydą.", - "admin-clearEvents": "Ištrina visus su administravimu susijusius veiksmus iš duomenų bazės.", - "includeRepresentationHelp": "Išsaugoti kurūmo ir redagavimo užklausų JSON reprezentaciją.", - "failureFactorHelp": "Pasiekus maksimalų nesėkmingų bandymų prisijungti skaičių įjungiamas specialus rėžimas, kuomet laukimo intervalas yra didinamas po kiekvieno sekančio neteisingo bandymo.", - "waitIncrementSecondsHelp": "Laikas, kurį naudotojo prisijungimai yra draudžiami, kai nėsėkmingų bandymų skaičius pasiekia nustatytą ribą", - "maxFailureWaitSecondsHelp": "Maksimalus laikas, kuomet naudotojo paskyra yra užrakinama po nesėkmingų bandymų prisijungti.", - "maxDeltaTimeSecondsHelp": "Laikas, po kurio nepavykę prisijungimai bus pamiršti", - "quickLoginCheckMilliSeconds": "Jei nėsėkmingi bandymai prisijungti seka vienas kitą per greitai, tuomet naudotojo paskyra yra užrakinama.", - "minimumQuickLoginWaitSecondsHelp": "Laikas, kurį naudotojo prisijungimai yra draudžiami, kai nėsėkmingi bandymai prisijungti seka vienas kitą per greitai.", - "ssoSessionIdle": "Laikas, po kurio neaktyvi sesija bus užbaigta. Sesijos pasibaigimo metu visi raktai (Tokens) ir naršyklių sesijos sunaikinamos.", - "ssoSessionMax": "Laikas, po kurio prisijungimo sesija yra sunaikinama. Sesijos pasibaigimo metu visi raktai (Tokens) ir naršyklių sesijos sunaikinamos.", - "offlineSessionIdleHelp": "Darbo neprisijungus sesijos neveikimo laikas, po kurio neaktyvi sesija bus užbaigta. Darbo neprisijungus metu, prisijungimo raktai turi būti atnaujinami bent kartą per nurodytą periodą. Kitu atveju sesijos galiojmas bus sustabdytas.", - "revokeRefreshTokenHelp": "Jei įgalintas, tuomet atnaujinimo raktai (Refresh Token) gali būti naudojami tik vieną kartą. Kitu atveju - atnaujinimo raktai gali būti pernaudojami daugelį kartų. ", - "clientLoginTimeoutHelp": "Laikas, per kurį klientas turi užbaigti prisijungimo procesą. Normaliu atveju reikšmė turėtų būti 1 minutė.", - "editUsernameHelp": "Jei įgalintas, tuomet naudotojas gali keisti savo naudotojo vardą.", - "flows": "Sekos", - "requiredActions": "Privalomi veiksmai", - "passwordPolicy": "Slaptažodžių taisyklės", - "otpPolicy": "OTP taisyklės", - "otpType": "OTP tipas", - "policyType": { - "totp": "Paremtas laiku", - "hotp": "Paremtas skaitliuku" - }, - "otpHashAlgorithm": "OTP maišos algoritmas", - "otpPolicyDigits": "Skaitmenų skaičius", - "otpPolicyPeriod": "OTP rakto galiojimo intervalas", - "initialCounter": "Pradinė skaitliuko reikšmė", - "attestationPreference": { - "none": "jokio" - }, - "flow": { - "browser": "Autentifikacijos seka", - "registration": "Registracijos seka", - "direct grant": "Tiesioginių teisių seka" - }, - "flowType": "Sekos tipas", - "flow-type": { - "form-flow": "form" - }, - "addExecution": "Pridėti išimtį", - "requirement": "Privalomumas", - "alias": "Pseudonimas", - "flowTypeHelp": "Kokios rūšies ši forma?", - "topLevelFlowType": "Kokio tipo ši aukščiausio lygio sritis? 'client' tipas naudojamas klientų (programų) autentifikacijai. 'generic' naudojamas visais kitais atvejais.", - "aliasHelp": "Pseudonimas, kuris vienareikšmiškai identifikuoja tapatybės teikėją ir yra naudojamas konstruojant nukreipimo nuorodą.", - "otpTypeHelp": "'totp' paremtas ribotą laiką galiojančiu vienkartiniu slaptažodžiu. 'hotp' - ribotą kartų galiojančiu vienkartiniu slaptažodžiu.", - "otpHashAlgorithmHelp": "Kuris maišos algoritmas turi būti naudojamas OTP generavimui.", - "otpPolicyDigitsHelp": "Kiek OTP turėtų turėti skaitmenų?", - "otpPolicyPeriodHelp": "Kiek sekundžiu galios OTP prieigos raktas? Numatyta reikšmė 30 sekundžių.", - "vendor": "Gamintojas", - "connectionURL": "Jungties URL", - "enableStartTls": "Įgalinti StartTLS", - "useTruststoreSpi": "Naudoti raktų saugyklos SPI", - "connectionPooling": "Jungčių buferizavimas", - "bindType": "Autentifikacijos tipas", - "bindDn": "Prisijungimo DN", - "editMode": "Pakeitimų rėžimas", - "usersDN": "Naudotojų DN", - "usernameLdapAttribute": "Prisijungimo vardo LDAP atributas", - "rdnLdapAttribute": "RDN LDAP atributas", - "uuidLdapAttribute": "UUID LDAP atributas", - "userObjectClasses": "Naudotojų objektų klasės", - "searchScope": "Paieškos apimtis", - "pagination": "Puslapiavimas", - "batchSize": "Paketo dydis", - "periodicFullSync": "Pilnas periodinis sinchronizavimas", - "fullSyncPeriod": "Pilno sinchronizavimo intervalas", - "periodicChangedUsersSync": "Periodinis pakeitimų sinchronizavimas", - "changedUsersSyncPeriod": "Periodinis sinchronizavimo intervalas", - "kerberosIntegration": "Kerberos intergacija", - "allowKerberosAuthentication": "Leisti Kerberos autentifikaciją", - "useKerberosForPasswordAuthentication": "Naudoti Kerberos autentifikacijai su slaptažodžiu", - "trustEmail": "El. paštas patikimas", - "requiredSettings": "Privalomi nustatymai", - "kerberosRealm": "Kerberos sritis", - "serverPrincipal": "Pagrindinis serveris", - "debug": "Derinti", - "allowPasswordAuthentication": "Leisti autentifikaciją naudojant slaptažodį", - "testAuthentication": "Tikrinti autentifikaciją", - "ldapMappersList": "LDAP atitikmenų parinkėjai", - "ldapFilter": "LDAP filtras", - "selectRole": { - "label": "Parinkite rolę", - "tooltip": "Kairėje pusėje esančiame laukelyje įveskite rolės pavadinimą arba paspauskite Rinktis norėdami nurodyti pageidaujamą rolę." - }, - "vendorHelp": "LDAP gamintojas (teikėjas)", - "consoleDisplayConnectionUrlHelp": "Jungties į LDAP serverį URL", - "bindCredentialsHelp": "LDAP administratoriaus slaptažodis", - "editModeLdapHelp": "READ_ONLY reiškia, kad LDAP saugykla bus naudojama vien tik skaitymo rėžimu. WRITABLE reiškia, kad duomenys sinchronizuojami atgal į LDAP pagal poreikį. UNSYNCED reiškia, kad naudotojų duomenys bus importuoti, tačiau niekuomet nesinchronizuojami atgal į LDAP.", - "fullSyncPeriodHelp": "Laikas sekundėmis, kas kurį atliekamas pilnas naudotojų sinchronizavimas į Keycloak sistemą", - "changedUsersSyncHelp": "Intervalas sekundėmis, kas kurį atliekamas periodinis naujai registruotų arba su pakeistais duomenimis LDAP naudotojų sinchronizavimas į Keycloak", - "trustEmailHelp": "Jei įgalintas, tuomet šio tapatybės teikėjo pateiktas el. pašto adresas laikomas patikimu ir, nepaisant bendrųjų srities nustatymų, nėra papildomai tikrinamas.", - "debugHelp": "Ar įgalinti Krb5LoginModule veikimo pranešimų rašymą į standarinę išvestį derinimo rėžimu?", - "allowPasswordAuthenticationHelp": "Ar suteikti galimybę naudotojui prisijungti prie Kerberos naudojant naudotojo vardą ir slaptažodį?", - "updateFirstLoginHelp": "Pirmojo prisijungimo metu atnaujinti naudotojo profilio duomenis", - "addIdPMapper": "Pridėti tapatybės teikėjo atitikmens susiejimą", - "redirectURI": "Nukreipimo URI", - "ssoServiceUrl": "Vieningo prisijungimo paslaugos URL", - "singleLogoutServiceUrl": "Vieningo atsijungimo paslaugos URL", - "nameIdPolicyFormat": "NameID taisyklių formatas", - "unspecified": "nenurodyta", - "httpPostBindingResponse": "Siųsti atsakymus HTTP-POST", - "httpPostBindingAuthnRequest": "Siųsti AuthnRequest HTTP-POST ", - "wantAuthnRequestsSigned": "Reikalaujami pasirašytų AuthnRequests", - "forceAuthentication": "Priverstinė autentifikacija", - "validatingX509Certs": "X509 sertifikatai tikrinimui", - "authorizationUrl": "Autorizacijos URL", - "tokenUrl": "Prieigos raktų URL", - "logoutUrl": "Atsijungimo URL", - "backchannelLogout": "Foninis atjungimas", - "disableUserInfo": "Uždrausti naudotojo informacijos prieigą", - "userInfoUrl": "Naudotojo informacijos URL", - "issuer": "Išdavėjas", - "prompt": "Raginimas", - "prompts": { - "none": "jokio", - "consent": "sutikimo tekstas", - "login": "prisijungimas" - }, - "validateSignature": "Parašo tikrinimas", - "storeTokens": "Saugoti raktus", - "storedTokensReadable": "Saugoti raktus skaitomame formate", - "firstBrokerLoginFlowAlias": "Pirmojo prisijungimo eiga", - "postBrokerLoginFlowAlias": "Sekančių prisijungimų eiga", - "userAttribute": "Naudotojo atributas", - "redirectURIHelp": "Tapatybės teikėjo konfigūravimo nuoroda.", - "displayName": "Žmogui suprantamas, draugiškas tapatybės teikėjo pavadinimas.", - "clientSecretHelp": "Kliento saugos kodas užregistruotas tapatybės teikėjo sistemoje.", - "discoveryEndpoint": "Importuoti metaduomenis iš nutolusio IDP aptikimo aprašo (IDP discovery descriptor).", - "importConfig": "Importuoti metaduomenis iš rinkmenos, kurią atsisiuntėte iš IDP aptikimo aprašo (IDP discovery descriptor).", - "logoutUrlHelp": "Adresas, kuris turi būti naudojamas norint atjungti naudotoją nuo išorinio tapatybės teikėjo.", - "backchannelLogoutHelp": "Ar išorinis tapatybės teikėjas palaiko serveris-serveris naudotojo atjungimo būdą?", - "disableUserInfoHelp": "Ar uždrausti prieigą prie papildomos naudotojo profilio informacijos per User Info paslaugą? Numatyta reikšmė - naudoti šią OIDC paslaugą.", - "userInfoUrlHelp": "Naudotojo informacijos URL. Neprivalomas.", - "issuerHelp": "Išdavėjo identifikatorius perduodamas išdavėjo atsakyme. Tikrinimas nebus atliekamas jei reikšmė tuščia.", - "validateSignatureHelp": "Įgalinamas išorinių IDP parašų tikrinimas.", - "useJwksUrlHelp": "Jei įgalinta, tuomet tapatybės teikėjo viešasis raktas atsiunčiamas iš pateiktos JWKS URL. Įgalinimas suteikia lankstumo, nes tapatybės teikėjui pergeneravus raktus jie automatiškai atsiunčiami. Jei ši nuostata išjungta, tuomet naudojamas Keycloak DB saugomas viešasis raktas (arba sertifikatas) ir klientui sugeneravus naujus raktus juos rankiniu būdu reikės importuoti į Keycloak DB.", - "storeTokensHelp": "Jei įgalinta, tuomet po naudotojų prisijungimo, prieigos raktai bus išsaugoti.", - "storedTokensReadableHelp": "Jei įgalinta, tuomet naudotojai gali peržiūrėti išsaugotus prieigos raktus. Įgalinama broker.read-token rolė.", - "firstBrokerLoginFlowAliasHelp": "Autentifikacijos eigos pseudonimas, kuris bus sužadintas šio tapatybės teikėjo naudotojui prisijungus pirmą kartą. Terminas 'pirmas kartas' reiškia, kad Keycloak sistemoje nebuvo saugomas naudotojo profilis susietas su autentifikuotu šio tapatybės teikėjo naudotoju.", - "useEntityDescriptor": "Importuoti metaduomenis iš nutolusio IDP SAML subjekto aprašo.", - "samlEntityDescriptor": "Leidžia įkelti konfigūracinę rinkmeną arba nurodyti atsisiuntimo URL su išorinio IDP metaduomenimis.", - "ssoServiceUrlHelp": "Adresas, kuriuo turi būti siunčiamos autentifikacijos užklausos (SAML AuthnRequest).", - "singleLogoutServiceUrlHelp": "Adresas, kuriuo turi būti siunčiamos naudotojo atjungimo užklausos.", - "httpPostBindingAuthnRequestHelp": "Jei įgalinta, tuomet AuthnRequest siunčiami HTTP-POST saistymu. Kitu atveju bus naudojamas HTTP-REDIRECT.", - "wantAuthnRequestsSignedHelp": "Nurodykite, ar tapatybės teikėjas tikisi pasirašytų AuthnRequest užklausų.", - "forceAuthenticationHelp": "Jei įgalinta, tuomet tapatybės teikėjas privalo autentifikuoti naudotoją iš naujo nepasitikint ankstesniu prisijungimu.", - "validateSignatures": "Įjungti/išjungti SAML atsakymų parašo tikrinimą.", - "validatingX509CertsHelp": "PEM formato sertifikatai, kurie turi būti naudojami parašų tikrinimui. Reikšmės skiriamos kableliais (,).", - "addIdpMapperName": "Atitikmens susiejimo vardas.", - "selectARole": "Pasirinkti rolę", - "usermodel": { - "prop": { - "label": "Atributas", - "tooltip": "Sąsajos UserModel atributo metodo pavadinimas. Pavyzdžiui reikšmė 'email' atitinka UserMode.getEmail() metodą." - }, - "attr": { - "label": "Naudotojo atributas", - "tooltip": "Išsaugoto naudotojo atributo pavadinimas kuris naudojamas UserModel.attribute rinkinyje." - }, - "clientRoleMapping": { - "clientId": { - "label": "Kliento ID", - "tooltip": "Kliento ID naudojamas rolių atributų susiejime" - }, - "rolePrefix": { - "label": "Kliento rolės prefiksas", - "tooltip": "Prefiksas, pridedamas prieš kiekvieną kliento rolę (neprivalomas)" - } - }, - "realmRoleMapping": { - "rolePrefix": { - "label": "Srities rolės prefiksas", - "tooltip": "Prefiksas, pridedamas prieš kiekvieną srities rolę (neprivalomas)" - } - } - }, - "userSession": { - "modelNote": { - "label": "Naudotojo sesijos pastaba", - "tooltip": "Išsaugotos naudotojo sesijos pastaba, kuri saugoma UserSessionModel.note rinkinyje." - } - }, - "multivalued": { - "label": "Daugiareikšmis", - "tooltip": "Nurodo, kad atributas gali turėti daugiau nei vieną reikšmę. Jei pažymėtas, tuomet visos reikšmės nustatomos kaip privalomos. Kitu atveju privaloma tik pirmoji reikšmė." - }, - "jsonType": { - "label": "Privalomo atributo JSON tipas", - "tooltip": "Naudojamas JSON lauko tipas, kuris turi būti užpildomas rakto privalomoje JSON informacijoje. Galimi tipai: long, int, boolean ir String." - }, - "includeInIdToken": { - "label": "Pridėti prie ID rakto", - "tooltip": "Ar privaloma informacija turi būti pridedama prie ID rakto?" - }, - "includeInAccessToken": { - "label": "Pridėti prie prieigos rakto", - "tooltip": "Ar privaloma informacija turi būti pridedama prie prieigos rakto?" - }, - "includeInUserInfo": { - "label": "Pridėti prie naudotojo informacijos", - "tooltip": "Ar privaloma informacija turi būti pridedama prie naudotojo informacijos?" - }, - "sectorIdentifierUri": { - "label": "Sektoriaus identifikatoriaus URI", - "tooltip": "Paslaugų teikėjai, kurie naudoja porines subreikšmes ir palaiko dinaminę klientų registraciją (Dynamic Client Registration) turėtų naudoti sector_identifier_uri parametrą. Teikiamas funkcionalumas leidžia svetainių grupėms, valdomoms centralizuotos administravimo panelės, turėti pastovias porines subreikšmes nepriklausomas nuo domeno vardų. Tokiu būdu klientai gali keisti domenų redirect_uri neperregistruojant visų naudotojų." - }, - "pairwiseSubAlgorithmSalt": { - "label": "Druska", - "tooltip": "Druska naudojama porinio objekto identifikatoriaus skaičiavimo metu. Jei paliekama tuščia reikšmė, tuomet druskos reikšmė bus automatikšai sugeneruota." - }, - "name-id-format": "NameID formatas", - "titleAuthentication": "Autentifikavimas", - "titleEvents": "Įvykiai", - "titleRoles": "Srities rolės", - "titleUsers": "Naudotojai", - "titleSessions": "Sesijos", - "authenticationAliasHelp": "Konfigūracijos pavadinimas", - "authenticationFlowTypeHelp": "Kokios rūšies ši forma?", - "scopeNameHelp": "Kliento šablono pavadinimas. Privalo būti unikalus šioje srityje", - "scopeDescriptionHelp": "Kliento šablono aprašymas", - "clientDescriptionHelp": "Nurodomas kliento aprašas. Pavyzdžiui 'Mano laiko lentelių klientas'. Palaikomos lokalizuotos reikšmės. Pavyzdžiui: ${my_client_description}", - "clientsClientTypeHelp": "'OpenID connect' leidžia klientams tikrinti galutinio naudotojo tapatybę remiantis autorizacijos serverio atlikta autentifikacija. 'SAML' įgalina žiniatinklio, įskaitant skirtingų domenų atvejus, vieningos autentifikacijos ir autorizacijos scenarijus perduodant informaciją saugiose žinutėse.", - "clientsClientScopesHelp": "Su šiuo resursu susietos taikymo sritys." -} diff --git a/js/apps/admin-ui/public/locales/lv/translation.json b/js/apps/admin-ui/public/locales/lv/translation.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/lv/translation.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/nl/translation.json b/js/apps/admin-ui/public/locales/nl/translation.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/nl/translation.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/no/translation.json b/js/apps/admin-ui/public/locales/no/translation.json deleted file mode 100644 index c38cb35949..0000000000 --- a/js/apps/admin-ui/public/locales/no/translation.json +++ /dev/null @@ -1,603 +0,0 @@ -{ - "add": "Legg til", - "create": "Opprett", - "save": "Lagre", - "continue": "Fortsett", - "remove": "Fjern", - "key": "Nøkkel", - "value": "Verdi", - "back": "Tilbake", - "export": "Eksporter", - "action": "Handling", - "download": "Last ned", - "clear": "Tøm", - "on": "På", - "edit": "Rediger", - "enabled": "Aktivert", - "none": "Ingen", - "signOut": "Logg ut", - "manageAccount": "Administrer konto", - "serverInfo": "Serverinformasjon", - "testConnection": "Testkobling", - "description": "Beskrivelse", - "type": "Type", - "category": "Kategori", - "priority": "Prioritet", - "allTypes": "Alle typer", - "manage": "Håndter", - "clients": "Klienter", - "realmRoles": "Sikkerhetsdomeneroller", - "users": "Brukere", - "sessions": "Sesjoner", - "events": "Hendelser", - "mappers": "Mappere", - "permissions": "Tillatelser", - "configure": "Konfigurer", - "realmSettings": "Innstillinger for sikkerhetsdomene", - "authentication": "Autentisering", - "identityProviders": "Identitetsleverandør", - "userFederation": "Brukerfederering", - "settings": "Innstillinger", - "details": "Detaljer", - "times": { - "seconds": "Sekunder", - "minutes": "Minutter", - "hours": "Timer", - "days": "Dager" - }, - "attributes": "Attributter", - "credentials": "Innloggingsdetaljer", - "clientId": "Klient-ID", - "clientName": "Navn", - "id": "ID", - "mapperType": "Mappertype", - "leave": "Forlat", - "password": "Passord", - "passwordConfirmation": "Passord bekreftelse", - "temporaryPassword": "Midlertidig", - "temporaryPasswordHelpText": "Hvis aktivert, er brukeren påkrevd til å endre passordet ved neste innlogging", - "protocol": "Protokoll", - "copy": "Kopi", - "clientAuthorization": "Autorisasjon", - "importClient": "Importer klient", - "webOrigins": "Web origins", - "adminURL": "Admin URL", - "formatOption": "Formatalternativer", - "encryptAssertions": "Krypter assertions", - "clientSignature": "Klientens signatur er påkrevd", - "roles": "Roller", - "addClientScope": "Legg til klientmal", - "fullScopeAllowed": "Tillatt med fullt scope", - "selectAUser": "Velg en bruker", - "client": "klient", - "evaluate": "Evaluer", - "reevaluate": "Re-evaluering", - "showAuthData": "Vis autorisasjonsdata", - "unanimous": "Enstemmig", - "affirmative": "Bekreftende", - "consensus": "Konsensus", - "authScopes": "Autorisasjonsscopes", - "anyResource": "Enhver ressurs", - "anyScope": "Ethvert scope", - "selectScope": "Velg et scope", - "applyToResourceType": "Bruk på ressurstype", - "contextualInfo": "Kontekstuell informasjon", - "contextualAttributes": "Kontekstuelle attributter", - "kc": { - "realm": { - "name": "Sikkerhetsdomene" - } - }, - "policyEnforcementMode": "Modus for håndhevelse av policy", - "policyEnforcementModes": { - "ENFORCING": "Håndhevende", - "PERMISSIVE": "Ettergivende" - }, - "decisionStrategy": "Beslutningsstrategi", - "iconUri": "Ikon URI", - "allowRemoteResourceManagement": "Håndtering av ekstern ressurs", - "resources": "Ressurser", - "resource": "Ressurs", - "scope": "Scope", - "owner": "Eier", - "scopes": "Scope", - "policies": "Policier", - "createPermission": "Opprett tillatelse", - "identityInformation": "Identitetsinformasjon", - "resourceType": "Ressurstype", - "createPolicy": "Opprett policy", - "applyPolicy": "Anvend policy", - "code": "Kode", - "logic": "Logikk", - "logicType": { - "positive": "Positiv", - "negative": "Negativ" - }, - "user": "Bruker", - "clientList": "Klienter", - "initialAccessToken": "Første access token", - "created": "Opprettet", - "lastUpdated": "Sist oppdatert", - "expires": "Utløper", - "count": "Teller", - "remainingCount": "Resterende antall", - "expiration": "Holdbarhet", - "clientAuthentication": "Autentisering av klient", - "frontchannelLogout": "Front channel utlogging", - "rootUrl": "Root URL", - "validRedirectUri": "Gyldig redirect URIer", - "idpInitiatedSsoRelayState": "IDP initiert SSO relay state", - "masterSamlProcessingUrl": "Master SAML prosesserings URL", - "nameIdFormat": "Navn-ID format", - "forceNameIdFormat": "Force navn-ID format", - "forcePostBinding": "Force POST binding", - "includeAuthnStatement": "Inkluder AuthnStatement", - "signDocuments": "Signer dokumenter", - "signAssertions": "Signer assertions", - "canonicalization": "Kanoniseringsmetode", - "loginTheme": "Innloggingstema", - "clientAuthenticator": "Klientautentikator", - "clientSecret": "Klient secret", - "registrationAccessToken": "Access token for registrering", - "revocation": "Oppheving", - "clustering": "Clustering", - "notBefore": "Ikke før", - "setToNow": "Sett til nå", - "addNode": "Legg til node", - "push": "Send", - "nodeReRegistrationTimeout": "Timeout for re-registrering av node", - "registeredClusterNodes": "Registrerte clusternoder", - "nodeHost": "Nodevert", - "lastRegistration": "Siste registrering", - "testClusterAvailability": "Test cluster tilgjengelighet", - "registerNodeManually": "Register node manuelt", - "fineGrainSamlEndpointConfig": "Finkornet SAML endepunktskonfigurasjon", - "assertionConsumerServicePostBindingURL": "Assertion consumer service POST binding URL", - "assertionConsumerServiceRedirectBindingURL": "Assertion Consumer Service redirect binding URL", - "logoutServiceRedirectBindingURL": "Logout-tjeneste redirect binding URL", - "accessTokenLifespan": "Levetid for access token", - "browserFlow": "Nettleserflyt", - "directGrant": "Direct Grant Flyt", - "certificate": "Sertifikat", - "generateNewKeys": "Generer nye nøkler", - "archiveFormat": "Arkivformat", - "keyAlias": "Nøkkelalias", - "keyPassword": "Nøkkelpassord", - "storePassword": "Lagre passord", - "importFile": "Importer fil", - "clientType": "'OpenID connect' tillater klienter å verifisere identiteten til sluttbrukeren basert på autentisering utført av en autorisasjonsserver. 'SAML' aktiverer en web-basert autentisering og autoriseringsscenarier som inkluderer cross-domain single sign-on (SSO) og som bruker security tokens som inneholder assertions for å dele informasjon videre.", - "serviceAccount": "Lar deg autentisere denne klienten til Keycloak og hente access token dedikert til denne klienten. I følge OAuth2 spesifikasjonen, aktiverer dette støtte for 'Client Credentials Grant' for denne klienten.", - "authorization": "Aktiver/deaktiver finkornet autorisasjonssupport for en klient", - "directAccess": "Dette gir støtte for Direct Access Grants, som betyr at klienten har tilgang til brukerens brukernavn/passord og kan bytte dette direkte med Keycloak-serveren for access token. I følge OAuth2 spesifikasjonen, aktiverer dette støtte for 'Resource Owner Password Credentials Grant' for denne klienten.", - "standardFlow": "Dette aktiverer standard OpenID Connect redirect-basert autentisering med autorisasjonskode. I forhold til OpenID Connect eller OAuth2 spesifikasjoner aktiverer dette støtte for 'Authorization Code Flow' for denne klienten.", - "implicitFlow": "Dette aktiverer støtte for OpenID Connect redirect-basert autentisering uten autorisasjonskode. I forhold til OpenID Connect eller OAuth2 spesifikasjoner aktiverer dette støtte for 'Implicit Flow' for denne klienten.", - "rootURL": "Root URL lagt til relative URLer", - "validRedirectURIs": "Gyldig URI mønster som en nettleser kan redirecte til etter en vellykket innlogging eller utlogging. Enkle jokertegn er tillatt, for eksempel 'http://example.com/*'. Relativ sti kan også spesifiseres, for eksempel /my/relative/path/*. Relative stier er relative til klientens root URL, eller hvis ingen er spesifisert brukes root URL for autorisasjonsserveren. For SAML må du sette et gyldig URI mønster hvis du er avhengig av at URL for forbrukertjenesten er integrert med forespørselen for pålogging.", - "nameIdFormatHelp": "Navn-ID formatet som skal brukes for emnet.", - "forceNameIdFormatHelp": "Ignorer forespurt format på Navn-ID emnet og bruk den som er konfigurert i administrasjonskonsollen.", - "forcePostBindingHelp": "Bruk alltid POST binding for svar.", - "includeAuthnStatementHelp": "Skal et statement som spesifiserer metoden for tidsstempel inngå i innloggingssvaret?", - "signDocumentsHelp": "Skal SAML dokumenter bli signert av sikkerhetsdomenet?", - "signAssertionsHelp": "Skal assertions i SAML dokumenter bli signert? Denne innstillingen er ikke nødvendig hvis et dokument allerede har blitt signert.", - "signatureAlgorithm": "Signaturalgoritmen som brukes for å signere et dokument.", - "canonicalizationHelp": "Kanoniseringsmetode for XML signaturer.", - "webOriginsHelp": "Tillat CORS origins. For å tillate alle origins med gyldig Redirect URIer legg til '+'. For å tillate alle origins legg til '*'.", - "homeURL": "Standard URL som kan brukes når autorisasjonsserveren trenger å redirecte eller lenke tilbake til klienten.", - "adminURLHelp": "URL til administratorgrensesnitt for klienten. Sett denne hvis klienten støtter adapter REST API. Dette REST APIet tillater autorisasjonsserveren til å sende tilbakekallingsregler og andre administrative oppgaver. Vanligvis er dette satt til klientens base URL.", - "clientHelp": "Velg klienten som vil utføre denne autorisasjonsforespørselen.", - "clientIdHelp": "Identifikator for klient registrert hos identitetsleverandør.", - "selectUser": "Velg en bruker hvis identitet vil bli brukt for å søke tillatelser fra serveren.", - "rolesHelp": "Velg en rolle som du vil knytte til den valgte brukeren.", - "contextualAttributesHelp": "Ethvert attributt gitt av et kjørende miljø eller ved utførelseskontekst.", - "applyToResourceTypeHelp": "Spesifiserer om denne tillatelsen skal gjelde for alle ressurser med en gitt type. I dette tilfellet vil tillatelsen bli evaluert for alle instanser av gitt ressurstype.", - "resourcesHelp": "Spesifiserer at denne tillatelsen må bli brukt for en spesifikk ressursinstans.", - "scopesSelect": "Spesifiserer at denne tillatelse må anvendes på en eller flere scopes.", - "clientNameHelp": "Angir klientnavnet som blir vist. For eksempel, 'Min klient'. Støtter nøkler for lokaliserte verdier. For eksempel: ${my_client}", - "descriptionHelp": "Beskrivelse av klientmal", - "loginThemeHelp": "Velg tema for sidene: innlogging, OTP, rettigheter, registrering, glemt passord.", - "encryptAssertionsHelp": "Skal SAML assertions bli kryptert med klientens offentlige nøkkel ved å bruke AES?", - "clientSignatureHelp": "Skal klienten signere sine SAML forespørsler og svar? Og skal de valideres?", - "expirationHelp": "Setter utløpstid for hendelser. Utløpte hendelser vil med jevne mellomrom bli slettet fra databasen.", - "countHelp": "Angir hvor mange klienter som kan bli opprettet ved å bruke token.", - "client-authenticator-type": "Klientautentikator som blir brukt for å autentisere denne klienten mot keycloak-server", - "registration-access-token": "Access token for registrering gir klienter tilgang til registreringstjenesten for klienter.", - "nodeReRegistrationTimeoutHelp": "Intervall for å angi maksimum tid for registrerte klienters clusternoder for å re-registreres. Hvis en clusternode ikke sender re-regisreringsforespørsel til Keycloak innen dette intervallet, vil den bli uregistrert fra Keycloak.", - "idpInitiatedSsoUrlName": "Navn på URL-fragment som refererer til klienten når du vil gjøre en IDP initiert SSO. La denne stå tom om du ønsker å deaktivere IDP initiert SSO. URLen vil være: {server-root}/realms/{realm}/protocol/saml/clients/{client-url-name}", - "idpInitiatedSsoRelayStateHelp": "Relay state du ønsker å sende med SAML forespørselen når du vil utføre en IDP initiert SSO.", - "masterSamlProcessingUrlHelp": "Hvis konfigurert vil denne URLen bli brukt for hver binding til både SPs Assertion Consumer og Single Logout-tjenester. Denne kan bli individuelt overstyrt for hver binding og tjenester i konfigurasjonen for finkornet SAML endepunkt.", - "accessTokenLifespanHelp": "Maksimum tid før et access token utløper. Det anbefales at denne verdien er kort i forhold til SSO timeout.", - "assertionConsumerServicePostBindingURLHelp": "SAML POST binding URL for klientens assertion customer service (innloggingsrespons). Du kan la denne stå tom om du ikke ønsker en URL for denne bindingen.", - "assertionConsumerServiceRedirectBindingURLHelp": "SAML redirect for klientens assertion consumer service (innloggingsrespons). Du kan la denne stå tom om du ikke ønsker en URL for denne bindingen.", - "logoutServiceRedirectBindingURLHelp": "SAML redirect binding URL for klientens single logout-tjeneste. Du kan la dette stå tomt om du bruker en annen binding.", - "frontchannelLogoutHelp": "Hvis satt til true, krever utlogging en redirect i nettleser til klient. Hvis satt til false, vil server utføre en bakgrunnskall for utlogging.", - "browserFlowHelp": "Velg flyten du ønsker å bruke for nettleser-autentisering.", - "directGrantHelp": "Velg flyten du ønsker å bruke for direct grant autentisering.", - "certificateHelp": "Klientsertifikat for å validere JWT utstedt av klienten og signert av privatnøkkel til klient fra din keystore.", - "archiveFormatHelp": "Java keystore eller PKCS12 arkivformat.", - "keyAliasHelp": "Arkiv-alias for din privatnøkkel og sertifikater.", - "keyPasswordHelp": "Passord for å få tilgang til privatnøkler i arkivet", - "storePasswordHelp": "Passord for å få tilgang til arkivet", - "consentRequired": "Hvis aktivert må brukere gi samtykke for at klienten skal få tilgang.", - "import": "Importer en JSON-fil som inneholder innstillinger for autorisasjon for denne ressursserveren.", - "policyEnforcementModeHelp": "Modus for håndhevelse av policy dikterer hvordan policier blir håndhevet når autorisasjonsforespørsler blir evaluert. 'Håndhevende' betyr at forespørsler blir nektet som standard selv om det ikke er en policy knyttet til en gitt ressurs. 'Ettergivende' betyr at forespørsler blir tillatt selv om det ikke er en policy knyttet til en gitt ressurs. 'Deaktivert' deaktiverer fullstendig evalueringen av policier og tillater tilgang til enhver ressurs.", - "allowRemoteResourceManagementHelp": "Skal ressursene bli håndtert eksternt av ressursserveren? Hvis satt til false kan ressursene kun bli håndtert fra denne administratorkonsollen.", - "resourceName": "Et unikt navn for denne ressursen. Navnet kan bli brukt til å identifisere en ressurs og er nyttig i spørringer for en bestemt ressurs.", - "typeHelp": "Ressurstype. Den kan brukes til å gruppere ulike ressursinstanser av samme type.", - "uris": "En URI som også kan brukes for å identifisere denne ressursen.", - "scopesHelp": "Scopes som sendes når du ber om autorisasjon. Dette kan være en liste med scopes separert med mellomrom. Standard er satt til 'openid'.", - "fullScopeAllowedHelp": "Lar deg å deaktivere alle restriksjoner.", - "resetActions": "Tilbakestill handlinger", - "scopeName": "Et unikt navn for dette scopet. Navnet kan bli brukt for å identifisere et scope, og er nyttig i spørringer for en bestemt ressurs.", - "policy-name": "Navnet på denne policien.", - "policy-description": "En beskrivelse av denne policien.", - "policyDecisionStagey": "Beslutningsstrategi som dikterer hvordan policies knyttet til en gitt policy blir evaluert og hvordan endelig avgjørelse oppnås. 'Bekreftende' betyr at minst en policy må evalueres til en positiv beslutning for at den samlede avgjørelsen kan bli positiv. 'Enstemmig' betyr at alle policies må evalueres til en positiv beslutning for at den samlede avgjørelsen kan bli positiv. 'Konsensus' betyr at antall positive beslutninger må være høyere enn antall negative beslutninger. Hvis antallet av positive og negative er likt, blir den samlede avgjørelsen negativ.", - "applyPolicyHelp": "Spesifiserer alle policies som må bli anvendt for scopes definert av denne policien eller tillatelsen.", - "policyClient": "Spesifiser klient(er) som tillates av denne policien.", - "policyGroups": "Spesifiser bruker(e) som tillates av denne policien.", - "policyRoles": "Spesifiserer klientroller tillatt av denne policien.", - "startTime": "Definerer tiden før policien MÅ IKKE innvilges. Denne innvilges kun om gjeldende dato/tid er før eller lik denne verdien.", - "expireTime": "Definerer tiden etter en policy MÅ IKKE innvilges. Denne innvilges kun om gjeldende dato/tid er før eller lik denne verdien.", - "policyCode": "JavaScript-koden angir betingelsene for denne politikken.", - "logicHelp": "Logikken som dikterer hvordan beslutningspolicien skal utførres. Hvis 'Positiv', vil resulterende effekt (tillate eller nekte) oppnådd under evalueringen av denne policien bli brukt for å ta en beslutning. Hvis 'Negativ', vil resulterende effekt bli opphevet, med andre ord blir en tillatelse til et avslag og motsatt.", - "permissionName": "Navnet på denne tillatelsen.", - "permissionDescription": "En beskrivelse av denne tillatelsen.", - "permissionType": "Spesifiserer at denne tillatelsen må bli anvendt for alle ressursinstanser for en gitt type.", - "realmRolePrefix": "Prefiks for sikkerhetsdomenerolle", - "name": "Navn på klientmal. Må være unik i sikkerhetsdomenet.", - "protocolHelp": "Hvilken SSO protokoll-konfigurasjon som blir levert av denne klientmalen", - "prefix": "Prefiks for hver sikkerhetsdomenerolle (valgfri).", - "multiValued": "Angir om en attributt støtter flere verdier. Hvis true, vil listen med alle verdier for dette attributtet bli satt som claims. Hvis false, vil bare den første verdien bli satt som claim.", - "tokenClaimName": { - "label": "Navn på token claim", - "tooltip": "Navn på claim som skal legges inn i token. Denne kan være et fullt kvalifisert navn som 'address.street'. I dette tilfellet vil et nestet jsonobjekt bli laget." - }, - "claimJsonType": "JSON-type som burde bli brukt for å fylle json claimet i tokenet. long, int, boolean og String er gyldige verdier.", - "protocolMapper": "Protokoll...", - "createGroup": "Opprett gruppe", - "members": "Medlemmer", - "email": "E-postadresse", - "lastName": "Etternavn", - "firstName": "Fornavn", - "associatedRolesText": "Assosierte roller", - "title": "Autentisering", - "addRole": "Legg til rolle", - "roleName": "Rollenavn", - "composite": "Sammensatt", - "addUser": "Legg til bruker", - "userName": "Brukernavn", - "join": "Bli med", - "groupMembership": "Gruppemedlemskap", - "createdAt": "Opprettet ved", - "username": "Brukernavn", - "emailVerified": "E-post verifisert", - "requiredUserActions": "Påkrevde brukerhandlinger", - "impersonate": "Utgi deg for å være bruker", - "verifyEmail": "Bekreft e-postadresse", - "consents": "Samtykke", - "identityProvider": "Identitetsleverandør", - "identityProviderLinks": "Lenker til identitetsleverandør", - "revoke": "Opphev", - "credentialType": "Type", - "resetPassword": "Tilbakestill passord", - "showPasswordDataValue": "Verdi", - "hours": "Timer", - "minutes": "Minutter", - "seconds": "Sekunder", - "credentialResetConfirm": "Send e-post", - "temporaryLocked": "Brukeren kan ha blitt låst på grunn av at innloggingsforsøk har feilet for mange ganger.", - "emailVerifiedHelp": "Har brukerens e-post blitt verifisert?", - "requiredUserActionsHelp": "Krev en handling når brukeren logger inn. 'Verifiser e-post' sender en e-post til brukeren for å verifisere deres e-postadresse. 'Oppdater profil' krever at bruker legger inn personlig informasjon. 'Oppdater passord' krever at bruker skriver inn et nytt passord. 'Konfigurer OTP' krever installasjon av en passordgenerator for mobil.", - "groups": "Gruppen som brukeren er medlem av. Velg en gruppe på listen og klikk på 'Forlat' for å forlate gruppen.", - "lastAccess": "Sist aksessert", - "adminEvents": "administratorhendelser", - "time": "Tid", - "eventType": "Hendelsestype", - "ipAddress": "IP-adresse", - "realm": "Sikkerhetsdomene", - "resourcePath": "Filsti for ressurs", - "resourceTypes": "Ressurstyper", - "operationType": "Operasjonstype", - "operationTypes": "Operasjonstyper", - "auth": "Auth", - "representation": "Representasjon", - "partialImport": "Delvis import", - "general": "Generelt", - "login": "Innlogging", - "themes": "Tema", - "eventListeners": "Hendelseslyttere", - "eventListenersHelpText": "Konfigurer hvilke lyttere som skal motta eventer fra sikkerhetsdomenet.", - "adminEventsSettings": "Innstillinger for administratorhendelser", - "saveEvents": "Lagre hendelser", - "clearAdminEvents": "Fjern administratorhendelser", - "includeRepresentation": "Inkluder representasjon", - "from": "Fra", - "host": "Vert", - "port": "Port", - "enableSSL": "Aktiver SSL", - "enableStartTLS": "Aktiver StartTLS", - "providers": "Leverandører", - "uiDisplayName": "Konsoll vis navn", - "providerId": "ID", - "provider": "Leverandør", - "userRegistration": "Registrering av bruker", - "userRegistrationHelpText": "Aktiver/deaktiver registreringssiden. En lenke for registrering vil være synlig på innloggingssiden.", - "rememberMe": "Husk meg", - "rememberMeHelpText": "Vis en avkryssingsboks på innloggingssiden som lar brukere forbli innlogget mellom omstart av nettleser og inntil sesjonen utløper.", - "registrationEmailAsUsername": "E-postadresse som brukernavn", - "editUsername": "Rediger brukernavn", - "htmlDisplayName": "HTML vis navn", - "requireSsl": "Krev SSL", - "sslType": { - "all": "Alle forespørsler", - "external": "Eksterne forespørsler", - "none": "Ingen" - }, - "endpoints": "Endepunkter", - "accountTheme": "Kontotema", - "adminTheme": "Administrasjonskonsolltema", - "emailTheme": "E-posttema", - "SSOSessionIdle": "Inaktiv SSO sesjon", - "SSOSessionMax": "Maksimum SSO sesjon", - "offlineSessionIdle": "Inaktiv sesjon i frakoblet modus", - "loginTimeout": "Timeout for innlogging", - "loginActionTimeout": "Timeout for innloggingshandling.", - "revokeRefreshToken": "Fjern refresh token", - "accessTokenLifespanImplicitFlow": "Access token-levetid for implicit flow", - "clientLoginTimeout": "Timeout av klientinnlogging", - "clientProfileDescription": "Beskrivelse", - "tokens": "Tokens", - "supportedLocales": "Støttede lokaliteter", - "defaultLocale": "Standard lokalitet", - "validatorDialogColNames": { - "colName": "Rollenavn" - }, - "validatorColNames": { - "colConfig": "Konfig" - }, - "eventTypes": { - "IMPERSONATE": { - "name": "Utgi deg for å være bruker" - }, - "LOGOUT": { - "name": "Logg ut" - }, - "REGISTER": { - "name": "Registrer" - }, - "RESET_PASSWORD": { - "name": "Tilbakestill passord" - } - }, - "deleteEvents": "Fjern hendelser", - "defaultRoles": "Standardroller", - "defaultGroups": "Standardgrupper", - "securityDefences": "Sikkerhetsmekanismer", - "headers": "Headere", - "bruteForceDetection": "Deteksjon av Brute Force", - "xFrameOptions": "Alternativer for X-Frame", - "contentSecurityPolicy": "Sikkerhetspolicy for innhold", - "contentSecurityPolicyReportOnly": "Rapporterende sikkerhetspolicy for innhold", - "xContentTypeOptions": "Alternativer for X-innholdstyper", - "failureFactor": "Maksimum antall innloggingsfeil", - "waitIncrementSeconds": "økning av ventetid", - "maxFailureWaitSeconds": "Maksimum ventetid", - "maxDeltaTimeSeconds": "Tid for tilbakestilling av feil.", - "minimumQuickLoginWaitSeconds": "Minimum ventetid for hurtig innlogging", - "requireSslHelp": "Kreves HTTPS? 'Ingen' betyr at HTTPS ikke kreves for noen klienters IP-adresse. 'Ekstern forespørsel' betyr at localhost og private IP-adresser kan få tilgang uten HTTPS. 'Alle forespørsler' betyr at HTTPS kreves for alle IP-adresser.", - "accountThemeHelp": "Velg tema for brukerkontoadministrasjonssider.", - "adminThemeHelp": "Velg et tema for administrasjonskonsollen.", - "emailThemeHelp": "Velg tema for e-post sendt av server.", - "save-user-events": "Hvis aktivert vil innloggingshendelser bli lagret i databasen, noe som gjør hendelsene tilgjengelige for administrator og kontoadministrasjonskonsoll.", - "save-admin-events": "Hvis aktivert vil administratorhendelser bli lagret i databasen, som vil gjøre hendelsene tilgjengelige i administrasjonskonsollen.", - "admin-clearEvents": "Sletter alle administratorhendelser i databasen.", - "includeRepresentationHelp": "Inkluder JSON-representasjon for å skape og oppdatere forespørsler.", - "failureFactorHelp": "Hvor mange feil før ventetid blir aktivert.", - "waitIncrementSecondsHelp": "Når terskelen for feil er nådd, hvor lenge skal brukeren stenges ute?", - "maxFailureWaitSecondsHelp": "Maksimum tid en bruker vil være stengt ute.", - "maxDeltaTimeSecondsHelp": "Når vil teller for feil nullstilles?", - "quickLoginCheckMilliSeconds": "Hvis en feil skjer for raskt samtidig, steng brukeren ute.", - "minimumQuickLoginWaitSecondsHelp": "Ventetid etter en hurtig innloggingsfeil.", - "ssoSessionIdle": "Tiden en sesjon er tillatt å være inaktiv før den utløper. Tokens og nettlesersesjoner vil bli ugyldig når en sesjon utløper.", - "ssoSessionMax": "Maksimum tid før en sesjon utløper. Tokens og nettlesersesjoner vil bli ugyldig når en sesjon utløper.", - "offlineSessionIdleHelp": "Tiden en sesjon i frakoblet modus er tillatt å være inaktiv før den utløper. Du må bruke tokens for frakoblet modus for å oppdatere sesjonen minst en gang i denne perioden, ellers vil sesjonen utløpe.", - "revokeRefreshTokenHelp": "Hvis aktivert kan refresh token kun bli brukt en gang. Ellers vil refresh tokens kunne bli brukt flere ganger.", - "clientLoginTimeoutHelp": "Maksimum tid en klient har for å fullføre access token protokollen. Dette burde normalt være 1 minutt.", - "editUsernameHelp": "Dersom aktivert, er feltet for brukernavn redigerbart, ellers kun lesbart.", - "flows": "Flyt", - "requiredActions": "Påkrevde handlinger", - "passwordPolicy": "Passordpolicy", - "otpPolicy": "Policy for engangskode", - "otpType": "Type engangskode", - "policyType": { - "totp": "Tidsbasert", - "hotp": "Tellerbasert" - }, - "otpHashAlgorithm": "OTP hash-algoritme", - "otpPolicyDigits": "Antall siffer", - "otpPolicyPeriod": "Engangskode token", - "initialCounter": "Initiell teller", - "attestationPreference": { - "none": "Ingen" - }, - "flow": { - "browser": "Nettleserflyt", - "registration": "Registreringsflyt", - "direct grant": "Direct Grant Flyt" - }, - "flowType": "Type av flyt", - "flow-type": { - "form-flow": "skjema" - }, - "addExecution": "Legg til eksekvering", - "requirement": "Krav", - "alias": "Alias", - "flowTypeHelp": "Hva slags skjema det er", - "topLevelFlowType": "Hvilken type toppnivå flyt er det? Type 'klient' brukes for autentisering av klienter (applikasjoner) når generisk brukes for brukere og alt annet", - "aliasHelp": "Aliaset identifiserer en identitetsleverandør og kan brukes for å bygge en redirect uri.", - "otpTypeHelp": "Totp er et tidsbasert engangspassord. 'hotp' er et teller basert engangspassord hvor serveren følger med på en teller som den kan hashe mot.", - "otpHashAlgorithmHelp": "Hva slags hashing algoritme skal brukes for å generere OTP.", - "otpPolicyDigitsHelp": "Hvor mange sifre skal OTP ha?", - "otpPolicyPeriodHelp": "Hvor mange sekunder burde et engangskode token være gyldig? Standard er satt til 30 sekunder.", - "vendor": "Leverandør", - "connectionURL": "Tilkoblings URL", - "enableStartTls": "Aktiver StartTLS", - "useTruststoreSpi": "Bruk Truststore SPI", - "connectionPooling": "Connection Pooling", - "bindType": "Autentiseringstype", - "bindDn": "Bind DN", - "editMode": "Redigeringsmodus", - "usersDN": "DN-brukere", - "usernameLdapAttribute": "Brukernavn LDAP-attributt", - "rdnLdapAttribute": "RDN LDAP-attributt", - "uuidLdapAttribute": "UUID LDAP-attributt", - "userObjectClasses": "Brukerobjektklasser", - "searchScope": "Scope for søk", - "pagination": "Paginering", - "batchSize": "Batch størrelse", - "periodicFullSync": "Fullstendig periodisk synkronisering", - "fullSyncPeriod": "Fullstendig synkroniseringsperiode", - "periodicChangedUsersSync": "Periodisk synkronisering av endrede brukere", - "changedUsersSyncPeriod": "Synkroniseringsperiode for endrede brukere", - "kerberosIntegration": "Kerberos Integrasjon", - "allowKerberosAuthentication": "Tillat autentisering med Kerberos", - "useKerberosForPasswordAuthentication": "Bruk Kerberos for autentisering av passord", - "trustEmail": "Stol på e-post", - "requiredSettings": "Påkrevde innstillinger", - "kerberosRealm": "Sikkerhetsdomene for Kerberos", - "serverPrincipal": "Server principal", - "debug": "Feilsøking", - "allowPasswordAuthentication": "Tillat autentisering med passord", - "testAuthentication": "Testautentisering", - "ldapFilter": "LDAP filter", - "selectRole": { - "label": "Velg rolle", - "tooltip": "Skriv inn rolle i tekstboksen til venstre, eller klikk på denne knappen for å bla gjennom og velge rollen du ønsker." - }, - "vendorHelp": "LDAP leverandør (provider)", - "consoleDisplayConnectionUrlHelp": "Tilkoblings URL din til LDAP-server", - "bindCredentialsHelp": "Passord for LDAP administrator", - "editModeLdapHelp": "READ_ONLY er et skrivebeskyttet LDAP-lager. WRITABLE betyr at data vil bli synkronisert tilbake til LDAP på forespørsel. UNSYNCED betyr at brukerdata vil bli importert, men vil ikke bli synkronisert tilbake til LDAP.", - "fullSyncPeriodHelp": "Periode for fullstendig synkronisering i sekunder", - "changedUsersSyncHelp": "Tidsperiode for synkronisering av endrede eller nylig opprettede LDAP-brukere i sekunder.", - "trustEmailHelp": "Hvis aktivert vil ikke e-post levert av denne leverandøren bli verifisert selv om verifisering er aktivert for sikkerhetsdomenet.", - "debugHelp": "Aktiver/deaktiver logging av feilsøking til standard output for Krb5LoginModule.", - "allowPasswordAuthenticationHelp": "Aktiver/deaktivert muligheten for autentisering med brukernavn/passord mot databasen til Kerberos", - "updateFirstLoginHelp": "Oppdater profil ved første innlogging", - "addIdPMapper": "Legg til identitetsleverandørmappere", - "redirectURI": "Redirect URI", - "ssoServiceUrl": "Single sign-on service URL", - "singleLogoutServiceUrl": "Single utloggingstjeneste URL", - "nameIdPolicyFormat": "Policy for nameid-format", - "unspecified": "uspesifisert", - "httpPostBindingResponse": "HTTP-POST binding svar", - "httpPostBindingAuthnRequest": "HTTP-POST binding for AuthnRequest", - "wantAuthnRequestsSigned": "Vil ha AuthnRequests signert", - "forceAuthentication": "Force autentisering", - "validatingX509Certs": "Validerer X509 sertifikat", - "authorizationUrl": "Autorisasjons URL", - "tokenUrl": "Token URL", - "logoutUrl": "Utloggings URL", - "backchannelLogout": "Backchannel utlogging", - "userInfoUrl": "Brukerinfo URL", - "issuer": "Utgiver", - "prompt": "Prompt", - "prompts": { - "none": "Ingen", - "consent": "samtykke", - "login": "Innlogging" - }, - "validateSignature": "Valider signaturer", - "storeTokens": "Lagre Tokens", - "storedTokensReadable": "Lagrede lesbare tokens", - "firstBrokerLoginFlowAlias": "Flyt for første innlogging", - "postBrokerLoginFlowAlias": "Post-påloggingsflyt", - "userAttribute": "Brukerattributt", - "redirectURIHelp": "Redirect URI som skal brukes når du konfigurerer identitetsleverandøren.", - "clientSecretHelp": "Klient secret registrert hos identitetsleverandør.", - "discoveryEndpoint": "Importer metadata fra et eksternt IDP discovery descriptor.", - "importConfig": "Importer metadata fra en nedlastet IDP discovery descriptor.", - "logoutUrlHelp": "Endepunkt for avsluttende sesjon som brukes for å logge ut bruker fra ekstern IDP.", - "backchannelLogoutHelp": "Støtter ekstern IDP backchannel utlogging?", - "userInfoUrlHelp": "Brukerinfo URLen. Denne er valgfri.", - "issuerHelp": "Identifikator for utgiver av forespørselen. Hvis dette ikke er oppgitt vil ingen validering utføres.", - "validateSignatureHelp": "Aktiver/deaktiver signaturvalidering av eksterne IDP signaturer.", - "storeTokensHelp": "Aktiver/deaktiver hvis tokens må bli lagret etter at brukere har blitt autentisert.", - "storedTokensReadableHelp": "Aktiver/deaktiver hvis nye brukere kan lese lagrede tokens. Dette tildeles broker.read-token rollen.", - "firstBrokerLoginFlowAliasHelp": "Alias for autentiseringsflyt, som trigges etter første innlogging med denne identitetsleverandøren. Begrepet 'Første innlogging' betyr at det ennå ikke eksisterer en Keycloak-konto koblet til den autentiserte kontoen til identitetsleverandøren.", - "useEntityDescriptor": "Importer metadata fra et eksternt IDP SAML entity descriptor.", - "samlEntityDescriptor": "Lar deg laste inn ekstern IDP metadata fra en konfigurasjonsfil eller ved å laste det ned fra en URL.", - "ssoServiceUrlHelp": "URL som må brukes for å sende autentiseringsforespørsler (SAML AuthnRequest).", - "singleLogoutServiceUrlHelp": "URL som må brukes for å sende utloggingsforespørsler.", - "httpPostBindingAuthnRequestHelp": "Indikerer om AuthnRequests må bli sendt ved å bruke en HTTP-POST binding. Hvis satt til false, vil HTTP-REDIRECT binding bli brukt.", - "wantAuthnRequestsSignedHelp": "Indikerer om identitetsleverandør forventer en signert AuthnRequest.", - "forceAuthenticationHelp": "Indikerer om identitetsleverandør må autentisere presentatøren direkte i stedet for å stole på en tidligere sikkerhetskontekst.", - "validateSignatures": "Aktiver/deaktiver signaturvalidering av SAML svar.", - "validatingX509CertsHelp": "Sertifikatet i PEM format som må brukes for å se etter signaturer.", - "addIdpMapperName": "Navn på mapper.", - "selectARole": "Velg en rolle", - "usermodel": { - "prop": { - "label": "Egenskap", - "tooltip": "Navn på egenskapsmetoden i UserModel-grensesnittet. For eksempel, en verdi av 'e-post' vil referere til metoden UserModel.getEmail()." - }, - "attr": { - "label": "Brukerattributt", - "tooltip": "Navn på lagret brukerattributt som er navnet på en attributt innenfor UserModel.attribute map." - }, - "clientRoleMapping": { - "client": { - "label": "Klient-ID", - "tooltip": "Klient-ID for å mappe roller" - }, - "rolePrefix": { - "label": "Prefiks for klientrolle", - "tooltip": "Prefiks for hver klientrolle (valgfri)." - } - }, - "realmRoleMapping": { - "rolePrefix": { - "label": "Prefiks for sikkerhetsdomenerolle", - "tooltip": "Prefiks for hver sikkerhetsdomenerolle (valgfri)." - } - } - }, - "userSession": { - "modelNote": { - "label": "Brukersesjonsmerknad", - "tooltip": "Navn på lagret brukersesjonsmerknad innenfor UserSessionModel.note map." - } - }, - "multivalued": { - "label": "Flere verdier", - "tooltip": "Angir om en attributt støtter flere verdier. Hvis true, vil listen med alle verdier for dette attributtet bli satt som claims. Hvis false, vil bare den første verdien bli satt som claim." - }, - "jsonType": { - "label": "JSON-type for claims", - "tooltip": "JSON-type som burde bli brukt for å fylle json claimet i tokenet. long, int, boolean og String er gyldige verdier." - }, - "includeInIdToken": { - "label": "Legg til i ID token", - "tooltip": "Burde claim bli lagt til i ID token?" - }, - "includeInAccessToken": { - "label": "Legg til i access token", - "tooltip": "Burde claim bli lagt til i access token?" - }, - "includeInUserInfo": { - "label": "Legg til i brukerinfo", - "tooltip": "Burde claim bli lagt til i brukerinfo?" - }, - "name-id-format": "Navn-ID format", - "titleAuthentication": "Autentisering", - "titleEvents": "Hendelser", - "titleRoles": "Sikkerhetsdomeneroller", - "titleUsers": "Brukere", - "titleSessions": "Sesjoner", - "authenticationAliasHelp": "Navn på konfigurasjonen", - "authenticationFlowTypeHelp": "Hva slags skjema det er", - "scopeNameHelp": "Navn på klientmal. Må være unik i sikkerhetsdomenet.", - "scopeDescriptionHelp": "Beskrivelse av klientmal", - "clientDescriptionHelp": "Angir beskrivelse av klienten. For eksempel: 'Min klient for timelister'. Støtter nøkler for lokaliserte verdier. For eksempel: ${my_client_description}", - "clientsClientTypeHelp": "'OpenID connect' tillater klienter å verifisere identiteten til sluttbrukeren basert på autentisering utført av en autorisasjonsserver. 'SAML' aktiverer en web-basert autentisering og autoriseringsscenarier som inkluderer cross-domain single sign-on (SSO) og som bruker security tokens som inneholder assertions for å dele informasjon videre.", - "clientsClientScopesHelp": "Scopes assosiert med denne ressursen." -} diff --git a/js/apps/admin-ui/public/locales/pl/translation.json b/js/apps/admin-ui/public/locales/pl/translation.json deleted file mode 100644 index 9e26dfeeb6..0000000000 --- a/js/apps/admin-ui/public/locales/pl/translation.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/js/apps/admin-ui/public/locales/pt-BR/translation.json b/js/apps/admin-ui/public/locales/pt-BR/translation.json deleted file mode 100644 index 8b7ef5e35a..0000000000 --- a/js/apps/admin-ui/public/locales/pt-BR/translation.json +++ /dev/null @@ -1,597 +0,0 @@ -{ - "add": "Adicionar", - "create": "Criar", - "save": "Salvar", - "continue": "Continuar", - "remove": "Remover", - "key": "Chave", - "value": "Valor", - "back": "Voltar", - "export": "Exportar", - "action": "Ações", - "download": "Download", - "clear": "Limpar", - "edit": "Editar", - "enabled": "Habilitado", - "none": "Nenhum", - "signOut": "Sign Out", - "manageAccount": "Administrar a conta", - "serverInfo": "Informação do servidor", - "testConnection": "Testar conexão", - "description": "Descrição", - "type": "Tipo", - "category": "Categoria", - "priority": "Prioridade", - "allTypes": "Todos os tipos", - "manage": "Administração", - "clients": "Clientes", - "realmRoles": "Roles do Realm", - "users": "Usuários", - "sessions": "Sessões", - "events": "Eventos", - "mappers": "Mapeamentos", - "permissions": "Permissões", - "configure": "Configuração", - "realmSettings": "Configurações do Realm", - "authentication": "Autenticação", - "identityProviders": "Provedores de identificação", - "userFederation": "Federação de usuários", - "settings": "Configurações", - "details": "Detalhes", - "times": { - "seconds": "Segundos", - "minutes": "Minutos", - "hours": "Horas", - "days": "Dias" - }, - "attributes": "Atributos", - "credentials": "Credenciais", - "clientId": "ID do cliente", - "clientName": "Nome", - "id": "ID", - "mapperType": "Tipo de mapeamento", - "leave": "Sair", - "password": "Senha", - "passwordConfirmation": "Confirmação de senha", - "temporaryPassword": "Temporária", - "temporaryPasswordHelpText": "If enabled user is required to change password on next login", - "protocol": "Protocolo", - "copy": "Copiar", - "clientAuthorization": "Autorização", - "importClient": "Importar cliente", - "adminURL": "URL do administrador", - "formatOption": "Formato", - "encryptAssertions": "Encriptar Assertions", - "clientSignature": "Assinatura do cliente requerida", - "roles": "Roles", - "addClientScope": "Adicionar modelo de cliente", - "fullScopeAllowed": "Permitir Escopo completo", - "selectAUser": "Selecione um usuário", - "client": "cliente", - "evaluate": "Avaliar", - "reevaluate": "Re-avaliar", - "showAuthData": "Exibir dados da autorização", - "unanimous": "Unânime", - "affirmative": "Afirmativa", - "consensus": "Consensual", - "authScopes": "Autorização de escopos", - "anyResource": "Qualquer recurso", - "anyScope": "Qualquer escopo", - "selectScope": "Selecione um escopo", - "applyToResourceType": "Aplicar ao tipo de recurso", - "contextualInfo": "Informação contextual", - "contextualAttributes": "Atributos contextuais", - "kc": { - "realm": { - "name": "Realm" - } - }, - "policyEnforcementMode": "Modo de execução da política", - "policyEnforcementModes": { - "ENFORCING": "Restritiva", - "PERMISSIVE": "Permissiva" - }, - "decisionStrategy": "Estratégia de decisão", - "iconUri": "URI do ícone", - "allowRemoteResourceManagement": "Administração remota de recursos", - "resources": "Recursos", - "resource": "Recurso", - "scope": "Escopo", - "owner": "Proprietário", - "scopes": "Escopos", - "policies": "Políticas", - "createPermission": "Criar permissão", - "identityInformation": "Informação de identidade", - "resourceType": "Tipo de recurso", - "createPolicy": "Criar política", - "applyPolicy": "Aplicar política", - "code": "Código", - "logic": "Lógica", - "logicType": { - "positive": "Positiva", - "negative": "Negativa" - }, - "user": "Usuário", - "clientList": "Clientes", - "initialAccessToken": "Token de acesso inicial", - "expires": "Expira em", - "count": "Quantidade", - "remainingCount": "Quantidade restante", - "expiration": "Duração", - "clientAuthentication": "Autenticação do cliente", - "frontchannelLogout": "Front Channel Logout", - "validRedirectUri": "URIs de redirecionamento válidas", - "idpInitiatedSsoRelayState": "Estado de relay para SSO iniciado via IDP", - "masterSamlProcessingUrl": "URL de processamento SAML principal", - "nameIdFormat": "Formato do NameID", - "forceNameIdFormat": "Forçar formato do NameID", - "forcePostBinding": "Forçar Binding via POST", - "includeAuthnStatement": "Incluir AuthnStatement", - "signDocuments": "Assinar documentos", - "signAssertions": "Assinar assertions", - "canonicalization": "Método de Canonicalization ", - "loginTheme": "Tema de login", - "clientAuthenticator": "Autenticador do cliente", - "clientSecret": "Secret do Cliente", - "registrationAccessToken": "Token de acesso para registro", - "revocation": "Revogação", - "notBefore": "Não antes de", - "setToNow": "Definir como agora", - "addNode": "Adicionar nó", - "push": "Enviar", - "nodeReRegistrationTimeout": "Tempo limite para re-registro de nó", - "registeredClusterNodes": "Nós de cluster registrados", - "nodeHost": "Host", - "lastRegistration": "Último registro", - "testClusterAvailability": "Testar disponibilidade do cluster", - "registerNodeManually": "Registrar nó manualmente", - "fineGrainSamlEndpointConfig": "Configuração de endpoint para configuração fina do SAML ", - "assertionConsumerServicePostBindingURL": "URL para conexão post para o serviço consumidor de Assertions", - "assertionConsumerServiceRedirectBindingURL": "URL para conexão de redirecionamento do serviço consumidor de Assertions", - "logoutServicePostBindingURL": "URL de conexão POST para o serviço de logout", - "logoutServiceRedirectBindingURL": "URL de conexão para o redirecionamento do serviço de logout", - "accessTokenLifespan": "Duração do Token de Acesso", - "browserFlow": "Fluxo de browser", - "directGrant": "Fluxo de Direct Grant", - "certificate": "Certificado", - "generateNewKeys": "Gerar novas chaves", - "archiveFormat": "Formato do arquivo", - "keyAlias": "Alias da chave", - "keyPassword": "Senha da chave", - "storePassword": "Salvar senha", - "importFile": "Importar arquivo", - "clientType": "'OpenID connect' permite aos Clientes verificarem a identidade do usuário final baseado na autenticação realizada por um servidor de Autorização. 'SAML' permite cenários de autenticação e autorização web-based incluindo cross-domain single sign-on (SSO) e utiliza tokens de segurança contendo assertions para trafegar informações.", - "serviceAccount": "Permite autenticar este cliente no Keycloak e recuperar tokens de acesso dedicados para este cliente. Em termos da especificações OAuth2, habilita suporte para 'Client Credentials Grants' para este cliente.", - "authorization": "Enable/Disable fine-grained authorization support for a client", - "directAccess": "Habilita o suporte para concessões de acesso direto (Direct Access Grants), o que significa que o cliente tem acesso ao nome de usuário/senha e negocia diretamente com o servidor Keycloak pelo token de acesso. Em termos de especificações OAuth2, habilita suporte de \"Resource Owner Password Credentials Grant\" para este cliente.", - "standardFlow": "Isto habilita a autenticação baseada em redirecionamento com código de autorização padrão do OpenID Connect. Em termos de especificações OpenID Connect ou OAuth2, isto habilita suporte ao 'Fluxo de Código de Autorização' para este cliente.", - "implicitFlow": "Isto habilita suporte a autenticação baseada em redirecionamento sem código de autorização. Em tempos de especificações OpenID Connect ou OAuth2, isto habilita suporte do 'Fluxo Implícito' para este cliente.", - "rootURL": "URL raiz adicionada à URLs relativas", - "validRedirectURIs": "Padrão de URI válido para onde um navegador pode redirecionar depois de um login bem-sucedido ou sair. Wildcards simples são permitidos, por exemplo 'http://example.com/*'. Caminhos relativos podem ser especificados também, ex: /my/relative/path/*. Caminhos relativos são relativos à URL raiz do cliente, ou se nenhum for especificado a URL raiz do servidor é usado. Para SAML, é necessário definir padrões de URI válidos se você está contando com a URL do serviço consumidor incorporada com a solicitação de login.", - "nameIdFormatHelp": "O formato de Name ID para utilizar como assunto.", - "forceNameIdFormatHelp": "Ignora o NameID de assunto solicitado e utiliza o configurado no UI de administração.", - "forcePostBindingHelp": "Sempre utilizar POST para respostas.", - "includeAuthnStatementHelp": "Deve ser adicionado um statement especificando o método e timestamp nas respostas de login?", - "signDocumentsHelp": "Devem os documentos SAML serem assinados pelo realm?", - "signAssertionsHelp": "Devem as asserções dentro dos documentos SAML serem assinadas? Esta configuração não é necessária se o documento já está sendo assinado.", - "signatureAlgorithm": "O algoritmo de assinatura a ser utilizado para assinar documentos.", - "canonicalizationHelp": "Canonicalization Method para assinaturas XML.", - "webOrigins": "Permitir origens CORS. Para permitir todas as URIs de redirecionamento de origem válidas adicionar '+'. Para permitir todas as origens adicionar '*'.", - "homeURL": "URL padrão para utilizar quando o servidor de autenticação necessita redirecionar ou linkar para o cliente.", - "adminURLHelp": "URL para a inteface administrativa do cliente. Defina este valor se o cliente suporta a API do adaptador REST. Esta API rest permite que o servidor de autenticação envie políticas de revogação e outras tarefas administrativas. Geralmente este valor é definido apontando para a URL base do cliente.", - "clientHelp": "Select the client making this authorization request. If not provided, authorization requests would be done based on the client you are in.", - "clientIdHelp": "O identificador do cliente registrado com o provedor de identificação.", - "selectUser": "Select an user whose identity is going to be used to query permissions from the server.", - "rolesHelp": "Select the roles you want to associate with the selected user.", - "contextualAttributesHelp": "Any attribute provided by a running environment or execution context.", - "applyToResourceTypeHelp": "Specifies if this permission would be applied to all resources with a given type. In this case, this permission will be evaluated for all instances of a given resource type.", - "resourcesHelp": "Specifies that this permission must be applied to a specific resource instance.", - "scopesSelect": "Define que esta permissões deve ser aplicada para um ou mais escopos.", - "clientNameHelp": "Especifica o nome de exibição do cliente. Por exemplo 'Meu Cliente'. Também aceita chaves para valores localizados. Por exemplo: ${meu_cliente}", - "descriptionHelp": "Descrição do modelo de cliente.", - "loginThemeHelp": "Selecione o tema para páginas de login, OTP, grant, cadastro e recuperar senha.", - "encryptAssertionsHelp": "Devem as asserções SAML serem encriptadas com a chave pública do cliente usando AES?", - "clientSignatureHelp": "O cliente irá assinar os pedidos e respostas saml? E eles devem ser validados?", - "expirationHelp": "Sets the expiration for events. Expired events are periodically deleted from the database.", - "countHelp": "Especifica quantos clientes podem ser criados usando o token", - "client-authenticator-type": "Autenticador de Cliente usado para autenticar este cliente ao servidor Keycloak", - "registration-access-token": "O token de acesso para registro provê acesso aos cliente para o serviço de registro cliente.", - "nodeReRegistrationTimeoutHelp": "Intervalo para especificar o tempo máximo para nós clientes de cluster registrados se re-registrarem. Se os nós do cluster não enviarem solicitações de re-registro dentro deste intervalo eles serão deregistrados do Keycloak.", - "idpInitiatedSsoUrlName": "Nome do fragmento URL para referenciar o cliente quando você deseja um SSO iniciado por IDP. Deixar este campo vazio irá desabilitar SSO iniciado por IDP. A URL que você irá referenciar do seu browser será: {server-root}/realms/{realm}/protocol/saml/clients/{client-url-name}", - "idpInitiatedSsoRelayStateHelp": "O estado de Relay que você deseja enviar com um pedido SAML quando você deseja realizar SSO iniciado por IDP.", - "masterSamlProcessingUrlHelp": "Se configurado, esta URL será utilizada para todos os bindings do \"SP's Assertion Consumer\" e \"Single Logout Services\". Ela pode ser sobreescriva idnvidualmente para cada ligação e serviço na Configuração Detalhada do Endpoint SAML.", - "accessTokenLifespanHelp": "Tempo máximo antes que um token de acesso expire. Recomenda-se que este valor seja menor em relação ao tempo de inativação do inativação do SSO.", - "assertionConsumerServicePostBindingURLHelp": "URL de ligação SAML via post para as asserções de consumidor de serviços do cliente (respostas de login). Você pode deixar este campo em branco se você não tiver uma URL para esta ligação.", - "assertionConsumerServiceRedirectBindingURLHelp": "URL de ligação SAML de redirecionamento para as asserções de consumidor de serviços do cliente (respostas de login). Você pode deixar este campo em branco se você não tiver uma URL para esta ligação.", - "logoutServiceRedirectBindingURLHelp": "URL de ligação SAML de redirecionamento para o serviço de logout único do cliente. Voce pode deixar este campo em branco s e estiver usando uma ligação diferente.", - "frontchannelLogoutHelp": "Quando marcado, o logout requer um redirecionamento do browser para o cliente. Caso contrário o servidor executo uma invocação em background para o logout.", - "browserFlowHelp": "Select the flow you want to use for browser authentication.", - "directGrantHelp": "Select the flow you want to use for direct grant authentication.", - "certificateHelp": "Certificado do cliente para validar JWT emitidos pelo cliente e assinados pela chave privada do cliente da sua keystore.", - "archiveFormatHelp": "Keystore Java ou arquivo em formato PKCS12.", - "keyAliasHelp": "Alias do arquivo para sua chave privada e certificado.", - "keyPasswordHelp": "Senha para acessar a chave privada no certificado.", - "storePasswordHelp": "Senha para acessar o arquivo em si.", - "consentRequired": "Se habilitado os usuários devem consentir com o acesso ao cliente.", - "import": "Import a JSON file containing authorization settings for this resource server.", - "policyEnforcementModeHelp": "The policy enforcement mode dictates how policies are enforced when evaluating authorization requests. 'Enforcing' means requests are denied by default even when there is no policy associated with a given resource. 'Permissive' means requests are allowed even when there is no policy associated with a given resource. 'Disabled' completely disables the evaluation of policies and allow access to any resource.", - "allowRemoteResourceManagementHelp": "Should resources be managed remotely by the resource server? If false, resources can only be managed from this Admin UI.", - "resourceName": "An unique name for this resource. The name can be used to uniquely identify a resource, useful when querying for a specific resource.", - "typeHelp": "The type of this resource. It can be used to group different resource instances with the same type.", - "uris": "An URI that can also be used to uniquely identify this resource.", - "scopesHelp": "Os escopos que serão enviados ao solicitar autorização. Pode ser uma lista de escopos separadas por espaço. Valor padrão é 'openid'.", - "fullScopeAllowedHelp": "Permite a você desabilitar todas as restrições.", - "resetActions": "Ações para reiniciar", - "scopeName": "An unique name for this scope. The name can be used to uniquely identify a scope, useful when querying for a specific scope.", - "policy-name": "The name of this policy.", - "policy-description": "A description for this policy.", - "policyDecisionStagey": "The decision strategy dictates how the policies associated with a given policy are evaluated and how a final decision is obtained. 'Affirmative' means that at least one policy must evaluate to a positive decision in order to the overall decision be also positive. 'Unanimous' means that all policies must evaluate to a positive decision in order to the overall decision be also positive. 'Consensus' means that the number of positive decisions must be greater than the number of negative decisions. If the number of positive and negative is the same, the final decision will be negative.", - "applyPolicyHelp": "Specifies all the policies that must be applied to the scopes defined by this policy or permission.", - "policyGroups": "Specifies which user(s) are allowed by this policy.", - "policyRoles": "Especifica quais role(s) do *cliente* são permitidos por esta política.", - "startTime": "Defines the time before which the policy MUST NOT be granted. Only granted if current date/time is after or equal to this value.", - "expireTime": "Defines the time after which the policy MUST NOT be granted. Only granted if current date/time is before or equal to this value.", - "policyCode": "The JavaScript code providing the conditions for this policy.", - "logicHelp": "The logic dictates how the policy decision should be made. If 'Positive', the resulting effect (permit or deny) obtained during the evaluation of this policy will be used to perform a decision. If 'Negative', the resulting effect will be negated, in other words, a permit becomes a deny and vice-versa.", - "permissionName": "The name of this permission.", - "permissionDescription": "A description for this permission.", - "permissionType": "Specifies that this permission must be applied to all resources instances of a given type.", - "realmRolePrefix": "Prefixo do Realm Role", - "name": "Nome do modelo de cliente. Deve ser único neste Realm.", - "protocolHelp": "Qual configuração de protocolo SSO será provida por este modelo de cliente.", - "prefix": "Um prefixo para cada Realm Role (opcional).", - "multiValued": "Indica se um atributo suporta múltiplos valores. Se verdadeiro, então a lista de todos os valores desse atributo será definida como o claim. Se falso, então apenas o primeiro valor será utilizado.", - "tokenClaimName": { - "label": "Nome do Token Claim", - "tooltip": "Nome do claim para inserir no token. Pode ser um nome completo (fully qualified) como 'address.street'. Neste caso, um objeto json aninhado será criado." - }, - "claimJsonType": "Tipo JSON que deve ser utilizado para popular o claim json no token. Os valores válidos são Long, int boolean e String.", - "protocolMapper": "Protocolo...", - "createGroup": "Criar grupo", - "members": "Membros", - "email": "E-mail", - "lastName": "Sobrenome", - "firstName": "Primeiro nome", - "associatedRolesText": "Roles associados", - "title": "Autenticação", - "addRole": "Adicionar Role", - "roleName": "Nome do Role", - "composite": "Composto", - "usersInRole": "Usuários no role", - "addUser": "Adicionar usuário", - "userName": "Usuário", - "join": "Participar", - "groupMembership": "Grupos associados", - "createdAt": "Criado em", - "username": "Usuário", - "emailVerified": "E-mail verificado", - "requiredUserActions": "Ações necessárias do usuário", - "impersonate": "Personificar", - "verifyEmail": "Verificar e-mail", - "consents": "Consentimentos", - "identityProvider": "Provedor de identificação", - "identityProviderLinks": "Links de provedores de identificação.", - "revoke": "Revogar", - "credentialType": "Tipo", - "resetPassword": "Reiniciar senha", - "showPasswordDataValue": "Valor", - "hours": "Horas", - "minutes": "Minutos", - "seconds": "Segundos", - "credentialResetConfirm": "Enviar e-mail", - "temporaryLocked": "The user may have been locked due to failing to login too many times.", - "emailVerifiedHelp": "Has the user's email been verified?", - "requiredUserActionsHelp": "Require an action when the user logs in. 'Verify email' sends an email to the user to verify their email address. 'Update profile' requires user to enter in new personal information. 'Update password' requires user to enter in a new password. 'Configure OTP' requires setup of a mobile password generator.", - "groups": "Groups user is a member of. Select a listed group and click the Leave button to leave the group.", - "lastAccess": "Último acesso", - "adminEvents": "Eventos de adminstração", - "time": "Tempo", - "eventType": "Tipo de evento", - "ipAddress": "Endereço IP", - "realm": "Realm", - "resourcePath": "Path do recurso", - "operationType": "Tipo de operação", - "operationTypes": "Tipos de operações", - "auth": "Autenticação", - "representation": "Representação", - "partialImport": "Importação parcial", - "general": "Geral", - "login": "Login", - "themes": "Temas", - "eventListeners": "Listeners de eventos", - "eventListenersHelpText": "Configure what listeners receive events for the realm.", - "adminEventsSettings": "Configuração de eventos de administração", - "saveEvents": "Salvar eventos", - "clearAdminEvents": "Limpar eventos administrativos", - "includeRepresentation": "Incluir representação", - "from": "Remetente", - "host": "Host", - "port": "Porta", - "enableSSL": "Habilitar SSL", - "enableStartTLS": "Habilitar StartTLS", - "providers": "Provedores", - "uiDisplayName": "Nome de exibição no UI", - "providerId": "ID", - "provider": "Provedor", - "userRegistration": "Cadastro de usuário", - "userRegistrationHelpText": "Habilita/desabilita a página de cadastro. Um link para a página de cadastro também será exibido na tela de login.", - "rememberMe": "Lembrar me", - "rememberMeHelpText": "Exibe um checkbox na página de login para permitir ao usuário continuar logado entre restarts do browser até que a sessão expire.", - "registrationEmailAsUsername": "Email como nome de usuário", - "editUsername": "Editar nome de usuário", - "htmlDisplayName": "Nome de exibição HTML", - "requireSsl": "SSL requerido", - "sslType": { - "all": "todas requisições", - "external": "requisições externas", - "none": "Nenhum" - }, - "endpoints": "Endpoints", - "accountTheme": "Tema para conta", - "adminTheme": "Tema para UI de administração", - "emailTheme": "Tema de e-mail", - "SSOSessionIdle": "Sessão SSO inativa", - "SSOSessionMax": "Sessão SSO Máxima", - "offlineSessionIdle": "Sessão Offline Inativa", - "loginTimeout": "Tempo máximo do Login", - "loginActionTimeout": "Tempo limite da ação de Login", - "revokeRefreshToken": "Revogar Token de Atualização", - "accessTokenLifespanImplicitFlow": "Duração do token de acesso para fluxos Implícitos", - "clientLoginTimeout": "Tempo limite para login do Cliente", - "clientProfileDescription": "Descrição", - "tokens": "Tokens", - "supportedLocales": "Locais disponíveis", - "defaultLocale": "Local padrão", - "validatorDialogColNames": { - "colName": "Nome do Role" - }, - "validatorColNames": { - "colConfig": "Configuração" - }, - "eventTypes": { - "IMPERSONATE": { - "name": "Personificar" - }, - "LOGOUT": { - "name": "Logout" - }, - "REGISTER": { - "name": "Registro" - }, - "RESET_PASSWORD": { - "name": "Reiniciar senha" - } - }, - "deleteEvents": "Limpar eventos", - "defaultRoles": "Roles padrão", - "defaultGroups": "Grupos Padrão", - "securityDefences": "Defesas", - "headers": "Cabeçalhos", - "bruteForceDetection": "Detecção de ataque de Força Bruta", - "xFrameOptions": "X-Frame-Options", - "contentSecurityPolicy": "Content-Security-Policy", - "xContentTypeOptions": "X-Content-Type-Options", - "failureFactor": "Falhas de login", - "waitIncrementSeconds": "Incremento de Espera", - "maxFailureWaitSeconds": "Espera máxima", - "maxDeltaTimeSeconds": "Tempo para zerar falhas", - "minimumQuickLoginWaitSeconds": "Espera mínima após Quick Login", - "requireSslHelp": "É necessário SSL? 'Nunca' significa que HTTPS não é requerido para nenhum endereço IP cliente. 'Requisições externas' significa que localhost e IPs privados podem acessar sem HTTPS. 'Todas requisições' significa que HTTPS é requerido para todos os endereços IPs.", - "accountThemeHelp": "Selecione o tema para as páginas de administração de conta do usuário.", - "adminThemeHelp": "Selecione o tema para o UI de administração.", - "emailThemeHelp": "Selecione o tema para os e-mail que são enviados pelo servidor.", - "save-user-events": "If enabled login events are saved to the database which makes events available to the Admin and Account management UIs.", - "save-admin-events": "If enabled admin events are saved to the database which makes events available to the Admin UI.", - "admin-clearEvents": "Deletes all admin events in the database.", - "includeRepresentationHelp": "Include JSON representation for create and update requests.", - "failureFactorHelp": "Quantas falhas de login antes que a espera seja habilitada.", - "waitIncrementSecondsHelp": "Quando a quantidade de falhas for alcançada, quanto tempo o usuário deve aguardar antes de tentar novamente?", - "maxFailureWaitSecondsHelp": "Tempo máximo que um usuário deverá aguardar após uma falha de quick login.", - "maxDeltaTimeSecondsHelp": "Quando o contador de falhas será resetado?", - "quickLoginCheckMilliSeconds": "Se uma falha ocorre concorrentemente neste período, travar a conta do usuário.", - "minimumQuickLoginWaitSecondsHelp": "Quanto tempo aguardar após uma falha de quick login.", - "ssoSessionIdle": "Tempo que uma sessão pode ficar inativa antes de expirar. Tokens e sessões de navegador são invalidados quando uma sessão é expirada.", - "ssoSessionMax": "Tempo máximo antes que uma sessão seja expirada. Tokens e sessões de navegador são invalidados quando uma sessão é expirada.", - "offlineSessionIdleHelp": "Tempo que uma sessão offline pode ficar inativa antes de expirar. Você precisa utilizar um token de atualização offline pelo menos uma vez neste período, caso contrário a sessão offline será expirada.", - "revokeRefreshTokenHelp": "Se habilitado os tokens de atualização podem ser utilizados somente uma vez. Caso contrário os tokens de atualização não são revogados quando utilizados e podem ser utilizados várias vezes.", - "clientLoginTimeoutHelp": "Tempo máximo que um cliente tem para finalizar o procolo do token de acesso. Normalmente deve ser 1 minuto.", - "editUsernameHelp": "Se habilitado, o campo nome de usuário é editável, senão será apenas leitura.", - "flows": "Fluxos", - "requiredActions": "Ações requeridas", - "passwordPolicy": "Política de senha", - "otpPolicy": "Política OTP", - "otpType": "Tipo OTP", - "policyType": { - "totp": "Baseado em tempo", - "hotp": "Baseado em contador" - }, - "otpHashAlgorithm": "Algoritmo de hash OTP", - "otpPolicyDigits": "Quantidade de dígitos", - "otpPolicyPeriod": "Período de token OTP ", - "initialCounter": "Contador inicial", - "attestationPreference": { - "none": "Nenhum" - }, - "flow": { - "browser": "Fluxo de browser", - "registration": "Fluxo de registro", - "direct grant": "Fluxo de Direct Grant" - }, - "flowType": "Flow Type", - "flow-type": { - "basic-flow": "genérico", - "form-flow": "formulário" - }, - "addExecution": "Adicionar execução", - "requirement": "Condição", - "alias": "Alias", - "flowTypeHelp": "What kind of form is it", - "topLevelFlowType": "What kind of top level flow is it? Type 'client' is used for authentication of clients (applications) when generic is for users and everything else", - "aliasHelp": "O alias é o identificador único de um provedor de identidade e também é utilizado para construir a uri de redirecionamento.", - "otpTypeHelp": "totp is Time-Based One Time Password. 'hotp' is a counter base one time password in which the server keeps a counter to hash against.", - "otpHashAlgorithmHelp": "What hashing algorithm should be used to generate the OTP.", - "otpPolicyDigitsHelp": "How many digits should the OTP have?", - "otpPolicyPeriodHelp": "How many seconds should an OTP token be valid? Defaults to 30 seconds.", - "vendor": "Vendor", - "connectionURL": "URL de conexão", - "enableStartTls": "Habilitar StartTLS", - "useTruststoreSpi": "Utilizar Truststore SPI", - "connectionPooling": "Pooling de conexões", - "bindType": "Tipo de autenticação", - "bindDn": "Bind DN", - "editMode": "Modo de edição", - "usersDN": "Users DN", - "usernameLdapAttribute": "Atributo LDAP para Username", - "rdnLdapAttribute": "Atributo LDAP para RDN", - "uuidLdapAttribute": "Atributo LDAP para UUID", - "userObjectClasses": "Classes do objeto User", - "searchScope": "Escopo de pesquisa", - "pagination": "Paginação", - "batchSize": "Tamanho do lote", - "periodicFullSync": "Syncronização completa periódica", - "fullSyncPeriod": "Período", - "periodicChangedUsersSync": "Sincronização periódica de usuários alterados", - "changedUsersSyncPeriod": "Período", - "kerberosIntegration": "Integração com Kerberos", - "allowKerberosAuthentication": "Permitir autenticação Kerberos", - "useKerberosForPasswordAuthentication": "Utilizar Kerberos para autenticação via senha", - "trustEmail": "Confiar no e-mail recebido", - "requiredSettings": "Configurações obrigatórias", - "kerberosRealm": "Realm do Kerberos", - "serverPrincipal": "Principal do servidor", - "debug": "Debug", - "allowPasswordAuthentication": "Permitir autenticação via senha", - "testAuthentication": "Testar autenticação", - "ldapFilter": "Filtro do LDAP", - "selectRole": { - "label": "Selecione o Role", - "tooltip": "Entre com o role na caixa à esquerda, ou clique neste botão para navegar e selecionar o role desejado." - }, - "vendorHelp": "LDAP vendor (provedor)", - "consoleDisplayConnectionUrlHelp": "Conexão URL para o seu servidor LDAP", - "bindCredentialsHelp": "Senha do administrador do LDAP", - "editModeLdapHelp": "READ_ONLY é um LDAP somente leitura. WRITABLE significa que os dados serão sicronizados de volta para o LDAP on demand. UNSYNCED significa que os dados do usuário serão importados, mas não sicronizados de volta para o LDAP.", - "fullSyncPeriodHelp": "Intervalo para a sincronização completa em segundos.", - "changedUsersSyncHelp": "Intervalo para sincronização dos usuários alterados ou novos do LDAP em segundos.", - "trustEmailHelp": "Se habilitado então o e-mail provido por este provedor não será verificado mesmo que a verificação esteja habilitada para este realm.", - "debugHelp": "Habilita/Desabilita log de nível debug para a saída padrão para Krb5LoginModule.", - "allowPasswordAuthenticationHelp": "Habilita/Desabilita a possibilidade de autenticação via usuário/senha contra o banco Kerberos", - "updateFirstLoginHelp": "Atualizar o perfil no primeiro login", - "addIdPMapper": "Adicionar mapeamento de provedor de identificação", - "redirectURI": "URI de redirecionamento", - "ssoServiceUrl": "URL de serviço do Single Sign On", - "singleLogoutServiceUrl": "URL de serviço de Single Logout", - "nameIdPolicyFormat": "Política de formato NameID", - "unspecified": "Não especificado", - "httpPostBindingResponse": "Responder com HTTP-POST", - "httpPostBindingAuthnRequest": "Utilizar HTTP-POST binding para AuthnRequest", - "wantAuthnRequestsSigned": "Esperar AuthnRequests assinados", - "forceAuthentication": "Forçar autenticação", - "validatingX509Certs": "Validar certificados X509", - "authorizationUrl": "URL de autorização", - "tokenUrl": "URL do Token", - "logoutUrl": "URL de logout", - "backchannelLogout": "Backchannel Logout", - "userInfoUrl": "URL de informações do usuário", - "issuer": "Emissor", - "prompt": "Prompt", - "prompts": { - "none": "Nenhum", - "consent": "Consentimento", - "login": "Login" - }, - "validateSignature": "Validar assinaturas", - "storeTokens": "Salvar Tokens", - "storedTokensReadable": "Leitura de tokens salvos", - "firstBrokerLoginFlowAlias": "Fluxo do primeiro login", - "postBrokerLoginFlowAlias": "Fluxo pós login", - "userAttribute": "Atributo do usuário", - "redirectURIHelp": "A url de redirecionamento para usar quando da configuração do provedor de identidade.", - "clientSecretHelp": "A senha do cliente registrado junto ao provedor de identificação.", - "discoveryEndpoint": "Importar metadata de um descritor de descoberta remoto do IDP.", - "importConfig": "Importar metadata fr um descritor de descoberta baixado do IDP.", - "logoutUrlHelp": "'End session endpoint' para utilizar para realizar logour dos usuários do IDP externo.", - "backchannelLogoutHelp": "O IDP externo suporta logou via backchannel?", - "userInfoUrlHelp": "A Url de informações de usuário. Opcional.", - "issuerHelp": "O identificador de emissor para o emissor da resposta. Se não for provido nenhuma validação será realizada.", - "validateSignatureHelp": "Habilita/Desabilita a validação de assinatura de IDP externo.", - "storeTokensHelp": "Habilita/desabilita se os tokens deve ser guardados depois de autenticar os usuários.", - "storedTokensReadableHelp": "Habilita/desabilita se novos usuários podem ler quaisquer tokens salvo. Isto irá adicionar o role broker.read-token.", - "firstBrokerLoginFlowAliasHelp": "Alias do fluxo de autenticação que será invocado depois do primeiro login com este provedor de identificação. O termo 'Primeiro Login' significa que ainda não existe uma conta no Keycloak ligada a esta conta autenticada neste provedor.", - "useEntityDescriptor": "Importar metadata de um descritor de entidade IDP SAML remoto.", - "samlEntityDescriptor": "Permite que vocÊ carregue metadata de IDP externos de um arquivo de configuração ou baixando a partir de uma URL.", - "ssoServiceUrlHelp": "A Url que deve ser utilizada para enviar solicitações de autenticação (SAML AuthnRequest).", - "singleLogoutServiceUrlHelp": "A Url que deve ser utilizada para enviar solicitações de logout.", - "httpPostBindingAuthnRequestHelp": "Indica se o AuthnRequest deve ser enviado utilizando HTTP-POST. Se falso, HTTP-REDIRECT será utilizado.", - "wantAuthnRequestsSignedHelp": "Indicate se um provedor de identificação deve experar um AuthnRequest assinado.", - "forceAuthenticationHelp": "Indica se um provedor de identificação deve autenticar o apresentador diretamente ao invés de confiar em um contexto de segurança anterior.", - "validateSignatures": "Habilita/Desabilita validação de assinaturas de respostas SAML.", - "validatingX509CertsHelp": "O certificado em formato PEM que deve ser usado para verificar assinaturas.", - "addIdpMapperName": "Nome do mapeamento", - "selectARole": "Selecione um role", - "usermodel": { - "prop": { - "label": "Propriedade", - "tooltip": "Nome do método da propriedade na interface UserModel. Por exemplo, o valor 'email' iria referenciar o método UserModel.getEmail() ." - }, - "attr": { - "label": "Atributo do usuário", - "tooltip": "Nome do atributo do usuário que é uma chave de atributo no mapa UserModel.attribute." - }, - "clientRoleMapping": { - "clientId": { - "label": "ID do cliente", - "tooltip": "ID do cliente para mapeamentos de roles" - }, - "rolePrefix": { - "label": "Prefixo para o role de Cliente", - "tooltip": "Um prefixo para cada role do cliente (opcional)" - } - }, - "realmRoleMapping": { - "rolePrefix": { - "label": "Prefixo do Realm Role", - "tooltip": "Um prefixo para cada Realm Role (opcional)." - } - } - }, - "userSession": { - "modelNote": { - "label": "Nota da sessão de usuário", - "tooltip": "Nome da nota de sessão do usuário salva no mapa UserSessionModel.note." - } - }, - "multivalued": { - "label": "Múltiplos valores", - "tooltip": "Indica se um atributo suporta múltiplos valores. Se verdadeiro, então a lista de todos os valores desse atributo será definida como o claim. Se falso, então apenas o primeiro valor será utilizado." - }, - "jsonType": { - "label": "Tipo JSON do Claim", - "tooltip": "Tipo JSON que deve ser utilizado para popular o claim json no token. Os valores válidos são Long, int boolean e String." - }, - "includeInIdToken": { - "label": "Adicionar ao token de ID", - "tooltip": "O claim deve ser adicionado ao token de ID?" - }, - "includeInAccessToken": { - "label": "Adicionar ao token de acesso", - "tooltip": "O claim deve ser adicionado ao token de acesso?" - }, - "includeInUserInfo": { - "label": "Adicionar à informação do usuário", - "tooltip": "O claim deve ser adicionado à informação do usuário?" - }, - "name-id-format": "Formato do NameID", - "titleAuthentication": "Autenticação", - "titleEvents": "Eventos", - "titleRoles": "Roles do Realm", - "titleUsers": "Usuários", - "titleSessions": "Sessões", - "authenticationAliasHelp": "Name of the configuration", - "authenticationFlowTypeHelp": "What kind of form is it", - "scopeNameHelp": "Nome do modelo de cliente. Deve ser único neste Realm.", - "scopeDescriptionHelp": "Descrição do modelo de cliente.", - "clientDescriptionHelp": "Especifica a descrição do cliente. Por exemplo 'Meu cliente para TimeSheets'. Também aceita chaves para valores localizados. Por exemplo: ${meu_cliente_descricao}", - "clientsClientTypeHelp": "'OpenID connect' permite aos Clientes verificarem a identidade do usuário final baseado na autenticação realizada por um servidor de Autorização. 'SAML' permite cenários de autenticação e autorização web-based incluindo cross-domain single sign-on (SSO) e utiliza tokens de segurança contendo assertions para trafegar informações.", - "clientsClientScopesHelp": "The scopes associated with this resource." -} diff --git a/js/apps/admin-ui/public/locales/ru/translation.json b/js/apps/admin-ui/public/locales/ru/translation.json deleted file mode 100644 index 5262805a04..0000000000 --- a/js/apps/admin-ui/public/locales/ru/translation.json +++ /dev/null @@ -1,702 +0,0 @@ -{ - "add": "Добавить", - "create": "Создать", - "save": "Сохранить", - "continue": "Продолжить", - "remove": "Удалить", - "key": "Ключ", - "value": "Значение", - "back": "Назад", - "export": "Экспорт", - "action": "Действие", - "download": "Скачать", - "clear": "Очистить", - "on": "Вкл", - "edit": "Редактировать", - "enabled": "Включено", - "disable": "Отключено", - "none": "нет", - "signOut": "Выход", - "manageAccount": "Управление учетной записью", - "serverInfo": "Информация о сервере", - "testConnection": "Тест соединения", - "description": "Описание", - "type": "Тип", - "category": "Категория", - "priority": "Приоритет", - "allTypes": "Все типы", - "manage": "Управление", - "clients": "Клиенты", - "realmRoles": "Роли Realm", - "users": "Пользователи", - "sessions": "Сессии", - "events": "События", - "mappers": "Сопоставления", - "permissions": "Разрешения", - "configure": "Конфигурация", - "realmSettings": "Настройки Realm", - "authentication": "Аутентификация", - "identityProviders": "Поставщики идентификации", - "userFederation": "Федерация пользователей", - "settings": "Настройки", - "details": "Детали", - "Sunday": "Воскресенье", - "Monday": "Понедельник", - "Tuesday": "Вторник", - "Wednesday": "Среда", - "Thursday": "Четверг", - "Friday": "Пятница", - "Saturday": "Суббота", - "times": { - "seconds": "секунд", - "minutes": "минут", - "hours": "часов", - "days": "дней" - }, - "attributes": "Атрибуты", - "credentials": "Учетные данные", - "clientId": "ID клиента", - "clientName": "Имя", - "id": "ID", - "mapperType": "Тип сопоставления", - "leave": "Покинуть", - "password": "Пароль", - "passwordConfirmation": "Подтверждение пароля", - "temporaryPassword": "Временный", - "temporaryPasswordHelpText": "Если включено, пользователю необходимо сменить пароль при следующем входе", - "disabledFeatures": "Отключенные функции сервера", - "protocol": "Протокол", - "copy": "Копировать", - "clientAuthorization": "Авторизация", - "importClient": "Импортировать клиента", - "webOrigins": "Web источники", - "adminURL": "URL администрирования приложения", - "formatOption": "Формат", - "encryptAssertions": "Зашифровка утверждений", - "clientSignature": "Подпись клиента обязательна", - "keys": "Ключи", - "roles": "Роли", - "addClientScope": "Добавить шаблон клиента", - "fullScopeAllowed": "Полный доступ к областям", - "selectAUser": "Выберите пользователя", - "client": "клиент", - "evaluate": "Оценка", - "reevaluate": "Переоценить", - "showAuthData": "Показать авторизационные данные", - "unanimous": "Единогласная", - "affirmative": "Утвердительная", - "consensus": "Консенсусная", - "authScopes": "Области авторизации", - "anyResource": "Любой ресурс", - "anyScope": "Любая область", - "selectScope": "Выберите область", - "applyToResourceType": "Применить к типу ресурса", - "contextualInfo": "Контекстная информация", - "contextualAttributes": "Контекстные аттрибуты", - "kc": { - "realm": { - "name": "Realm" - } - }, - "policyEnforcementMode": "Режим применения политик", - "policyEnforcementModes": { - "ENFORCING": "Обязывающая", - "PERMISSIVE": "Разрешающая" - }, - "decisionStrategy": "Стратегия решения", - "iconUri": "Иконка URI", - "allowRemoteResourceManagement": "Удаленное управление ресурсами", - "resources": "Ресурсы", - "resource": "Ресурс", - "scope": "Область", - "owner": "Владелец", - "scopes": "Области", - "policies": "Политики", - "createPermission": "Создать полномочия", - "identityInformation": "Идентичность данных", - "resourceType": "Тип ресурса", - "createPolicy": "Создать политику", - "applyPolicy": "Применить политику", - "month": "Месяц", - "hour": "Час", - "minute": "Минута", - "code": "Код", - "logic": "Логика", - "logicType": { - "positive": "Позитивная", - "negative": "Негитивная" - }, - "user": "Пользователь", - "clientList": "Клиенты", - "initialAccessToken": "Токен первичного доступа", - "created": "Создано", - "lastUpdated": "Обновлено", - "expires": "Истекает", - "count": "Счетчик", - "remainingCount": "Счетчик остатка", - "expiration": "Истечение", - "clientAuthentication": "Аутентификация клиента", - "frontchannelLogout": "Выход с переднего канала", - "rootUrl": "Корневой URL", - "validRedirectUri": "Валидация URI перенаправления", - "idpInitiatedSsoRelayState": "Передача состояния SSO инициирующим поставщиком идентификации", - "masterSamlProcessingUrl": "Основной URL обработчика SAML", - "nameIdFormat": "Наименование формата ID", - "forceNameIdFormat": "Принудительно использовать формат ID", - "forcePostBinding": "Принудительно использовать POST Binding", - "includeAuthnStatement": "Включать Аутентификационные Заявки", - "includeOneTimeUseCondition": "Включить условие одноразового использования", - "optimizeLookup": "Оптимизация REDIRECT поиска подписанного ключа", - "signDocuments": "Подпись документов", - "signAssertions": "Sign Assertions", - "signatureKeyName": "Наименование ключа сигнатуры SAML", - "canonicalization": "Метод канонизации", - "loginTheme": "Тема страницы входа", - "clientAuthenticator": "Проверка подлинности клиента", - "clientSecret": "Секрет клиента", - "registrationAccessToken": "Токен доступа к регистрации", - "revocation": "Отзыв", - "clustering": "Кластеризация", - "notBefore": "Не ранее чем", - "setToNow": "Установить на сейчас", - "addNode": "Добавить узел", - "push": "Разослать", - "nodeReRegistrationTimeout": "Таймаут узла перерегистрации", - "registeredClusterNodes": "Зарегистрированные узлы кластера", - "nodeHost": "Хост узла", - "lastRegistration": "Последняя регистрация", - "testClusterAvailability": "Протестировать доступность кластера", - "registerNodeManually": "Зарегистрировать узел вручную", - "fineGrainOpenIdConnectConfiguration": "Тонкая настройка конфигурации OpenID Connect", - "fineGrainSamlEndpointConfig": "Тонкая настройка конфигурации конечных точек доступа SAML", - "userInfoSignedResponseAlgorithm": "Алгоритм подписи ответа информации о пользователе", - "requestObjectSignatureAlgorithm": "Алгоритм сигнатуры объекта запроса", - "assertionConsumerServicePostBindingURL": "Привязка URL POST-запроса для сервиса подтверждения потребителей", - "assertionConsumerServiceRedirectBindingURL": "Привязка URL-адреса переадресации для сервиса подтверждения потребителей", - "logoutServicePostBindingURL": "URL для выхода из сервиса в привязанном POST-методе", - "logoutServiceRedirectBindingURL": "URL переадресации для выхода из сервиса", - "accessTokenLifespan": "Продолжительность жизни токена доступа", - "browserFlow": "Сценарий браузера", - "directGrant": "Сценарий Direct Grant Flow", - "useJwksUrl": "Использовать JWKS URL", - "certificate": "Сертификат", - "jwksUrl": "JWKS URL", - "generateNewKeys": "Сгенерировать новые ключи", - "archiveFormat": "Формат архивации", - "keyAlias": "Синоним ключа", - "keyPassword": "Пароль для ключа", - "storePassword": "Пароль хранилища", - "importFile": "Импортировать файл", - "clientType": "'OpenID connect' разрешает клиентам проверить личность конечного пользователя, основанного на выполнении аутентификации на Сервере Авторизации.'SAML' включает веб-сценарии аутентификации и авторизации, включая кроссдоменные центры единого управления доступом (SSO) и использующие токены безопасности, содержащие заявления на передачу информации.", - "serviceAccount": "Разрешает Вам аутентифицировать этого клиента в Keycloak и получить токен доступа специально для этого клиента. В терминах OAuth2 спецификации включает поддержку 'Client Credentials Grant' для этого клиента.", - "authorization": "Включить/Выключить тонко-настраиваемую поддержку авторизации для клиента", - "directAccess": "Включает поддержку Direct Access Grants, которая означает, что клиент имеет доступ к имени пользователя и пароля и обменивает их напрямую с сервером Keycloak на токен доступа. В терминах OAuth2 спецификации означает поддержку 'Resource Owner Password Credentials Grant' для этого клиента.", - "standardFlow": "Включает стандартное OpenID Connect перенаправление, основанное на аутентификации с кодом авторизации. В терминах OpenID Connect или OAuth2 спецификаций включает 'Authorization Code Flow' для этого клиента.", - "implicitFlow": "Включает поддержку OpenID Connect перенаправления, основанного на аутентификации без кода авторизации. В терминах OpenID Connect или OAuth2 спецификаций включает поддержку 'Implicit Flow' для этого клиента.", - "rootURL": "Корневой URL добавляется к относительным URL", - "validRedirectURIs": "Валидирует паттерн URI, на который может быть перенаправлен браузер после успешного входа или выхода. Разрешены простые ссылки, напр. 'http://example.com/*'. Также допускается использовать относительный путь, напр. '/my/relative/path/*'. Относительные пути необходимо указывать относительно корневого URL клиента, или, если он не специфицирован, корневого URL сервера авторизации. Для SAML Вы должны задать валидный паттерн URI, если Вы полагаетесь на URL сервиса потребителя, внедренного в запрос авторизации.", - "nameIdFormatHelp": "Наименование формата ID для использования в теме.", - "forceNameIdFormatHelp": "Игнорирует запрошенный формат заголовка NameID и использует сконфигурированный через консоль администратора.", - "forcePostBindingHelp": "Всегда использовать POST Binding для ответов.", - "includeAuthnStatementHelp": "Должны ли заявки на методы и временные метки быть включены в ответе на вход?", - "includeOneTimeUseConditionHelp": "Должно ли условие одноразового использования быть включено в ответе на вход?", - "optimizeLookupHelp": "При подписи SAML документов при REDIRECT сопоставлении с SP, который обеспечивается безопасностью адаптера Keycloak, должен ли включать ID подписанного ключа в сообщение по протоколу SAML в элемент? Это оптимизирует валидацию сигнатуры, где в качестве проверки используется один ключ вместо попытки проверки каждого ключа во время валидации.", - "signDocumentsHelp": "Должны ли SAML документы быть подписаны в realm?", - "signAssertionsHelp": "Должны ли утверждения внутри SAML документов быть подписаны? Устанавливает отсутствие необходимости подписывать уже подписанные документы.", - "signatureAlgorithm": "Алгоритм, используемый для подписи документов.", - "signatureKeyNameHelp": "Подписанные SAML документы содержат идентификаторы ключей подписи в элементе KeyName. Для Keycloak / RH-SSO контрагентов, используйте KEY_ID, для MS AD FS используйте CERT_SUBJECT, для остальных установите и используйте NONE если другие опции не работают.", - "canonicalizationHelp": "Метод канонизации для XML сигнатур.", - "webOriginsHelp": "Разрешает CORS источникам. Чтобы разрешить всем источники с допустимыми URI-адресами переадресации, добавьте '+'. Чтобы разрешить все источники, добавьте '*'.", - "homeURL": "Используемый URL по умолчанию. Используется в случае, если серверу требуется перенаправление или обратная ссылка на клиента.", - "adminURLHelp": "URL для доступа к интерфейсу администратора в заданном клиенте. Необходимо установить, если клиент поддерживает адаптер REST API. Это REST API разрешает серверу авторизации слать политики отзыва и прочие административные задачи. Обычно устанавливается значение, соответствующее базовому URL клиента.", - "clientHelp": "Выберите клиента, осуществляющего авторизационный запрос. Если не задан, авторизационные запросы будут основаны на том клиенте, в котором вы находитесь.", - "clientIdHelp": "Идентификатор клиента, зарегистрированный с помощью поставщика идентификации.", - "selectUser": "Выберите пользователя, идентификационные данные которого будут использованы для запроса разрешений с сервера.", - "rolesHelp": "Выберите роли, которые вы хотите связать с выбранным пользователем.", - "contextualAttributesHelp": "Любой аттрибут определяется запущенным окружением или контекстом исполнения.", - "applyToResourceTypeHelp": "Определяет, будет ли это разрешение будет применено ко всем ресурсам с данным типом. В этом случае это разрешение будет вычисляться для всех экземпляров с заданным типом ресурса.", - "resourcesHelp": "Определяет, что это разрешение должно быть применено к конкретному экземпляру ресурсов.", - "scopesSelect": "Определяет, что разрешение должно быть применено к одной или нескольким областям.", - "clientNameHelp": "Задает отображаемое название клиента. Например 'My Client'. Поддерживает ключи для локализованных значений. Например\\: ${my_client}", - "descriptionHelp": "Описание шаблона клиента", - "loginThemeHelp": "Выберите тему для страниц входа, временного одноразового пароля (OTP), выдачи разрешений, регистрации и восстановления пароля.", - "encryptAssertionsHelp": "Должны ли SAML утверждения быть зашифрованы публичным ключом клиента, используя AES?", - "clientSignatureHelp": "Будет ли клиент подписывать свои saml запросы и ответы? И должны ли они быть провалидированы?", - "expirationHelp": "Установить срок истечения для событий. Истекшие события периодически удаляются из базы данных.", - "countHelp": "Определяет, как много клиентов может быть создано с помощью этого токена", - "client-authenticator-type": "Проверка подлинности клиента используется для аутентификации этого клиента вместо сервера Keycloak", - "registration-access-token": "Токен доступа к регистрации обеспечивает доступ для клиентов к сервису регистрации клиентов.", - "nodeReRegistrationTimeoutHelp": "Интервал, означающий максимальное время для узлов кластера зарегистрированных клиентов для их перерегистрации. Если узел кластера не может послать запрос перерегистрации в Keycloak за указанное время, то он будет разрегистрирован из Keycloak", - "userInfoSignedResponseAlgorithmHelp": "JWA алгоритм используется для подписи ответа ресурса информации о пользователе. Если установлено в 'unsigned', то ответ инофрмации о пользователе не будет подписан и будет возвращен в формате application/json.", - "requestObjectSignatureAlgorithmHelp": "JWA алгоритм, который необходим клиенту для использования во время отсылки OIDC запроса объекта, специфицированного по 'request' или 'request_uri' параметрам. Если установлено в 'any', то объект запроса будет подписан любым алгоритмом (включая 'none' ).", - "idpInitiatedSsoUrlName": "Имя URL фрагмента, обозначающего клиента, если вы хотите, чтобы SSO был проинициирован поставщиком идентификации. Оставьте это поле пустым, чтобы отключить инициирование SSO с помощью поставщика идентификации. URL для ссылки вашего браузера может быть в следующем виде: {server-root}/realms/{realm}/protocol/saml/clients/{client-url-name}", - "idpInitiatedSsoRelayStateHelp": "Передать состояние, которое вы хотите послать вместе с SAML запросом, которым хотите проиницировать SSO поставщиком идентификации.", - "masterSamlProcessingUrlHelp": "Если URL сконфигурирован, то он будет каждый раз для связывания SP's Assertion Consumer и Single Logout Services. Может быть переопределен индивидуально для связывания каждого сервиса в тонкой настройке конфигурации конечных точек доступа SAML.", - "accessTokenLifespanHelp": "Максимальное время действия токена доступа. Значение рекомендуется устанавливать как можно ближе к таймауту SSO.", - "assertionConsumerServicePostBindingURLHelp": "URL-адрес SAML POST запроса для клиентских сервисов подтверждения потребителей (запросы входа). Вы можете оставить это поле пустым, если не имеете URL для осуществления такой приввязки.", - "assertionConsumerServiceRedirectBindingURLHelp": "SAML переадресация на привязанный URL для клиентского сервиса подтверждения потребителей (запросы входа). Вы можете оставить это поле пустым, если вы не имеете URL для осуществления такой привязки.", - "logoutServicePostBindingURLHelp": "SAML POST связанный URL для клиентского сервиса единого выхода. Если Вы используете другие привязки, то можете оставить это поле пустым.", - "logoutServiceRedirectBindingURLHelp": "SAML переадресует на привязанный URL для единой точки выхода из сервиса для клиентов. Если Вы используете другие привязки, то можете остаавить это поле пустым.", - "frontchannelLogoutHelp": "Когда правила, выход требует перенаправить браузер на клиента. Если ложь, сервер выполняет фоновый режим для выхода из системы.", - "browserFlowHelp": "Выберите сценарий, который вы хотите использовать для аутентификации через браузер.", - "directGrantHelp": "Выберите сценарий, который вы хотите использоваться для аутентификации direct grant.", - "certificateHelp": "Клиентский сертификат для валидации JWT, выпущенный клиентом и подписанный клиентским приватным ключом из Вашего хранилища ключей.", - "jwksUrlHelp": "URL, где клиентские ключи хранятся в формате JWK. Для дополнительных деталей смотрите спецификацию JWK. Если Вы будете использовать адаптер клиента keycloak с учетными записями \"jwt\", то Вы можете использовать URL вашего приложения с суффиксом '/k_jwks'. Например 'http://www.myhost.com/myapp/k_jwks' .", - "archiveFormatHelp": "Формат архивации Java keystore или PKCS12.", - "keyAliasHelp": "Синоним архива для Вашего приватного ключа и сертификата.", - "keyPasswordHelp": "Пароль для доступа к приватного ключу в архиве", - "storePasswordHelp": "Пароль для доступа в сам архив ", - "consentRequired": "Если включено, пользователи должны дать согласие на доступ клиентскому приложению.", - "import": "Импорт JSON файла, содержащего авторизационные настройки для этого сервера ресурсов.", - "policyEnforcementModeHelp": "Режим применения политик диктует, каким образом политики применяются при оценке запросов на авторизацию. «Обязывающая» означает, что запросы запрещены по умолчанию, даже если нет никакой политики, связанной с данным ресурсом. \"Разрешающая\" означает, что запросы разрешены даже если не существует политика, связанная с данным ресурсом. 'Отключено' полностью отключает оценку политики и позволяет получить доступ к любому ресурсу.", - "allowRemoteResourceManagementHelp": "Должны ли ресурсы управляться удаленно сервером ресурсов? Если нет, то ресурсы могут управляться только через консоль администратора. ", - "resourceName": "Уникальное имя для этого ресурса. Имя может быть использовано для уникальной идентификации ресурса, используется при запросах конкретных ресурсов.", - "typeHelp": "Тип этого ресурса. Может быть использовано для группировки различных экземпляров ресурса с тем же типом.", - "uris": "URI, который также может быть использован для уникальной идентификации этого ресурса.", - "scopesHelp": "Области, которые будут посланы после запроса авторизации. Это может быть список областей, разделенных пробелом. По умолчанию 'openid'.", - "fullScopeAllowedHelp": "Отключает все ограничения.", - "resetActions": "Действия сброса", - "scopeName": "Уникальное имя для области. Имя может быть использовано для уникальной идентификации области, используется при запросах конкретных областей.", - "policy-name": "Название этой политики.", - "policy-description": "Описание этой политики.", - "policyDecisionStagey": "Стратегия решения диктует как политики связаны с заданными разрешениями и как формируется окончательное решение. 'Утвердительная' означает, что, по крайней мере, одна политика должна дать положительную оценку для того, чтобы окончательное решение также было положительным. 'Единогласная' означает что все политики должны дать положительную оценку для того, чтобы окончательная оценка также была положительной. 'Консенсусная' означает, что количество положительных решений должно превышать количество отрицательных решений. Если количество положительных и отрицательных решений совпадает, окончательное решение будет отрицательным.", - "applyPolicyHelp": "Определяем все политики, которые должны быть применены к областям, определенным этой политикой или разрешением.", - "policyClient": "Задайте, какие клиенты допущеный этой политикой.", - "policyGroups": "Задайте, какие пользователи допущены этой политикой.", - "policyRoles": "Задайте роли клиента, допущенные этой политикой.", - "startTime": "Определете время, до наступления которого политика НЕ ДОЛЖНА быть разрешена. Разрешено только если текущее время/дата больше или равны заданному значению.", - "expireTime": "Определяет время, после которого политика НЕ ДОЛЖНА быть разрешена. Разрешено только если текущее время/дата менеьше или равны заданному значению.", - "monthHelp": "Определяет месяц, в который политика ДОЛЖНА быть разрешена. Вы также можете определить диапазон, заполнив второе поле. В этом случае разрешение выдается только если текущий месяц равен или находится между заданными значениями.", - "dayMonth": "Определяет день месяца, в который политика ДОЛЖНА быть разрешена. Вы также можете определить диапазон, заполнив второе поле. В этом случае разрешение выдается только если текущий день месяца равен или находится между заданными значениями.", - "hourHelp": "Определяет час, в который политика ДОЛЖНА быть разрешена. Вы также можете определить диапазон, заполнив второе поле. В этом случае разрешение выдается только если текущий час равен или находится между заданными значениями.", - "minuteHelp": "Определяет минуту, в которую политика ДОЛЖНА быть разрешена. Вы также можете определить диапазон, заполнив второе поле. В этом случае разрешение выдается только если текущая минута равна или находится между заданными значениями.", - "policyCode": "Код JavaScript, предоставляющий условия для этой политики.", - "logicHelp": "Логика диктует, как политика должна применяться. Если 'Позитивная', результирующий эффект (разрешение или запрещение) полученный в ходе оценки этой политики будет использован для выполнения решения. Если 'Негативная', результирующий эффект будет отрицательным, другими словами, разрешение становится запрещением и наоборот.", - "permissionName": "Имя этого разрешения.", - "permissionDescription": "Описание этого разрешения.", - "permissionType": "Определяет, что это разрешение должно быть применено ко всем экземплярам ресурсов заданного типа.", - "realmRolePrefix": "Префикс ролей Realm", - "name": "Наименование шаблона клиента. Должно быть уникально для realm", - "protocolHelp": "Какая конфигурация протокола SSO будет поддержана шаблоном клиента", - "prefix": "Префикс для каждой роли Realm (опционально).", - "multiValued": "Отображается, если атрибут поддерживает несколько значений. Если включен, то список всех значений будет претендовать на этот атрибут. В противном случае выбираться будет только первое значение ", - "tokenClaimName": { - "label": "Имя переменной в токене", - "tooltip": "Имя переменной при добавлении ее в токен. Может быть полное имя, например 'address.street'. В таком случае будет создан вложенный json объект." - }, - "claimJsonType": "Тип переменной в JSON, который должен использоваться при добавлении ее в токен. Допустимые значения long, int, boolean, и String.", - "protocolMapper": "Протокол...", - "createGroup": "Создать группу", - "members": "Члены", - "email": "E-mail", - "lastName": "Фамилия", - "firstName": "Имя", - "associatedRolesText": "Ассоциированные роли", - "title": "Аутентификация", - "addRole": "Добавить роль", - "roleName": "Наименование роли", - "composite": "Составная", - "addUser": "Добавить пользователя", - "userName": "Имя пользователя", - "join": "Присоединиться", - "groupMembership": "Членство в группах", - "createdAt": "Создан", - "username": "Имя пользователя", - "emailVerified": "Подтверждение E-mail", - "status": "Статус", - "requiredUserActions": "Требуемые действия от пользователя", - "impersonate": "Имперсонировать", - "verifyEmail": "Подтверждение E-mail", - "consents": "Согласия", - "identityProvider": "Поставщик идентификации", - "identityProviderLinks": "Ссылки поставщика идентификации", - "revoke": "Отобрать", - "credentialType": "Тип", - "resetPassword": "Сброс пароля", - "showPasswordDataValue": "Значение", - "credentialResetBtn": "Сброс учетных данных", - "hours": "часов", - "minutes": "минут", - "seconds": "секунд", - "credentialResetConfirm": "Послать письмо", - "temporaryLocked": "Пользователь может быть заблокирован в случае многократных неудачных попыток входа.", - "emailVerifiedHelp": "Должен ли пользователь подтверждать свой E-mail?", - "requiredUserActionsHelp": "Требует действий от пользователя когда он входит. 'Подтвердить E-mail' высылает письмо пользователю для подтверждения его E-mail. 'Обновить профиль' требует от пользователя ввести новую персональную информацию. 'Обновить пароль' требует от пользователя ввести новый пароль. 'Настроить OTP' требует установить мобильное приложение генерации паролей.", - "groups": "Пользователь является членом группы. Выберите в списке группу и нажмите кнопку Покинуть, чтобы покинуть группу.", - "lastAccess": "Последний доступ", - "adminEvents": "События администратора", - "time": "Время", - "eventType": "Тип события", - "ipAddress": "IP адрес", - "realm": "Realm", - "resourcePath": "Путь к ресурсу", - "resourceTypes": "Типы ресурсов", - "operationType": "Тип операции", - "operationTypes": "Типы операций", - "auth": "Аутентификация", - "representation": "Представление", - "partialImport": "Частичный импорт", - "general": "Главная", - "login": "вход", - "themes": "Темы", - "eventListeners": "Слушатели событий", - "eventListenersHelpText": "Настройка слушателей, получающих события для realm.", - "adminEventsSettings": "Настройки событий администратора", - "saveEvents": "Сохранять события", - "clearAdminEvents": "Очистить события администратора", - "includeRepresentation": "Включить представление", - "from": "От", - "host": "Сервер", - "port": "Порт", - "enableSSL": "Включить SSL", - "enableStartTLS": "Включить StartTLS", - "keystore": "Хранилище ключей", - "providers": "Поставщики", - "uiDisplayName": "Наименование в консоли", - "active": "Активные", - "providerId": "ID", - "kid": "KID", - "provider": "Поставщик", - "publicKeys": "Публичные ключи", - "userRegistration": "Самостоятельная регистрация пользователей", - "userRegistrationHelpText": "Включить/выключить страницу регистрации. Ссылка для регистрации будет также показана на странице входа.", - "rememberMe": "Запомнить меня", - "rememberMeHelpText": "Показать чекбокс на странице входа, чтобы разрешить пользователю запомнить вход в учетную запись в случае если браузерная сессия устареет.", - "registrationEmailAsUsername": "E-mail как имя пользователя", - "loginWithEmail": "Вход по E-mail", - "loginWithEmailHelpText": "Разрешает пользователям входить с помощью E-mail.", - "duplicateEmails": "Дублирующиеся E-mail", - "duplicateEmailsHelpText": "Разрешает разным пользователям иметь один и тот же E-mail. Изменение этой настройки также очистит пользовательский кэш. После выключения поддержки дублирующихся email рекомендуется вручную почистить в базе данных ограничения по E-mail существующим пользователям.", - "editUsername": "Редактируемое имя пользователя", - "htmlDisplayName": "Отображаемое название в HTML", - "requireSsl": "Требует SSL", - "sslType": { - "all": "все запросы", - "external": "внешние запросы", - "none": "нет" - }, - "endpoints": "Конечные точки", - "accountTheme": "Тема учетной записи", - "adminTheme": "Тема консоли администратора", - "emailTheme": "Тема для E-mail", - "SSOSessionIdle": "Таймаут сессии SSO", - "SSOSessionMax": "Ограничение сессии SSO", - "offlineSessionIdle": "Таймаут оффлайн сессии", - "loginTimeout": "Таймаут входа", - "loginActionTimeout": "Таймаут действий по входу", - "revokeRefreshToken": "Одноразовые токены обновления", - "accessTokenLifespanImplicitFlow": "Продолжительность жизни токена доступа для Implicit Flow", - "clientLoginTimeout": "Таймаут авторизации клиента", - "clientProfileDescription": "Описание", - "tokens": "Токены", - "supportedLocales": "Поддерживаемые языки", - "defaultLocale": "Язык по умолчанию", - "validatorDialogColNames": { - "colName": "Наименование роли" - }, - "validatorColNames": { - "colConfig": "Конфигурация" - }, - "eventTypes": { - "IMPERSONATE": { - "name": "Имперсонировать" - }, - "LOGOUT": { - "name": "Выход" - }, - "REGISTER": { - "name": "Регистрация" - }, - "RESET_PASSWORD": { - "name": "Сброс пароля" - } - }, - "deleteEvents": "Очистить события", - "defaultRoles": "Роли по умолчанию", - "defaultGroups": "Группы по умолчанию", - "securityDefences": "Защита безопасности", - "headers": "Заголовки", - "bruteForceDetection": "Определение Brute Force", - "xFrameOptions": "X-Frame-Options", - "contentSecurityPolicy": "Content-Security-Policy", - "xContentTypeOptions": "X-Content-Type-Options", - "failureFactor": "Максимальное количество неудачных попыток входа", - "waitIncrementSeconds": "Порог ожидания", - "maxFailureWaitSeconds": "Максимальное ожидание", - "maxDeltaTimeSeconds": "Время сброса неудачных попыток", - "minimumQuickLoginWaitSeconds": "Минимальное ожидание быстрого входа", - "requireSslHelp": "Требуется ли HTTPS? 'нет' означает, что HTTPS не требуется для клиентов с любым IP адресом. 'Внешние запросы' означает, что localhost и внутренние IP адреса могут получить доступ без HTTPS. 'Все запросы' означает, что HTTPS требуется вне зависимости от IP адреса.", - "accountThemeHelp": "Выберите тему для управления учетной записью пользователя.", - "adminThemeHelp": "Выберите тему для консоли администратора.", - "emailThemeHelp": "Выберите тему для E-mail, которые будут отсылаться с сервера.", - "save-user-events": "Если включено, то события будут сохранены в базу данных, что сделает их доступными администратору и консоли управления учетной записью.", - "save-admin-events": "Если включено, то события администратора будет сохранены в базу данных, что сделает их доступными через консоль администратора.", - "admin-clearEvents": "Удалить все события администратора из базы данных.", - "includeRepresentationHelp": "Включить JSON представление для запросов на создание и обновление.", - "failureFactorHelp": "Количество неудачных попыток входа до блокировки пользователя.", - "waitIncrementSecondsHelp": "Если порог ошибок превышен, сколько времени пользователь будет заблокирован?", - "maxFailureWaitSecondsHelp": "Максимальное время, на которое пользователь будет заблокирован.", - "maxDeltaTimeSecondsHelp": "Через какое время счетчик неудачных попыток будет сброшен?", - "quickLoginCheckMilliSeconds": "Если попытки аутентификации происходят слишком часто, то пользователя необходимо заблокировать.", - "minimumQuickLoginWaitSecondsHelp": "Как долго ждать после неудачной попытки быстрого входа.", - "ssoSessionIdle": "Допустимое время бездействия сессии. По истечении этого времени токены и браузерные сессии становятся невалидными.", - "ssoSessionMax": "Максимальное время до того, как истечет сессия. По истечении этого времени токены и браузерные сессии становятся невалидными.", - "offlineSessionIdleHelp": "Допустимое время бездействия оффлайн сессии. Вам необходимо использовать оффлайн токен для обновления хотя бы раз за этот период, иначе сессия истечет.", - "revokeRefreshTokenHelp": "Если включено, то токены обновления могут быть использованы один раз. Иначе токен отзываться не будет и может использоваться многократно.", - "clientLoginTimeoutHelp": "Максимальное время клиента для завершения протокола access token. Обычно устанавливается равным 1-ой минуте.", - "editUsernameHelp": "Если включено,то имя пользователя можно будет отредактировать, иначе оно будет доступным только для чтения.", - "flows": "Сценарии", - "requiredActions": "Требуемые действия", - "passwordPolicy": "Политики пароля", - "otpPolicy": "Политики OTP", - "otpType": "Тип одноразового пароля OTP", - "policyType": { - "totp": "Основан на времени", - "hotp": "Основан на счетчике" - }, - "otpHashAlgorithm": "Алгоритм хеша OTP", - "otpPolicyDigits": "Количество цифр", - "otpPolicyPeriod": "Период токена OTP", - "initialCounter": "Начальное значение счетчика", - "attestationPreference": { - "none": "нет" - }, - "flow": { - "browser": "Сценарий браузера", - "registration": "Сценарий регистрации", - "direct grant": "Сценарий Direct Grant Flow" - }, - "flowType": "Тип сценария", - "flow-type": { - "basic-flow": "общий", - "form-flow": "форма" - }, - "addExecution": "Добавить исполнение", - "requirement": "Требования", - "alias": "Синоним", - "flowTypeHelp": "Какого типа эта форма", - "topLevelFlowType": "Какой это тип сценария верхнего уровня? Тип \"клиент\" используется для аутентификации клиентов (приложений), когда \"общий\" для пользователей и всего остального", - "aliasHelp": "Синоним уникально идентифицирует поставщика идентификации, а также используется для построения адреса переадресации.", - "otpTypeHelp": "totp является Временным одноразовым паролем. 'hotp' основанный на счетчике одноразовый пароль в котором сервер хранит счетчик хеша.", - "otpHashAlgorithmHelp": "Какой алгоритм хеширования должен быть использован для генерации OTP.", - "otpPolicyDigitsHelp": "Сколько цифр должен иметь OTP?", - "otpPolicyPeriodHelp": "Сколько секунд токен OTP должен быть действителен? По умолчанию 30 секунд.", - "unlinkUsers": "Отвязать пользователей", - "removeImported": "Удалить импортированных", - "vendor": "Поставщик", - "connectionURL": "URL соединения", - "enableStartTls": "Включить StartTLS", - "useTruststoreSpi": "Использование доверенных сертификатов SPI", - "connectionPooling": "Пул соединений", - "connectionTimeout": "Таймаут соединения", - "bindType": "Тип аутентификации", - "bindDn": "Сопоставление DN", - "editMode": "Режим редактирования", - "usersDN": "Пользователи DN", - "usernameLdapAttribute": "Атрибут Username в LDAP", - "rdnLdapAttribute": "Атрибут RDN в LDAP", - "uuidLdapAttribute": "Атрибут UUID в LDAP", - "userObjectClasses": "Классы объектов пользователя", - "searchScope": "Поиск области", - "readTimeout": "Таймаут чтения", - "pagination": "Постраничный вывод", - "importUsers": "Импортировать пользователей", - "batchSize": "Размер пачки", - "periodicFullSync": "Периодическая полная синхронизация", - "fullSyncPeriod": "Период полной синхронизации", - "periodicChangedUsersSync": "Периодическая синхронизация изменений пользователей", - "changedUsersSyncPeriod": "Период синхронизации измененных пользователей", - "kerberosIntegration": "Интеграция с Kerberos", - "allowKerberosAuthentication": "Разрешить аутентификацию Kerberos", - "useKerberosForPasswordAuthentication": "Использовать Kerberos для аутентификации по паролю", - "trustEmail": "Подтверждение E-mail", - "requiredSettings": "Требуемые настройки", - "kerberosRealm": "Kerberos Realm", - "serverPrincipal": "Основной сервер", - "debug": "Отладчик", - "allowPasswordAuthentication": "Разрешить аутентификацию по паролю", - "testAuthentication": "Проверка аутентификации", - "ldapMappersList": "Сопоставления LDAP", - "ldapFilter": "LDAP фильтр", - "selectRole": { - "label": "Выберите роль", - "tooltip": "Введите роль в текстовом поле слева, или нажмите на кнопку, чтобы выбрать желаемую роль." - }, - "vendorHelp": "LDAP поставщик (провайдер)", - "consoleDisplayConnectionUrlHelp": "URL соединения с вашим сервером LDAP", - "connectionTimeoutHelp": "Таймаут соединения с LDAP в миллисекундах", - "bindCredentialsHelp": "Пароль администратора LDAP", - "editModeLdapHelp": "READ_ONLY означает доступ только на чтение из LDAP. WRITABLE означает, что данные будут обратно синхронизированы в LDAP по заявке. UNSYNCED означает, что данные пользователя будут импортированы, но не синхронизированы обратно в LDAP.", - "fullSyncPeriodHelp": "Период для полной синхронизации в секундах", - "changedUsersSyncHelp": "Период для синхронизации измененных или вновь созданных пользователей LDAP в секундах", - "trustEmailHelp": "Если включено, то E-mail, предоставленный этим поставщиком не будет подтвержденным даже если подтверждение включено для realm.", - "debugHelp": "Включить/выключить отладочные логи в стандартный вывод для Krb5LoginModule.", - "allowPasswordAuthenticationHelp": "Включить/выключить возможность аутентификации по имени/пароля вопреки базе данных Kerberos", - "updateFirstLoginHelp": "Обновить профиль при первом входе", - "addIdPMapper": "Добавить сопоставление поставщика учетных записей", - "redirectURI": "URI перенаправления", - "ssoServiceUrl": "Адрес сервиса единой точки входа", - "singleLogoutServiceUrl": "Адреса сервиса единого выхода", - "nameIdPolicyFormat": "Формат политики NameID", - "unspecified": "неопределенный", - "principalType": "Тип идентификации", - "principalAttribute": "Атрибут-идентификатор", - "httpPostBindingResponse": "Привязанный ответ HTTP-POST", - "httpPostBindingAuthnRequest": "Привязывание HTTP-POST для AuthnRequest", - "httpPostBindingLogout": "Привязывание HTTP-POST для выхода", - "wantAuthnRequestsSigned": "Ожидание подписи AuthnRequests", - "samlSignatureKeyName": "Наименование ключа сигнатуры SAML", - "forceAuthentication": "Принудительная аутентификация", - "validatingX509Certs": "Проверка X509 сертификатов", - "authorizationUrl": "URL авторизации", - "tokenUrl": "URL токена", - "logoutUrl": "URL выхода", - "backchannelLogout": "Backchannel Logout", - "disableUserInfo": "Отключить информацию о пользователе", - "userInfoUrl": "URL информации о пользователе", - "issuer": "Эмитент", - "prompt": "Подсказка", - "prompts": { - "none": "нет", - "consent": "согласие", - "login": "вход" - }, - "validateSignature": "Проверка подписей", - "storeTokens": "Хранение токенов", - "storedTokensReadable": "Сохраненные токены доступны на чтение", - "accountLinkingOnly": "Только связывание учетной записи", - "hideOnLoginPage": "Скрыть на странице входа", - "firstBrokerLoginFlowAlias": "Сценарий первого входа", - "postBrokerLoginFlowAlias": "Сценарий после входа", - "userAttribute": "Атрибут пользователя", - "redirectURIHelp": "Этот uri перенаправления используется в том случае, если сконфигурирован поставщик идентификации.", - "displayName": "Дружелюбное имя для провайдеров идентификации.", - "clientSecretHelp": "Секрет клиента, зарегистрированный с помощью поставщика идентификации.", - "discoveryEndpoint": "Импорт метаданных из дескриптора развертывания удаленного поставщика идентификации.", - "importConfig": "Импорт метаданных со скачанного дескриптора развертывания удаленного поставщика идентификации.", - "logoutUrlHelp": "Конечная точка окончания сессии, используемая для выхода пользователя из внешнего IDP.", - "backchannelLogoutHelp": "Поддерживает ли внешний IDP backchannel logout?", - "disableUserInfoHelp": "Отключить использование сервиса информации о пользователе, чтобы получить дополнительную информацию о пользователе? По умолчанию используется сервис OIDC.", - "userInfoUrlHelp": "Url информации о пользователе. Это поле опционально.", - "issuerHelp": "Идентификатор эмитента для эмитента ответа. Если не предоставлен, проверка не будет выполняться.", - "validateSignatureHelp": "Включить/выключить проверку подписей внешних поставщиков идентификации.", - "useJwksUrlHelp": "Если включено, то публичные ключи поставщиков идентификации будет скачаны с заданного JWKS URL. Это дает дополнительную гибкость, так как новые ключи скачиваются каждый раз когда поставщик идентификации создает новую пару. Если выключено, то будут использованы публичные ключи (или сертификат) из базы данных Keycloak, и в случае изменений пары на поставщике идентификации вам будет необходимо каждый раз импортировать новые ключи в базу данных Keycloak.", - "storeTokensHelp": "Включено/выключено хранение токенов после аутентификации пользователя.", - "storedTokensReadableHelp": "Включено/выключено чтение новыми пользователями любых сохраненных токенов. Это назначается ролью broker.read-token.", - "accountLinkingOnlyHelp": "Если установлено, то пользователи не смогут войти через этого провайдера. Только устанавливает связь к этому провайдеру. Используется, если вы не хотите разрешать вход через этого провайдера, но хотите с этим провайдером иметь интеграцию.", - "hideOnLoginPageHelp": "Если скрыто, то вход с этим провайдером возможен только при явном вызове, например при использовании параметра 'kc_idp_hint'.", - "firstBrokerLoginFlowAliasHelp": "Синоним сценария аутентификации, который срабатывает после первого входа с этого поставщика идентификации. Термин 'First Login' означает, что еще не существует учетной записи Keycloak связанной с аутентифицированной учетной записью поставщика идентификации.", - "useEntityDescriptor": "Импортировать метаданные из удаленного дескриптора сущностей IDP SAML.", - "samlEntityDescriptor": "Позволяет вам загрузить метаданные внешнего IDP из файла конфигурации или скачать его из URL.", - "ssoServiceUrlHelp": "Url, который должен быть использован для отправленных запросов на аутентификацию (SAML AuthnRequest).", - "singleLogoutServiceUrlHelp": "Url, который должен быть использован для отправленных запросов на выход.", - "principalTypeHelp": "Определяет, каким образом Keycloak идентифицирует внешних пользователей по SAML-сообщению. По умолчанию идентификация происходит по Subject NameID, в качестве альтернативы можно использовать атрибут-идентификатор.", - "principalAttributeHelp": "Имя (Name) или \"дружественное имя\" (Friendly Name) атрибута, идентифицирующего внешних пользователей.", - "httpPostBindingResponseHelp": "Указывает, необходоимо ли отвечать на завпросы, используя привязку HTTP-POST. Если не задано, то будет использован HTTP-REDIRECT.", - "httpPostBindingAuthnRequestHelp": "Указывает, должны ли AuthnRequest быть посланы, используя привязку HTTP-POST. Если нет, то будет использован HTTP-REDIRECT.", - "wantAuthnRequestsSignedHelp": "Указывает, ожидает ли поставщик идентификации подписанных AuthnRequest.", - "forceAuthenticationHelp": "Указывает, должен ли поставщик идентификации аутентифицировать ведущего напрямую, а не использовать предыдущий контекст безопасности.", - "validateSignatures": "Включает/выключает проверку подписи ответов от SAML.", - "validatingX509CertsHelp": "Сертификат в формате PEM, который должен быть использован для проверки подписи.", - "addIdpMapperName": "Наименование сопоставления.", - "selectARole": "Выберите роль", - "usermodel": { - "prop": { - "label": "Свойство", - "tooltip": "Имя свойства метода в интерфейсе UserModel. Для примера, значение 'email' будет ссылкой на метод UserModel.getEmail()." - }, - "attr": { - "label": "Атрибут пользователя", - "tooltip": "Имя сохраненного атрибута пользователя, которое является именем атрибута, согласованным с UserModel.attribute." - }, - "clientRoleMapping": { - "clientId": { - "label": "ID клиента", - "tooltip": "ID клиента для сопоставления ролей" - }, - "rolePrefix": { - "label": "Префикс ролей клиента", - "tooltip": "Префикс для каждой роли клиента (опционально)." - } - }, - "realmRoleMapping": { - "rolePrefix": { - "label": "Префикс ролей Realm", - "tooltip": "Префикс для каждой роли Realm (опционально)." - } - } - }, - "userSession": { - "modelNote": { - "label": "Заметка сессии пользователя", - "tooltip": "Наименование процедуры заметки сессии пользователя согласованным с UserSessionModel.note." - } - }, - "multivalued": { - "label": "Несколько значений", - "tooltip": "Отображается, если атрибут поддерживает несколько значений. Если включен, то список всех значений будет претендовать на этот атрибут. В противном случае выбираться будет только первое значение " - }, - "jsonType": { - "label": "Тип переменной JSON", - "tooltip": "Тип переменной в JSON, который должен использоваться при добавлении ее в токен. Допустимые значения long, int, boolean, и String." - }, - "includeInIdToken": { - "label": "Добавить в токен ID", - "tooltip": "Должно ли значение быть добавлено в токен ID?" - }, - "includeInAccessToken": { - "label": "Добавить в токен доступа", - "tooltip": "Должно ли значение быть добавлено в токен доступа?" - }, - "includeInUserInfo": { - "label": "Добавить в информацию о пользователе", - "tooltip": "Должно ли требование быть добавлено в информацию о пользователе?" - }, - "sectorIdentifierUri": { - "label": "Сектор идентификации URI", - "tooltip": "Провайдеры, использующие пары вспомогательных значений и поддерживающие динамическую регистрацию клиентов ДОЛЖНЫ использовать sector_identified_uri параметр. Это обеспечивает способ для группы сайтов под общим административным контролем, чтобы иметь последовательные попарные значения независимо от индивидуальных доменных имен. Это также обеспечивает способ для клиентов для изменения redirect_uri доменов, не имещющих возможности перерегистрации всех своих пользователей." - }, - "pairwiseSubAlgorithmSalt": { - "label": "Соль", - "tooltip": "Соль, используемая для вычисления парного субъекта идентификатора. Если поле не заполнено, то соль будет сгенерирована." - }, - "addressClaim": { - "street": { - "label": "Имя пользовательского атрибута, обозначающего Улицу", - "tooltip": "Имя пользовательского атрибута, которое будет использоваться для сопоставления атрибута 'street_address' внутри атрибута 'address' токена. По умолчанию 'street' ." - }, - "locality": { - "label": "Имя пользовательского атрибута, обозначающего Местонахождение", - "tooltip": "Имя пользовательского атрибута, которое будет использоваться для сопоставления атрибута 'locality' внутри атрибута 'address' токена. По умолчанию 'locality' ." - }, - "region": { - "label": "Имя пользовательского атрибута, обозначающего Регион", - "tooltip": "Имя пользовательского атрибута, которое будет использоваться для сопоставления атрибута 'region' внутри атрибута 'address' токена. По умолчанию 'region' ." - }, - "postal_code": { - "label": "Имя пользовательского атрибута, обозначающего Почтовый индекс", - "tooltip": "Имя пользоватеслького атрибута, котоое будет использоваться для сопоставления атрибута 'postal_code' внутри атрибута 'address' токена. По умолчанию 'postal_code' ." - }, - "country": { - "label": "Имя пользовательского атрибута, обозначающего Страна", - "tooltip": "Имя пользовательского атрибута, которое будет использоватлься для сопоставления атрибута 'country' внутри атрибута 'address' токена. По умолчанию 'country' ." - }, - "formatted": { - "label": "Имя пользовательсокого атрибута, обозначающего Формитированный адрес", - "tooltip": "Имя пользовательского атрибута, которое будет использоваться для сопоставления атрибута 'formatted' внутри атрибута 'address' токена. По умолчанию 'formatted' ." - } - }, - "name-id-format": "Наименование формата ID", - "titleAuthentication": "Аутентификация", - "titleEvents": "События", - "titleRoles": "Роли Realm", - "titleUsers": "Пользователи", - "titleSessions": "Сессии", - "authenticationAliasHelp": "Наименование конфигурации", - "authenticationFlowTypeHelp": "Какого типа эта форма", - "scopeNameHelp": "Наименование шаблона клиента. Должно быть уникально для realm", - "scopeDescriptionHelp": "Описание шаблона клиента", - "clientDescriptionHelp": "Задает описание клиента. Например 'Мой клиент для табеля учета времени'. Поддерживает ключи для локализованных значений. Например: ${my_client_description}", - "clientsClientTypeHelp": "'OpenID connect' разрешает клиентам проверить личность конечного пользователя, основанного на выполнении аутентификации на Сервере Авторизации.'SAML' включает веб-сценарии аутентификации и авторизации, включая кроссдоменные центры единого управления доступом (SSO) и использующие токены безопасности, содержащие заявления на передачу информации.", - "clientsClientScopesHelp": "Области, ассоциироваанные с этим ресурсом." -} diff --git a/js/apps/admin-ui/public/locales/zh-CN/translation.json b/js/apps/admin-ui/public/locales/zh-CN/translation.json deleted file mode 100644 index c3825e0f53..0000000000 --- a/js/apps/admin-ui/public/locales/zh-CN/translation.json +++ /dev/null @@ -1,3261 +0,0 @@ -{ - "fullName": "{{familyName}}{{givenName}}", - "unknownUser": "匿名", - "add": "添加", - "yes": "是", - "no": "否", - "create": "创建", - "save": "保存", - "revert": "还原", - "cancel": "取消", - "reload": "重新加载", - "continue": "继续", - "close": "关闭", - "delete": "删除", - "remove": "移除", - "revoke": "撤销", - "search": "搜索", - "key": "键", - "value": "数值", - "noSearchResults": "没有搜索结果", - "noSearchResultsInstructions": "单击上面的搜索栏搜索群组", - "clearAllFilters": "清除所有筛选条件", - "next": "下一步", - "back": "返回", - "finish": "结束", - "skipCustomizationAndFinish": "跳过自定义并完成", - "export": "导出", - "action": "操作", - "download": "下载", - "resourceFile": "资源文件", - "clear": "清除", - "clearFile": "清除该文件", - "clearFileExplain": "是否要清除该文件?", - "on": "开", - "off": "关", - "edit": "编辑", - "enabled": "开启", - "disabled": "禁用", - "disable": "禁用", - "selectOne": "选择一个选项", - "select": "选择", - "choose": "选择...", - "any": "任何", - "none": "无", - "signOut": "退出", - "manageAccount": "管理帐户", - "serverInfo": "服务器信息", - "realmInfo": "领域信息", - "help": "帮助", - "helpLabel": "更多帮助{{label}}", - "helpEnabled": "开启帮助", - "helpDisabled": "关闭帮助", - "documentation": "文档", - "enableHelpMode": "开启帮助模式", - "enableHelp": "帮助已启用", - "learnMore": "了解更多", - "show": "显示", - "hide": "隐藏", - "showRemaining": "显示${remaining}", - "more": "还有{{count}}个", - "test": "测试", - "testConnection": "测试连接", - "name": "名称", - "role": "角色", - "description": "描述", - "type": "类型", - "category": "目录", - "priority": "优先级", - "unexpectedError": "发生意外错误: {{error}}", - "retry": "刷新并继续", - "plus": "加", - "minus": "减", - "confirm": "确认", - "clientScope": "客户范围", - "allTypes": "所有类型", - "home": "首页", - "manage": "管理", - "clients": "客户端", - "clientScopes": "客户端范围", - "realmRoles": "领域角色", - "clientRoles": "客户端角色", - "users": "用户管理", - "groups": "群组管理", - "sessions": "会话", - "events": "事件", - "mappers": "映射", - "permissions": "权限", - "permissionsList": "权限列表", - "permissionsListIntro": "通过单击作用域名称编辑权限列表。然后重定向到名为的客户端的权限详细信息页面 <1>{{realm}}", - "usersPermissionsHint": "用于管理领域中所有用户的细粒度权限。可以定义不同的策略,允许谁管理领域中的用户。", - "clientsPermissionsHint": "细粒度权限,用于管理员管理此客户端或应用此客户端定义的角色。", - "groupsPermissionsHint": "确定是否为管理此角色启用细粒度权限。禁用将删除当前已设置的所有权限。", - "rolesPermissionsHint": "确定是否为管理此角色启用细粒度权限。禁用将删除当前已设置的所有权限。", - "identityProvidersPermissionsHint": "确定是否为管理此角色启用细粒度权限。禁用将删除当前已设置的所有权限。", - "permissionsScopeName": "作用域名称", - "permissionsEnabled": "已启用权限", - "permissionsDisable": "是否禁用权限?", - "permissionsDisableConfirm": "如果禁用权限,将自动删除下面列表中的所有权限。此外,相关的资源和作用域将被删除", - "scopePermissions": { - "clients": { - "manage-description": "决定管理员是否可以管理此客户端的策略", - "configure-description": "减少了管理员的管理权限。无法设置作用域、模板或协议映射器。", - "view-description": "决定管理员是否可以查看此客户端的策略", - "map-roles-description": "决定管理员是否可以映射此客户端定义的角色的策略", - "map-roles-client-scope-description": "决定管理员是否可以将此客户端定义的角色应用于其他客户端的客户端范围的策略", - "map-roles-composite-description": "决定管理员是否可以将此客户端定义的角色作为组合应用于其他角色的策略", - "token-exchange-description": "决定允许哪些客户端将令牌交换为此客户端的令牌的策略。" - }, - "users": { - "view-description": "决定管理员是否可以查看领域中所有用户的策略。", - "manage-description": "决定管理员是否可以管理领域中所有用户的策略。", - "map-roles-description": "决定管理员是否可以为所有用户映射角色的策略。", - "manage-group-membership-description": "决定管理员是否可以管理域中所有用户的组成员身份的策略。这与特定的群组策略一起使用。", - "impersonate-description": "决定管理员是否可以模拟其他用户的策略。", - "user-impersonated-description": "决定可以模拟哪些用户的策略。这些策略将应用于被模拟的用户。" - }, - "groups": { - "view-description": "决定管理员是否可以查看此群组的策略。", - "manage-description": "决定管理员是否可以管理此群组的策略。", - "view-members-description": "决定管理员是否可以查看此群组成员的策略。", - "manage-members-description": "决定管理员是否可以管理此群组成员的策略。", - "manage-membership-description": "决定管理员是否可以在此群组中添加或删除用户的策略。" - }, - "roles": { - "map-role-description": "决定管理员是否可以将此角色映射到用户或群组的策略。", - "map-role-client-scope-description": "决定管理员是否可以将此角色应用于客户端的客户端范围的策略。", - "map-role-composite-description": "决定管理员是否可以将此角色作为复合角色应用于其他角色的策略。" - }, - "identityProviders": { - "token-exchange-description": "决定允许哪些客户端使用此身份提供程序生成的外部令牌交换令牌的策略。" - } - }, - "configure": "配置", - "realmSettings": "领域设置", - "authentication": "身份验证", - "identityProviders": "身份供应商", - "userFederation": "用户联盟", - "settings": "设置", - "details": "详细", - "required": "是否为必填项", - "maxLength": "最大长度{{length}}", - "lessThan": "必须小于 {{value}}", - "greaterThan": "必须大于 {{value}}", - "createRealm": "创建领域", - "recent": "最近", - "jumpToSection": "跳转到", - "Sunday": "星期日", - "Monday": "星期一", - "Tuesday": "星期二", - "Wednesday": "星期三", - "Thursday": "星期四", - "Friday": "星期五", - "Saturday": "星期六", - "filterByRoles": "按领域角色筛选", - "filterByClients": "按客户端筛选", - "assignRole": "分配角色", - "assign": "赋予", - "unAssignRole": "取消分配", - "hideInheritedRoles": "隐藏继承的角色", - "assignRolesTo": "为{{client}}账号分配角色", - "inherent": "继承", - "unitLabel": "选择时间单位", - "times": { - "seconds": "秒", - "minutes": "分", - "hours": "小时", - "days": "天", - "years": "年" - }, - "attributes": "属性", - "missingAttributes": "尚未定义任何属性。单击下面的按钮添加属性,密钥和值是密钥对所必需的。", - "addAttribute": "添加属性", - "removeAttribute": "移除属性", - "keyPlaceholder": "输入一个键", - "valuePlaceholder": "输入一个值", - "keyError": "必须至少提供一个键。", - "valueError": "必须至少提供一个值。", - "credentials": "凭证", - "clientId": "客户端ID", - "clientName": "客户端名称", - "id": "ID", - "addMapper": "添加映射器", - "createNewMapper": "创建映射", - "searchForMapper": "搜索映射器", - "mapperType": "映射器类型", - "mappingDeletedSuccess": "映射删除成功", - "mappingDeletedError": "无法删除映射: {{error}}", - "mappingDetails": "映射详情", - "mappingUpdatedSuccess": "映射更新成功", - "mappingUpdatedError": "无法更新映射: {{error}}", - "mappingCreatedSuccess": "映射创建成功", - "mappingCreatedError": "无法创建映射: {{error}}", - "deleteMappingTitle": "删除映射?", - "deleteMappingConfirm": "是否要删除此映射?", - "emptyMappers": "无映射", - "emptyMappersInstructions": "如果要添加映射,请单击下面的按钮添加预设的映射或配置新的映射", - "emptyPrimaryAction": "添加预设的映射", - "leave": "离开", - "reorder": "重新排序", - "onDragStart": "开始拖动{{item}}", - "onDragMove": "正在拖动{{item}}", - "onDragCancel": "已取消拖动。列表未更改。", - "onDragFinish": "拖动完成{{list}}", - "notFound": "找不到您要查找的资源", - "password": "密码", - "passwordConfirmation": "确认密码", - "temporaryPassword": "临时密码", - "temporaryPasswordHelpText": "如果启用,用户需要在下次登录时更改密码", - "forbidden_one": "禁止, needed: 权限", - "forbidden_other": "禁止, needed: 权限", - "noRealmRolesToAssign": "没有要分配的领域角色", - "loadingRealms": "领域加载中...", - "helpToggleInfo": "此开关将启用/禁用UI中的部分帮助信息。包括任何帮助文本、链接和弹出窗口", - "showPassword": "以明文展示密码字段", - "helpFileUpload": "上传 JSON 文件", - "helpFileUploadClient": "上传 JSON 或 XML 文件", - "dragHelp": "按空格键或回车键开始拖动,并使用箭头键向上或向下导航。按回车键确认拖动,或按任何其他键取消拖动操作", - "realmName": "领域名称", - "welcome": "欢迎访问", - "introduction": "如果您想离开此页面并管理此领域,请单击左侧导航栏中相应的菜单项。", - "version": "版本", - "product": "产品名称", - "profile": "配置文件", - "enabledFeatures": "启用的功能", - "experimental": "实验性", - "preview": "预览", - "supported": "已获支持", - "infoEnabledFeatures": "显示已启用的预览和实验功能。", - "infoDisabledFeatures": "显示所有禁用的功能。", - "disabledFeatures": "禁用的功能", - "providerInfo": "供应商信息", - "providers": "添加供应商", - "spi": "SPI", - "showMore": "显示更多", - "showLess": "显示更少", - "memory": "内存", - "totalMemory": "内存总量", - "freeMemory": "空余内存", - "usedMemory": "已用内存", - "protocolTypes": { - "all": "全部", - "saml": "SAML", - "openid-connect": "OpenID Connect" - }, - "protocol": "协议", - "copy": "复制", - "copied": "授权细节已复制。", - "copyError": "复制授权详情时出错:{{error}}", - "exportAuthDetailsS​​uccess": "成功导出授权详情。", - "exportAuthDetailsError": "导出授权详细信息时出错:{{error}}", - "clientType": "客户端类型", - "clientAuthorization": "授权", - "implicitFlow": "隐式流", - "createClient": "创建客户端", - "importClient": "导入客户端", - "homeURL": "主页 URL", - "webOrigins": "网络根源", - "addWebOrigins": "添加网络根源", - "adminURL": "管理网址", - "formatOption": "格式选项", - "encryptAssertions": "加密断言", - "clientSignature": "需要客户端签名", - "downloadAdaptorTitle": "下载适配器配置", - "privateKeyMask": "私钥未设置或未知", - "keys": "密钥", - "roles": "角色", - "createRole": "创建角色", - "noRoles": "此用户没有角色", - "noRolesInstructions": "您尚未为此用户分配任何角色。分配角色以开始。", - "addClientScope": "添加客户端范围", - "dedicatedScopeName": "{{clientName}}-dedicated", - "dedicatedScopeDescription": "此客户端的专用范围和映射器", - "dedicatedScopes": "专用范围", - "fullScopeAllowed": "允许全范围", - "addClientScopesTo": "将客户端范围添加到 {{clientName}}", - "clientScopeRemoveSuccess": "范围映射成功移除", - "clientScopeRemoveError": "无法移除范围映射 {{error}}", - "clientScopeSuccess": "作用域映射已更新", - "clientScopeError": "无法更新作用域映射{{error}}", - "searchByName": "按名称搜索", - "setup": "设置", - "selectAUser": "选择一个用户", - "selectARole": "选择一个角色", - "client": "客户端", - "evaluateError": "无法评估,由于: {{error}}", - "evaluate": "评估", - "reevaluate": "重新评估", - "showAuthData": "显示授权数据", - "authData": "授权数据", - "authDataDescription": "表示作为处理授权请求的结果携带授权数据的令牌。这种表示基本上是 Keycloak 向请求许可的客户端发出的内容。检查 `authorization` 声明以获取基于当前授权请求。", - "results": "结果", - "allResults": "所有结果", - "resultPermit": "结果许可", - "resultDeny": "结果拒绝", - "permit": "允许", - "deny": "拒绝", - "unanimous": "一致", - "affirmative": "肯定的", - "consensus": "共识", - "votedToStatus": "投票给{{status}}", - "overallResults": "总体结果", - "grantedScopes": "授权范围", - "deniedScopes": "拒绝范围", - "permission": "权限", - "lastEvaluation": "上次评估", - "resourcesAndScopes": "资源和范围", - "authScopes": "授权范围", - "authDetails": "授权详情", - "anyResource": "任何资源", - "anyScope": "任何范围", - "selectScope": "选择范围", - "applyToResourceType": "应用于资源类型", - "contextualInfo": "上下文信息", - "contextualAttributes": "上下文属性", - "selectOrTypeAKey": "选择或键入一个键", - "custom": "自定义属性...", - "kc": { - "identity": { - "authc": { - "method": "认证方式" - } - }, - "realm": { - "name": "领域" - }, - "time": { - "date_time": "日期/时间 (月/天/年 时:分:秒)" - }, - "client": { - "network": { - "ip_address": "客户端IPv4地址", - "host": "客户端主机" - }, - "user_agent": "客户端/用户 代理" - } - }, - "oneTimePassword": "一次性密码", - "kerberos": "kerberos", - "removeMappingTitle": "移除角色?", - "removeMappingConfirm_one": "您确定要移除这个角色吗?", - "removeMappingConfirm_other": "您确定要移除 {{count}} 个角色", - "clientScopeSearch": { - "name": "姓名", - "type": "赋值类型", - "protocol": "协议" - }, - "authorization": "授权", - "policyEnforcementMode": "策略执行模式", - "policyEnforcementModes": { - "ENFORCING": "强制执行", - "PERMISSIVE": "获准使用", - "DISABLED": "禁用" - }, - "decisionStrategy": "决策策略", - "decisionStrategies": { - "UNANIMOUS": "无异议", - "AFFIRMATIVE": "肯定的", - "CONSENSUS": "共识" - }, - "importResources": "将导入以下设置和数据:", - "importWarning": "上面导入的数据和设置可能会覆盖已经存在的数据和设置。", - "importResourceSuccess": "资源导入成功", - "importResourceError": "由于 {{error}} 无法导入资源", - "createResource": "创建资源", - "resourceDetails": "资源详情", - "emptyPermissions": "无权限", - "emptyPermissionInstructions": "如果要创建权限,请点击下方按钮创建基于资源或基于范围的权限。", - "noScopeCreateHint": "您需要先创建授权范围。", - "noResourceCreateHint": "没有资源您不能创建基于资源的权限", - "createResourceBasedPermission": "创建基于资源的权限", - "createScopeBasedPermission": "创建基于范围的权限", - "displayName": "显示名称", - "addUri": "添加 URI", - "authorizationScopes": "授权范围", - "iconUri": "图标 URI", - "ownerManagedAccess": "启用用户管理访问", - "resourceAttribute": "资源属性", - "createResourceSuccess": "资源创建成功", - "updateResourceSuccess": "资源更新成功", - "resourceSaveError": "由于{{error}}无法保留资源", - "associatedPermissions": "关联权限", - "allowRemoteResourceManagement": "远程资源管理", - "resources": "资源", - "resource": "资源", - "emptyResources": "没有资源", - "emptyResourcesInstructions": "如果您想创建资源,请点击下面的按钮。", - "scope": "作用域", - "owner": "所有者", - "uris": "URIs", - "scopes": "范围", - "policies": "策略", - "createPermission": "创建权限", - "permissionDetails": "权限详情", - "deleteResource": "永久删除资源?", - "deleteResourceConfirm": "如果删除此资源,部分权限将受到影响。", - "deleteResourceWarning": "当其他资源不再使用时,以下权限将被删除:", - "resourceDeletedSuccess": "资源删除成功", - "resourceDeletedError": "无法删除资源 {{error}}", - "identityInformation": "身份信息", - "searchForPermission": "搜索权限", - "deleteScope": "永久删除授权范围?", - "deleteScopeConfirm": "如果删除此授权范围,部分权限将受到影响。", - "deleteScopeWarning": "以下权限将在不再被其他授权范围使用时删除:", - "resourceScopeSuccess": "权限范围删除成功", - "resourceScopeError": "由于{{error}},无法删除授权范围", - "associatedPolicy": "关联政策", - "deletePermission": "永久删除权限?", - "deletePermissionConfirm": "您确定要删除权限 {{permission}}", - "permissionDeletedSuccess": "成功删除权限", - "permissionDeletedError": "由于{{error}}无法删除权限", - "applyToResourceTypeFlag": "应用于资源类型", - "resourceType": "资源类型", - "createPermissionSuccess": "成功创建权限", - "updatePermissionSuccess": "成功更新权限", - "permissionSaveError": "由于{{error}}无法更新权限", - "createAuthorizationScope": "创建授权范围", - "authorizationScopeDetails": "授权范围详情", - "emptyAuthorizationScopes": "无授权范围", - "emptyAuthorizationInstructions": "如果要创建授权范围,请点击下方按钮创建授权范围", - "createScopeSuccess": "授权范围创建成功", - "updateScopeSuccess": "授权范围更新成功", - "scopeSaveError": "由于{{error}},无法保留授权范围", - "createPolicy": "创建客户端策略", - "policyDetails": "策略详情", - "createPolicyOfType": "创建 {{policyType}} 策略", - "dependentPermission": "依赖权限", - "deletePolicy": "永久删除策略?", - "deletePolicyConfirm": "如果删除此策略,某些权限或聚合策略将受到影响。", - "deletePolicyWarning": "以下聚合策略将自动删除:", - "policyDeletedSuccess": "策略已成功删除", - "policyDeletedError": "无法删除资源 {{error}}", - "emptyPolicies": "没有策略", - "emptyPoliciesInstructions": "如果您要创建策略,请点击下面的按钮创建策略。", - "chooseAPolicyType": "选择策略类型", - "chooseAPolicyTypeInstructions": "从下面的列表中选择一个策略类型,然后您可以配置一个新的授权策略。这有一些类型和描述。", - "policyProvider": { - "regex": "为您的权限定义正则表达式条件。", - "role": "为您的权限定义条件,允许一组一个或多个角色访问一个对象。", - "js": "使用 JavaScript 为您的权限定义条件。它是 Keycloak 支持的基于规则的策略类型之一,并具有编写基于 Evaluation API 的任何策略的灵活性。", - "client": "定义允许一组一个或多个客户端访问对象的权限条件。", - "time": "为您的权限定义时间条件。", - "user": "定义允许一组一个或多个用户访问对象的权限条件。", - "client-scope": "为您的权限定义条件,允许一组一个或多个客户端范围访问一个对象。", - "aggregate": "重用现有策略来构建更复杂的策略,并使您的权限与授权请求处理期间评估的策略更加分离。", - "group": "为您的权限定义条件,允许一组一个或多个组(及其层次结构)访问一个对象。" - }, - "applyPolicy": "应用策略", - "addClientScopes": "添加客户端范围", - "emptyAddClientScopes": "无客户端范围", - "emptyAddClientScopesInstructions": "没有要添加的客户端范围", - "groupsClaim": "团体声明", - "addGroups": "添加群组", - "requiredClient": "请至少添加一个客户端。", - "requiredClientScope": "请至少添加一个客户端范围。", - "requiredGroups": "请至少添加一组。", - "requiredRoles": "请至少添加一个角色。", - "addGroupsToGroupPolicy": "将群组添加到群组策略", - "extendToChildren": "扩展到子级", - "targetClaim": "目标声明", - "regexPattern": "正则表达式模式", - "addRoles": "添加角色", - "startTime": "开始时间", - "repeat": "重复", - "notRepeat": "不重复", - "month": "月", - "dayMonth": "日", - "hour": "小时", - "minute": "分钟", - "code": "代码", - "expireTime": "过期时间", - "logic": "逻辑", - "logicType": { - "positive": "肯定", - "negative": "否定" - }, - "createPolicySuccess": "成功创建策略", - "updatePolicySuccess": "成功更新策略", - "policySaveError": "由于{{error}}无法更新策略", - "assignedClientScope": "分配的客户范围", - "assignedType": "分配类型", - "emptyClientScopes": "此客户端没有任何添加的客户端范围", - "emptyClientScopesInstructions": "当前没有链接到此客户端的客户端范围。您可以将现有的客户端范围添加到此客户端以共享协议映射器和角色。", - "emptyClientScopesPrimaryAction": "添加客户端范围", - "scopeParameter": "作用域参数", - "scopeParameterPlaceholder": "选择范围参数", - "effectiveProtocolMappers": "有效的协议映射器", - "effectiveRoleScopeMappings": "有效角色范围映射", - "generatedAccessToken": "生成的访问令牌", - "generatedIdToken": "生成的 ID 令牌", - "generatedIdTokenNo": "没有生成 id 令牌", - "generatedIdTokenIsDisabled": "未选择用户时禁用生成的 ID 令牌", - "generatedUserInfo": "生成的用户信息", - "generatedUserInfoNo": "没有生成用户信息", - "generatedUserInfoIsDisabled": "未选择用户时禁用生成的用户信息", - "searchForProtocol": "搜索协议映射器", - "parentClientScope": "父级客户端范围", - "searchForRole": "搜索角色", - "origin": "产地", - "user": "用户", - "generatedAccessTokenNo": "没有生成访问令牌", - "generatedAccessTokenIsDisabled": "未选择用户时禁用生成的访问令牌", - "clientList": "客户端", - "clientsList": "客户端列表", - "initialAccessToken": "初始访问令牌", - "expirationValueNotValid": "值应该大于或等于 1", - "clientSettings": "客户端详情", - "selectEncryptionType": "选择加密类型", - "generalSettings": "通用设置", - "alwaysDisplayInUI": "始终显示在 UI 中", - "capabilityConfig": "功能配置", - "clientsExplain": "客户端是可以请求用户身份验证的应用程序和服务。", - "explainBearerOnly": "这是一种特殊的 OIDC 类型。此客户端只允许承载令牌请求,不能参与浏览器登录。", - "createSuccess": "身份供应商已成功创建", - "createError": "无法创建身份供应商:{{error}}", - "clientImportError": "无法导入客户端:{{error}}", - "clientSaveSuccess": "客户端更新成功", - "clientSaveError": "无法更新客户端:{{error}}", - "clientImportSuccess": "客户端导入成功", - "clientDelete": "删除客户端 {{clientId}} 吗?", - "clientDeletedSuccess": "客户端已删除", - "clientDeleteError": "无法删除客户端:{{error}}", - "clientDeleteConfirmTitle": "删除客户端?", - "disableConfirmTitle": "禁用领域?", - "downloadAdapterConfig": "下载适配器配置", - "disableConfirm": "您确定要禁用供应商'{{provider}}'", - "clientDeleteConfirm": "如果您删除此客户端,所有相关数据都将被删除。", - "searchInitialAccessToken": "搜索令牌", - "createToken": "创建初始访问令牌", - "tokenDeleteConfirm": "您确定要永久删除初始访问令牌 {{id}}", - "tokenDeleteConfirmTitle": "删除初始访问令牌?", - "tokenDeleteSuccess": "初始访问令牌删除成功", - "tokenDeleteError": "无法删除初始访问令牌:'{{error}}'", - "timestamp": "创建日期", - "created": "已创建", - "lastUpdated": "最后更新", - "expires": "过期", - "count": "数量", - "remainingCount": "剩余数量", - "expiration": "过期", - "noTokens": "没有初始访问令牌", - "noTokensInstructions": "您还没有创建任何初始访问令牌。通过单击“创建”创建一个初始访问令牌。", - "tokenSaveSuccess": "已创建新的初始访问令牌", - "tokenSaveError": "无法创建初始访问令牌 {{error}}", - "initialAccessTokenDetails": "初始访问令牌详细信息", - "copyInitialAccessToken": "请在关闭前复制并粘贴初始访问令牌,因为以后无法检索它。", - "copySuccess": "成功复制到剪贴板!", - "clipboardCopyError": "复制到剪贴板时出错。", - "copyToClipboard": "复制到剪贴板", - "clientRegistration": "客户端注册", - "anonymousAccessPolicies": "匿名访问策略", - "authenticatedAccessPolicies": "经过身份验证的访问策略", - "provider": "供应者", - "providerId": "供应商ID", - "providerCreateSuccess": "新客户端策略创建成功", - "providerCreateError": "由于{{error}}无法创建客户端策略", - "providerUpdatedSuccess": "客户端策略更新成功", - "providerUpdatedError": "由于{{error}}无法更新客户端策略", - "clientRegisterPolicyDeleteConfirmTitle": "删除客户端注册策略?", - "clientRegisterPolicyDeleteConfirm": "您确定要永久删除客户端注册策略{{name}}", - "clientRegisterPolicyDeleteSuccess": "客户端注册策略删除成功", - "clientRegisterPolicyDeleteError": "无法删除客户端注册策略:'{{error}}'", - "chooseAPolicyProvider": "选择策略供应商", - "clientAuthentication": "客户端认证", - "authenticationFlow": "认证流程", - "standardFlow": "标准流程", - "directAccess": "直接访问授权", - "serviceAccount": "服务账户角色", - "oauthDeviceAuthorizationGrant": "OAuth 2.0 设备授权授予", - "oidcCibaGrant": "OIDC CIBA 补助金", - "enableServiceAccount": "启用服务账户角色", - "searchByRoleName": "按角色名称搜索", - "roleMappingUpdatedSuccess": "已成功更新用户角色映射", - "roleMappingUpdatedError": "无法更新角色映射 {{error}}", - "displayOnClient": "在页面上显示客户端", - "consentScreenText": "许可页面的显示文本", - "loginSettings": "登录设置", - "logoutSettings": "注销设置", - "backchannelLogoutUrl": "反向通道注销 URL", - "backchannelUrlInvalid": "反向通道注销 URL 不是有效的 URL", - "backchannelLogoutSessionRequired": "需要反向通道注销会话", - "backchannelLogoutRevokeOfflineSessions": "后台注销撤销离线会话", - "frontchannelLogout": "前台通道注销", - "frontchannelLogoutUrl": "前端通道注销 URL", - "frontchannelUrlInvalid": "前端通道注销 URL 不是有效 URL", - "accessSettings": "访问设置", - "rootUrl": "根网址", - "validRedirectUri": "有效的重定向 URI", - "validPostLogoutRedirectUri": "有效的注销后重定向 URI", - "idpInitiatedSsoUrlName": "IDP 发起的 SSO URL 名称", - "idpInitiatedSsoUrlNameHelp": "当您想执行 IDP 发起的 SSO 时引用客户端的 URL 片段名称。将此留空将禁用 IDP 发起的 SSO。您将从浏览器引用的 URL 将是:{server-root}/realms/{realm }/protocol/saml/clients/{client-url-name}", - "idpInitiatedSsoRelayState": "IDP 发起的 SSO 中继状态", - "masterSamlProcessingUrl": "主 SAML 处理 URL", - "samlCapabilityConfig": "SAML 功能", - "signatureAndEncryption": "签名和加密", - "nameIdFormat": "姓名ID格式", - "forceNameIdFormat": "强制名称 ID 格式", - "forcePostBinding": "强制 POST 绑定", - "forceArtifactBinding": "强制神器绑定", - "includeAuthnStatement": "包括验证声明", - "includeOneTimeUseCondition": "包括一次性使用的条件", - "optimizeLookup": "优化重定向签名密钥查找", - "signDocuments": "签署文件", - "signAssertions": "签署断言", - "signatureKeyName": "SAML 签名密钥名称", - "canonicalization": "规范化方法", - "addRedirectUri": "添加有效的重定向 URI", - "addPostLogoutRedirectUri": "添加有效的注销后重定向 URI", - "loginTheme": "登录页面主题", - "consentRequired": "需要授权", - "clientAuthenticator": "客户端验证器", - "changeAuthenticatorConfirmTitle": "更改为 {{clientAuthenticatorType}}?", - "changeAuthenticatorConfirm": "如果您将身份验证器更改为 {{clientAuthenticatorType}},Keycloak 数据库将更新,您可能需要为此客户端下载新的适配器配置。", - "signedJWTConfirm": "从密钥选项卡为客户端生成私钥和证书。", - "anyAlgorithm": "任何算法", - "clientSecret": "客户端密码", - "regenerate": "重新生成", - "secretExpiresOn": "密码在 {{time}} 过期", - "secretRotated": "密码轮换使用", - "invalidateSecret": "无效", - "secretHasExpired": "密码已过期,请点击上面的 \"Regenerate\" 按钮生成一个新的 Secret", - "invalidateRotatedSecret": "使轮换使用的密码无效?", - "invalidateRotatedSecretExplain": "使轮换使用的密码无效后,轮换的秘密将被自动删除", - "invalidateRotatedSuccess": "轮换使用的秘密成功删除", - "invalidateRotatedError": "无法删除轮换使用的密码:{{error}}", - "confirmClientSecretTitle": "为这个客户端重新生成密码?", - "confirmClientSecretBody": "如果您重新生成密钥,Keycloak 数据库将被更新,您将需要为此客户端下载一个新的适配器。", - "confirmAccessTokenTitle": "重新生成注册访问令牌?", - "confirmAccessTokenBody": "如果您重新生成注册访问令牌,将更新有关客户端注册服务的访问数据。", - "clientSecretSuccess": "重新生成客户端密码", - "clientSecretError": "无法重新生成客户端密码,因为:{{error}}", - "signingKeysConfig": "签名密钥配置", - "signingKeysConfigExplain": "如果您启用下面的\"需要客户端签名\",您必须通过生成或导入密钥来配置签名密钥,客户端将签署他们的 saml 请求和响应。签名将被验证。", - "encryptionKeysConfig": "加密密钥配置", - "encryptionKeysConfigExplain": "如果启用下面的\"加密断言\",则必须通过生成或导入密钥来配置加密密钥,SAML 断言将使用 AES 使用客户端的公钥进行加密。", - "enableClientSignatureRequired": "启用\"需要客户端签名\"?", - "enableClientSignatureRequiredExplain": "如果启用\"需要客户端签名\",此客户端的适配器将被更新。您可能需要为此客户端下载一个新的适配器。您需要为此客户端生成或导入密钥,否则身份验证不管用。", - "selectMethod": "选择方法", - "selectMethodType": { - "generate": "生成", - "import": "导入" - }, - "realmCertificateAlias": "领域证书别名", - "exportSamlKeyTitle": "导出 SAML 密钥", - "samlKeysExportSuccess": "成功导出密钥", - "samlKeysExportError": "无法导出密钥,因为:{{error}}", - "browse": "浏览", - "importKey": "导入密钥", - "disableSigning": "禁用\"{{key}}\"", - "disableSigningExplain": "如果您禁用 \"{{key}}\",Keycloak 数据库将更新,您可能需要为此客户端下载新的适配器。", - "reGenerateSigning": "为此客户端重新生成签名密钥", - "reGenerateSigningExplain": "如果您为客户端重新生成签名密钥,Keycloak 数据库将更新,您可能需要为此客户端下载新的适配器。", - "registrationAccessToken": "注册访问令牌", - "accessTokenSuccess": "重新生成访问令牌", - "accessTokenError": "无法重新生成访问令牌,因为:{{error}}", - "signatureAlgorithm": "签名算法", - "allowRegexComparison": "允许正则表达式模式比较", - "subject": "主题 DN", - "searchForClient": "搜索客户", - "advanced": "高级", - "revocation": "撤销", - "clustering": "集群", - "notBefore": "不早于", - "setToNow": "设置到现在", - "noAdminUrlSet": "没有发送推送。没有配置管理 URI 或没有可用的注册集群节点", - "notBeforeSetToNow": "不在为客户端设置之前", - "notBeforeNowClear": "之前未为客户端清除", - "notBeforePushFail": "无法将 \"not before\" 推送到:{{failedNodes}}", - "notBeforePushSuccess": "成功推送 \"not before\" 到:{{successNodes}}", - "testClusterFail": "验证可用性失败:{{failedNodes}}。修复或注销失败的集群节点并重试", - "testClusterSuccess": "成功验证可用性:{{successNodes}}", - "deleteNode": "删除节点?", - "deleteNodeBody": "您确定要永久删除节点\"{{node}}\"", - "deleteNodeSuccess": "节点删除成功", - "deleteNodeFail": "无法删除节点。因为'{{error}}'", - "addedNodeSuccess": "节点添加成功", - "addedNodeFail": "无法添加节点。因为'{{error}}'", - "addNode": "添加节点", - "push": "推送", - "nodeReRegistrationTimeout": "节点重新注册超时", - "registeredClusterNodes": "注册集群节点", - "nodeHost": "节点主机", - "noNodes": "没有节点注册", - "noNodesInstructions": "没有节点注册,您可以手动添加一个。", - "lastRegistration": "上次注册", - "testClusterAvailability": "测试集群可用性", - "registerNodeManually": "手动注册节点", - "fineGrainOpenIdConnectConfiguration": "细粒度 OpenID 连接配置", - "fineGrainSamlEndpointConfig": "细粒度 SAML 端点配置", - "logoUrl": "徽标网址", - "policyUrl": "策略网址", - "termsOfServiceUrl": "服务条款网址", - "accessTokenSignatureAlgorithm": "访问令牌签名算法", - "idTokenSignatureAlgorithm": "ID令牌签名算法", - "idTokenEncryptionKeyManagementAlgorithm": "ID令牌加密密钥管理算法", - "userInfoResponseEncryptionKeyManagementAlgorithm": "用户信息响应加密密钥管理算法", - "userInfoResponseEncryptionContentEncryptionAlgorithm": "用户信息响应加密内容加密算法", - "idTokenEncryptionContentEncryptionAlgorithm": "ID令牌加密内容加密算法", - "userInfoSignedResponseAlgorithm": "用户信息签名响应算法", - "requestObjectSignatureAlgorithm": "请求对象签名算法", - "requestObjectRequired": "需要请求对象", - "requestObject": { - "not required": "非必需", - "request or request_uri": "请求或请求 URI", - "request only": "仅请求", - "request_uri only": "仅请求 URI" - }, - "requestObjectEncryption": "请求对象加密算法", - "requestObjectEncoding": "请求对象内容加密算法", - "validRequestURIs": "有效的请求 URI", - "addRequestUri": "添加有效的请求 URI", - "authorizationSignedResponseAlg": "授权响应签名算法", - "authorizationEncryptedResponseAlg": "授权响应加密密钥管理算法", - "authorizationEncryptedResponseEnc": "授权响应加密内容加密算法", - "openIdConnectCompatibilityModes": "开放 ID 连接兼容模式", - "excludeSessionStateFromAuthenticationResponse": "从身份验证响应中排除会话状态", - "useRefreshTokens": "使用刷新令牌", - "useRefreshTokenForClientCredentialsGrant": "使用刷新令牌授予客户端凭据", - "useLowerCaseBearerType": "在令牌响应中使用小写承载类型", - "assertionConsumerServicePostBindingURL": "断言消费者服务 POST 绑定 URL", - "assertionConsumerServiceRedirectBindingURL": "断言消费者服务重定向绑定 URL", - "logoutServicePostBindingURL": "注销服务 POST 绑定 URL", - "logoutServiceRedirectBindingURL": "注销服务重定向绑定URL", - "logoutServiceSoapBindingUrl": "注销服务 SOAP 绑定 URL", - "logoutServiceArtifactBindingUrl": "注销服务 ARTIFACT 绑定 URL", - "artifactBindingUrl": "工件绑定 URL", - "artifactResolutionService": "工件解析服务", - "advancedSettings": "高级设置", - "assertionLifespan": "断言寿命", - "accessTokenLifespan": "访问令牌寿命", - "clientSessionIdle": "客户端会话空闲时间", - "clientSessionMax": "客户端会话最长时间", - "clientOfflineSessionIdle": "客户端离线令牌空闲", - "clientOfflineSessionMax": "客户端离线令牌最大值", - "oAuthMutual": "OAuth 2.0 相互 TLS 证书绑定访问令牌已启用", - "keyForCodeExchange": "代码交换代码挑战方法的证明密钥", - "pushedAuthorizationRequestRequired": "需要推送授权请求", - "acrToLoAMapping": "ACR 到 LoA 映射", - "defaultACRValues": "默认 ACR 值", - "authenticationOverrides": "身份验证流程覆盖", - "browserFlow": "浏览器流程", - "directGrant": "直接授权流程", - "jwksUrlConfig": "JWKS URL 配置", - "keysIntro": "如果 \"Use JWKS URL switch\" 被打开,您需要填写一个有效的 JWKS URL。保存后,管理员可以从 JWKS URL 下载密钥,或者密钥将在看到这些东西时由 Keycloak 服务器自动下载匿名的 KID 签名", - "useJwksUrl": "使用 JWKS URL", - "certificate": "证书", - "jwksUrl": "JWKS 网址", - "generateNewKeys": "生成新密钥", - "generateKeys": "生成密钥?", - "generate": "生成", - "archiveFormat": "存档格式", - "keyAlias": "秘钥别名", - "keyPassword": "密钥密码", - "storePassword": "存储密码", - "generateSuccess": "新密钥对和证书生成成功", - "generateError": "无法生成新的密钥对和证书 {{error}}", - "import": "导入", - "importFile": "导入文件", - "importSuccess": "导入新证书", - "importError": "无法导入证书 {{error}}", - "importParseError": "无法解析文件 {{error}}", - "tokenLifespan": { - "inherited": "从领域设置继承", - "expires": "过期于", - "never": "永不过期" - }, - "enableDisable": "禁用的客户端无法启动登录或获得访问令牌。", - "clientTypeHelp": "'OpenID Connect' 允许客户端根据授权服务器执行的身份验证来验证最终用户的身份。'SAML' 启用基于 Web 的身份验证和授权方案,包括跨域单点登录( SSO) 并使用包含断言的安全令牌来传递信息。", - "serviceAccountHelp": "允许您向 Keycloak 验证此客户端并检索专用于此客户端的访问令牌。根据 OAuth2 规范,这可以支持此客户端的'客户端凭据授权'。", - "manageServiceAccountUser": "要管理详细信息和群组映射,请单击用户名 <1>{{link}}", - "authenticationHelp": "这定义了 OIDC 客户端的类型。当它打开时,OIDC 类型设置为机密访问类型。当它关闭时,它设置为公共访问类型", - "authorizationHelp": "为客户端启用/禁用细粒度授权支持", - "authDetailsHelp": "导出并下载此资源服务器的所有资源设置。", - "directAccessHelp": "这启用了对直接访问授权的支持,这意味着客户端可以访问用户的用户名/密码,并直接与 Keycloak 服务器交换它以获得访问令牌。就 OAuth2 规范而言,这启用了对“资源所有者密码”的支持授予此客户的凭证。", - "standardFlowHelp": "这启用了基于标准 OpenID Connect 重定向的身份验证和授权代码。根据 OpenID Connect 或 OAuth2 规范,这启用了对此客户端的'授权代码流'的支持。", - "implicitFlowHelp": "这启用了对基于 OpenID Connect 重定向的身份验证的支持,无需授权代码。根据 OpenID Connect 或 OAuth2 规范,这启用了对此客户端的'隐式流'支持。", - "oauthDeviceAuthorizationGrantHelp": "这启用了对 OAuth 2.0 设备授权授予的支持,这意味着客户端是输入功能有限或缺少合适浏览器的设备上的应用程序。", - "oidcCibaGrantHelp": "这启用了对 OIDC CIBA Grant 的支持,这意味着用户通过一些外部身份验证设备而不是用户的浏览器进行身份验证。", - "rootURL": "添加到相对 URL 的根 URL", - "validRedirectURIs": "成功登录后浏览器可以重定向到的有效 URI 模式。允许使用简单的通配符,例如 'http://example.com/*'。也可以指定相对路径,例如 /my/relative/path /*。相对路径是相对于客户端根 URL 的。如果没有指定,则使用身份验证服务器根URL。对于SAML协议,如果您依赖于登录请求中嵌入的消费者服务URL,则必须设置有效的URI模式。 ", - "validPostLogoutRedirectURIs": "浏览器在成功注销后可以重定向到的有效 URI 模式。'+' 值或空字段将使用有效重定向 URI 列表。'-' 值将不允许任何注销后重定向uris。允许使用简单的通配符,例如“http://example.com/*”。也可以指定相对路径,例如/my/relative/path/*。相对路径是相对于客户端根 URL 的,或者如果没有指定使用身份验证服务器根 URL。", - "nameIdFormatHelp": "用于主题的名称 ID 格式。", - "alwaysDisplayInUIHelp": "始终在帐户 UI 中列出此客户端,即使用户没有活动会话。", - "forceNameIdFormatHelp": "忽略请求的 NameID 主题格式并使用管理 UI 配置的格式。", - "forcePostBindingHelp": "始终使用 POST 绑定进行响应。", - "forceArtifactBindingHelp": "是否应通过 SAML ARTIFACT 绑定系统将响应消息返回给客户端?", - "includeAuthnStatementHelp": "是否应在登录响应中包含指定方法和时间戳的语句?", - "includeOneTimeUseConditionHelp": "一次性使用的条件是否应该包含在登录响应中?", - "optimizeLookupHelp": "当在 REDIRECT 绑定中为由 Keycloak 适配器保护的 SP 签署 SAML 文档时,签名密钥的 ID 是否应该包含在 元素中的 SAML 协议消息中?这优化了作为验证方的签名验证使用单个密钥而不是尝试每个已知密钥进行验证。", - "signDocumentsHelp": "SAML 文档应该由领域签名吗?", - "signAssertionsHelp": "SAML 文档中的断言应该被签名吗?如果文档已经被签名,则不需要此设置。", - "signatureAlgorithmHelp": "用于签署文档的签名算法。请注意,基于 'SHA1' 的算法已被弃用,将来可能会被删除。建议坚持使用一些更安全的算法而不是 '*_SHA1'", - "signatureKeyNameHelp": "签名的 SAML 文档在 KeyName 元素中包含签名密钥的标识。对于 Keycloak / RH-SSO 对应方,使用 KEY_ID。而对于 MS AD FS,则使用 CERT_SUBJECT。对于其他人,如果没有其他有效的选项,请查看并使用 NONE。", - "canonicalizationHelp": "XML 签名的规范化方法。", - "webOriginsHelp": "允许的 CORS 来源。要允许有效重定向 URI 的所有来源,请添加 '+'。不过这不包括 '*' 通配符。要允许所有来源,请明确添加 '*'。", - "homeURLHelp": "当 auth 服务器需要重定向或链接回客户端时使用的默认 URL。", - "adminURLHelp": "客户端管理界面的 URL。如果客户端支持适配器 REST API,则设置此项。此 REST API 允许 auth 服务器推送撤销策略和其他管理任务。通常将其设置为基本URL客户端。", - "clientHelp": "选择发出此授权请求的客户端。如果未提供,将根据您所在的客户端完成授权请求。", - "clientIdHelp": "向身份供应商注册的客户端标识符。", - "selectUser": "选择一个用户,其身份将用于从服务器查询权限。", - "rolesHelp": "选择要与所选用户关联的角色。", - "contextualAttributesHelp": "运行环境或执行上下文提供的任何属性。", - "resourceTypeHelp": "指定此权限必须应用于给定类型的所有资源实例。", - "applyToResourceTypeHelp": "指定此权限是否应应用于给定类型的所有资源。在这种情况下,将为给定资源类型的所有实例评估此权限。", - "resourcesHelp": "指定此权限必须应用于特定资源实例。", - "scopesSelect": "指定此权限必须应用于一个或多个范围。", - "clientNameHelp": "指定客户端的显示名称。例如'我的客户'。也支持本地化值的键。例如:${my_client}", - "descriptionHelp": "新流程描述的帮助文本", - "loginThemeHelp": "为登录、OTP、授予、注册和忘记密码页面选择主题。", - "encryptAssertionsHelp": "SAML 断言是否应该使用 AES 使用客户端的公钥加密?", - "clientSignatureHelp": "客户端会签署他们的 saml 请求和响应吗?他们应该被验证吗?", - "downloadType": "这是关于下载类型的信息", - "detailsHelp": "这是关于细节的信息", - "clientPolicyName": "策略的显示名称", - "createTokenHelp": "初始访问令牌只能用于创建客户端", - "expirationHelp": "设置事件的到期时间。过期的事件会定期从数据库中清除。", - "countHelp": "指定使用令牌可以创建多少个客户端", - "client-authenticator-type": "客户端身份验证,将根据 Keycloak 服务器验证此客户端", - "registration-access-token": "注册访问令牌为客户端提供对客户端注册服务的访问。", - "signature-algorithm": "JWA算法,客户端在签署JWT进行认证时需要使用的算法。如果留空,则允许客户端使用任何算法。", - "anonymousAccessPoliciesHelp": "当未经身份验证的请求调用客户端注册服务时使用这些策略。这意味着该请求不包含初始访问令牌或承载令牌。", - "authenticatedAccessPoliciesHelp": "当通过身份验证请求调用客户端注册服务时使用这些策略。这意味着该请求包含初始访问令牌或承载令牌。", - "allowRegexComparisonHelp": "如果关闭,则来自给定客户端证书的主题 DN 必须与 RFC8705 规范中描述的‘主题 DN’属性中的给定 DN 完全匹配。主题 DN 可以采用 RFC2553 或 RFC1779 格式。如果打开, 那么来自给定客户端证书的主题 DN 应该与“主题 DN”属性指定的正则表达式相匹配。", - "subjectHelp": "用于验证客户端证书中的主题 DN 的正则表达式。使用 \"(.*?)(?:$)\" 匹配所有类型的表达式。", - "evaluateExplain": "此页面允许您查看所有协议映射器和角色范围映射", - "effectiveProtocolMappersHelp": "包含所有默认客户端范围和选定的可选范围。所有这些客户端范围的协议映射器和角色范围映射将在生成为客户端颁发的访问令牌时使用", - "effectiveRoleScopeMappingsHelp": "选定的可选客户端范围,将在为该客户端发出访问令牌时使用。当您希望在初始OpenID连接身份验证请求从您的客户端适配器发送时并且要应用这些可选的客户端范围时,您可以在上面看到OAuth范围参数需要使用的值。", - "generatedAccessTokenHelp": "请参阅示例访问令牌,该令牌将在选定用户通过身份验证时生成并发送到客户端。您可以看到令牌将包含的声明和角色基于有效的协议映射器和角色范围映射,也基于关于分配给用户本人的声明/角色", - "generatedIdTokenHelp": "请参阅示例ID Token。当选定的用户通过身份验证时,ID token将被生成并发送给客户端。您可以看到令牌将包含的声明和角色基于有效的协议映射器和角色范围映射,也基于分配给用户自己的声明/角色。", - "generatedUserInfoHelp": "参见示例用户信息,它将由用户信息端点提供", - "scopeParameterHelp": "您可以复制/粘贴范围参数的这个值,并在从该客户端适配器发送的初始 OpenID Connect 身份验证请求中使用它。默认客户端范围和选定的可选客户端范围将在生成为此客户端颁发的令牌时使用", - "userHelp": "可选择用户,将为选择的用户生成示例访问令牌。如果不选择用户,则在评估期间不会生成示例访问令牌", - "notBeforeHelp": "撤销在此时间之前为此客户端颁发的任何令牌。要推送该策略,您应该首先在“设置”选项卡中设置一个有效的管理 URL。", - "notBeforeIntro": "为了成功向客户端推送撤销策略,您需要先为此客户端在<1>设置选项卡下设置管理 URL", - "notBeforeTooltip": "管理员 URL 应该首先在设置选项卡中设置。", - "nodeReRegistrationTimeoutHelp": "指定注册客户端集群节点重新注册的最大时间间隔。如果集群节点在这段时间内不向 Keycloak 发送重新注册请求,它将从 Keycloak 中注销", - "fineGrainOpenIdConnectConfigurationHelp": "此部分用于配置此客户端与 OpenID Connect 协议相关的高级设置。", - "fineGrainSamlEndpointConfigHelp": "此部分为断言消费者和单点注销服务配置确切的 URL。", - "logoUrlHelp": "引用客户端应用程序徽标的 URL", - "policyUrlHelp": "依赖方客户端提供给最终用户的 URL,以了解如何使用配置文件数据", - "policyUsers": "指定此策略允许的用户。", - "termsOfServiceUrlHelp": "依赖方客户端提供给最终用户以阅读依赖方服务条款的 URL", - "accessTokenSignatureAlgorithmHelp": "用于签署访问令牌的 JWA 算法。", - "idTokenSignatureAlgorithmHelp": "用于签署 ID 令牌的 JWA 算法。", - "idTokenEncryptionKeyManagementAlgorithmHelp": "JWA 算法用于加密 ID 令牌的密钥管理。如果您想要加密的 ID 令牌,则需要此选项。如果留空,ID 令牌只是签名,但不加密。", - "idTokenEncryptionContentEncryptionAlgorithmHelp": "在加密 ID 令牌时用于内容加密的 JWA 算法。如果您想要加密的 ID 令牌,则需要此选项。如果留空,ID 令牌只是签名,但不加密。", - "userInfoSignedResponseAlgorithmHelp": "用于签名用户信息端点响应的 JWA 算法。如果设置为'未签名',则用户信息响应将不会被签名并将以 application/json 格式返回。", - "userInfoResponseEncryptionKeyManagementAlgorithmHelp": "JWA 算法用于加密用户信息端点响应的密钥管理。如果您想要加密用户信息端点响应,则需要此选项。如果留空,用户信息端点响应不加密。", - "userInfoResponseEncryptionContentEncryptionAlgorithmHelp": "在加密用户信息端点响应时用于内容加密的 JWA 算法。如果指定了用户信息响应加密密钥管理算法,则此值的默认值为 A128CBC-HS256。", - "requestObjectSignatureAlgorithmHelp": "JWA算法,客户端在发送'request'或'request_uri'参数指定的OIDC请求对象时需要使用的JWA算法。如果设置为'任何',请求对象可以被任何算法签名(包括'none') ", - "requestObjectRequiredHelp": "指定客户端是否需要为其授权请求提供请求对象,以及他们可以为此使用什么方法。如果设置为\"not required\",则提供请求对象是可选的。在所有其他情况下, 提供请求对象是强制性的。如果设置为\"request\",则请求对象必须按值提供。如果设置为\"request_uri\",则请求对象必须通过引用提供。如果设置为\"request\" or request_uri\", 两种方法都可以使用。", - "requestObjectEncryptionHelp": "JWE算法,客户端发送'request'或'request_uri'参数指定的OIDC请求对象时需要使用的JWE算法。如果设置为'任何',加密是可选的,允许任何算法。", - "requestObjectEncodingHelp": "JWE算法,client在对'request'或'request_uri'参数指定的OIDC请求对象的内容进行加密时需要使用的算法。如果设置为'any',则允许任何算法。", - "validRequestURIsHelp": "有效 URI 列表,可在 OpenID Connect 身份验证请求期间用作 'request_uri' 参数的值。支持与有效重定向 URI 相同的功能。例如通配符或相对路径。", - "idpInitiatedSsoRelayStateHelp": "当您想要执行 IDP 发起的 SSO 时,您想要使用 SAML 请求发送的中继状态。", - "masterSamlProcessingUrlHelp": "如果配置,则此 URL 将用于每个绑定到 SP 的断言消费者和单点注销服务。这可以在 Fine Grain SAML 端点配置中为每个绑定和服务单独覆写。", - "authorizationSignedResponseAlgHelp": "当响应模式为 jwt 时,用于签署授权响应令牌的 JWA 算法。", - "authorizationEncryptedResponseAlgHelp": "当响应模式为 jwt 时,用于加密授权响应的密钥管理的 JWA 算法。如果要加密授权响应,则需要此选项。如果留空,授权响应只是签名,但不加密。", - "authorizationEncryptedResponseEncHelp": "当响应模式为 jwt 时,JWA 加密授权响应时用于内容加密的算法。如果您想要加密授权响应,则需要此选项。如果留空,则授权响应只是签名,但不加密。", - "openIdConnectCompatibilityModesHelp": "此部分用于配置与旧版 OpenID Connect / OAuth 2 适配器向后兼容的设置。特别是当您的客户端使用旧版 Keycloak / RH-SSO 适配器时,它非常有用。", - "excludeSessionStateFromAuthenticationResponseHelp": "如果启用,参数 'session_state' 将不会包含在 OpenID Connect 身份验证响应中。如果您的客户端使用不支持 'session_state' 参数的旧 OIDC / OAuth2 适配器,这将很有用。", - "useRefreshTokensHelp": "如果打开,将创建一个 refresh_token 并将其添加到令牌响应中。如果关闭,则不会生成任何 refresh_token。", - "useRefreshTokenForClientCredentialsGrantHelp": "如果启用,如果使用 client_credentials 授权,将创建一个 refresh_token 并将其添加到令牌响应中。OAuth 2.0 RFC6749 第 4.4.3 节指出,在使用 client_credentials 授权时不应生成 refresh_token。如果关闭则不会生成 refresh_token 并且相关的用户会话将被删除。", - "useLowerCaseBearerTypeHelp": "如果启用,令牌响应将设置为小写的类型 \"bearer\"。默认情况下,服务器将类型设置为 RFC6750 定义的 \"Bearer\"。", - "advancedSettingsOpenid-connect": "此部分用于配置此客户端与 OpenID Connect 协议相关的高级设置", - "advancedSettingsSaml": "此部分用于配置此客户端的高级设置", - "assertionLifespanHelp": "在 SAML 断言条件中设置的寿命。在此之后断言将无效。\"SessionNotOnOrAfter\" 属性不会被修改,并继续使用在领域级别定义的 \"SSO Session Max\" 时间。", - "accessTokenLifespanHelp": "访问令牌过期前的最长时间。建议此值相对于 SSO 超时时间较短", - "clientSessionIdleHelp": "允许客户端会话在到期前空闲的时间。当客户端会话到期时,令牌将失效。如果未设置,它将使用标准的 SSO 会话空闲值。", - "clientSessionMaxHelp": "客户端会话过期前的最长时间。会话过期时令牌失效。如果未设置,它将使用标准 SSO 会话最大值。", - "clientOfflineSessionIdleHelp": "在刷新离线令牌无效之前允许客户端空闲的时间。该选项仅影响令牌时间而不影响全局 SSO 会话。如果未设置,它将使用标准 SSO 会话空闲值。", - "clientOfflineSessionMaxHelp": "离线令牌对客户端无效之前的最长时间。该选项仅影响令牌时间而不影响全局 SSO 会话。如果未设置,它将使用标准 SSO 会话最大值。", - "oAuthMutualHelp": "这启用了对 OAuth 2.0 双向 TLS 证书绑定访问令牌的支持,这意味着 keycloak 将访问令牌和刷新令牌与令牌的 X.509 证书绑定在一起,请求客户端在 keycloak 的令牌端点和这个客户。这些令牌可以被视为密钥持有者令牌而不是不记名令牌。", - "keyForCodeExchangeHelp": "选择使用哪种 PKCE 代码质询方法。如果未指定,除非客户端发送具有适当代码质询和代码交换方法的授权请求,否则 keycloak 不会将 PKCE 应用于客户端。", - "pushedAuthorizationRequestRequiredHelp": "布尔参数,指示授权服务器是否仅通过推送的授权请求方法接受授权请求数据。", - "acrToLoAMappingHelp": "定义哪个 ACR(身份验证上下文类参考)值映射到哪个 LoA(身份验证级别)。ACR 可以是任何值,而 LoA 必须是数字。", - "defaultACRValuesHelp": "如果 OIDC 请求中的 'claims' 或 'acr_values' 参数没有明确请求 ACR,则用作自愿 ACR 的默认值。", - "assertionConsumerServicePostBindingURLHelp": "客户端断言消费者服务(登录响应)的 SAML POST 绑定 URL。如果您没有此绑定的 URL,则可以将其留空。", - "assertionConsumerServiceRedirectBindingURLHelp": "客户端断言消费者服务(登录响应)的 SAML 重定向绑定 URL。如果您没有此绑定的 URL,则可以将其留空。", - "logoutServicePostBindingURLHelp": "客户端单点注销服务的 SAML POST 绑定 URL。如果您使用不同的绑定,可以将此留空", - "logoutServiceRedirectBindingURLHelp": "客户端单点注销服务的 SAML 重定向绑定 URL。如果您使用不同的绑定,可以将此留空。", - "logoutServiceSoapBindingUrlHelp": "客户端单点注销服务的 SAML SOAP 绑定 URL。如果您使用不同的绑定,可以将此留空。", - "logoutServiceArtifactBindingUrlHelp": "客户端单一注销服务的 SAML ARTIFACT 绑定 URL。如果您使用不同的绑定,则可以将此留空。", - "artifactBindingUrlHelp": "将 HTTP ARTIFACT 消息发送到的 URL。如果您使用不同的绑定,则可以将此留空。在强制 ARTIFACT 绑定与 IdP 发起的登录时,应设置此值。", - "frontchannelLogoutHelp": "当为 true 时,注销需要浏览器重定向到客户端。当为 false 时,服务器执行后台调用以注销。", - "frontchannelLogoutUrlHelp": "当注销请求发送到该领域时(通过 end_session_endpoint)将导致客户端自行注销的 URL。如果未提供,则默认为基本 url。", - "backchannelLogoutUrlHelp": "当注销请求发送到该领域时(通过 end_session_endpoint)将导致客户端自行注销的 URL。如果省略,在这种情况下将不会向客户端发送注销请求。", - "backchannelLogoutSessionRequiredHelp": "指定在使用反向通道注销 URL 时注销令牌中是否包含 sid(会话 ID)声明。", - "backchannelLogoutRevokeOfflineSessionsHelp": "指定在使用反向通道注销 URL 时注销令牌中是否包含 \"revoke_offline_access\" 事件。Keycloak 将在收到带有此事件的注销令牌时撤销离线会话。", - "artifactResolutionServiceHelp": "客户端的 SAML 工件解析服务。这是 Keycloak 将向其发送 SOAP ArtifactResolve 消息的端点。如果您没有此绑定的 URL,则可以将其留空。", - "authenticationOverridesHelp": "覆写领域认证流程绑定。", - "browserFlowHelp": "选择要用于浏览器身份验证的流程。", - "directGrantHelp": "选择您要用于直接授权身份验证的流程。", - "useJwksUrlHelp": "如果开关打开,身份供应商公钥将从给定的 JWKS URL 下载。这具有很大的灵活性,因为当身份供应商生成新的密钥对时,新密钥总是会再次重新下载。如果开关关闭,则使用来自 Keycloak 的公钥(或证书)。因此当身份供应商密钥对发生变化时,您始终需要将新密钥也导入 Keycloak 数据库。", - "certificateHelp": "用于验证JWT的客户端证书,由客户端私钥从您的密钥库中颁发并签名。", - "jwksUrlHelp": "存储 JWK 格式的身份供应商密钥的 URL。有关更多详细信息,请参阅 JWK 规范。如果您使用外部 Keycloak 身份供应商,则可以使用类似“http://broker-keycloak:8180/realms/test”的 URL /protocol/openid-connect/certs' 假设您的代理 Keycloak 在 'http://broker-keycloak:8180' 上运行并且它的领域是 'test' 。", - "generateKeysDescription": "如果您生成新密钥,您可以自动下载带有私钥的密钥库并将其保存在您的客户端。Keycloak 服务器将只保存证书和公钥,而不保存私钥。", - "archiveFormatHelp": "Java 密钥库或 PKCS12 存档格式。", - "keyAliasHelp": "私钥别名", - "keyPasswordHelp": "私钥密码", - "realmCertificateAliasHelp": "领域证书也存储在存档中。这是它的别名。", - "storePasswordHelp": "访问存档本身的密码", - "consentRequiredHelp": "如果启用,用户必须同意客户端访问。", - "displayOnClientHelp": "仅当此客户端的“需要同意”打开时才适用。如果此开关关闭,则授权页面将仅包含与配置的客户端范围对应的授权。如果打开,授权上还会有一项关于此客户端本身的页面。", - "consentScreenTextHelp": "将此客户端作用域添加到需要许可的某些客户端时,将在许可页面上显示的文本。如果未填充,则默认为客户端作用域的名称", - "importHelp": "导入包含此资源服务器授权设置的 JSON 文件。", - "policyEnforcementModeHelp": "策略执行模式规定了在评估授权请求时如何执行策略。'强制执行' 意味着默认情况下拒绝请求,即使没有与给定资源关联的策略。'获准使用' 意味着即使有请求也被允许没有与给定资源关联的策略。“禁用”完全禁用策略评估并允许访问任何资源。", - "decisionStrategyHelp": "决策策略规定了如何评估权限以及如何获得最终决定。'肯定'意味着至少一个权限必须评估为肯定的决定才能授予对资源及其范围的访问权限。'一致' 意味着所有权限都必须评估为一个肯定的决定,以便最终决定也是正向的。", - "allowRemoteResourceManagementHelp": "资源应该由资源服务器远程管理吗?如果为假,资源只能从这个 Admin UI 管理。", - "resourceName": "此资源的唯一名称。该名称可用于唯一标识资源,在查询特定资源时很有用。", - "displayNameHelp": "身份供应商的友好名称。", - "typeHelp": "客户端作用域,将以默认作用域的形式添加到每个创建的客户端", - "urisHelp": "一组受资源保护的 URI。", - "scopesHelp": "请求授权时要发送的范围。它可以是一个以空格分隔的范围列表。默认为'openid'。", - "dedicatedScopeExplain": "这是一个包括专用映射器和范围的客户端范围", - "fullScopeAllowedHelp": "允许您禁用所有限制。", - "iconUriHelp": "指向图标的 URI。", - "ownerManagedAccessHelp": "如果启用,资源所有者可以管理对该资源的访问设置。", - "resourceAttributeHelp": "与资源关联的属性。", - "resetActions": "复位操作", - "lifespan": "到期时间", - "scopeName": "此作用域的唯一名称。该名称可用于唯一标识一个作用域,在查询特定作​​用域时很有用。", - "scopeDisplayName": "此作用域的唯一名称。该名称可用于唯一标识一个作用域,在查询特定作​​用域时很有用。", - "policy-name": "策略的名称。", - "policy-description": "策略的描述。", - "policyDecisionStagey": "决策策略规定了如何评估与给定权限相关的策略以及如何获得最终决定。'肯定'意味着至少有一个策略必须评估为肯定的决定才能做出最终决定也是肯定的。“一致”意味着所有政策都必须评估为肯定的决定,以便最终决定也是肯定的。“共识”意味着积极决定的数量必须大于消极决定的数量。如果数量正面和负面的相同,最终决定是否定的。", - "applyPolicyHelp": "指定必须应用于此策略或权限定义的范围的所有策略。", - "policyClient": "指定此策略允许的客户端。", - "groupsClaimHelp": "如果已定义,该策略将从表示请求权限的身份的访问令牌或 ID 令牌中的给定声明中获取用户组。如果未定义,则用户组将从您的领域配置中获取。", - "policyGroups": "指定此策略允许的用户。", - "targetClaimHelp": "指定策略将获取的目标声明。", - "regexPatternHelp": "指定正则表达式模式。", - "policyRoles": "指定此策略允许的客户端角色。", - "startTimeHelp": "定义在该时间之前不得授予策略。仅当当前日期/时间晚于或等于此值时才授予。", - "expireTimeHelp": "定义在该时间之后不得授予策略。仅当当前日期/时间早于或等于此值时才授予。", - "monthHelp": "定义必须授予策略的月份。您还可以通过填写第二个字段来提供范围。在这种情况下,仅当当前月份介于或等于您提供的两个值时才授予权限。", - "dayMonthHelp": "定义必须授予策略的日期。您还可以通过填写第二个字段来提供范围。在这种情况下,仅当月份的当前日期介于或等于两个值时才授予权限。", - "hourHelp": "定义必须授予策略的时间。您还可以通过填写第二个字段来提供范围。在这种情况下,仅当当前时间介于或等于您提供的两个值时才授予权限。", - "minuteHelp": "定义必须授予策略的分钟。您还可以通过填写第二个字段来提供范围。在这种情况下,仅当当前分钟介于或等于您提供的两个值时才授予权限。", - "policyCode": "为该策略提供条件的 JavaScript 代码。", - "logicHelp": "逻辑决定了应该如何做出政策决定。如果是'肯定',则在评估该政策期间获得的结果效果(允许或拒绝)将用于执行决定。如果'否定',则由此产生的效果将被否定,换句话说,许可变为拒绝,反之亦然。", - "permissionName": "权限的名称。", - "permissionDescription": "权限的描述。", - "applyToResourceTypeFlagHelp": "指定此权限是否应用于给定类型的所有资源。在这种情况下,将为给定资源类型的所有实例评估此权限。", - "permissionResources": "指定此权限必须应用于特定资源实例。", - "permissionScopes": "指定此权限必须应用于一个或多个范围。", - "permissionPolicies": "指定必须应用于此策略或权限定义的范围的所有策略。", - "permissionType": "指定此权限必须应用于给定类型的所有资源实例。", - "permissionDecisionStrategy": "决策策略规定了如何评估与给定权限相关的策略以及如何获得最终决策。'肯定'意味着至少有一个策略必须评估为肯定决策才能做出最终决策也是肯定的。“一致”意味着所有政策都必须评估为肯定的决定,以便最终决定也是肯定的。“共识”意味着肯定决定的数量必须大于否定决定的数量。如果肯定和否定的数量相同,则最终决定是否定的。", - "permissionsEnabledHelp": "确定是否启用细粒度权限来管理此角色。禁用将删除所有已设置的当前权限。", - "createClientScope": "创建客户端作用域", - "clientScopeList": "客户端作用域", - "grantedClientScopes": "已授予客户端作用域", - "clientScopeDetails": "客户端作用域详细信息", - "clientScopeExplain": "客户端作用域是多个客户端之间共享的一组通用协议映射和角色。", - "searchFor": "按名称搜索角色", - "displayOrder": "显示顺序", - "deleteClientScope_one": "删除客户端作用域{{name}}", - "deleteClientScope_other": "删除{{count}}个客户端作用域", - "deleteConfirm": "您确定要永久删除供应商'{{provider}}'吗?", - "changeTypeTo": "将类型更改为", - "changeTypeIntro": "{{count}}个所选客户端作用域将更改为", - "deletedSuccess": "供应商已成功删除。", - "deleteError": "无法删除供应商 {{error}}", - "includeInTokenScope": "包含在令牌作用域中", - "realmRolePrefix": "领域角色前缀", - "userInfo": "用户信息", - "updateSuccess": "供应商更新成功", - "updateError": "无法更新供应商 {{error}}", - "addMapperExplain": "如果需要更精细的控制,可以在此客户端上创建协议映射", - "newRoleName": "新角色名称", - "searchClientByName": "按名称搜索客户端", - "mapperCreateSuccess": "映射器创建成功。", - "mapperCreateError": "创建映射器时出错。", - "fromPredefinedMapper": "来自预定义映射", - "byConfiguration": "根据配置", - "emptyBuiltInMappersInstructions": "所有内置映射都已添加到此客户端。", - "emptySecondaryAction": "配置新映射", - "displayOnConsentScreen": "在许可上显示", - "guiOrder": "显示顺序", - "shouldBeANumber": "应为一个数字", - "chooseAMapperType": "选择映射类型", - "addPredefinedMappers": "添加预定义的映射", - "predefinedMappingDescription": "从此表中选择任何预定义的映射", - "configureMappingDescription": "从此表中选择任何映射", - "mappingTable": "具有预定义映射的表", - "headerName": "标题名称", - "nameHelp": "新流程命名的帮助文本", - "protocolHelp": "此客户端作用域提供的SSO协议配置", - "displayOnConsentScreenHelp": "如果启用,并且此客户端作用域被添加到需要许可的某些客户端,则“许可页面的展示文本”指定的文本将展示在许可申请的页面上。如果禁用,此客户端作用域将不会展示在许可申请的页面上", - "includeInTokenScopeHelp": "如果启用,此客户端作用域的名称将添加到访问令牌属性“scope”以及令牌自检端点响应中。如果禁用,此客户端作用域将从令牌和令牌自检端点响应中省略。", - "guiOrderHelp": "将GUI中提供程序的顺序(如“许可”页面)指定为整数", - "prefix": "每个领域角色的前缀(非必需)。", - "multiValued": "指示属性是否支持多个值。如果为是,则此属性的所有值将被设置为声明。如果为否,则只将第一个值设置为声明", - "tokenClaimName": { - "label": "令牌声明名称", - "tooltip": "插入到令牌中的声明名称。这可以是一个完全限定的名称,如“address.street”。在这种情况下,将创建一个嵌套的json对象。为了防止嵌套并直接使用点,请使用反斜杠(\\.)转义点。" - }, - "claimJsonType": "应该用于填充令牌中的 JSON 声明的 JSON 类型。long、int、boolean、String和JSON类型都是有效值。", - "protocolMapper": "协议映射", - "mapperName": "映射名称", - "roleHelp": "如果所有属性都存在,则授予用户的角色。单击“选择角色”按钮浏览角色,或直接在文本框中键入。要引用客户端角色,语法为 clientname.clientrole,即 myclient.myrole。 ", - "newRoleNameHelp": "新角色名称。新名称格式与角色将映射到访问令牌中的位置相对应。因此,新名称“myapp.newname”将角色映射到访问标记中的位置。新名称“newname”将角色映射到令牌中的领域角色。", - "groupDetails": "群组详细信息", - "childGroups": "子组", - "createGroup": "创建群组", - "createChildGroup": "创建子组", - "groupName": "群组名称", - "searchForGroups": "搜索群组", - "global": "全局", - "local": "本地", - "searchGroups": "搜索群组", - "filterGroups": "筛选群组", - "searchGroup": "搜索群组", - "renameGroup": "重命名组", - "deleteGroup": "删除群组", - "usersLeft_one": "{{count}}用户离开了群组", - "usersLeft_other": "{{count}}用户离开了群组", - "usersLeftError": "无法从群组中移除用户: {{error}}", - "usersAdded_one": "{{count}}用户已添加到群组", - "usersAdded_other": "{{count}}添加到群组的用户", - "usersAddedError": "无法将用户添加到群组: {{error}}", - "exactSearch": "精确搜索", - "members": "成员", - "searchMembers": "搜索成员", - "addMember": "添加成员", - "includeSubGroups": "包含子组用户", - "path": "路经", - "moveTo": "移动到", - "moveToGroup": "将{{group1}}移动到{{group2}}", - "root": "根目录", - "moveHere": "移至此处", - "moveGroupEmpty": "无子级群组", - "moveGroupEmptyInstructions": "没有子组,请选择“移至此处”将所选群组移动到该群组下并作为此群组的子组", - "moveGroupSuccess": "群组已迁移", - "moveGroupError": "无法移动群组{{error}}", - "tableOfGroups": "群组列表", - "groupsDescription": "群组是一组可应用于用户的属性和角色映射。您可以创建、编辑和删除群组,并管理其子级组织。", - "groupCreated": "已创建群组", - "couldNotCreateGroup": "无法创建群组{{error}}", - "createAGroup": "创建群组", - "renameAGroup": "重命名群组", - "rename": "重命名", - "email": "电子邮件", - "lastName": "姓", - "firstName": "名", - "membership": "从属关系", - "noGroupsInThisRealm": "此领域中没有群组", - "noGroupsInThisRealmInstructions": "尚未在此领域中创建任何群组。请创建一个群组以开始。", - "noGroupsInThisSubGroup": "此子组中没有群组", - "noGroupsInThisSubGroupInstructions": "尚未在此子组中创建任何群组。", - "deleteConfirmTitle_one": "是否删除群组?", - "deleteConfirmTitle_other": "是否删除群组?", - "deleteConfirm_one": "是否要删除此群组“{{groupName}}”。", - "deleteConfirm_other": "是否要删除这些群组?", - "groupDeleted_one": "已删除群组", - "groupDeleted_other": "已删除群组", - "groupDeleteError": "删除群组{{error}}时出错", - "groupUpdated": "群组已更新", - "groupUpdateError": "更新群组{{error}}时出错", - "roleMapping": "角色映射", - "noViewRights": "没有权限查看该群组.", - "uploadFile": "上传 JSON 文件", - "invalidRealmName": "领域名称不能包含特殊字符", - "realmExplain": "领域管理用户、凭据、角色和群组。用户属于某个领域并可以登录到该领域。领域彼此独立,只能管理和验证各自控制的用户。", - "noRealmRoles": "无领域角色", - "emptyStateText": "此领域中没有任何领域角色。创建领域角色以开始。", - "saveRealmSuccess": "已成功创建领域", - "saveRealmError": "无法创建领域: {{error}}", - "deleteAttributeText": "删除属性", - "associatedRolesText": "关联的角色", - "addAssociatedRolesText": "添加关联角色", - "addAssociatedRolesSuccess": "已添加关联角色", - "addAssociatedRolesError": "无法关联角色{{error}}", - "associatedRolesModalTitle": "将角色添加到{{name}}", - "title": "身份验证", - "addRole": "添加角色", - "importRole": "导入角色", - "roleID": "角色 ID", - "roleExplain": "领域角色是您定义的用于当前领域的角色。", - "roleCreateExplain": "这是一些描述", - "roleName": "角色名称", - "roleDetails": "角色详细信息", - "composite": "复合", - "deleteRole": "删除此角色", - "inheritedFrom": "继承自", - "roleList": "角色列表", - "realmRolesList": "领域角色", - "roleImportError": "无法导入角色", - "roleCreated": "已创建角色", - "roleCreateError": "无法创建角色: {{error}}", - "roleImportSuccess": "角色导入成功", - "roleDeleteConfirm": "是否删除角色?", - "roleDeleteConfirmDialog": "此操作将永久删除角色“{{selectedRoleName}}”,并且无法撤消。", - "roleDeletedSuccess": "角色已删除", - "roleDeleteError": "无法删除角色: {{error}}", - "defaultRole": "此角色充当领域和客户端默认角色的容器。无法删除。", - "defaultRoleDeleteError": "无法删除默认角色。", - "roleSaveSuccess": "角色已保存", - "roleSaveError": "无法保存角色: {{error}}", - "roleAuthentication": "角色身份验证", - "removeAllAssociatedRoles": "移除所有关联角色", - "removeAssociatedRoles": "移除关联角色", - "removeRoles": "移除角色", - "removeAllAssociatedRolesConfirmDialog": "此操作将移除{{name}}的关联角色。拥有{{name}}权限的用户将不再有权访问这些角色。", - "roleRemoveAssociatedRoleConfirm": "是否移除关联角色?", - "roleRemoveAssociatedText": "此操作将从{{roleName}}中移除{{role}}。{{role}}的所有关联角色也将被移除。", - "compositeRoleOff": "复合角色已关闭", - "associatedRolesRemoved": "已移除关联的角色", - "compositesRemovedAlertDescription": "已移除所有关联角色", - "whoWillAppearLinkText": "谁将出现在此群组列表中?", - "whoWillAppearPopoverText": "群组是分层的。选择“直接群组成员资格”时,只会看到用户直接加入的子组,而不包括父级群组。", - "whoWillAppearPopoverFooterText": "无法在此选项卡上添加将此角色作为有效角色的用户。", - "usersInRole": "角色中的用户", - "addUser": "添加用户", - "removeUser": "移除用户", - "removeUserText": "是否要移除{{numSelected}}个用户?这些用户将不再具有角色{{role}}及其关联角色的权限。", - "noDirectUsers": "无直接用户", - "noUsersEmptyStateDescription": "只有直接分配了此角色的用户才会显示在此选项卡下。如果需要查找分配给此角色的角色,请转到", - "noUsersEmptyStateDescriptionContinued": "查找用户。无法在此添加已将此角色作为有效角色的用户。", - "or": "或", - "userName": "用户名", - "noRolesAssociated": "没有关联的角色", - "noRolesAssociatedInstructions": "要将角色复合到此角色,请按“添加角色”按钮", - "usersExplain": "用户是当前领域中的用户。", - "userList": "用户列表", - "searchForUser": "用户搜索", - "startBySearchingAUser": "从搜索用户开始", - "searchForUserDescription": "此领域可能具有联合提供程序。查看所有用户可能会导致系统变慢,但可以通过搜索来完成。请通过上面的搜索框搜索用户。", - "createUser": "创建用户", - "createNewUser": "创建新用户", - "noUsersFound": "未找到用户", - "noUsersFoundError": "由于{{error}},找不到用户", - "noUsersFoundErrorStorage": "找不到用户,可能是由于错误配置了联合提供程序{{error}}", - "noGroups": "没有群组", - "noGroupsText": "您尚未将此用户添加到任何群组。从加入一个群组开始。", - "joinGroup": "加入群组", - "joinGroups": "加入群组", - "join": "加入", - "joinGroupsFor": "将用户{{username}}添加到群组", - "selectGroups": "选择要加入的群组", - "leaveGroup_one": "离开群组{{name}}?", - "leaveGroup_other": "离开群组?", - "leaveGroupConfirmDialog_one": "是否要从群组{{groupname}}中移除{{username}}?", - "leaveGroupConfirmDialog_other": "是否要从{{count}}所选群组中移除{{username}}?", - "directMembership": "直接群组成员资格", - "groupMembership": "间接群组成员资格", - "addedGroupMembership": "已添加群组成员身份", - "addedGroupMembershipError": "添加群组成员身份时出错", - "removedGroupMembership": "已移除群组成员身份", - "removedGroupMembershipError": "移除群组成员身份时出错", - "emptyInstructions": "更改搜索条件或添加用户", - "createdAt": "创建时间", - "username": "用户名", - "emailVerified": "电子邮箱验证", - "status": "状态", - "temporaryLocked": "暂时锁定", - "unlockSuccess": "用户已成功解锁", - "unlockError": "由于{{error}},无法解锁用户", - "emailInvalid": "请输入有效的电子邮件。", - "notVerified": "未验证", - "requiredUserActions": "必需的用户操作", - "requiredActionPlaceholder": "选择", - "federationLink": "联盟链接", - "impersonate": "模拟", - "impersonateConfirm": "模拟用户?", - "impersonateConfirmDialog": "是否要以此用户身份登录?如果该用户与您处于同一领域,则在您以该用户身份登录之前,您当前的登录会话将被注销。", - "impersonateError": "无法模拟用户:{{error}}", - "deleteUser": "删除用户", - "deleteConfirmCurrentUser": "是否要永久删除此用户", - "deleteConfirmDialog_one": "是否要永久删除{{count}}用户", - "deleteConfirmDialog_other": "是否要永久删除{{count}}个选定用户", - "userID": "用户 ID", - "userCreated": "用户已创建", - "userSaved": "用户已保存", - "userDetails": "用户详细信息", - "userCreateError": "无法创建用户: {{error}}", - "userDeletedSuccess": "用户已被删除", - "userDeletedError": "无法删除用户: {{error}}", - "linkAccount": "关联帐号", - "unlink": "取消关联", - "unlinkAccount": "取消关联帐号", - "unlinkAccountTitle": "是否取消帐号与{{provider}}的关联?", - "unlinkAccountConfirm": "是否要永久取消此帐号与{{provider}}的关联?", - "link": "关联", - "linkAccountTitle": "将帐号关联到{{provider}}", - "idpLinkSuccess": "身份供应商已关联", - "idpUnlinkSuccess": "身份供应商关联已删除", - "idpType": { - "social": "社交账号登录", - "custom": "自定义" - }, - "couldNotLinkIdP": "无法关联身份供应商{{error}}", - "verifyEmail": "验证邮箱", - "updateUserLocale": "更新用户区域设置", - "consents": "许可", - "noConsents": "无许可", - "noConsentsText": "只有当用户尝试访问配置为需要被许可的客户端时,才会记录许可。在这种情况下,用户将获得一个许可授权页面,要求他们授予对客户端的访问权限。", - "identityProvider": "身份供应商", - "identityProviderLinks": "身份供应商链接", - "noProvidersLinked": "没有关联身份供应商。请从下面的列表中选择一个。", - "noAvailableIdentityProviders": "没有可用的身份供应商。", - "linkedIdPs": "关联的身份提供程序", - "linkedIdPsText": "已关联到此用户帐户的身份供应商", - "availableIdPs": "可用的身份供应商", - "availableIdPsText": "此处列出了此领域中所有配置的身份提供程序。您可以将用户帐户关联到任何IdP帐户。", - "revokeClientScopesTitle": "是否撤消所有已授予的客户端作用域?", - "revokeClientScopes": "是否要吊销{{clientId}}的所有已授予的客户端作用域?", - "deleteGrantsSuccess": "授权已成功撤销。", - "deleteGrantsError": "删除授权时出错。", - "unlockAllUsers": "解锁所有用户", - "unlockUsersConfirm": "所有临时锁定的用户将被解锁。", - "unlock": "解锁", - "unlockUsersSuccess": "所有临时锁定的用户现在都已解锁", - "unlockUsersError": "无法解锁所有用户{{error}}", - "noCredentials": "没有凭据", - "noCredentialsText": "此用户没有任何凭据。您可以为此用户设置密码。", - "setPassword": "设置密码", - "setPasswordFor": "设置{{username}}的密码", - "defaultPasswordLabel": "我的密码", - "savePasswordSuccess": "密码已成功设置。", - "savePasswordError": "保存密码时出错: {{error}}", - "confirmPasswordDoesNotMatch": "密码和验证不匹配。", - "credentialType": "类型", - "credentialUserLabel": "用户标签", - "credentialData": "数据", - "credentialsList": "凭据列表", - "setPasswordConfirm": "设置密码?", - "setPasswordConfirmText": "是否要为用户{{username}}设置密码?", - "resetPasswordConfirmation": "新密码确认", - "savePassword": "保存密码", - "deleteCredentialsConfirmTitle": "删除凭据?", - "deleteCredentialsConfirm": "是否要删除该用户凭据?", - "deleteCredentialsSuccess": "已成功删除凭据。", - "deleteCredentialsError": "删除用户凭据时出错: {{error}}", - "deleteBtn": "删除", - "updatedCredentialMoveSuccess": "用户凭据设置已保存", - "updatedCredentialMoveError": "尚未保存用户凭据设置", - "resetPasswordFor": "重置{{username}}的密码", - "resetPasswordConfirm": "重置密码?", - "resetPasswordConfirmText": "是否要重置用户{{username}}的密码?", - "resetPassword": "重置密码", - "resetCredentialsSuccess": "密码已成功重置。", - "resetCredentialsError": "重置用户凭据时出错: {{error}}", - "resetPasswordError": "重置密码时出错: {{error}}", - "resetPasswordBtn": "重置密码", - "showPasswordDataName": "名称", - "showPasswordDataValue": "值", - "showDataBtn": "显示数据", - "userCredentialsHelpText": "顶级处理程序允许您为用户转换凭据的优先级,最顶层的凭据具有最高优先级。一个可扩展面板中的处理程序允许您更改凭证的可视顺序,最上面的凭证将显示在最左侧。", - "userCredentialsHelpTextLabel": "用户凭据帮助文本", - "userLabel": "用户标签", - "data": "数据", - "providedBy": "提供方", - "passwordDataTitle": "密码数据", - "updateCredentialUserLabelSuccess": "已成功更改用户标签。", - "updateCredentialUserLabelError": "更改用户标签时出错: {{error}}", - "credentialReset": "重置凭据", - "credentialResetBtn": "重置凭据", - "VERIFY_EMAIL": "验证电子邮件 (VERIFY_EMAIL)", - "UPDATE_PASSWORD": "更新密码 (UPDATE_PASSWORD)", - "UPDATE_PROFILE": "更新配置文件 (UPDATE_PROFILE)", - "CONFIGURE_TOTP": "配置OTP (CONFIGURE_TOTP)", - "terms_and_conditions": "条款和条件 (terms_and_conditions)", - "hours": "小时", - "minutes": "分", - "seconds": "秒", - "credentialResetConfirm": "发送电子邮件", - "credentialResetConfirmText": "是否要向用户发送电子邮件", - "credentialResetEmailSuccess": "发送给用户的电子邮件。", - "credentialResetEmailError": "失败:{{error}}", - "editUserLabel": "编辑用户标签按钮", - "temporaryLockedHelp": "由于多次登录尝试失败,用户可能被锁定。", - "disabledHelp": "禁用的用户无法登录。", - "emailVerifiedHelp": "用户的电子邮件是否已验证?", - "requiredUserActionsHelp": "用户登录时需要执行操作。“验证电子邮件”将向用户发送电子邮件以验证其电子邮件地址。“更新个人资料”要求用户输入新的个人信息。“更新密码”要求用户输入新密码。“配置OTP”需要设置动态密码生成器。", - "groupsHelp": "群组是用户具有群组成员资格的群组。要离开群组,请选择该群组并单击“离开”。", - "userIdHelperText": "请输入此身份提供程序的用户的唯一ID。", - "usernameHelperText": "请为身份提供程序输入用户的用户名。", - "federationLinkHelp": "用户存储供应商。本地存储的用户由其中导入。", - "sessionExplain": "会话是指此领域中用户及其在会话中访问的客户端的会话。", - "searchForSession": "搜索会话", - "lastAccess": "最近访问", - "started": "开始", - "sessionsType": { - "allSessions": "所有会话类型", - "regularSSO": "常规 SSO", - "offline": "离线", - "directGrant": "直接授权", - "serviceAccount": "服务帐号" - }, - "revocationDescription": "这是一种撤销所有活动会话和访问令牌的方法。“不在某日期之前”意味着您可以撤销在该日期之前发行的令牌。", - "notBeforeSuccess": "成功! 为领域设置“不早于”", - "notBeforeError": "清除领域的“不早于”时出错: {{error}}", - "notBeforeClearedSuccess": "成功! “不早于”的设置被清除。", - "signOutAllActiveSessions": "注销所有活动会话", - "signOutAllActiveSessionsQuestion": "是否注销所有活动会话?", - "logoutAllSessions": "注销所有会话", - "logoutAllDescription": "如果您注销所有活动会话,此领域中的所有有效主体将被注销。", - "logoutAllSessionsError": "错误!无法注销所有会话: {{error}}.", - "setToNowError": "错误!无法设置为当前日期和时间。", - "noSessions": "无会话", - "noSessionsDescription": "此领域中当前没有活动会话。", - "noSessionsForUser": "此用户当前没有活动会话。", - "noSessionsForClient": "此客户端当前没有活动会话。", - "eventExplain": "事件是该领域中用户活动和管理员活动的记录。事件记录的配置请跳转至 <1>Event configs.", - "eventConfigs": "事件设置", - "userEvents": "用户事件", - "adminEvents": "管理员事件", - "searchForUserEvent": "搜索用户事件", - "searchForAdminEvent": "搜索管理员事件", - "refresh": "刷新", - "emptyEvents": "无可添加的事件", - "emptyEventsInstructions": "没有更多的事件类型可以添加", - "time": "时间", - "userId": "用户 ID", - "eventType": "被保存的事件类型", - "ipAddress": "IP 地址", - "dateFrom": "日期(开始时间)", - "dateTo": "日期(截止日期)", - "searchUserEventsBtn": "搜索用户事件", - "searchAdminEventsBtn": "搜索管理员事件", - "realm": "领域", - "resourcePath": "资源路径", - "resourceTypes": "资源类型", - "operationType": "操作类型", - "operationTypes": "操作类型", - "auth": "授权", - "attribute": "属性", - "representation": "表述", - "noUserDetails": "无用户详细信息", - "resetBtn": "重置", - "createGroupText": "创建属性组", - "editGroupText": "编辑属性组", - "tableTitle": "属性组", - "columnName": "名称", - "columnDisplayName": "展示名称", - "columnDisplayDescription": "展示说明", - "emptyStateMessage": "没有属性组", - "emptyStateInstructions": "如果你想添加一个属性组,请点击下面的按钮。", - "deleteDialogTitle": "删除属性组?", - "deleteDialogDescription": "您确定要永久删除属性组 <1>{{group}}} 吗?", - "deleteSuccess": "属性组已删除。", - "deleteAttributeGroupError": "无法删除用户属性组:{{error}}", - "nameField": "姓名", - "nameHint": "组的唯一名称。在将属性绑定到组时,此名称将用于引用组。", - "displayHeaderField": "展示名称", - "displayHeaderHint": "用于用户界面表单中呈现一组属性时应使用的用户友好名称,支持本地化值的键。例如:${profile.attribute.group.address} ", - "displayDescriptionField": "展示说明", - "displayDescriptionHint": "在用户界面表单中用于提示的文本。", - "annotationsText": "注释", - "removeAnnotationText": "删除注释", - "keyLabel": "键", - "valueLabel": "值", - "realmSettingsExplain": "领域设置用于控制当前领域中用户、应用程序、角色和群组的选项。", - "partialImport": "部分导入", - "partialExport": "部分导出", - "deleteRealm": "删除领域", - "deleteConfirmTitle": "删除领域?", - "dragInstruction": "通过点击并拖动从而改变优先级", - "deleteProviderTitle": "删除密钥提供商?", - "deleteProviderConfirm": "您确定要永久删除密钥供应商 {{provider}} 吗?", - "deleteProviderSuccess": "成功。密钥供应商已被删除。", - "deleteProviderError": "删除密钥供应商时出错", - "deleteConditionSuccess": "条件已删除", - "disablePolicyConfirmTitle": "禁用策略?", - "disablePolicyConfirm": "如果策略被禁用,用户和客户端将无法访问该策略。您确定要继续吗?", - "editProvider": "编辑供应者", - "editableRowsTable": "可编辑的行表", - "saveSuccess": "用户联盟供应商已成功保存", - "saveProviderSuccess": "供应者已成功保存。", - "saveProviderListSuccess": "供应商的优先级已成功更新。", - "saveProviderError": "保存供应商时出错:{{error}}", - "saveError": "由于:{{error}},无法保存用户联盟供应商", - "general": "常规设置", - "login": "登录", - "themes": "主题", - "eventListeners": "事件监听器", - "eventListenersHelpText": "配置哪些监听器接收该领域的事件。", - "saveEventListeners": "保存事件监听器", - "saveEventListenersSuccess": "事件侦听器已更新。", - "saveEventListenersError": "保存事件侦听器时出错:{{error}}", - "userEventsSettings": "用户事件设置", - "adminEventsSettings": "管理员事件设置", - "saveEvents": "保存事件", - "clearUserEvents": "清除用户事件", - "clearAdminEvents": "清除管理员事件", - "includeRepresentation": "是否包含表述文件", - "template": "模板", - "connectionAndAuthentication": "连接与认证", - "from": "发件人", - "fromDisplayName": "发件人展示名称", - "replyTo": "回复地址", - "replyToDisplayName": "回复地址展示名称", - "envelopeFrom": "信封发件人", - "host": "主机", - "port": "端口", - "encryption": "加密", - "enableSSL": "启用 SSL", - "enableStartTLS": "启用 StartTLS", - "keysList": "秘钥列表", - "searchKey": "搜索秘钥", - "keystore": "密钥库", - "keystorePassword": "密钥库密码", - "algorithm": "算法", - "use": "使用", - "aesGenerated": "aes-generated", - "ecdsaGenerated": "ecdsca-generated", - "hmacGenerated": "hmac-generated", - "javaKeystore": "java-keystore", - "RSA": "RSA", - "rsaGenerated": "rsa-generated", - "uiDisplayName": "界面显示的名称", - "AESKeySize": "AES 密钥大小", - "active": "活跃", - "privateRSAKey": "私有 RSA 密钥", - "filenamePlaceholder": "上传 PEM 文件或在下方粘贴密钥", - "x509Certificate": "X509证书", - "ellipticCurve": "椭圆曲线", - "secretSize": "秘钥大小", - "keySize": "秘钥大小", - "供应商 ID": "ID", - "kid": "KID", - "providerDescription": "供应者描述", - "addProvider": "添加供应商", - "publicKeys": "公钥", - "keysFilter": { - "ACTIVE": "活跃的秘钥", - "PASSIVE": "不活跃的密钥", - "DISABLED": "禁用的秘钥" - }, - "noKeys": "没有秘钥", - "noKeysDescription": "您还没有创建任何活跃的密钥", - "userRegistration": "用户注册", - "loginScreenCustomization": "登录页面定制", - "registrationAllowed": "用户注册", - "userRegistrationHelpText": "启用/禁用注册页面。若启用此设置,登陆页上也会展示注册链接。", - "resetPasswordAllowed": "忘记密码", - "forgotPassword": "忘记密码", - "forgotPasswordHelpText": "在登录页面上展示链接以允许用户忘记凭据时点击此链接。", - "rememberMe": "记住我", - "rememberMeHelpText": "在登录页面上展示复选框以允许用户在浏览器重新启动之前保持登录状态,直到会话过期。", - "emailSettings": "电子邮件设置", - "registrationEmailAsUsername": "以电子邮件作为用户名", - "emailAsUsernameHelpText": "允许用户将电子邮件设置为用户名。", - "loginWithEmailAllowed": "使用邮箱登录", - "loginWithEmailHelpText": "允许用户使用他们的电子邮件地址登录。", - "duplicateEmailsAllowed": "允许重复的电子邮件地址存在", - "duplicateEmailsHelpText": "允许多个用户拥有相同的电子邮件地址。更改此设置也会清除用户的缓存。建议在关闭对重复的电子邮件地址的支持后手动更新数据库中现有用户的电子邮件限制。", - "verifyEmailHelpText": "要求用户在首次登录后或提交地址更改后验证其电子邮件地址。", - "userInfoSettings": "用户信息设置", - "editUsernameAllowed": "允许编辑用户名", - "enableSwitchSuccess": "{{switch}} 更改成功", - "enableSwitchError": "由于{{error}},无法启用/禁用", - "testingConnection": "测试连接", - "testConnectionHint": { - "withEmail": "测试连接时,将向当前用户 ({{email}}) 发送一封电子邮件。", - "withoutEmail": "要测试连接,您必须首先为当前用户 ({{userName}}) 配置一个电子邮件地址。", - "withoutEmailAction": "配置电子邮件地址" - }, - "testConnectionSuccess": "成功!SMTP 连接成功。电子邮件已发送!", - "testConnectionError": "错误!{{error}}", - "realmId": "领域ID", - "htmlDisplayName": "HTML 展示名称", - "frontendUrl": "前端网址", - "requireSsl": "需要 SSL", - "sslType": { - "all": "所有请求", - "external": "外部请求", - "none": "无" - }, - "selectATheme": "选择主题", - "placeholderText": "点击并请从中选择一个", - "userManagedAccess": "用户自主访问", - "userProfileEnabled": "用户资料", - "endpoints": "终端", - "openIDendpointConfiguration": "OpenID 终端节点配置", - "samlIdentityProviderMetadata": "SAML 2.0 身份供应者元数据", - "accountTheme": "账户页面主题", - "adminTheme": "管理界面主题", - "emailTheme": "电子邮件主题", - "internationalization": "国际化", - "localization": "本地化", - "SSOSessionSettings": "SSO会话设置", - "SSOSessionIdle": "SSO会话空闲的时间", - "SSOSessionMax": "SSO会话最长的时间", - "SSOSessionIdleRememberMe": "“记住我”的SSO会话过期前的空闲时间", - "SSOSessionMaxRememberMe": "“记住我”的SSO会话的最长的时间", - "clientSessionSettings": "客户端会话设置", - "offlineSessionSettings": "离线会话设置", - "offlineSessionIdle": "离线会话空闲时间", - "offlineSessionMaxLimited": "离线会话最长时间的限制", - "offlineSessionMax": "离线会话最长时间", - "loginTimeout": "登录超时", - "loginActionTimeout": "登录操作超时", - "refreshTokens": "刷新令牌", - "accessTokens": "访问令牌", - "actionTokens": "操作令牌", - "overrideActionTokens": "覆盖操作令牌", - "defaultSigAlg": "默认签名算法", - "revokeRefreshToken": "撤销刷新令牌", - "refreshTokenMaxReuse": "刷新令牌重复使用的最大次数", - "accessTokenLifespanImplicitFlow": "隐式流程的访问令牌寿命", - "clientLoginTimeout": "客户端登录超时", - "userInitiatedActionLifespan": "由用户发起的操作的生命周期", - "defaultAdminInitiated": "由管理员发起的默认操作的生命周期", - "oAuthDeviceCodeLifespan": "OAuth 2.0 设备代码寿命", - "oAuthDevicePollingInterval": "OAuth 2.0 设备轮询间隔", - "shortVerificationUri": "设备授权流程中的短 verification_uri", - "emailVerification": "邮箱验证", - "idpAccountEmailVerification": "IdP 账户邮箱验证", - "executeActions": "执行操作", - "clientPolicies": "客户端策略", - "noClientPolicies": "无客户端策略", - "noClientPoliciesInstructions": "没有客户端策略。选择'创建客户端策略'来创建一个新的客户端策略。", - "createClientPolicy": "创建客户端策略", - "createClientPolicySuccess": "已创建新策略", - "updateClientPolicySuccess": "客户端策略已更新", - "createClientPolicyError": "无法创建策略,因为:{{error}}", - "createClientConditionSuccess": "条件创建成功。", - "createClientConditionError": "创建条件时出错:{{error}}", - "updateClientConditionSuccess": "条件更新成功。", - "deleteClientConditionSuccess": "条件删除成功。", - "deleteClientConditionError": "创建条件时出错:{{error}}", - "clientPolicySearch": "搜索客户端策略", - "policiesConfigType": "配置方式:", - "policiesConfigTypes": { - "formView": "表单视图", - "jsonEditor": "JSON 编辑器" - }, - "deleteClientPolicy": "删除策略", - "deleteClientPolicyConfirmTitle": "删除策略?", - "deleteClientPolicyConfirm": "此操作将永久删除策略 {{policyName}},并且无法撤消。", - "deleteClientPolicySuccess": "客户端策略已删除", - "deleteClientPolicyError": "无法删除策略:{{error}}", - "profiles": "配置文件", - "clientPoliciesProfilesHelpText": "客户端策略配置文件允许设置一组执行器,这些执行器将对与客户端相关的各种操作进行强制执行。这些操作可以是管理员操作,如创建或更新客户端,也可以是用户操作,如对客户端进行身份验证。", - "clientPoliciesProfiles": "客户端策略配置文件", - "clientPoliciesPoliciesHelpText": "客户端策略允许将客户端配置文件与各种条件绑定,以指定何时执行特定客户端配置文件中的执行器所规定的行为。", - "clientPoliciesPolicies": "客户端策略", - "clientPoliciesTab": "客户端策略标签", - "clientProfilesSubTab": "客户端配置子标签", - "clientPoliciesSubTab": "客户端策略子标签", - "profilesConfigType": "配置方式:", - "profilesConfigTypes": { - "formView": "表单视图", - "jsonEditor": "JSON 编辑器" - }, - "clientProfileSearch": "搜索", - "searchProfile": "搜索配置文件", - "clientProfileName": "客户端配置文件名称", - "clientProfileDescription": "描述", - "emptyClientProfiles": "没有配置文件", - "emptyClientProfilesInstructions": "没有配置文件,选择'创建客户端配置文件'来创建新的客户端配置文件", - "deleteClientProfileConfirmTitle": "删除配置文件?", - "deleteClientProfileConfirm": "此操作将永久删除配置文件 {{profileName}}。此操作无法撤消。", - "deleteClientSuccess": "配置文件已删除", - "deleteClientError": "无法删除配置文件:{{error}}", - "deleteClientPolicyProfileConfirmTitle": "删除配置文件?", - "deleteClientPolicyProfileConfirm": "此操作将从策略 {{policyName}} 中永久删除 {{profileName}}。并且此操作无法撤消。", - "deleteClientPolicyProfileSuccess": "配置文件已成功从策略中删除。", - "deleteClientPolicyProfileError": "无法从策略中删除配置文件:{{error}}", - "createClientProfile": "创建客户端配置文件", - "deleteClientProfile": "删除此客户端配置文件", - "createClientProfileSuccess": "已创建新的客户端配置文件", - "updateClientProfileSuccess": "客户端配置文件更新成功", - "createClientProfileError": "无法创建客户端配置文件:'{{error}}'", - "addClientProfileSuccess": "已添加新的客户端配置文件", - "addClientProfileError": "无法创建客户端配置文件:'{{error}}'", - "createClientProfileNameHelperText": "名称在领域内必须是唯一的", - "newClientProfile": "创建客户端配置文件", - "newClientProfileName": "客户端配置文件名称", - "clientProfile": "配置文件详情", - "executorDetails": "执行器详情", - "executors": "执行器", - "executorsHelpText": "执行器, 将应用于此客户端配置文件", - "executorsHelpItem": "执行器帮助项目", - "addExecutor": "添加执行器", - "executorType": "执行器类型", - "executorTypeSwitchHelpText": "执行器类型切换帮助文本", - "executorTypeSelectHelpText": "执行器类型选择帮助文本", - "executorTypeSelectAlgorithm": "执行器类型选择算法", - "executorTypeTextHelpText": "执行器类型文本帮助文本", - "executorAuthenticatorMultiSelectHelpText": "执行器验证多选的帮助文本", - "executorClientAuthenticator": "执行器客户端认证器", - "executorsTable": "执行器列表", - "executorName": "姓名", - "emptyExecutors": "没有配置执行器", - "addExecutorSuccess": "成功!执行器创建成功", - "addExecutorError": "未创建执行器", - "updateExecutorSuccess": "执行器更新成功", - "updateExecutorError": "执行器未更新", - "deleteExecutorProfileConfirmTitle": "删除执行器?", - "deleteExecutorProfileConfirm": "该操作将永久删除 {{executorName}}。且此操作无法撤消。", - "deleteExecutorSuccess": "成功!执行器被删除。", - "deleteExecutorError": "无法删除执行器:{{error}}", - "updateClientProfilesSuccess": "客户端配置文件配置已更新", - "updateClientProfilesError": "提供的 JSON 不正确: Unexpected token { in JSON", - "deleteClientPolicyConditionConfirmTitle": "删除条件?", - "deleteClientPolicyConditionConfirm": "此操作将永久删除{{condition}}。此操作无法撤消。", - "selectACondition": "选择条件", - "conditions": "条件", - "conditionType": "条件类型", - "anyClient": "任何客户端在任何事件中都满足该条件。", - "clientAccesstype": "客户端访问类型", - "clientScopesCondition": "预期范围", - "updateClientContext": "更新客户端环境", - "clientUpdaterSourceGroups": "群组", - "clientUpdaterTrustedHosts": "可信主机", - "clientUpdaterSourceRoles": "更新实体角色", - "conditionsHelpItem": "条件帮助项", - "addCondition": "添加条件", - "editCondition": "编辑条件", - "emptyConditions": "没有配置条件", - "updateClientPoliciesSuccess": "客户端策略配置已更新", - "updateClientPoliciesError": "提供的 JSON 不正确: Unexpected token { in JSON", - "clientProfiles": "客户端配置文件", - "clientProfilesHelpItem": "客户端配置文件帮助项", - "addClientProfile": "添加客户端配置文件", - "emptyProfiles": "没有配置客户端配置文件", - "tokens": "令牌", - "userProfile": "用户资料", - "jsonEditor": "JSON 编辑器", - "attributesGroup": "属性组", - "invalidJsonError": "无法保存用户配置文件,提供的信息不是有效的 JSON。", - "userProfileSuccess": "用户资料设置成功更新。", - "userProfileError": "无法更新用户资料设置:{{error}}", - "recommendedSsoTimeout": "建议此值小于 SSO 会话空闲时间:{{time}}", - "supportedLocales": "支持的语言环境", - "defaultLocale": "默认语言环境", - "selectLocales": "选择语言环境", - "searchForMessageBundle": "搜索消息包", - "addMessageBundle": "添加消息包", - "addMessageBundleSuccess": "成功!消息包已添加。", - "deleteMessageBundleSuccess": "已成功从包中删除消息", - "deleteMessageBundleError": "从包中删除消息时出错,{{error}}", - "rowEditBtnAriaLabel": "编辑 {{messageBundle}}", - "rowSaveBtnAriaLabel": "保存对 {{messageBundle}} 的编辑", - "rowCancelBtnAriaLabel": "取消对 {{messageBundle}} 的编辑", - "updateMessageBundleSuccess": "成功!消息包已更新。", - "updateMessageBundleError": "更新消息包时出错。", - "addMessageBundleError": "创建消息包时出错,{{error}}", - "allGroups": "所有组", - "attributeName": "属性 [名称]", - "attributeDisplayName": "展示名称", - "attributeGroup": "属性组", - "enabledWhen": "何时启用", - "requiredFor": "针对何人为必填项", - "requiredWhen": "何时为必填项", - "requiredForLabel": { - "both": "用户和管理员", - "users": "仅限用户", - "admins": "仅限管理员" - }, - "whoCanEdit": "谁可以编辑?", - "whoCanView": "谁可以查看?", - "admin": "管理员", - "addValidator": "添加验证器", - "validatorType": "验证器类型", - "addValidatorRole": "添加 {{validatorName}} 验证器", - "validatorDialogColNames": { - "colName": "角色名称", - "colDescription": "描述" - }, - "validatorColNames": { - "colName": "验证器名称", - "colConfig": "设置" - }, - "deleteValidatorConfirmTitle": "删除验证器?", - "deleteValidatorConfirmMsg": "您确定要永久删除验证器 {{validatorName}} 吗?", - "validatorDeletedSuccess": "用户资料配置已保存。", - "validatorDeletedError": "保存用户资料时出错:{{error}}", - "emptyValidators": "没有验证器。", - "updatedUserProfileSuccess": "用户资料的配置已保存", - "updatedUserProfileError": "用户资料的配置尚未保存", - "createAttribute": "创建属性", - "editAttribute": "编辑属性", - "createAttributeSubTitle": "创建新属性", - "createAttributeSuccess": "成功!用户资料的配置已保存。", - "createAttributeError": "错误!用户资料的配置尚未保存{{error}}。", - "attributesDropdown": "属性下拉框", - "deleteAttributeConfirmTitle": "删除属性?", - "deleteAttributeConfirm": "您确定要永久删除属性 {{attributeName}} 吗?", - "deleteAttributeSuccess": "属性已删除", - "deleteAttributeError": "属性未删除", - "always": "总是", - "scopesAsRequested": "在此范围内生效", - "validations": "验证", - "annotations": "注释", - "addAnnotationText": "添加注释", - "validateName": "您必须输入一个名字", - "searchEventType": "搜索被保存的事件类型", - "addSavedTypes": "添加被保存的事件类型", - "addTypes": "添加类型", - "eventTypes": { - "SEND_RESET_PASSWORD": { - "name": "发送重置的密码", - "description": "发送重置的密码" - }, - "UPDATE_CONSENT_ERROR": { - "name": "更新许可错误", - "description": "更新许可错误" - }, - "GRANT_CONSENT": { - "name": "授权许可", - "description": "授权许可" - }, - "REMOVE_TOTP": { - "name": "删除TOTP", - "description": "删除TOTP" - }, - "REVOKE_GRANT": { - "name": "撤销授权", - "description": "撤销授权" - }, - "UPDATE_TOTP": { - "name": "更新TOTP", - "description": "更新TOTP" - }, - "LOGIN_ERROR": { - "name": "登录错误", - "description": "登录错误" - }, - "CLIENT_LOGIN": { - "name": "客户端登录", - "description": "客户端登录" - }, - "RESET_PASSWORD_ERROR": { - "name": "重置密码错误", - "description": "重置密码错误" - }, - "IMPERSONATE_ERROR": { - "name": "角色扮演错误", - "description": "角色扮演错误" - }, - "CODE_TO_TOKEN_ERROR": { - "name": "用于交换令牌的代码错误", - "description": "用于交换令牌的代码错误" - }, - "CUSTOM_REQUIRED_ACTION": { - "name": "自定义所需操作", - "description": "自定义所需操作" - }, - "RESTART_AUTHENTICATION": { - "name": "重启认证", - "description": "重启认证" - }, - "IMPERSONATE": { - "name": "角色扮演", - "description": "角色扮演" - }, - "UPDATE_PROFILE_ERROR": { - "name": "更新配置文件错误", - "description": "更新配置文件错误" - }, - "LOGIN": { - "name": "登录", - "description": "登录" - }, - "UPDATE_PASSWORD_ERROR": { - "name": "更新密码错误", - "description": "更新密码错误" - }, - "CLIENT_INITIATED_ACCOUNT_LINKING": { - "name": "客户端发起的账号关联", - "description": "客户端发起的账号关联" - }, - "TOKEN_EXCHANGE": { - "name": "交换令牌", - "description": "交换令牌" - }, - "LOGOUT": { - "name": "登出", - "description": "登出" - }, - "REGISTER": { - "name": "注册", - "description": "注册" - }, - "DELETE_ACCOUNT_ERROR": { - "name": "删除账号错误", - "description": "删除账号错误" - }, - "CLIENT_REGISTER": { - "name": "客户端注册", - "description": "客户端注册" - }, - "IDENTITY_PROVIDER_LINK_ACCOUNT": { - "name": "身份提供商关联账号", - "description": "身份提供商关联账号" - }, - "DELETE_ACCOUNT": { - "name": "删除账号", - "description": "删除账号" - }, - "UPDATE_PASSWORD": { - "name": "更新密码", - "description": "更新密码" - }, - "CLIENT_DELETE": { - "name": "客户端删除", - "description": "客户端删除" - }, - "FEDERATED_IDENTITY_LINK_ERROR": { - "name": "联合身份链接错误", - "description": "联合身份链接错误" - }, - "IDENTITY_PROVIDER_FIRST_LOGIN": { - "name": "身份提供商首次登录", - "description": "身份供应商首次登录" - }, - "CLIENT_DELETE_ERROR": { - "name": "客户端删除错误", - "description": "客户端删除错误" - }, - "VERIFY_EMAIL": { - "name": "验证邮箱", - "description": "验证邮箱" - }, - "CLIENT_LOGIN_ERROR": { - "name": "客户端登录错误", - "description": "客户端登录错误" - }, - "RESTART_AUTHENTICATION_ERROR": { - "name": "重启认证错误", - "description": "重启认证错误" - }, - "EXECUTE_ACTIONS": { - "name": "执行动作", - "description": "执行动作" - }, - "REMOVE_FEDERATED_IDENTITY_ERROR": { - "name": "删除联合身份错误", - "description": "删除联合身份错误" - }, - "TOKEN_EXCHANGE_ERROR": { - "name": "令牌交换错误", - "description": "令牌交换错误" - }, - "PERMISSION_TOKEN": { - "name": "权限令牌", - "description": "权限令牌" - }, - "SEND_IDENTITY_PROVIDER_LINK_ERROR": { - "name": "发送身份供应者链接错误", - "description": "发送身份供应者链接错误" - }, - "EXECUTE_ACTION_TOKEN_ERROR": { - "name": "执行动作令牌错误", - "description": "执行动作令牌错误" - }, - "SEND_VERIFY_EMAIL": { - "name": "发送验证邮件", - "description": "发送验证邮件" - }, - "EXECUTE_ACTIONS_ERROR": { - "name": "执行动作错误", - "description": "执行动作错误" - }, - "REMOVE_FEDERATED_IDENTITY": { - "name": "删除联合身份", - "description": "删除联合身份" - }, - "IDENTITY_PROVIDER_POST_LOGIN": { - "name": "身份供应者非首次登录", - "description": "身份供应者非首次登录" - }, - "IDENTITY_PROVIDER_LINK_ACCOUNT_ERROR": { - "name": "身份提供商关联账号错误", - "description": "身份提供商关联账号错误" - }, - "UPDATE_EMAIL": { - "name": "更新邮箱", - "description": "更新邮箱" - }, - "REGISTER_ERROR": { - "name": "注册错误", - "description": "注册错误" - }, - "REVOKE_GRANT_ERROR": { - "name": "撤销授权错误", - "description": "撤销授权错误" - }, - "EXECUTE_ACTION_TOKEN": { - "name": "执行动作令牌", - "description": "执行动作令牌" - }, - "LOGOUT_ERROR": { - "name": "登出错误", - "description": "登出错误" - }, - "UPDATE_EMAIL_ERROR": { - "name": "更新邮箱错误", - "description": "更新邮箱错误" - }, - "CLIENT_UPDATE_ERROR": { - "name": "客户端更新错误", - "description": "客户端更新错误" - }, - "UPDATE_PROFILE": { - "name": "更新资料", - "description": "更新资料" - }, - "CLIENT_REGISTER_ERROR": { - "name": "客户端注册错误", - "description": "客户端注册错误" - }, - "FEDERATED_IDENTITY_LINK": { - "name": "联合身份链接", - "description": "联合身份链接" - }, - "SEND_IDENTITY_PROVIDER_LINK": { - "name": "发送身份供应商链接", - "description": "发送身份供应商链接" - }, - "SEND_VERIFY_EMAIL_ERROR": { - "name": "发送验证邮件错误", - "description": "发送验证邮件错误" - }, - "RESET_PASSWORD": { - "name": "重置密码", - "description": "重置密码" - }, - "CLIENT_INITIATED_ACCOUNT_LINKING_ERROR": { - "name": "客户端发起的账号关联错误", - "description": "客户端发起的账号关联错误" - }, - "UPDATE_CONSENT": { - "name": "更新许可", - "description": "更新许可" - }, - "REMOVE_TOTP_ERROR": { - "name": "移除totp错误", - "description": "移除totp错误" - }, - "VERIFY_EMAIL_ERROR": { - "name": "邮箱验证错误", - "description": "邮箱验证错误" - }, - "SEND_RESET_PASSWORD_ERROR": { - "name": "发送重置密码错误", - "description": "发送重置密码错误" - }, - "CLIENT_UPDATE": { - "name": "客户端更新", - "description": "客户端更新" - }, - "CUSTOM_REQUIRED_ACTION_ERROR": { - "name": "自定义必要操作错误", - "description": "自定义必要操作错误" - }, - "IDENTITY_PROVIDER_POST_LOGIN_ERROR": { - "name": "身份供应者非首次登录错误", - "description": "身份供应者非首次登录错误" - }, - "UPDATE_TOTP_ERROR": { - "name": "更新totp错误", - "description": "更新totp错误" - }, - "CODE_TO_TOKEN": { - "name": "用于交换令牌的代码", - "description": "用于交换令牌的代码" - }, - "GRANT_CONSENT_ERROR": { - "name": "授权许可错误", - "description": "授权许可错误" - }, - "IDENTITY_PROVIDER_FIRST_LOGIN_ERROR": { - "name": "身份供应商首次登录错误", - "description": "身份供应商首次登录错误" - }, - "REGISTER_NODE_ERROR": { - "name": "注册节点错误", - "description": "注册节点错误" - }, - "PERMISSION_TOKEN_ERROR": { - "name": "权限令牌错误", - "description": "权限令牌错误" - }, - "IDENTITY_PROVIDER_RETRIEVE_TOKEN_ERROR": { - "name": "身份供应者检索令牌错误", - "description": "身份供应者检索令牌错误" - }, - "CLIENT_INFO": { - "name": "客户端信息", - "description": "客户端信息" - }, - "VALIDATE_ACCESS_TOKEN": { - "name": "验证访问令牌", - "description": "验证访问令牌" - }, - "IDENTITY_PROVIDER_LOGIN": { - "name": "身份供应者登录", - "description": "身份供应者登录" - }, - "CLIENT_INFO_ERROR": { - "name": "客户端信息错误", - "description": "客户端信息错误" - }, - "INTROSPECT_TOKEN_ERROR": { - "name": "令牌内部检查错误", - "description": "令牌内部检查错误" - }, - "INTROSPECT_TOKEN": { - "name": "令牌内部检查", - "description": "令牌内部检查" - }, - "UNREGISTER_NODE": { - "name": "注销节点", - "description": "注销节点" - }, - "REGISTER_NODE": { - "name": "注册节点", - "description": "注册节点" - }, - "INVALID_SIGNATURE": { - "name": "无效签名", - "description": "无效签名" - }, - "USER_INFO_REQUEST_ERROR": { - "name": "用户信息请求错误", - "description": "用户信息请求错误" - }, - "REFRESH_TOKEN": { - "name": "刷新令牌", - "description": "刷新令牌" - }, - "IDENTITY_PROVIDER_RESPONSE": { - "name": "身份供应者响应", - "description": "身份供应者响应" - }, - "IDENTITY_PROVIDER_RETRIEVE_TOKEN": { - "name": "身份供应者检索令牌", - "description": "身份供应者检索令牌" - }, - "UNREGISTER_NODE_ERROR": { - "name": "注销节点错误", - "description": "注销节点错误" - }, - "VALIDATE_ACCESS_TOKEN_ERROR": { - "name": "验证访问令牌错误", - "description": "验证访问令牌错误" - }, - "INVALID_SIGNATURE_ERROR": { - "name": "无效签名错误", - "description": "无效签名错误" - }, - "USER_INFO_REQUEST": { - "name": "用户信息请求", - "description": "用户信息请求" - }, - "IDENTITY_PROVIDER_RESPONSE_ERROR": { - "name": "身份供应者响应错误", - "description": "身份供应者响应错误" - }, - "IDENTITY_PROVIDER_LOGIN_ERROR": { - "name": "身份供应者登录错误", - "description": "身份供应者登录错误" - }, - "REFRESH_TOKEN_ERROR": { - "name": "刷新令牌错误", - "description": "刷新令牌错误" - }, - "VERIFY_PROFILE": { - "name": "验证配置文件", - "description": "验证配置文件" - }, - "VERIFY_PROFILE_ERROR": { - "name": "验证配置文件错误", - "description": "验证配置文件错误" - }, - "OAUTH2_DEVICE_CODE_TO_TOKEN": { - "name": "Oauth2设备用于交换令牌的代码", - "description": "Oauth2设备用于交换令牌的代码" - }, - "OAUTH2_DEVICE_CODE_TO_TOKEN_ERROR": { - "name": "Oauth2设备用于交换令牌的代码错误", - "description": "Oauth2设备用于交换令牌的代码错误" - }, - "OAUTH2_DEVICE_VERIFY_USER_CODE": { - "name": "Oauth2设备验证用户代码", - "description": "Oauth2 设备验证用户代码" - }, - "OAUTH2_DEVICE_VERIFY_USER_CODE_ERROR": { - "name": "Oauth2设备验证用户代码错误", - "description": "Oauth2设备验证用户代码错误" - }, - "AUTHREQID_TO_TOKEN": { - "name": "认证令牌", - "description": "认证令牌" - }, - "AUTHREQID_TO_TOKEN_ERROR": { - "name": "认证令牌错误", - "description": "认证令牌错误" - }, - "OAUTH2_DEVICE_AUTH": { - "name": "Oauth2设备认证", - "description": "Oauth2设备认证" - }, - "OAUTH2_DEVICE_AUTH_ERROR": { - "name": "Oauth2设备认证错误", - "description": "Oauth2设备认证错误" - } - }, - "eventConfigSuccessfully": "成功保存配置", - "eventConfigError": "无法保存事件配置{{error}}", - "deleteEvents": "清除事件", - "deleteEventsConfirm": "如果清除该领域的所有事件,数据库中的所有记录将被永久清除", - "admin-events-cleared": "管理员事件已清除", - "admin-events-cleared-error": "无法清除管理员事件{{error}}", - "user-events-cleared": "用户事件已清除", - "user-events-cleared-error": "无法清除用户事件 {{error}}", - "events-disable-title": "取消保存事件?", - "events-disable-confirm": "如果禁用“保存事件”,后续事件将不会展示在“事件”菜单中。", - "noMessageBundles": "没有消息包", - "noMessageBundlesInstructions": "添加消息包以开始使用。", - "messageBundleDescription": "您可以编辑支持的语言环境。如果您还没有选择支持的语言环境,您只能编辑英文语言环境。", - "defaultRoles": "默认角色", - "defaultGroups": "默认群组", - "whatIsDefaultGroups": "默认群组的作用是什么?", - "addDefaultGroups": "添加默认群组", - "removeConfirmTitle_one": "移除群组?", - "removeConfirmTitle_other": "移除群组?", - "removeConfirm_one": "您确定要移除这个群组吗?", - "removeConfirm_other": "您确定要移除这些组吗?", - "groupRemove_one": "群组已移除", - "groupRemove_other": "群组已移除", - "groupRemoveError": "移除群组 {error} 时出错", - "defaultGroupAdded_one": "新群组已被添加到默认群组", - "defaultGroupAdded_other": "{{count}} 个新群组已被添加到默认群组", - "defaultGroupAddedError": "将群组添加到默认群组时出错 {error}。", - "noDefaultGroups": "没有默认群组", - "noDefaultGroupsInstructions": "设置默认组将允许您在<1>identity brokering过程中创建或导入新用户时自动分配群组。添加默认组以开始使用这一功能。", - "securityDefences": "安全防御", - "headers": "标题", - "bruteForceDetection": "暴力破解检测", - "xFrameOptions": "X-Frame-Options", - "contentSecurityPolicy": "内容安全策略", - "contentSecurityPolicyReportOnly": "仅限内容安全策略报告", - "xContentTypeOptions": "X-Content-Type-Options", - "xRobotsTag": "X-机器人标签", - "xXSSProtection": "X-XSS-保护", - "strictTransportSecurity": "HTTP 严格传输安全 (HSTS)", - "failureFactor": "登录失败最多次数", - "permanentLockout": "永久锁定", - "waitIncrementSeconds": "等待增量", - "maxFailureWaitSeconds": "最长等待时间", - "maxDeltaTimeSeconds": "失败复位时间", - "quickLoginCheckMilliSeconds": "快速登录检查毫秒数", - "minimumQuickLoginWaitSeconds": "最小快速登录等待秒数", - "partialExportHeaderText": "部分导出允许您将领域配置和其他相关资源导出到 json 文件中。", - "includeGroupsAndRoles": "包含群组和角色", - "includeClients": "包含客户端", - "exportWarningTitle": "谨慎导出", - "exportWarningDescription": "如果您的领域中有大量群组、角色或客户端,该操作可能会使服务器暂时无响应。", - "exportSuccess": "领域成功导出。", - "exportFail": "无法导出领域:'{{error}}'", - "partialImportHeaderText": "部分导入允许您从之前导出的 json 文件中导入用户、客户端和其他资源。", - "selectRealm": "选择领域", - "chooseResources": "选择要导入的资源", - "selectIfResourceExists": "如果资源已存在,请指定应采取的操作", - "resourcesToImport": "要导入的资源", - "importFail": "导入失败:{{error}}", - "FAIL": "导入失败", - "SKIP": "跳过", - "OVERWRITE": "覆写", - "added": "已添加", - "skipped": "已跳过", - "overwritten": "已被覆写", - "importAdded_zero": "没有添加记录。", - "importAdded_one": "添加了一条记录。", - "importAdded_other": "已添加 {{count}} 条记录。", - "importOverwritten_zero": "没有记录被覆写。", - "importOverwritten_one": "覆写一条记录。", - "importOverwritten_other": "{{count}} 条记录被覆写。", - "importSkipped_zero": "没有记录被跳过。", - "importSkipped_one": "跳过一条记录。", - "importSkipped_other": "跳过 {{count}} 条记录。", - "fromDisplayNameHelp": "“发件人”地址的用户友好名称(可选)。", - "replyToDisplayNameHelp": "“回复”地址的用户友好名称(可选)。", - "envelopeFromHelp": "用于退回的电子邮件地址(非必需)。", - "passwordHelp": "SMTP 密码。该字段可以从 vault 中获取其值,使用 ${vault.ID} 格式。", - "frontendUrlHelp": "设置领域的前端 URL。与默认主机名提供程序结合使用以覆盖特定领域前端请求的基本 URL。", - "requireSslHelp": "是否需要HTTPS?'无'表示任何客户端IP地址都不需要HTTPS。'外部请求'表示本地主机和私有IP地址无需HTTPS即可访问。'所有请求'表示所有IP地址都需要HTTPS。 ", - "userManagedAccessHelp": "如果启用,用户可以使用账户管理 UI 管理他们的资源和权限。", - "userProfileEnabledHelp": "如果启用,允许管理用户配置文件。", - "endpointsHelp": "显示服务提供商终端节点(Endpoint)的配置", - "accountThemeHelp": "为用户账户管理页面选择主题。", - "adminThemeHelp": "为管理界面选择主题。", - "emailThemeHelp": "为服务器发送的电子邮件选择主题。", - "priorityHelp": "供应商的优先级", - "enabledHelp": "设置按键是否启用", - "activeHelp": "设置密钥是否可用于签名", - "AESKeySizeHelp": "生成的 AES 密钥的大小(以字节为单位)。16 用于 AES-128, 24 用于 AES-192,32 用于 AES-256。请注意,某些 JDK 实现不允许大于 128 的密钥。", - "save-user-events": "如果启用,用户事件将保存到数据库中,从而使事件可用于管理员和帐户的管理页面中。", - "save-admin-events": "如果启用,管理员事件将保存到数据库中,从而使事件可用于管理员页面。", - "admin-clearEvents": "清除数据库中的所有管理事件。", - "includeRepresentationHelp": "包括创建和更新请求的 JSON 表示。", - "user-clearEvents": "清除数据库中的所有用户事件。", - "ellipticCurveHelp": "ECDSA 中使用的椭圆曲线", - "secretSizeHelp": "生成的密码的字节大小", - "keySizeHelp": "生成密钥的大小", - "algorithmHelp": "密钥的预期算法", - "keystoreHelp": "密钥文件路径", - "keystorePasswordHelp": "密钥的密码", - "privateRSAKeyHelp": "以 PEM 格式编码的私有 RSA 密钥", - "x509CertificateHelp": "以 PEM 格式编码的 X509 证书", - "xFrameOptionsHelp": "默认值防止页面被非来源 iframe 包含<1>了解更多", - "contentSecurityPolicyHelp": "默认值防止页面被非来源 iframe 包含<1>了解更多", - "contentSecurityPolicyReportOnlyHelp": "用于测试内容安全策略<1>了解更多", - "xContentTypeOptionsHelp": "默认值阻止 Internet Explorer 和谷歌浏览器从 MIME 嗅探远离声明的内容类型的响应<1>了解更多", - "xRobotsTagHelp": "防止页面出现在搜索引擎中<1>了解更多", - "xXSSProtectionHelp": "此标头在您的浏览器中配置跨站点脚本 (XSS) 过滤器。使用默认行为,浏览器将在检测到 XSS 攻击时阻止呈现页面。<1>了解更多 ", - "strictTransportSecurityHelp": "Strict-Transport-Security HTTP 标头告诉浏览器始终使用 HTTPS。一旦浏览器看到此标头,它只会在指定的时间(1 年)内通过 HTTPS 访问站点,包括子域。<1>了解更多", - "failureFactorHelp": "在等待触发之前有多少次失败。", - "permanentLockoutHelp": "当用户超过最大登录失败次数时,将永久锁定用户。", - "waitIncrementSecondsHelp": "当达到失败阈值时,用户应该被锁定多长时间?", - "maxFailureWaitSecondsHelp": "用户被锁定的最长时间。", - "maxDeltaTimeSecondsHelp": "失败次数的统计数量何时重置?", - "quickLoginCheckMilliSecondsHelp": "如果故障并发发生得太快,将会锁定用户。", - "minimumQuickLoginWaitSecondsHelp": "快速登录失败后等待多长时间。", - "ssoSessionIdle": "允许会话在到期前空闲的时间。令牌和浏览器会话在会话到期时失效。", - "ssoSessionMax": "会话过期前的最长时间。令牌和浏览器会话在会话过期时失效。", - "ssoSessionIdleRememberMe": "在到期之前“记住我”的会话的空闲的时间。令牌和浏览器会话在会话到期时失效。如果未设置,它将使用标准的 SSO 会话空闲值。", - "ssoSessionMaxRememberMe": "当用户设置了“记住我”选项时,会话过期前的最长时间。当会话过期时,令牌和浏览器会话将失效。如果未设置,它将使用标准 SSO 会话最大值。", - "offlineSessionIdleHelp": "离线会话过期前允许空闲的时间。在此期间内至少需要使用离线令牌刷新一次,否则离线会话将过期。", - "offlineSessionMaxLimitedHelp": "启用最大离线会话", - "offlineSessionMaxHelp": "无论活动如何,离线会话过期前的最长时间。", - "loginTimeoutHelp": "用户完成一次登录的最长时间。建议这个时间比较长,比如30分钟或者更长", - "loginActionTimeoutHelp": "用户必须完成登录相关操作(如更新密码或配置 totp)的最长时间。建议相对较长,例如 5 分钟或更长时间", - "defaultSigAlgHelp": "用于为领域签署令牌的默认算法", - "revokeRefreshTokenHelp": "如果启用刷新令牌最多只能使用'刷新令牌最大重用',并且在使用不同的令牌时被撤销。否则刷新令牌在使用时不会被撤销并且可以多次使用。", - "refreshTokenMaxReuseHelp": "刷新令牌可以重复使用的最大次数。当使用不同的令牌时,立即撤销。", - "accessTokenLifespanImplicitFlowHelp": "在 OpenID Connect 隐式流期间颁发的访问令牌到期之前的最长时间。建议此值短于 SSO 超时设置。在隐式流期间不可能刷新令牌,这就是为什么有一个单独的超时不同于“访问令牌生命周期”", - "clientLoginTimeoutHelp": "客户端必须完成访问令牌协议的最长时间。这通常应该是 1 分钟。", - "userInitiatedActionLifespanHelp": "用户发送的操作许可(例如忘记密码的电子邮件)过期之前的最长时间。建议该值较短,因为预计用户会对自己创建的操作做出快速反应。 ", - "defaultAdminInitiatedActionLifespan": "管理员发送给用户的操作许可过期前的最长时间。建议将该值设置得较长,以允许管理员为当前离线的用户发送电子邮件。默认超时可以在紧接之前被覆盖发行令牌。", - "oAuthDeviceCodeLifespanHelp": "设备代码和用户代码过期前的最长时间。这个值需要足够长的生命周期才能使用(允许用户检索他们的辅助设备、导航到验证 URI、登录等) , 但也应该足够短以限制为网络钓鱼获得的代码的可用性。", - "oAuthDevicePollingIntervalHelp": "客户端在对令牌端点的轮询请求之间应等待的最短时间(以秒为单位)。", - "shortVerificationUriTooltip": "如果设置,此值将在设备授权流程中作为 verification_uri 返回。此 uri 需要重定向到 {server-root}/realms/{realm}/device", - "overrideActionTokensHelp": "在用户发送的操作许可(例如忘记密码的电子邮件)针对特定操作过期之前覆盖默认设置的最长时间。建议该值较短,因为预计用户会做出反应快速进行自我创建的动作。", - "internationalizationHelp": "如果启用,您可以选择您支持该领域的语言环境以及默认语言环境。", - "supportedLocalesHelp": "该领域支持的语言环境。用户在登录屏幕上选择这些语言环境之一。", - "defaultLocaleHelp": "要使用的初始语言环境。它用于登录页面和管理员界面和帐户界面中的其他页面。", - "conditionsHelp": "条件,将对其进行评估以确定是否应在特定操作期间应用客户端策略。", - "clientProfilesHelp": "应用此策略的客户端配置文件。", - "clientAccessType": "它使用客户端的访问类型(机密、公共、仅承载)来确定是否应用策略。在大多数 OpenID Connect 请求(授权请求、令牌请求、内省端点请求等)期间检查条件。 )", - "clientAccesstypeTooltip": "客户端的访问类型,这是针对将被应用的条件的。", - "clientRolesHelp": "该条件检查客户端上是否存在指定的客户端角色,以确定是否应用该策略。这有效地允许客户端管理员在客户端上创建指定名称的客户端角色,以确保特定的客户端策略将应用于此客户端的请求。在大多数 OpenID Connect 请求(授权请求、令牌请求、内省端点请求等)期间检查条件。", - "clientRolesConditionTooltip": "客户端角色,将在此条件评估期间检查。如果客户端至少有一个客户端角色名称与配置中指定的客户端角色相同,则条件评估为真。", - "clientScopesHelp": "它使用预先请求或分配给客户端的范围来确定策略是否应用于此客户端。在 OpenID Connect 授权请求和/或令牌请求期间评估条件。", - "clientScopesConditionTooltip": "预期客户端范围的列表。如果指定的客户端请求匹配某些客户端范围,则条件评估为真。它还取决于配置的'范围类型',就是它应该是默认的还是可选的客户端范围。", - "clientUpdaterContext": "条件检查上下文如何创建/更新客户端以确定是否应用策略。例如,它检查客户端是否使用管理 REST API 或 OIDC 动态客户端注册创建。并且根据大小写判断是否是匿名客户端注册或使用已被验证的初始访问权限的客户端注册。", - "clientUpdaterSourceGroupsHelp": "条件检查尝试创建/更新客户端的实体组以确定是否应用了策略。", - "clientUpdaterSourceGroupsTooltip": "要检查的组的名称。如果创建/更新客户端的实体是某些指定组的成员,则条件评估为真。配置的组由它们的简单名称指定,必须与名称匹配Keycloak 组。此处不支持组层次结构。", - "clientUpdaterSourceHost": "条件检查尝试创建/更新客户端的实体的主机/域以确定是否应用了策略。", - "clientUpdaterTrustedHostsTooltip": "受信任的主机列表。如果客户端注册/更新请求来自此配置中指定的主机/域,则条件评估为真。您可以使用主机名或 IP 地址。如果您在开头(例如 '*.example.com' )然后整个域 example.com 将被信任。", - "clientUpdaterSourceRolesHelp": "条件检查尝试创建/更新客户端的实体的角色以确定是否应用策略。", - "clientUpdaterSourceRolesTooltip": "在客户端注册/更新请求期间检查条件,如果正在创建/更新客户端的实体(通常是用户)是指定角色的成员,则它评估为真。要参考领域角色,您可以使用领域角色名称,如“my_realm_role”。对于参考客户端角色,您可以使用 client_id.role_name 例如“my_client.my_client_role”引用客户端“my_client”的客户端角色“my_client_role”。", - "defaultGroupsHelp": "默认群组允许您在通过<1>identity brokering创建或导入任何新用户时自动分配组成员资格。", - "attributeGeneralSettingsDescription": "此部分包含一些对所有属性通用的基本设置。", - "attributeNameHelp": "要在断言中搜索的属性名称。您可以将此留空并指定一个友好的名称。", - "attributeDisplayNameHelp": "属性的显示名称。它也支持本地化值的键,例如:${profile.attribute.phoneNumber}。", - "attributeGroupHelp": "user.profile.attribute.group.tooltip", - "requiredHelp": "根据需要设置属性。如果启用,该属性必须由用户和管理员设置。否则,该属性是非必需的。", - "attributePermissionDescription": "这部分包含谁可以编辑和谁可以查看属性的权限。", - "whoCanEditHelp": "如果启用,用户或管理员可以查看和编辑属性。否则,用户或管理员无权写入属性。", - "whoCanViewHelp": "如果启用,用户或管理员可以查看该属性。否则,用户或管理员无权访问该属性。", - "editUsername": "如果启用,用户名字段是可编辑的,否则用户名字是只读的。", - "authenticationExplain": "身份验证是您可以配置和管理不同凭证类型的区域。", - "flows": "流程", - "requiredActions": "必需的操作", - "passwordPolicy": "密码策略", - "otpPolicy": "一次性密码策略", - "webauthnPolicy": "Webauthn 策略", - "webauthnPasswordlessPolicy": "Webauthn 无密码策略", - "noPasswordPolicies": "无密码策略", - "noPasswordPoliciesInstructions": "您尚未向该领域添加任何密码策略。添加一个策略以开始。", - "updatePasswordPolicySuccess": "密码策略更新成功", - "updatePasswordPolicyError": "无法更新密码策略:'{{error}}'", - "webAuthnPolicyRpEntityName": "依赖方的名称", - "addPolicy": "添加策略", - "otpType": "一次性密码类型", - "policyType": { - "totp": "基于时间", - "hotp": "基于计数器" - }, - "otpHashAlgorithm": "OTP哈希算法", - "otpPolicyDigits": "位数", - "otpPolicyPeriod": "OTP 令牌周期", - "otpPolicyPeriodErrorHint": "时间需要在 1 秒到 2 分钟之间", - "otpPolicyCodeReusable": "可重复使用的令牌", - "initialCounter": "初始计数器", - "initialCounterErrorHint": "数值需要在 1 到 120 之间", - "supportedApplications": "支持的应用程序", - "otpSupportedApplications": { - "totpAppFreeOTPName": "FreeOTP", - "totpAppGoogleName": "谷歌验证器", - "totpAppMicrosoftAuthenticatorName": "Microsoft 身份验证器" - }, - "updateOtpSuccess": "OTP 策略成功更新", - "updateOtpError": "无法更新 OTP 策略:{{error}}", - "cibaPolicy": "CIBA策略", - "cibaBackchannelTokenDeliveryMode": "反向通道令牌交付模式", - "cibaBackhannelTokenDeliveryModes": { - "poll": "计票", - "ping": "发送回显信息" - }, - "cibaExpiresIn": "过期时间", - "cibaInterval": "间隔", - "cibaAuthRequestedUserHint": "身份验证请求的用户提示", - "updateCibaSuccess": "CIBA 策略更新成功", - "updateCibaError": "无法更新 CIBA 策略:{{error}}", - "webAuthnPolicySignatureAlgorithms": "签名算法", - "webAuthnPolicyRpId": "依赖方ID", - "webAuthnPolicyAttestationConveyancePreference": "证明传输偏好", - "attestationPreference": { - "not specified": "未指定", - "none": "无", - "indirect": "间接", - "direct": "直接" - }, - "webAuthnPolicyAuthenticatorAttachment": "身份验证器附件", - "authenticatorAttachment": { - "not specified": "未指定", - "platform": "平台", - "cross-platform": "跨平台" - }, - "webAuthnPolicyRequireResidentKey": "需要常驻密钥", - "residentKey": { - "not specified": "未指定", - "Yes": "是", - "No": "否" - }, - "webAuthnPolicyUserVerificationRequirement": "用户验证要求", - "userVerify": { - "not specified": "未指定", - "required": "必需", - "preferred": "首选", - "discouraged": "不建议" - }, - "webAuthnPolicyCreateTimeout": "超时", - "webAuthnPolicyCreateTimeoutHint": "超时时间需要在 0 秒到 8 小时之间", - "webAuthnPolicyAvoidSameAuthenticatorRegister": "避免相同的身份验证器注册", - "webAuthnPolicyAcceptableAaguids": "可接受的 AAGUID", - "webAuthnPolicyExtraOrigins": "额外的 Origin", - "addAaguids": "添加 AAGUID", - "addOrigins": "添加 Origin", - "webAuthnUpdateSuccess": "已成功更新 webauthn 策略", - "webAuthnUpdateError": "由于{{error}},无法更新 webauthn 策略", - "flowName": "流程名称", - "searchForFlow": "搜索流程", - "usedBy": "使用者", - "flowUsedBy": "使用这个流程", - "flowUsedByDescription": "此流程由以下 {{value}} 使用", - "buildIn": "内置", - "appliedByProviders": "由以下提供商应用", - "appliedByClients": "由以下客户应用", - "used": { - "SPECIFIC_PROVIDERS": "特定供应商", - "SPECIFIC_CLIENTS": "特定客户", - "DEFAULT": "默认", - "notInUse": "未使用" - }, - "duplicate": "复制", - "bindFlow": "绑定流程", - "chooseBindingType": "选择绑定的类型", - "flow": { - "browser": "浏览器流程", - "registration": "注册流程", - "direct grant": "直接授权流程", - "reset credentials": "重置凭据流程", - "clients": "客户端认证流程", - "docker auth": "Docker 认证流程" - }, - "editInfo": "编辑信息", - "editFlow": "编辑流程", - "deleteConfirmFlow": "删除流程?", - "deleteConfirmFlowMessage": "您确定要永久删除流程 \"<1>{{flow}}}\"。", - "deleteFlowSuccess": "流程成功删除", - "deleteFlowError": "无法删除流程:{{error}}", - "duplicateFlow": "复制流程", - "deleteConfirmExecution": "删除执行器?", - "deleteConfirmExecutionMessage": "您确定要永久删除执行器\"<1>{{name}}}\"。", - "deleteExecutionSuccess": "执行器成功删除", - "deleteExecutionError": "无法删除执行器:{{error}}", - "updateFlowSuccess": "流程更新成功", - "updateFlowError": "无法更新流程:{{error}}", - "copyOf": "{{name}} 的副本", - "copyFlowSuccess": "流程复制成功", - "copyFlowError": "无法复制流程:{{error}}", - "createFlow": "创建流程", - "flowType": "流程类型", - "flow-type": { - "basic-flow": "通用型", - "form-flow": "表单型" - }, - "top-level-flow-type": { - "basic-flow": "基本流程", - "client-flow": "客户端流程" - }, - "flowCreatedSuccess": "流程已创建", - "flowCreateError": "无法创建流程:{{error}}", - "flowDetails": "流程详情", - "tableView": "表格视图", - "diagramView": "图表视图", - "emptyExecution": "无执行器", - "emptyExecutionInstructions": "您可以通过添加子流程或执行器来开始定义此流程", - "addExecutionTitle": "添加执行器", - "addExecution": "添加执行器", - "addSubFlowTitle": "添加子流程", - "addSubFlow": "添加子流程", - "addStep": "添加步骤", - "addStepTo": "向 {{name}} 添加步骤", - "steps": "步骤", - "requirement": "需求", - "requirements": { - "REQUIRED": "必需", - "ALTERNATIVE": "非必需", - "DISABLED": "禁用", - "CONDITIONAL": "基于一定条件" - }, - "executionConfig": "{{name}} 配置", - "alias": "别名", - "configSaveSuccess": "成功保存执行器的配置", - "configSaveError": "无法保存执行器的配置:{{error}}", - "setAsDefaultAction": "设置为默认操作", - "disabledOff": "禁用状态的关闭", - "updatedRequiredActionSuccess": "必需操作,更新成功", - "updatedRequiredActionError": "无法更新必需的操作:{{error}}", - "createFlowHelp": "您可以在此表单中创建顶级流程", - "flowTypeHelp": "它是一种什么样的形式?", - "topLevelFlowType": "它是什么类型的顶级流程?客户端类型用于客户端(应用程序)的身份验证,而通用型流程用于用户和其他所有内容的验证。", - "addExecutionHelp": "执行可以有多种操作,从发送重置电子邮件到验证 OTP。", - "addSubFlowHelp": "子级流程可以是一般形式的,也可以是表单形式的。表单类型用于构造子流,为用户生成单个流程。子级流程是一种特殊类型的执行,根据它们包含的执行的评估方式评估流程成功与否。", - "aliasHelp": "别名唯一标识身份供应商,它也用于构建重定向 uri。", - "authDefaultActionTooltip": "如果启用,此项操作对于任何新用户都将是必需的操作。", - "otpTypeHelp": "totp 是基于时间的一次性密码。'hotp' 是一种基于计数器的一次性密码,服务器在其中保留一个用于哈希的计数器。", - "webAuthnPolicyRpEntityNameHelp": "便于阅读的 WebAuthn依赖方的服务器名称", - "otpHashAlgorithmHelp": "应该使用什么哈希算法来生成 OTP。", - "otpPolicyDigitsHelp": "OTP 应该有多少位数?", - "otpPolicyPeriodHelp": "OTP 令牌应该多少秒有效?默认为 30 秒。", - "otpPolicyCodeReusableHelp": "验证成功后可以再次使用相同的 OTP 代码。", - "supportedApplicationsHelp": "已知适用于当前 OTP 策略的应用程序", - "webauthnIntro": "这个表格是做什么用的?", - "webAuthnPolicyFormHelp": "WebAuthn 身份验证策略。'WebAuthn Register' 所需操作和'WebAuthn Authenticator' 身份验证器将使用此策略。典型用法是,当 WebAuthn 用于双因素身份验证时。", - "webAuthnPolicyPasswordlessFormHelp": "无密码 WebAuthn 身份验证策略。'Webauthn Register Passwordless' 所需操作和'WebAuthn Passwordless Authenticator' 身份验证器将使用此策略。典型用法是,当 WebAuthn 用作第一因素身份验证时。同时具有 ' WebAuthn Policy' 和 'WebAuthn Passwordless Policy' 允许在同一领域中将 WebAuthn 用作第一因素和第二因素身份验证器。", - "webAuthnPolicySignatureAlgorithmsHelp": "身份验证断言应该使用什么签名算法。", - "webAuthnPolicyRpIdHelp": "这是作为 WebAuthn 依赖方的 ID。它必须是源的有效域。", - "webAuthnPolicyAttestationConveyancePreferenceHelp": "向身份验证者传达如何生成证明声明的偏好。", - "webAuthnPolicyAuthenticatorAttachmentHelp": "向身份验证者传达可接受的附件模式。", - "webAuthnPolicyRequireResidentKeyHelp": "它告诉验证者是否创建公钥凭证作为常驻密钥。", - "webAuthnPolicyUserVerificationRequirementHelp": "与身份验证器通信以确认实际验证用户。", - "webAuthnPolicyCreateTimeoutHelp": "以秒为单位创建用户公钥凭证的超时值。如果设置为 0,则不适应此超时选项。", - "webAuthnPolicyAvoidSameAuthenticatorRegisterHelp": "避免注册已经被注册过的验证器。", - "webAuthnPolicyAcceptableAaguidsHelp": "AAGUID 列表,其中可以注册验证者。", - "webAuthnPolicyExtraOriginsHelp": "额外的 Origin 列表,用于非网络应用程序。", - "密码策略": { - "forceExpiredPasswordChange": "在需要新密码之前,当前密码的有效天数。", - "hashIterations": "密码在存储或验证之前被散列的次数。默认值:27,500。", - "passwordHistory": "防止最近使用的密码被重复使用。", - "passwordBlacklist": "防止使用黑名单文件中的密码。", - "regexPattern": "要求密码匹配一个或多个已定义的正则表达式模式。", - "length": "密码所需的最少字符数。", - "notUsername": "密码不能与用户名相同。", - "notEmail": "密码不能与用户邮箱地址相同。", - "specialChars": "密码字符串中需要的特殊字符的个数。", - "upperCase": "密码字符串中要求的大写字母的个数。", - "lowerCase": "密码字符串中要求的小写字母的个数。", - "digits": "密码字符串中要求的数字的位数。", - "hashAlgorithm": "应用哈希算法的密码不会以明文形式存储。", - "maxLength": "密码中允许的最大字符数。" - }, - "cibaBackchannelTokenDeliveryModeHelp": "指定 CD(消费设备)如何获取身份验证结果和相关令牌。默认情况下,如果没有明确设置其他模式,则 CIBA 客户端将默认使用此模式。", - "cibaExpiresInHelp": "自收到身份验证请求以来 \"auth_req_id\" 的过期时间,时间单位为秒。", - "cibaIntervalHelp": "CD(消费设备)必须在令牌端点的轮询请求之间等待的最短时间(以秒为单位)。如果设置为 0,CD 必须根据 CIBA 规范使用 5 作为默认值。", - "cibaAuthRequestedUserHintHelp": "识别请求身份验证的最终用户的方式。目前仅支持 \"login_hint\"。", - "descriptionLanding": "这是用户联盟登​​陆页面的描述", - "userFederationExplain": "用户联盟提供对外部数据库和目录的访问,例如 LDAP 和 Active Directory。", - "getStarted": "要开始,请从下面的列表中选择一个供应商。", - "addProvider_one": "添加 {{provider}} 身份供应商", - "addProvider_other": "添加 {{provider}} 身份供应商", - "addKerberosWizardTitle": "添加 Kerberos 用户联盟供应商", - "addLdapWizardTitle": "添加 LDAP 用户联盟供应商", - "syncChangedUsers": "同步更改的用户", - "syncAllUsers": "同步所有用户", - "syncLDAPGroupsToKeycloak": "将 LDAP 组同步到 Keycloak", - "syncKeycloakGroupsToLDAP": "将 Keycloak 组同步到 LDAP", - "syncLDAPGroupsSuccessful": "数据已成功同步 {{result}}", - "syncLDAPGroupsError": "由于{{error}},无法同步数据", - "unlinkUsers": "取消链接用户", - "removeImported": "移除导入的数据", - "deleteProvider": "删除供应商?", - "generalOptions": "通用选项", - "vendor": "供应商", - "connectionAndAuthenticationSettings": "连接和身份验证设置", - "connectionURL": "连接地址", - "enableStartTls": "启用 StartTLS", - "useTruststoreSpi": "使用信任库 SPI", - "connectionPooling": "连接池", - "connectionTimeout": "连接超时", - "bindType": "绑定类型", - "bindDn": "绑定 DN", - "bindCredentials": "绑定凭据", - "ldapSearchingAndUpdatingSettings": "LDAP 搜索和更新", - "editMode": "编辑模式", - "usersDN": "用户DN", - "usernameLdapAttribute": "用户名 LDAP 属性", - "rdnLdapAttribute": "RDN LDAP 属性", - "uuidLdapAttribute": "UUID LDAP 属性", - "userObjectClasses": "用户对象类", - "userLdapFilter": "用户 LDAP 过滤器", - "searchScope": "搜索范围", - "readTimeout": "读取超时", - "pagination": "分页", - "synchronizationSettings": "同步设置", - "syncRegistrations": "同步注册", - "importUsers": "导入用户", - "batchSize": "批量处理的数量", - "periodicFullSync": "周期性完全同步", - "fullSyncPeriod": "全同步周期", - "periodicChangedUsersSync": "定期更改用户同步", - "changedUsersSyncPeriod": "更改用户同步周期", - "kerberosIntegration": "Kerberos 集成", - "allowKerberosAuthentication": "允许 Kerberos 身份验证", - "useKerberosForPasswordAuthentication": "使用 Kerberos 进行密码验证", - "cacheSettings": "缓存设置", - "cachePolicy": "缓存策略", - "evictionDay": "清除的日期", - "evictionHour": "清除的时间(小时)", - "evictionMinute": "清除的时间(分钟)", - "maxLifespan": "最大寿命", - "ms": "毫秒", - "enableLdapv3Password": "启用 LDAPv3 密码修改扩展操作", - "validatePasswordPolicy": "验证密码策略", - "trustEmail": "信任邮箱", - "requiredSettings": "所需设置", - "kerberosRealm": "Kerberos 领域", - "serverPrincipal": "服务器主体", - "keyTab": "按键标签", - "debug": "调试", - "allowPasswordAuthentication": "允许密码验证", - "updateFirstLogin": "首次登录时更新用户档案", - "never": "从不", - "onlyLdaps": "仅适用于 ldaps", - "oneLevel": "一级", - "subtree": "子数", - "queryExtensions": "查询支持的扩展", - "testAuthentication": "测试认证", - "testSuccess": "成功连接到 LDAP", - "testError": "尝试连接到 LDAP 时出错。有关详细信息,请参阅 server.log.{{error}}", - "managePriorities": "管理优先级", - "managePriorityOrder": "管理优先顺序", - "managePriorityInfo": "优先级是供应商在进行用户查找时的顺序。您可以拖动用户联盟供应商所在的行来更改优先级。", - "orderChangeSuccess": "成功更改身份供应商的显示顺序", - "orderChangeError": "无法更改身份供应商的显示顺序 {{error}}", - "addNewProvider": "添加新供应商", - "addCustomProvider": "添加自定义供应商", - "providerDetails": "供应商详情", - "userFedDeletedSuccess": "用户联盟供应商已被删除。", - "userFedDeleteError": "无法删除用户联盟供应商,因为:'{{error}}'", - "userFedDeleteConfirmTitle": "删除用户联盟供应商?", - "userFedDeleteConfirm": "如果您删除此用户联盟供应商,所有相关数据都将被删除。", - "userFedDisableConfirmTitle": "禁用用户联盟供应商?", - "userFedDisableConfirm": "如果您禁用此用户联盟供应商,它将不会被考虑用于查询,导入的用户将被禁用且只读,直到再次启用该供应商。", - "userFedUnlinkUsersConfirmTitle": "取消链接所有用户?", - "userFedUnlinkUsersConfirm": "您想取消所有用户的链接吗?数据库中没有密码的用户将无法再进行身份验证。", - "removeImportedUsers": "移除导入的用户?", - "removeImportedUsersMessage": "您真的要移除所有导入的用户吗?选项\"取消链接用户\"仅对编辑模式\"未同步\"有意义,Keycloak 数据库中的密码将无法进行身份验证。", - "removeImportedUsersSuccess": "导入的用户已被移除。", - "removeImportedUsersError": "由于:'{{error}}',无法移除导入的用户。", - "syncUsersSuccess": "用户同步成功完成。", - "syncUsersError": "无法同步用户:'{{error}}'", - "unlinkUsersSuccess": "取消用户链接成功完成。", - "unlinkUsersError": "无法取消链接用户:'{{error}}'", - "validateRealm": "您必须进入一个领域", - "validateServerPrincipal": "您必须输入服务器主体", - "validateKeyTab": "您必须输入一个键位", - "validateConnectionUrl": "您必须输入连接 URL", - "validateBindDn": "您必须输入 LDAP 管理员的 DN", - "validateBindCredentials": "您必须输入 LDAP 管理员的密码", - "validateUuidLDAPAttribute": "您必须输入 UUID LDAP 属性", - "validateUserObjectClasses": "您必须输入一个或多个用户对象类", - "validateEditMode": "您必须选择一种编辑模式", - "validateUsersDn": "您必须输入用户DN", - "validateUsernameLDAPAttribute": "您必须输入用户名 LDAP 属性", - "validateRdnLdapAttribute": "您必须输入 RDN LDAP 属性", - "validateCustomUserSearchFilter": "过滤器必须用英文括号括起来,例如:(filter)", - "mapperTypeMsadUserAccountControlManager": "msad-user-account-control-mapper", - "mapperTypeMsadLdsUserAccountControlMapper": "msad-user-account-control-mapper", - "mapperTypeGroupLdapMapper": "group-ldap-mapper", - "mapperTypeUserAttributeLdapMapper": "user-attribute-ldap-mapper", - "mapperTypeRoleLdapMapper": "role-ldap-mapper", - "mapperTypeHardcodedAttributeMapper": "hardcoded-attribute-mapper", - "mapperTypeHardcodedLdapRoleMapper": "hardcoded-ldap-role-mapper", - "mapperTypeCertificateLdapMapper": "certificate-ldap-mapper", - "mapperTypeFullNameLdapMapper": "fullname-ldap-mapper", - "mapperTypeHardcodedLdapGroupMapper": "hardcoded-ldap-group-mapper", - "mapperTypeLdapAttributeMapper": "hardcoded-ldap-attribute-mapper", - "ldapMappersList": "LDAP 映射器", - "ldapFullNameAttribute": "LDAP 全名属性", - "writeOnly": "只写", - "ldapGroupsDn": "LDAP 群组的DN", - "groupNameLdapAttribute": "群组名称的 LDAP 属性", - "groupObjectClasses": "分组对象类", - "preserveGroupInheritance": "保留群组继承", - "ignoreMissingGroups": "忽略缺失的群组", - "userGroupsRetrieveStrategy": "用户群组检索策略", - "mappedGroupAttributes": "映射组属性", - "dropNoexistingGroupsDuringSync": "在同步期间删除不存在的群组", - "groupsPath": "群组路径", - "membershipLdapAttribute": "成员身份的 LDAP 属性", - "membershipAttributeType": "成员属性类型", - "membershipUserLdapAttribute": "会员用户的 LDAP 属性", - "ldapFilter": "LDAP 过滤器", - "mode": "模式", - "memberofLdapAttribute": "LDAP 成员属性", - "ldapRolesDn": "LDAP 角色的 DN", - "roleNameLdapAttribute": "角色名称的 LDAP 属性", - "roleObjectClasses": "角色对象类", - "userRolesRetrieveStrategy": "用户角色检索策略", - "useRealmRolesMapping": "使用领域角色映射", - "ldapAttributeName": "LDAP 属性名称", - "ldapAttributeValue": "LDAP 属性值", - "userModelAttribute": "用户模型属性", - "ldapAttribute": "LDAP 属性", - "readOnly": "只读", - "alwaysReadValueFromLdap": "始终从 LDAP 读取值", - "isMandatoryInLdap": "在 LDAP 中是强制性的", - "attributeDefaultValue": "属性默认值", - "isBinaryAttribute": "这是二进制属性", - "derFormatted": "DER 格式", - "passwordPolicyHintsEnabled": "已启用密码策略提示", - "userModelAttributeName": "用户模型属性名", - "attributeValue": "属性值", - "selectRole": { - "label": "选择角色", - "tooltip": "在左侧的文本框中输入角色,或单击此按钮浏览并选择所需的角色。" - }, - "group": "群组", - "providerType": "供应商类型", - "parentId": "父级ID", - "kerberosPrincipal": "Kerberos 主体", - "kerberosKeyTab": "Kerberos 密钥选项卡", - "addKerberosWizardDescription": "此处需要文本", - "addLdapWizardDescription": "此处需要文本", - "ldapGeneralOptionsSettingsDescription": "此部分包含一些对所有用户存储供应商通用的基本选项。", - "uiDisplayNameHelp": "在管理 UI 中链接时显示供应商的名称", - "vendorHelp": "LDAP 供应商(供应商)", - "ldapConnectionAndAuthorizationSettingsDescription": "此部分包含与 LDAP 服务器连接配置相关的选项。它还包含与 LDAP 服务器的 LDAP 连接身份验证相关的选项。", - "consoleDisplayConnectionUrlHelp": "您的 LDAP 服务器的连接 URL", - "enableStartTlsHelp": "使用 STARTTLS 加密与 LDAP 的连接,这将禁用连接池", - "useTruststoreSpiHelp": "指定 LDAP 连接是否将使用 Truststore SPI 以及在 standalone.xml/domain.sml 中配置的信任库。'始终' 表示它将始终使用它。'始终不' 表示它不会使用它。' 仅适用于ldaps' 意味着如果您的连接 URL 使用 ldaps,它将使用它。请注意,即使未配置 standalone.xml/domain.xml,'javax.net.ssl.trustStore' 属性指定的默认 java cacerts 或证书将会被使用。", - "connectionPoolingHelp": "确定 Keycloak 是否应该使用连接池来访问 LDAP 服务器。", - "connectionTimeoutHelp": "LDAP 连接超时毫秒数", - "bindTypeHelp": "在 LDAP 绑定操作期间使用的身份验证方法的类型。它用于发送到 LDAP 服务器的大多数请求。目前只有'无'(匿名 LDAP 身份验证)或'简单'(绑定凭据+绑定密码身份验证)机制可用。", - "bindDnHelp": "LDAP 管理员的 DN,Keycloak 将使用它来访问 LDAP 服务器", - "bindCredentialsHelp": "LDAP 管理员的密码。该字段可以从保险库中获取其值,使用 ${vault.ID} 格式。", - "ldapSearchingAndUpdatingSettingsDescription": "此部分包含与在 LDAP 服务器中搜索可用用户相关的选项。", - "editModeLdapHelp": "READ_ONLY 是一个只读的 LDAP 存储。WRITABLE 意味着数据将按需同步回 LDAP。UNSYNCED 意味着用户数据将被导入,但不会同步回 LDAP。", - "usersDNHelp": "您的用户所在的 LDAP 树的完整 DN。此 DN 是 LDAP 用户的父级。它可能是例如 'ou=users,dc=example,dc=com' 假设您的典型用户将具有 DN像 'uid='john',ou=users,dc=example,dc=com'。", - "usernameLdapAttributeHelp": "LDAP 属性的名称,映射为 Keycloak 用户名。对于许多 LDAP 服务器供应商,它可以是 'uid'。对于 Active directory,它可以是 'sAMAccountName' 或 'cn'。应该为您要从 LDAP 导入 Keycloak 的所有 LDAP 用户记录。", - "rdnLdapAttributeHelp": "LDAP 属性的名称,用作典型用户 DN 的 RDN(顶级属性)。通常它与用户名 LDAP 属性相同,但不是必需的。例如对于 Active directory,它很常见当用户名属性可能是“sAMAccountName”时使用“cn”作为 RDN 属性。", - "uuidLdapAttributeHelp": "LDAP 属性的名称,用作 LDAP 中对象的唯一对象标识符 (UUID)。对于许多 LDAP 服务器供应商,它是 'entryUUID';但有些是不同的。例如,对于 Active directory它应该是“objectGUID”。如果您的 LDAP 服务器不支持 UUID 的概念,您可以使用任何其他应该在树中的 LDAP 用户中唯一的属性。例如“uid”或“entryDN”。", - "userObjectClassesHelp": "LDAP 中用户的 LDAP objectClass 属性的所有值,以英文逗号分隔。例如:'inetOrgPerson,organizationalPerson'。新创建的 Keycloak 用户将与所有这些对象类一起写入 L​​DAP,并找到现有的 LDAP 用户记录只要它们包含所有这些对象类。", - "userLdapFilterHelp": "额外的 LDAP 过滤器,用于过滤搜索到的用户。如果您不需要额外的过滤器,请将此留空。确保它以 '(' 开头并以 ')' 结尾。", - "searchScopeHelp": "对于一个级别,搜索仅适用于用户 DN 指定的 DN 中的用户。对于子树,搜索适用于整个子树。有关更多详细信息,请参阅 LDAP 文档。", - "readTimeoutHelp": "LDAP 读取超时,以毫秒为单位。此超时适用于 LDAP 读取操作。", - "paginationHelp": "LDAP服务器是否支持分页", - "ldapSynchronizationSettingsDescription": "此部分包含与用户从 LDAP 同步到 Keycloak 数据库相关的选项。", - "syncRegistrationsHelp": "新创建的用户应该在 LDAP 存储中创建吗?优先影响选择哪个供应商来同步新用户。此设置仅适用于可写的编辑模式。", - "importUsersHelp": "如果为真,LDAP 用户将被导入 Keycloak 数据库并通过配置的同步策略进行同步。", - "batchSizeHelp": "在单个事务中从 LDAP 导入 Keycloak 的 LDAP 用户数", - "periodicFullSyncHelp": "是否应启用 LDAP 用户与 Keycloak 的定期完全同步", - "fullSyncPeriodHelp": "以秒为单位的完全同步周期", - "periodicChangedUsersSyncHelp": "是否应启用将已更改或新创建的 LDAP 用户定期同步到 Keycloak", - "changedUsersSyncHelp": "以秒为单位同步更改或新创建的 LDAP 用户的周期", - "ldapKerberosSettingsDescription": "此部分包含对 Kerberos 集成有用的选项。这仅在 LDAP 服务器与 Kerberos/SPNEGO 一起用于用户身份验证时使用。", - "allowKerberosAuthenticationHelp": "使用 SPNEGO/Kerberos 令牌启用/禁用用户的 HTTP 身份验证。有关经过身份验证的用户的数据将从该 LDAP 服务器提供。", - "useKerberosForPasswordAuthenticationHelp": "用户 Kerberos 登录模块用于根据 Kerberos 服务器验证用户名/密码,而不是使用目录服务 API 验证 LDAP 服务器", - "cacheSettingsDescription": "此部分包含对缓存用户有用的选项,这些选项是从此用户存储提供程序加载的。", - "cachePolicyHelp": "此存储提供程序的缓存策略。'DEFAULT' 是全局缓存的默认设置。'EVICT_DAILY' 是每天缓存失效的时间。'EVICT_WEEKLY' 是一天缓存将失效的星期和时间。'MAX_LIFESPAN' 是以毫秒为单位的时间,它将成为缓存条目的生命周期。", - "evictionDayHelp": "准入许可将在星期几失效", - "evictionHourHelp": "准入许可将在几点失效", - "evictionMinuteHelp": "准入许可将在哪一分钟失效", - "maxLifespanHelp": "缓存条目的最大寿命(以毫秒为单位)", - "ldapAdvancedSettingsDescription": "此部分包含用于更精细地配置 LDAP 存储提供程序的所有其他选项。", - "enableLdapv3PasswordHelp": "使用 LDAPv3 密码修改扩展操作 (RFC-3062)。密码修改扩展操作通常要求 LDAP 用户已经在 LDAP 服务器中拥有密码。因此当它与“同步注册”一起使用时,它可以是还可以添加带有随机生成的初始密码的“硬编码 LDAP 属性映射器”。", - "validatePasswordPolicyHelp": "确定 Keycloak 是否应该在更新之前使用领域密码策略验证密码", - "trustEmailHelp": "如果启用,即使为领域启用了验证,也不会验证此提供商提供的电子邮件。", - "IDK-periodicChangedUsersSyncHelp": "新创建的用户应该在 LDAP 存储中创建吗?优先级会影响选择哪个提供商来同步新用户。", - "kerberosWizardDescription": "此处需要文本。", - "kerberosRequiredSettingsDescription": "此部分包含一些对所有用户存储提供商通用的基本选项。", - "kerberosRealmHelp": "kerberos 领域的名称。例如,FOO.ORG", - "serverPrincipalHelp": "HTTP 服务的服务器主体全名,包括服务器和域名。例如,HTTP/host.foo.org@FOO.ORG", - "keyTabHelp": "包含服务器主体凭据的 Kerberos KeyTab 文件的位置。例如,/etc/krb5.keytab", - "debugHelp": "为 Krb5LoginModule 启用/禁用调试日志记录到标准输出。", - "allowPasswordAuthenticationHelp": "启用/禁用针对 Kerberos 数据库的用户名/密码身份验证的可能性", - "editModeKerberosHelp": "“只读”表示不允许更新密码,用户始终使用 Kerberos 密码进行身份验证。“未同步”表示用户可以更改 Keycloak 数据库中的密码,并且将使用此密码代替 Kerberos 密码。", - "updateFirstLoginHelp": "首次登录时更新配置文件", - "mapperTypeMsadUserAccountControlManagerHelp": "映射器特定于 MSAD。它能够将 MSAD 用户帐户状态集成到 Keycloak 帐户状态(帐户已启用,密码已过期等)。它为此使用 userAccountControl 和 pwdLastSet MSAD 属性。例如,如果 pwdLastSet 为 0, Keycloak 用户需要更新密码;如果 userAccountControl 为 514(禁用帐户),则 Keycloak 用户也被禁用等。Mapper 还能够处理来自 LDAP 用户身份验证的异常代码。", - "mapperTypeMsadLdsUserAccountControlMapperHelp": "特定于 MSAD LDS 的映射器。它能够将 MSAD LDS 用户帐户状态集成到 Keycloak 帐户状态(帐户已启用,密码已过期等)。它使用 msDS-UserAccountDisabled 并且 pwdLastSet 为 0,需要 Keycloak 用户更新密码,如果 msDS-UserAccountDisabled 为“TRUE”,则 Keycloak 用户也被禁用等。Mapper 还能够处理来自 LDAP 用户身份验证的异常代码。", - "mapperTypeGroupLdapMapperHelp": "用于将群组的组映射从一些 LDAP DN 映射到 Keycloak 群组映射", - "mapperTypeRoleLdapMapperHelp": "用于将角色的角色映射从某些 LDAP DN 映射到领域角色或特定客户端的客户端角色的 Keycloak 角色映射", - "mapperTypeHardcodedAttributeMapperHelp": "当从 LDAP 导入用户时,此映射器将对任何模型用户属性和某些属性(如 emailVerified 或启用)进行硬编码。", - "mapperTypeHardcodedLdapRoleMapperHelp": "从 LDAP 导入的用户将自动添加到这个配置的角色中。", - "mapperTypeCertificateLdapMapperHelp": "用于将包含来自 LDAP 用户的证书的单个属性映射到 Keycloak DB 中 UserModel 的属性", - "mapperTypeFullNameLdapMapperHelp": "用于将用户的全名从 LDAP 中的单个属性(通常是 'cn' 属性)映射到 Keycloak DB 中 UserModel 的 firstName 和 lastName 属性", - "mapperTypeHardcodedLdapGroupMapperHelp": "从 LDAP 导入的用户将自动添加到这个配置的组中。", - "mapperTypeLdapAttributeMapperHelp": "仅当启用了 syncRegistrations 时才支持此映射器。在 Keycloak 中注册的新用户将使用某些指定属性的硬编码值写入 LDAP。", - "passwordPolicyHintsEnabledHelp": "仅适用于可写 MSAD。如果打开,则更新 MSAD 用户的密码将使用 LDAP_SERVER_POLICY_HINTS_OID 扩展,这意味着将应用高级 MSAD 密码策略,如“密码历史”或“最小密码使用期限”。此扩展有效仅适用于 MSAD 2008 R2 或更新版本。", - "nameHelpHelp": "映射器名称", - "mapperTypeHelp": "用于将 LDAP 用户的单个属性映射到 Keycloak DB 中 UserModel 的属性", - "userModelAttributeHelp": "UserModel 属性的名称或要将 LDAP 属性映射到的属性。例如'firstName'、'lastName、'email'、'street' 等。", - "ldapAttributeHelp": "LDAP 对象上映射属性的名称。例如 'cn'、'sn'、'mail'、'street' 等。", - "readOnlyHelp": "只读属性从 LDAP 导入到 UserModel,但当用户在 Keycloak 中更新时,它不会保存回 LDAP。", - "alwaysReadValueFromLdapHelp": "如果启用,那么在读取 LDAP 属性值期间将始终使用而不是来自 Keycloak DB 的值。", - "isMandatoryInLdapHelp": "如果为真,属性在 LDAP 中是强制性的。因此,如果 Keycloak DB 中没有值,则传播到LDAP的值将被设置为空值。", - "attributeDefaultValueHelp": "如果 Keycloak 数据库中没有值并且属性在 LDAP 中是强制性的,则该值将传播到 LDAP。", - "isBinaryAttributeHelp": "二进制 LDAP 属性应为真。", - "derFormattedHelp": "如果证书在 LDAP 中是 DER 格式而不是 PEM 格式,请激活它。", - "ldapFullNameAttributeHelp": "LDAP 属性的名称,包含用户的全名。通常为'cn'。", - "fullNameLdapReadOnlyHelp": "对于只读条目,数据从 LDAP 导入到 Keycloak 数据库,但当用户在 Keycloak 中更新时,数据不会保存回 LDAP。", - "fullNameLdapWriteOnlyHelp": "对于只写条目,当在 Keycloak 中创建或更新用户时,数据将传播到 LDAP。但此映射器不用于将数据从 LDAP 传播回 Keycloak。如果您配置了单独的 firstName 和lastName 属性映射器,您想使用它们将 LDAP 中的属性读入 Keycloak。", - "ldapGroupsDnHelp": "保存此树的群组的 LDAP DN。例如 'ou=groups,dc=example,dc=org'", - "groupNameLdapAttributeHelp": "LDAP 属性的名称,在组对象中用于组的名称和 RDN。通常为 'cn'。在这种情况下,典型的组/角色对象可能具有 DN,如 'cn=Group1,ouu=组,dc=example,dc=org'。", - "groupObjectClassesHelp": "群组对象的对象类(或多个类)。如果需要更多类,则用英文逗号分隔。在典型的 LDAP 部署中,它可能是'groupOfNames'。在 Active Directory 中,它通常是'组'。", - "preserveGroupInheritanceHelp": "标记从LDAP继承的群组是否应该传播到Keycloak?如果为假,那么所有LDAP组将被映射为Keycloak中的顶级群组。否则,群组继承将保留到Keycloak中。但如果LDAP结构包含递归或每个子组包含多个父组,则组同步可能会失败。 但组同步可能会失败如果 LDAP 结构包含递归或每个子组包含多个父组。", - "ignoreMissingGroupsHelp": "忽略群组层次结构中缺失的群组。", - "userGroupsRetrieveStrategyHelp": "指定如何检索用户组。LOAD_GROUPS_BY_MEMBER_ATTRIBUTE 表示将通过发送 LDAP 查询来检索用户角色,以检索“成员”是否是用户的所有群组。GET_GROUPS_FROM_USER_MEMBEROF_ATTRIBUTE 表示将从“memberOf”检索用户组'我们用户的属性或来自'Member-Of LDAP Attribute'指定的其他属性。", - "mappedGroupAttributesHelp": "以英文逗号分隔的属性名称列表。这指向 LDAP 中组的属性列表,它将在 Keycloak 中映射为群组的属性。如果不需要额外的组属性映射,请在Keycloak留空。", - "dropNonexistingGroupsDuringSyncHelp": "如果这个标志为真,那么在从 LDAP 到 Keycloak 的群组同步期间,我们将只保留那些仍然存在于 LDAP 中的 Keycloak 组。其余的将被删除。", - "groupsPathHelp": "将 LDAP 组添加到的 Keycloak 组路径。例如,如果使用值 '/Applications/App1',则 LDAP 组将在组 'App1' 下的 Keycloak 中可用,该组是顶级组'Applications'的子级 。默认值为“/”,因此 LDAP 组将映射到顶层的 Keycloak 组。创建此映射器时,配置的组路径必须已经存在于 Keycloak 中。", - "ldapRolesDnHelp": "保存此树的角色的 LDAP DN。例如,'ou=finance,dc=example,dc=org'", - "roleNameLdapAttributeHelp": "LDAP 属性的名称,在角色对象中用于角色的名称和 RDN。通常为 'cn'。在这种情况下,典型的组/角色对象可能具有 DN,如 'cn=role1,ou=finance,dc=example,dc=org'。", - "roleObjectClassesHelp": "角色对象的对象类(或多个类)。如果需要更多类,则用英文逗号分隔。在典型的 LDAP 部署中,它可能是 'groupOfNames'。在 Active Directory 中,它通常是 'group'。", - "userRolesRetrieveStrategyHelp": "指定如何检索用户的角色。LOAD_ROLES_BY_MEMBER_ATTRIBUTE 表示将通过发送 LDAP 查询来检索用户的角色,以检索 'member' 是否是我们用户的所有角色。GET_ROLES_FROM_USER_MEMBEROF 表示将从 'memberOf' 检索用户的角色' 我们用户的属性。或来自“LDAP 成员属性”指定的其他属性。LOAD_ROLES_BY_MEMBER_ATTRIBUTE 仅适用于 Active Directory,这意味着将使用 LDAP_MATCHING_RULE_IN_CHAIN LDAP 扩展递归检索用户角色。", - "useRealmRolesMappingHelp": "如果为真,则 LDAP 角色映射将映射到 Keycloak 中的领域角色映射。否则它将映射到客户端角色映射。", - "clientIdHelpHelp": "LDAP 角色映射将映射到的客户端的客户端ID。仅当'使用领域角色映射'为假时适用。", - "membershipLdapAttributeHelp": "组上 LDAP 属性的名称,用于成员映射。通常它将是 'member'。但是当'Membership Attribute Type' 是 'UID' 时,'Membership LDAP Attribute' 通常可以是 'memberUid ',", - "membershipAttributeTypeHelp": "DN 表示 LDAP 组以其完整 DN 的形式声明其成员。例如'member: uid=john,ou=users,dc=example,dc=com'。UID 表示 LDAP 组具有它的成员以纯用户 uid 的形式声明。例如 'memberUid: john'。", - "membershipUserLdapAttributeHelp": "仅在成员身份属性类型为 UID 时使用。它是用户的 LDAP 属性的名称,用于成员身份映射。通常为“uid”。例如,如果“成员身份用户 LDAP”的值属性'是'uid',LDAP 组有'memberUid: john',那么预计特定的LDAP 用户将有属性'uid: john'。", - "ldapFilterHelp": "LDAP Filter 为检索 LDAP 组的整个查询添加了一个额外的自定义过滤器。如果不需要额外的过滤并且您想从 LDAP 中检索所有组,请将此留空。否则请确保过滤器以'('开头并以 ')' 结尾。", - "modeHelp": "LDAP_ONLY 表示用户的所有组映射都从 LDAP 检索并保存到 LDAP。READ_ONLY 是只读 LDAP 模式,其中组映射从 LDAP 和数据库检索并合并在一起。新的组加入不会保存到LDAP 但到 DB。IMPORT 是只读 LDAP 模式,其中在从 LDAP 导入用户时从 LDAP 检索组映射,然后将它们保存到本地 keycloak DB。", - "memberofLdapAttributeHelp": "仅在“用户角色检索策略”为 GET_GROUPS_FROM_USER_MEMBEROF_ATTRIBUTE 时使用。它指定 LDAP 用户的 LDAP 属性名称,其中包含用户所属的组。通常它将是默认的“memberOf” ',", - "userModelAttributeNameHelp": "从 LDAP 导入用户时要添加的模型属性的名称", - "attributeValueHelp": "属性必须具有的值。如果属性是列表,则该值必须包含在列表中。", - "roleHelpHelp": "授予用户的角色。单击“选择角色”按钮浏览角色,或直接在文本框中键入。要引用应用程序角色,语法为 appname.approle,即 myapp.myrole。", - "groupHelp": "要添加用户的群组。填写群组的完整路径,包括路径。例如:'/root-group/child-group'。", - "ldapAttributeNameHelp": "LDAP 属性的名称,将在注册期间添加到新用户", - "ldapAttributeValueHelp": "LDAP 属性的值,将在注册期间添加到新用户。您可以硬编码任何值,如 'foo',但您也可以使用一些特殊标记。目前唯一支持的标记是 '${ RANDOM}',它将被一些随机生成的字符串替换。", - "listExplain": "身份供应商是允许用户向 Keycloak 进行身份验证的社交网络或身份代理。", - "searchForProvider": "搜索供应商", - "addIdPMapper": "添加身份供应商映射器", - "editIdPMapper": "编辑身份供应商映射器", - "mappersList": "映射器列表", - "noMappers": "没有映射器", - "noMappersInstructions": "目前没有此身份供应商的映射器。", - "addKeycloakOpenIdProvider": "添加 Keycloak OpenID Connect 供应商", - "addOpenIdProvider": "添加 OpenID Connect 供应商", - "addSamlProvider": "添加 SAML 供应商", - "manageDisplayOrder": "管理显示顺序", - "deleteProviderMapper": "删除映射器?", - "deleteMapperConfirm": "您确定要永久删除映射器 {{mapper}} 吗?", - "deleteMapperSuccess": "映射器成功删除。", - "disableProvider": "禁用供应商?", - "disableSuccess": "供应商已成功禁用", - "disableError": "无法禁用供应商 {{error}}", - "addIdentityProvider": "添加 {{provider}} 供应商", - "redirectURI": "重定向 URI", - "samlEndpointsLabel": "SAML 2.0 服务供应商元数据", - "orderDialogIntro": "供应商在登录页面或帐户 UI 中的排列顺序。您可以拖动行句柄来更改顺序。", - "manageOrderTableAria": "按照登录页面列出的顺序排列的身份供应商列表", - "useDiscoveryEndpoint": "使用发现端点", - "discoveryEndpoint": "发现端点", - "useEntityDescriptor": "使用实体描述符", - "samlEntityDescriptor": "SAML 实体描述符", - "ssoServiceUrl": "单点登录服务 URL", - "singleLogoutServiceUrl": "单一注销服务URL", - "nameIdPolicyFormat": "NameID 策略格式", - "persistent": "持续", - "transient": "瞬时", - "x509": "X.509 主题名称", - "windowsDomainQN": "窗口域名限定名", - "unspecified": "未指定", - "principalType": "主体类型", - "principalAttribute": "主体属性", - "allowCreate": "允许创建", - "subjectNameId": "主题名称ID​​", - "attributeFriendlyName": "属性 [友好名称]", - "claim": "声明", - "claimValue": "声明价值", - "claims": "声明", - "socialProfileJSONFieldPath": "社交资料 JSON 字段路径", - "mapperAttributeName": "属性名称", - "mapperUserAttributeName": "用户属性名称", - "mapperAttributeFriendlyName": "友好名称", - "httpPostBindingResponse": "HTTP-POST 绑定响应", - "httpPostBindingAuthnRequest": "验证请求的 HTTP-POST 绑定", - "httpPostBindingLogout": "HTTP-POST 绑定注销", - "wantAuthnRequestsSigned": "需要签名的验证请求", - "encryptionAlgorithm": "加密算法", - "samlSignatureKeyName": "SAML 签名密钥名称", - "wantAssertionsSigned": "需要签名的声明", - "wantAssertionsEncrypted": "需要声明加密", - "forceAuthentication": "强制认证", - "validatingX509Certs": "验证 X509 证书", - "signServiceProviderMetadata": "签署服务提供商元数据", - "passSubject": "传递主题", - "serviceProviderEntityId": "服务供应商实体ID", - "identityProviderEntityId": "身份供应商实体 ID", - "importConfig": "从文件导入配置", - "showMetaData": "显示元数据", - "hideMetaData": "隐藏元数据", - "noValidMetaDataFound": "在此 URL 中未找到有效的元数据:'{{error}}'", - "metadataOfDiscoveryEndpoint": "发现终端节点的元数据", - "authorizationUrl": "授权地址", - "passLoginHint": "传递登录提示", - "passMaxAge": "通过 max_age", - "passCurrentLocale": "传递当前语言环境", - "tokenUrl": "令牌网址", - "logoutUrl": "注销地址", - "backchannelLogout": "后台注销", - "disableUserInfo": "禁用用户信息", - "userInfoUrl": "用户信息网址", - "issuer": "发行人", - "prompt": "提示", - "prompts": { - "unspecified": "未指定", - "none": "无", - "consent": "许可", - "login": "登录", - "select_account": "选择账户" - }, - "clientAuthentications": { - "client_secret_post": "客户机密作为邮件发送", - "client_secret_basic": "作为基本身份验证发送的客户端机密", - "client_secret_jwt": "作为 jwt 的客户端秘密", - "private_key_jwt": "用私钥签名的 JWT" - }, - "clientAssertionSigningAlg": "客户端断言签名算法", - "algorithmNotSpecified": "未指定算法", - "acceptsPromptNone": "接受来自客户端的提示,相当于无转发。", - "validateSignature": "验证签名", - "validatingPublicKey": "验证公钥", - "validatingPublicKeyId": "验证公钥 ID", - "pkceEnabled": "使用 PKCE", - "pkceMethod": "PKCE 方法", - "allowedClockSkew": "允许的时间偏差", - "attributeConsumingServiceIndex": "属性消费服务指数", - "attributeConsumingServiceName": "属性消费服务名称", - "forwardParameters": "转发查询参数", - "oidcSettings": "OpenID 连接设置", - "samlSettings": "SAML 设置", - "reqAuthnConstraints": "请求的上下文约束", - "keyID": "KEY_ID", - "NONE": "无", - "certSubject": "CERT_SUBJECT", - "storeTokens": "存储代币", - "storedTokensReadable": "存储的令牌可读", - "comparison": "对比", - "authnContextClassRefs": "验证上下文类参考", - "addAuthnContextClassRef": "添加验证上下文类参考", - "authnContextDeclRefs": "验证上下文的否定参考", - "addAuthnContextDeclRef": "添加验证上下文的否定参考", - "accountLinkingOnly": "仅账户链接", - "hideOnLoginPage": "在登录页面隐藏", - "firstBrokerLoginFlowAlias": "首次登录流程", - "postBrokerLoginFlowAlias": "登录后流程", - "syncMode": "同步模式", - "syncModes": { - "inherit": "继承", - "import": "导入", - "legacy": "引用", - "force": "强制" - }, - "syncModeOverride": "同步模式覆盖", - "regexAttributeValues": "正则表达式属性值", - "regexClaimValues": "正则表达式声明值", - "mapperSaveSuccess": "映射器保存成功。", - "mapperSaveError": "保存映射器时出错:{{error}}", - "userAttribute": "用户属性", - "userAttributeValue": "用户属性值", - "userSessionAttribute": "用户会话属性", - "userSessionAttributeValue": "用户会话属性值", - "target": "目标", - "targetOptions": { - "local": "本地", - "brokerId": "BROKER_ID", - "brokerUsername": "BROKER_USERNAME" - }, - "baseUrl": "基本网址", - "apiUrl": "API 网址", - "facebook": { - "fetchedFields": "其他用户的个人资料字段" - }, - "google": { - "hostedDomain": "托管域", - "userIp": "使用 userIp 参数", - "offlineAccess": "请求刷新令牌" - }, - "paypal": { - "sandbox": "目标沙箱" - }, - "stackoverflow": { - "key": "密钥" - }, - "linkedin": { - "profileProjection": "开放用户资料" - }, - "redirectURIHelp": "配置身份供应商时使用的重定向 uri。", - "clientSecretHelp": "向身份供应商注册的客户端密码。该字段可以从保险库中获取其值,使用 ${vault.ID} 格式。", - "displayOrderHelp": "数字定义供应商在 GUI 中的顺序(例如,在登录页面上)。最小的数字将首先被应用。", - "useDiscoveryEndpointHelp": "如果启用此设置,发现端点将用于获取供应商配置。Keycloak 可以从终端节点加载配置并在源有任何更新时自动更新配置", - "discoveryEndpointHelp": "从远程 IDP 发现描述符导入元数据。", - "importConfigHelp": "从下载的 IDP 发现描述符中导入元数据。", - "passLoginHintHelp": "将 login_hint 传递给身份供应商。", - "passMaxAgeHelp": "将 max_age 传递给身份供应商。", - "passCurrentLocaleHelp": "将当前语言环境作为 ui_locales 参数传递给身份供应商。", - "logoutUrlHelp": "结束用于从外部 IDP 注销用户的会话端点。", - "backchannelLogoutHelp": "外部 IDP 是否支持后台注销?", - "disableUserInfoHelp": "禁止使用用户信息服务来获取额外的用户信息?默认是使用这个 OIDC 服务。", - "userInfoUrlHelp": "用户信息 Url。这是可选的。", - "issuerHelp": "响应发布者的发布者标识符。如果未提供,则不会执行任何验证。", - "promptHelp": "指定授权服务器是否提示最终用户重新验证和授权。", - "acceptsPromptNoneHelp": "这只是与身份供应商验证器一起使用,或者当kc_idp_hint指向这个身份供应商时。如果客户端发送一个prompt=none的请求并且用户还没有被认证,错误将不会直接返回给客户端, 但带有 prompt=none 的请求将被转发给这个身份供应商。", - "validateSignatureHelp": "启用/禁用外部 IDP 签名的签名验证。", - "validatingPublicKeyHelp": "必须用于验证外部 IDP 签名的 PEM 格式的公钥。", - "validatingPublicKeyIdHelp": "如果是密钥 ID,则上面给出的验证公钥的显式 ID。如果上面的密钥被始终使用,则可以留空,不管外部 IDP 指定的密钥 ID。如果密钥仅用于验证,则设置它如果来自外部 IDP 的密钥 ID 匹配。", - "pkceEnabledHelp": "使用 PKCE(密钥代码交换证明)进行 IdP 代理", - "pkceMethodHelp": "使用的 PKCE 方法", - "allowedClockSkewHelp": "验证身份供应商令牌时可以允许的时钟偏差秒数。默认值为零。", - "attributeConsumingServiceIndexHelp": "在身份验证期间请求的属性消费服务配置文件的索引。", - "attributeConsumingServiceNameHelp": "要在 SP 元数据中通告的属性消费服务配置文件的名称。", - "forwardParametersHelp": "非 OpenID Connect/OAuth 标准查询参数,从初始应用请求到授权端点转发到外部 IDP。可以输入多个参数,以英文逗号 (,) 分隔。", - "clientAuthenticationHelp": "客户端身份验证方法(参见 https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication)。如果 JWT 使用私钥签名,则使用领域私钥。", - "clientAssertionSigningAlgHelp": "签名算法创建JWT断言作为客户端身份验证。需要使用私钥或客户端秘密作为JWT签名的JWT。如果没有指定算法,则适配以下算法。在RS256中适配RS256使用私钥签名的 JWT 的情况。HS256 适用于客户端机密作为 jwt 的情况。", - "storeTokensHelp": "如果必须在验证用户身份后存储令牌,则可以启用/禁用。", - "storedTokensReadableHelp": "如果新用户可以读取任何存储的令牌,则启用/禁用。这会分配 broker.read-token 角色。", - "accountLinkingOnlyHelp": "如果为真,则用户无法通过此提供程序登录。他们只能链接到此提供程序。当不想允许从提供程序登录,但想与提供程序集成时,这会很有用", - "hideOnLoginPageHelp": "如果隐藏,只有在明确请求时才能使用此提供程序登录,例如使用'kc_idp_hint'参数。", - "firstBrokerLoginFlowAliasHelp": "身份验证流程的别名,在首次使用此身份供应商登录后触发。术语“首次登录”表示当前没有 Keycloak 帐户链接到经过身份验证的身份供应商帐户。", - "postBrokerLoginFlowAliasHelp": "身份验证流程的别名,在每次使用此身份供应商登录后触发。如果您希望对使用此身份供应商(例如 OTP)进行身份验证的每个用户进行额外验证,则很有用。将此设置为“无”,如果使用此身份供应商登录后,您不需要触发任何其他身份验证器。另请注意,身份验证器实现必须假定用户已在用户会话中设置,因为身份供应商已对其进行设置。", - "syncModeHelp": "所有映射器的默认同步模式。同步模式决定何时使用映射器同步用户数据。可能的值是:'引用' 保持引入此选项之前的行为,'导入' 仅导入在用户首次使用此身份供应商登录期间,用户一次,“强制”在每次使用此身份供应商登录期间始终更新用户。", - "serviceProviderEntityIdHelp": "将用于唯一标识此 SAML 服务提供商的实体 ID。", - "identityProviderEntityIdHelp": "实体 ID 用于验证收到的 SAML 断言的颁发者。如果为空,则不执行颁发者验证。", - "useEntityDescriptorHelp": "从远程 IDP SAML 实体描述符导入元数据。", - "samlEntityDescriptorHelp": "允许您从配置文件加载外部 IDP 元数据或从 URL 下载它。", - "ssoServiceUrlHelp": "必须用于发送身份验证请求 (SAML验证请求) 的 Url。", - "singleLogoutServiceUrlHelp": "必须用于发送注销请求的 Url。", - "nameIdPolicyFormatHelp": "指定与名称标识符格式对应的 URI 引用。", - "principalTypeHelp": "从断言中识别和跟踪外部用户的方法。默认使用 Subject NameID,或者您可以设置识别属性。", - "principalAttributeHelp": "用于识别外部用户属性的名称或友好的名称。", - "allowCreateHelp": "允许外部身份供应商创建一个新的标识符来代表委托人。", - "httpPostBindingResponseHelp": "指示是否响应使用 HTTP-POST 绑定的请求。如果为否,将使用 HTTP-REDIRECT 绑定。", - "httpPostBindingAuthnRequestHelp": "指示是否必须使用 HTTP-POST 绑定发送验证请求。如果为否,将使用 HTTP-REDIRECT 绑定。", - "httpPostBindingLogoutHelp": "指示是否使用 HTTP-POST 绑定响应请求。如果为否,将使用 HTTP-REDIRECT 绑定。", - "wantAuthnRequestsSignedHelp": "指示身份供应商是否需要签名的验证请求。", - "encryptionAlgorithmHelp": "SAML IDP 用于加密 SAML 文档、断言或 ID 的加密算法。解密 SAML 文档部分的相应解密密钥将根据此配置的算法选择,并且应该在领域密钥中可用加密 (ENC) 使用。如果未配置算法,则允许使用任何支持的算法,并且将根据 SAML 文档本身配置的算法选择解密密钥。", - "samlSignatureKeyNameHelp": "已签名的 SAML 文档在 KeyName 元素中包含签名密钥的标识。对于 Keycloak / RH-SSO 对方,使用 KEY_ID,对于 MS AD FS 使用 CERT_SUBJECT,对于其他人,如果没有其他有效的选项,请查看并使用 NONE。", - "wantAssertionsSignedHelp": "表明该服务供应商是否需要一个已签名的断言。", - "wantAssertionsEncryptedHelp": "表明此服务提供商是否需要加密断言。", - "forceAuthenticationHelp": "指示身份供应商是否必须直接验证呈现者而不是依赖先前的安全上下文。", - "validateSignatures": "启用/禁用 SAML 响应的签名验证。", - "validatingX509CertsHelp": "必须用于检查签名的PEM格式的证书。可以输入多个证书,以英文逗号(,)分隔。", - "signServiceProviderMetadataHelp": "启用/禁用提供商 SAML 元数据的签名。", - "passSubjectHelp": "在登录阶段,将可选的 login_hint 查询参数转发给 SAML 验证请求的主题。", - "comparisonHelp": "指定用于评估请求的上下文类或语句的比较方法。默认为\"Exact\"。", - "authnContextClassRefsHelp": "请求的 AuthnContext ClassRefs 的有序列表。", - "authnContextDeclRefsHelp": "请求的 AuthnContext DeclRefs 的有序列表。", - "addIdpMapperName": "映射器的名称。", - "syncModeOverrideHelp": "覆盖此映射器的 IDP 的默认同步模式。值是:'引用' 以保持引入此选项之前的行为,'导入' 仅在用户首次登录时导入用户一次身份供应商,“强制”在每次使用此身份供应商登录期间始终更新用户,并“继承”使用身份供应商中为此映射器定义的同步模式。", - "advancedAttributeToRole": "如果属性集存在并且可以匹配,则授予用户指定的领域或客户端角色。", - "usernameTemplateImporter": "格式化要导入的用户名。", - "hardcodedUserSessionAttribute": "当用户从供应商导入时,将一个值硬编码到特定的用户会话属性。", - "externalRoleToRole": "在 keycloak 访问令牌中寻找外部角色。如果存在外部角色,则授予用户指定的领域或客户端角色。", - "advancedClaimToRole": "如果所有声明都存在,则授予用户指定的领域或客户端角色。", - "claimToRole": "如果存在声明,则授予用户指定的领域或客户端角色。", - "oidcAttributeImporter": "将声明的声明(如果存在于 ID、访问令牌或用户配置文件端点返回的声明集中)导入到指定的用户属性或属性中。", - "attributeImporter": "如果断言中存在声明的 SAML 属性,则将其导入指定的用户属性或属性。", - "hardcodedRole": "当用户从供应商导入时,为它硬编码一个角色映射。", - "hardcodedAttribute": "当用户从供应商导入时,将一个值硬编码到特定的用户属性。", - "samlAttributeToRole": "如果属性存在,则授予用户指定的领域或客户端角色。", - "templateHelp": "用于格式化要导入的用户名的模板。替换包含在 ${} 中。例如:'${ALIAS}.${CLAIM.sub}'。ALIAS 是供应商别名。CLAIM. 引用 ID 或访问令牌声明。可以通过将 |uppercase 或 |lowercase 附加到替换值来将替换转换为大写或小写,例如“${CLAIM.sub | lowercase}”。", - "targetHelp": "映射器的目标字段。LOCAL(默认)表示更改应用于用户导入时存储在本地数据库中的用户名。BROKER_ID 和 BROKER_USERNAME 表示更改存储在用于联合用户的 ID 或用户名中分别查找。", - "userSessionAttributeHelp": "您要硬编码的用户会话属性的名称", - "userAttributeHelp": "您要硬编码的用户属性的名称", - "claimHelp": "要在令牌中搜索的声明名称。您可以使用'.'引用嵌套声明,即'address.locality'。要按字面意思使用点 (.),请使用反斜杠将其转义。(\\. )", - "socialProfileJSONFieldPathHelp": "从社交供应商用户配置文件 JSON 数据中获取值的字段路径。您可以使用圆点表示法进行嵌套,使用方括号表示数组索引。例如 'contact.address[0].country'。", - "userAttributeValueHelp": "你想要硬编码的值", - "friendlyName": "断言中要搜索的属性的友好名称。您可以将此留空并指定一个名称。", - "userAttributeName": "用于存储 SAML 属性的用户属性名称。使用电子邮件、姓氏和名字映射到那些预定义的用户属性。", - "socialUserAttributeName": "存储信息的用户属性名。", - "attributesHelp": "要在令牌中搜索的属性的名称和(正则表达式)值。在 SAML 属性名称和属性友好名称字段中搜索属性的配置名称。必须满足每个给定的属性描述才能设置角色。如果属性是一个数组,那么这个值必须包含在数组中。如果一个属性可以多次找到,那么一次匹配就足够了。", - "regexAttributeValuesHelp": "如果启用的属性值被解释为正则表达式。", - "baseUrlHelp": "覆写此身份供应商的默认基本 URL。", - "apiUrlHelp": "覆写此身份供应商的默认 API URL。", - "facebookHelp": { - "fetchedFields": "提供将使用配置文件请求获取的附加字段。这将附加到默认的 'id,name,email,first_name,last_name' 集合。" - }, - "googleHelp": { - "hostedDomain": "使用 Google 登录时设置‘hd’查询参数。Google 将仅列出该域的帐户。Keycloak 验证返回的身份令牌是否具有该域的声明。输入‘*’时,任何托管帐户可以使用。支持英文逗号 ',' 分隔域列表。", - "userIp": "在调用 Google 的用户信息服务时设置 'userIp' 查询参数。这将使用用户的 IP 地址。如果 Google 正在限制对用户信息服务的访问,这很有用。", - "offlineAccess": "在重定向到谷歌授权端点时将‘access_type’查询参数设置为‘离线’,以获取刷新令牌。如果计划在用户离线时使用令牌交换检索谷歌令牌以访问谷歌 API,则将很有用。" - }, - "openshift": { - "baseUrl": "OpenShift Online API 的基本 Url" - }, - "paypalHelp": { - "sandbox": "目标 PayPal 的沙箱环境" - }, - "stackoverflowHelp": { - "key": "从 Stack Overflow 客户端注册获得的 Key。" - }, - "linkedinHelp": { - "profileProjection": "配置文件请求的开放参数。默认无任何开放。" - }, - "addMultivaluedLabel": "添加 {{fieldLabel}}", - "selectGroup": "选择群组", - "usermodel": { - "prop": { - "label": "特性", - "tooltip": "用户模块接口中属性方法的名字. 例如, 'email' 会引用UserModel.getEmail() 方法." - }, - "attr": { - "label": "用户属性", - "tooltip": "在UserModel.attribute映射中定义的存储用户属性的名称。" - }, - "clientRoleMapping": { - "clientId": { - "label": "客户端ID", - "tooltip": "用于角色映射的客户端ID。只有该客户端的客户端角色会被添加到令牌中。如果该项没有被设置,则来自所有客户端的角色都将被添加到令牌中。" - }, - "rolePrefix": { - "label": "客户端角色前缀", - "tooltip": "每个客户端角色的前缀(非必需)." - }, - "tokenClaimName": { - "tooltip": "插入到令牌中的声明名称。这可以是一个完全限定的名称,如“address.street”。在这种情况下,将创建一个嵌套的json对象。为了防止嵌套并直接使用点,请使用反斜杠(\\.)转义点。可以使用特殊的令牌${client_id},它将被实际的客户端ID替换,例如:“resource_access.${client_id}.roles”。这是有用的,特别是当您从所有客户端添加角色(当然'客户端ID'开关并未设置),并且您想要每个客户端单独存储的客户端角色。 " - } - }, - "realmRoleMapping": { - "rolePrefix": { - "label": "领域角色前缀", - "tooltip": "每个领域角色的前缀(非必需)。" - } - } - }, - "userSession": { - "modelNote": { - "label": "用户会话说明", - "tooltip": "在UserSessionModel.note映射中存储的用户会话注释的名称。" - } - }, - "multivalued": { - "label": "支持多值", - "tooltip": "指示某属性是否支持多个值。如果为是,则此属性的所有值的列表将设置为声明。如果为否,则只将第一个值设置为声明。" - }, - "aggregate": { - "attrs": { - "label": "聚合属性值", - "tooltip": "指示属性值是否应该与组属性聚合。如果使用OpenID连接映射器,多值选项也需要启用,以便获得所有值。重复的值将被丢弃,并且该选项不能保证值的顺序。" - } - }, - "jsonType": { - "label": "声明的 JSON 类型", - "tooltip": "应该用于在令牌中填充JSON声明的JSON类型。long, int, boolean, String和JSON是有效的值。" - }, - "includeInIdToken": { - "label": "添加到ID令牌", - "tooltip": "是否应将声明加入到ID令牌?" - }, - "includeInAccessToken": { - "label": "添加到访问令牌", - "tooltip": "是否应将声明加入到访问令牌?" - }, - "includeInAccessTokenResponse": { - "label": "添加到访问令牌响应", - "tooltip": "是否应该将声明添加到访问令牌响应中?应该只用于信息性和非敏感数据吗?" - }, - "includeInUserInfo": { - "label": "添加到用户信息", - "tooltip": "是否应将声明加入用户信息中?" - }, - "sectorIdentifierUri": { - "label": "部分标识 URI", - "tooltip": "使用成对子值并支持动态客户端注册的提供程序应该使用sector_identifier_uri参数。它为在共同管理控制下的一组网站提供了一种方法,使其具有独立于单个域名的一致的成对子值。它还为客户端提供了一种无需重新注册所有用户即可更改redirect_uri域的方法。" - }, - "pairwiseSubAlgorithmSalt": { - "label": "盐值", - "tooltip": "计算成对主题标识符时使用的盐值。如果留空,将自动生成一个盐值。" - }, - "addressClaim": { - "street": { - "label": "街道的用户属性名称", - "tooltip": "用户属性的名称,将用于映射到'address'令牌声明中的'street_address'子声明。默认为'street'。" - }, - "locality": { - "label": "地区的用户属性名称", - "tooltip": "用户属性的名称,将用于映射到“address”令牌声明中的“locality”子声明。默认为'locality'。" - }, - "region": { - "label": "区域的用户属性名称", - "tooltip": "用户属性的名称,将用于映射到“地址”令牌声明中的“区域”子声明。默认为'region'。" - }, - "postal_code": { - "label": "邮政编码的用户属性名称", - "tooltip": "用户属性的名称,将用于映射到'address'令牌声明中的'postal_code'子声明。默认为'postal_code'。" - }, - "country": { - "label": "国家的用户属性名称", - "tooltip": "用户属性的名称,将用于映射到“地址”令牌声明中的“国家”子声明。默认为'country'。" - }, - "formatted": { - "label": "格式化地址的用户属性名称", - "tooltip": "用户属性的名称,将用于映射到'address'令牌声明中的'格式化'子声明。默认为'formatted'。" - } - }, - "included": { - "client": { - "audience": { - "label": "包括客户端受众", - "tooltip": "指定受众客户端的客户端ID将包含在令牌的受众(aud)字段中。如果令牌中存在现有受众,则只向其添加指定的值。它不会覆盖现有的受众。" - } - }, - "custom": { - "audience": { - "label": "包括自定义受众", - "tooltip": "这只在“包含的客户端受众”未填充时使用。指定的值将包含在令牌的受众(aud)字段中。如果令牌中存在现有受众,则只向其添加指定的值。它不会覆盖现有的用户。" - } - } - }, - "name-id-format": "名称ID格式", - "mapper": { - "nameid": { - "format": { - "tooltip": "名称ID使用映射格式" - } - } - }, - "client-scopes-condition": { - "label": "预期范围", - "tooltip": "预期的客户端范围列表。如果指定的客户端请求与某些客户端范围匹配,则条件计算为“真”。它还取决于它应该是默认的还是可选的客户端作用域,这取决于所配置的“作用域类型”。" - }, - "client-accesstype": { - "label": "客户端访问类型", - "tooltip": "将会应用该条件的客户端的访问类型。" - }, - "client-roles": { - "label": "客户端角色" - }, - "client-roles-condition": { - "tooltip": "客户端角色,将在此条件评估期间检查。如果客户端至少有一个客户端角色,其名称与配置中指定的客户端角色相同,则条件求值为“真”。" - }, - "client-updater-source-groups": { - "label": "群组", - "tooltip": "需要检查的组名。如果创建/更新客户端的实体是某些指定组的成员,则条件求值为“真”。配置的群组由其简单名称指定,该名称必须与Keycloak组的名称匹配。这里不支持群组层级。" - }, - "client-updater-trusted-hosts": { - "label": "受信任的主机", - "tooltip": "受信任的主机列表。如果客户端注册/更新请求来自此配置中指定的主机/域,则条件计算为“真”。您可以使用主机名或IP地址。如果您在开头使用*(例如'*.example.com'),那么整个域名example.com将被信任。" - }, - "client-updater-source-roles": { - "label": "更新实体角色", - "tooltip": "在客户端注册/更新请求期间检查该条件,如果创建/更新客户端的实体(通常是用户)是指定角色的成员,则该条件计算为“真”。要引用领域角色,您可以使用领域角色名称,如'my_realm_role'。对于引用客户端角色,可以使用client_id.Role_name,例如“my_client.My_client_role”将引用客户端'my_client'的客户端角色' My_client_role'。" - }, - "allowed-client-scopes": { - "label": "允许的客户端范围", - "tooltip": "客户端作用域白名单,可用于新注册的客户端。尝试向未被列入白名单的客户端范围注册客户端将被拒绝。默认情况下,白名单要么为空,要么只包含域默认客户端作用域(基于“允许默认作用域”配置属性)。" - }, - "allow-default-scopes": { - "label": "允许默认范围", - "tooltip": "如果开启,新注册的客户端将被允许拥有在领域默认客户端范围或领域可选客户端范围中提到的客户端范围。" - }, - "allowed-protocol-mappers": { - "label": "允许的协议映射器", - "tooltip": "允许的协议映射程序提供商白名单。如果尝试注册客户端,其中包含一些未被列入白名单的协议映射器,则注册请求将被拒绝。" - }, - "max-clients": { - "label": "每个领域最大客户端数量", - "tooltip": "如果领域中现有客户端的数量等于或大于配置数量的限制,将不允许注册新客户端。" - }, - "trusted-hosts": { - "label": "受信任的主机", - "tooltip": "受信任的主机列表,允许调用客户端注册服务和/或用作客户端uri的值。您可以使用主机名或IP地址。如果您在开头使用*(例如'*.example.com'),那么整个域名example.com将被信任。" - }, - "host-sending-registration-request-must-match": { - "label": "主机发送客户端注册请求必须匹配", - "tooltip": "如果开启,只要它是从一些受信任的主机或域发送的,任何对客户端注册服务的请求都是允许的。" - }, - "client-uris-must-match": { - "label": "客户端uri必须匹配", - "tooltip": "如果开启,所有客户端uri(重定向uri和其他)都是允许的,只要它们匹配了某个受信任的主机或域。" - }, - "clientScopeType": { "default": "默认", "optional": "非必需", "none": "无" }, - "createIdentityProviderSuccess": "身份供应商已成功创建", - "createIdentityProviderError": "无法创建身份供应商:{{error}}", - "createClientError": "无法创建客户端:'{{error}}'", - "createClientSuccess": "客户端创建成功", - "createUserProviderSuccess": "用户联盟供应商已成功创建", - "createUserProviderError": "由于{{error}},无法创建用户联盟供应商。", - "flowNameHelp": "新流程命名的帮助文本", - "flowDescriptionHelp": "新流程描述的帮助文本", - "noRoles-clientScopes": "此客户端作用域没有角色", - "noRolesInstructions-clientScopes": "您尚未为此客户端作用域创建任何角色。请创建角色以开始。", - "noRoles-user": "此用户没有角色", - "noRolesInstructions-user": "您尚未为此用户分配任何角色。分配角色以开始。", - "noRoles-client": "此客户端没有角色", - "noRolesInstructions-client": "您还没有为这个客户创建任何角色。创建一个角色以开始。", - "noRoles-groups": "此群组没有角色", - "noRolesInstructions-groups": "尚未为此群组创建任何角色。请创建角色后开始管理群组。", - "noRoles-roles": "此领域中没有角色", - "noRolesInstructions-roles": "您尚未在此领域中创建任何角色。创建角色以开始。", - "realmNameField": "领域名称", - "searchForClientScope": "搜索客户端作用域", - "searchForRoles": "按名称搜索角色", - "titleAuthentication": "身份验证", - "titleEvents": "事件", - "titleRoles": "领域角色", - "titleUsers": "用户管理", - "titleSessions": "会话管理", - "deleteConfirmClientScopes": "是否要删除此客户端作用域?", - "deleteConfirmUsers": "删除用户?", - "deleteConfirmGroup_one": "是否要删除此群组“{{groupName}}”。", - "deleteConfirmGroup_other": "是否要删除这些群组?", - "deleteConfirmIdentityProvider": "您确定要永久删除供应商'{{provider}}'吗?", - "deleteConfirmRealmSetting": "如果你删除这个领域,所有关联的数据都将被删除。", - "whoWillAppearLinkTextRoles": "谁将出现在此用户列表中?", - "whoWillAppearLinkTextUsers": "谁将出现在此群组列表中?", - "whoWillAppearPopoverTextRoles": "此选项卡仅显示直接分配给此角色的用户。要查看作为关联角色或通过组分配此角色的用户,请转到", - "whoWillAppearPopoverTextUsers": "群组是分层的。选择“直接群组成员资格”时,只会看到用户直接加入的子组,而不包括父级群组。", - "deletedSuccessClientScope": "客户端作用域已删除", - "deletedSuccessIdentityProvider": "供应商已成功删除。", - "deletedSuccessRealmSetting": "属性组已删除。", - "deletedErrorClientScope": "无法删除客户端作用域: {{error}}", - "deletedErrorIdentityProvider": "无法删除供应商 {{error}}", - "deletedErrorRealmSetting": "无法删除领域:{{error}}", - "realmSaveSuccess": "领域更新成功", - "userProviderSaveSuccess": "用户联盟供应商已成功保存", - "realmSaveError": "领域无法更新:{{error}}", - "userProviderSaveError": "由于:{{error}},无法保存用户联盟供应商", - "validateAttributeName": "不允许未命名的属性配置。", - "disableConfirmIdentityProvider": "您确定要禁用供应商'{{provider}}'", - "disableConfirmRealm": "如果领域被禁用,用户和客户端将无法访问它。您确定要继续吗?", - "updateSuccessClientScope": "客户端作用域已更新", - "updateErrorClientScope": "无法更新客户端作用域: '{{error}}'", - "updateSuccessIdentityProvider": "供应商更新成功", - "updateErrorIdentityProvider": "无法更新供应商 {{error}}", - "orderChangeSuccessUserFed": "成功更改用户联盟供应商的优先顺序", - "orderChangeErrorUserFed": "由于{{error}},无法更改用户联盟供应商的优先顺序。", - "authenticationAliasHelp": "配置名称", - "authenticationFlowTypeHelp": "它是一种什么样的形式?", - "clientScopeTypes": { "default": "默认", "optional": "非必需", "none": "无" }, - "realmNameTitle": "{{name}} 领域", - "authenticationCreateFlowHelp": "创建流程", - "scopeNameHelp": "客户端作用域的名称。在领域中必须是唯一的。名称不应包含空格字符,因为它用作作用域参数的值。", - "scopeDescriptionHelp": "客户作用域说明", - "scopeTypeHelp": "客户端作用域,将以默认作用域的形式添加到每个创建的客户端", - "clientDescriptionHelp": "指定客户端的描述。例如'My Client for TimeSheets'。也支持本地化值的键。例如:${my_client_description}", - "clientsClientTypeHelp": "'OpenID Connect' 允许客户端根据授权服务器执行的身份验证来验证最终用户的身份。'SAML' 启用基于 Web 的身份验证和授权方案,包括跨域单点登录( SSO) 并使用包含断言的安全令牌来传递信息。", - "clientsClientScopesHelp": "与此资源关联的范围。" -} diff --git a/js/apps/admin-ui/src/i18n/OverridesBackend.ts b/js/apps/admin-ui/src/i18n/OverridesBackend.ts deleted file mode 100644 index 3ac23c489e..0000000000 --- a/js/apps/admin-ui/src/i18n/OverridesBackend.ts +++ /dev/null @@ -1,128 +0,0 @@ -import { CallbackError, ReadCallback, ResourceKey } from "i18next"; -import HttpBackend from "i18next-http-backend"; - -import { adminClient } from "../admin-client"; -import { DEFAULT_LOCALE, KEY_SEPARATOR } from "./i18n"; - -/** A custom backend that merges the overrides the static labels with those defined by the user in the console. */ -export class OverridesBackend extends HttpBackend { - #overridesCache = new Map>>(); - - async loadUrl( - url: string, - callback: ReadCallback, - languages?: string | string[], - namespaces?: string | string[], - ) { - try { - const [data, overrides] = await Promise.all([ - this.#loadUrlPromisified(url, languages, namespaces), - this.#loadOverrides(languages), - ]); - - const namespace = this.#determineNamespace(namespaces); - - // Bail out on applying overrides if the namespace could not be determined. - if (!namespace) { - return callback(null, data); - } - - callback(null, this.#applyOverrides(data, overrides)); - } catch (error) { - callback(error as CallbackError, null); - } - } - - #applyOverrides(data: ResourceKey, overrides: Record) { - if (typeof data === "string") { - return data; - } - - // Ensure we are operating on a cloned data structure to prevent in-place mutations. - const target = structuredClone(data); - - for (const [path, value] of Object.entries(overrides)) { - this.#applyOverride(target, path, value); - } - - return target; - } - - /** Applies an override by converting path segments denoted with a key separator as nested objects and merging the result. */ - #applyOverride(target: Record, path: string, value: string) { - const trail = path.split(KEY_SEPARATOR); - let pointer = target; - - trail.forEach((segment, index) => { - const isLast = index === trail.length - 1; - pointer = pointer[segment] = isLast ? value : pointer[segment] ?? {}; - }); - } - - #loadOverrides(languages?: string | string[]) { - const locale = this.#determineLocale(languages); - const cachedOverrides = this.#overridesCache.get(locale); - - if (cachedOverrides) { - return cachedOverrides; - } - - const overrides = adminClient.realms.getRealmLocalizationTexts({ - realm: adminClient.realmName, - selectedLocale: locale, - }); - - this.#overridesCache.set(locale, overrides); - - // Evict cached request on failure. - overrides.catch((error) => { - this.#overridesCache.delete(locale); - return Promise.reject(error); - }); - - return overrides; - } - - #determineLocale(languages?: string | string[]) { - if (typeof languages === "string") { - return languages; - } - - return languages?.[0] ?? DEFAULT_LOCALE; - } - - #determineNamespace(namespaces?: string | string[]) { - if (typeof namespaces === "string") { - return namespaces; - } - - return namespaces?.[0]; - } - - #loadUrlPromisified( - url: string, - languages?: string | string[], - namespaces?: string | string[], - ) { - return new Promise((resolve, reject) => { - const callback: ReadCallback = (error, data) => { - if (error) { - return reject(error); - } - - if (typeof data !== "object" || data === null) { - return reject( - new Error( - "Unable to load URL, data returned is of an unsupported type.", - { cause: error }, - ), - ); - } - - resolve(data); - }; - - super.loadUrl(url, callback, languages, namespaces); - }); - } -} diff --git a/js/apps/admin-ui/src/i18n/i18n.ts b/js/apps/admin-ui/src/i18n/i18n.ts index 273ad8b992..eab0030bb5 100644 --- a/js/apps/admin-ui/src/i18n/i18n.ts +++ b/js/apps/admin-ui/src/i18n/i18n.ts @@ -1,9 +1,11 @@ import { createInstance } from "i18next"; import { initReactI18next } from "react-i18next"; +import HttpBackend from "i18next-http-backend"; import environment from "../environment"; import { joinPath } from "../utils/joinPath"; -import { OverridesBackend } from "./OverridesBackend"; + +type KeyValue = { key: string; value: string }; export const DEFAULT_LOCALE = "en"; export const KEY_SEPARATOR = "."; @@ -15,9 +17,19 @@ export const i18n = createInstance({ escapeValue: false, }, backend: { - loadPath: joinPath(environment.resourceUrl, `locales/{{lng}}/{{ns}}.json`), + loadPath: joinPath( + environment.authServerUrl, + `resources/${environment.masterRealm}/admin/{{lng}}`, + ), + parse: (data: string) => { + const messages = JSON.parse(data); + + const result: Record = {}; + messages.forEach((v: KeyValue) => (result[v.key] = v.value)); + return result; + }, }, }); -i18n.use(OverridesBackend); +i18n.use(HttpBackend); i18n.use(initReactI18next); diff --git a/services/src/main/java/org/keycloak/services/resources/ThemeResource.java b/services/src/main/java/org/keycloak/services/resources/ThemeResource.java index b1526484f8..eb8758891c 100644 --- a/services/src/main/java/org/keycloak/services/resources/ThemeResource.java +++ b/services/src/main/java/org/keycloak/services/resources/ThemeResource.java @@ -26,7 +26,6 @@ import org.keycloak.encoding.ResourceEncodingProvider; import org.keycloak.models.KeycloakSession; import org.keycloak.models.RealmModel; import org.keycloak.services.ServicesLogger; -import org.keycloak.services.managers.RealmManager; import org.keycloak.services.util.CacheControlUtil; import org.keycloak.services.util.LocaleUtil; import org.keycloak.theme.Theme; @@ -104,30 +103,35 @@ public class ThemeResource { } @GET - @Path("{theme}/{locale}") + @Path("/{realm}/{theme}/{locale}") @Produces(MediaType.APPLICATION_JSON) - public List getLocalizationTexts(@PathParam("theme") String theme, @PathParam("locale") String localeString, - @QueryParam("source") boolean showSource) throws IOException { - final RealmModel realm = session.getContext().getRealm(); + public Response getLocalizationTexts(@PathParam("realm") String realmName, @PathParam("theme") String theme, + @PathParam("locale") String localeString, @QueryParam("source") boolean showSource) throws IOException { + final RealmModel realm = session.realms().getRealmByName(realmName); + session.getContext().setRealm(realm); + List result; Theme theTheme = session.theme().getTheme(Theme.Type.valueOf(theme.toUpperCase())); final Locale locale = Locale.forLanguageTag(localeString); if (showSource) { Properties messagesByLocale = theTheme.getMessages("messages", locale); - Set result = messagesByLocale.entrySet().stream().map(e -> + Set resultSet = messagesByLocale.entrySet().stream().map(e -> new KeySource((String) e.getKey(), (String) e.getValue(), Source.THEME)).collect(toSet()); Map realmLocalizationMessages = LocaleUtil.getRealmLocalizationTexts(realm, locale); for (Locale currentLocale = locale; currentLocale != null; currentLocale = LocaleUtil.getParentLocale(currentLocale)) { final List realmOverride = realmLocalizationMessages.get(currentLocale).entrySet().stream().map(e -> new KeySource((String) e.getKey(), (String) e.getValue(), Source.REALM)).collect(toList()); - result.addAll(realmOverride); + resultSet.addAll(realmOverride); } - - return new ArrayList<>(result); + result = new ArrayList<>(resultSet); + } else { + result = theTheme.getEnhancedMessages(realm, locale).entrySet().stream().map(e -> + new KeySource((String) e.getKey(), (String) e.getValue())).collect(toList()); } - return theTheme.getEnhancedMessages(realm, locale).entrySet().stream().map(e -> - new KeySource((String) e.getKey(), (String) e.getValue())).collect(toList()); + + Response.ResponseBuilder responseBuilder = Response.ok(result); + return Cors.add(session.getContext().getHttpRequest(), responseBuilder).allowedOrigins("*").auth().build(); } }