diff --git a/themes/src/main/resources/theme/base/admin/messages/admin-messages_en.properties b/themes/src/main/resources/theme/base/admin/messages/admin-messages_en.properties
index c59e771..0a0cfc5 100644
--- a/themes/src/main/resources/theme/base/admin/messages/admin-messages_en.properties
+++ b/themes/src/main/resources/theme/base/admin/messages/admin-messages_en.properties
@@ -36,7 +36,7 @@ sslRequired=Require SSL
sslRequired.option.all=all requests
sslRequired.option.external=external requests
sslRequired.option.none=none
-sslRequired.tooltip=Is HTTPS required? 'None' means HTTPS is not required for any client IP address. 'External requests' means localhost and private IP addresses can access without HTTPS. 'All requests' means HTTPS is required for all IP addresses.
+sslRequired.tooltip=Is HTTPS required? 'None' means HTTPS is not required for any client IP address. 'External requests' means localhost and private IP addresses can access without HTTPS. 'All requests' means HTTPS is required for all IP addresses.
publicKey=Public key
privateKey=Private key
gen-new-keys=Generate new keys
@@ -95,7 +95,7 @@ login-action-timeout.tooltip=Max time a user has to complete login related actio
headers=Headers
brute-force-detection=Brute Force Detection
x-frame-options=X-Frame-Options
-click-label-for-info=Click on label link for more information. The default value prevents pages from being included via non-origin iframes.
+click-label-for-info=Click on label link for more information. The default value prevents pages from being included via non-origin iframes.
content-sec-policy=Content-Security-Policy
max-login-failures=Max Login Failures
max-login-failures.tooltip=How many failures before wait is triggered.
@@ -134,7 +134,7 @@ push.tooltip=For every client that has an admin URL, notify them of the new revo
#Protocol Mapper
usermodel.prop.label=Property
-usermodel.prop.tooltip=Name of the property method in the UserModel interface. For example, a value of 'email' would reference the UserModel.getEmail() method.
+usermodel.prop.tooltip=Name of the property method in the UserModel interface. For example, a value of 'email' would reference the UserModel.getEmail() method.
usermodel.attr.label=User Attribute
usermodel.attr.tooltip=Name of stored user attribute which is the name of an attribute within the UserModel.attribute map.
userSession.modelNote.label=User Session Note
@@ -144,9 +144,9 @@ multivalued.tooltip=Indicates if attribute supports multiple values. If true, th
selectRole.label=Select Role
selectRole.tooltip=Enter role in the textbox to the left, or click this button to browse and select the role you want.
tokenClaimName.label=Token Claim Name
-tokenClaimName.tooltip=Name of the claim to insert into the token. This can be a fully qualified name like 'address.street'. In this case, a nested json object will be created.
+tokenClaimName.tooltip=Name of the claim to insert into the token. This can be a fully qualified name like 'address.street'. In this case, a nested json object will be created.
jsonType.label=Claim JSON Type
-jsonType.tooltip=JSON type that should be used to populate the json claim in the token. long, int, boolean, and String are valid values.
+jsonType.tooltip=JSON type that should be used to populate the json claim in the token. long, int, boolean, and String are valid values.
includeInIdToken.label=Add to ID token
includeInIdToken.tooltip=Should the claim be added to the ID token?
includeInAccessToken.label=Add to access token
@@ -154,7 +154,7 @@ includeInAccessToken.tooltip=Should the claim be added to the access token?
# client details
-clients.tooltip=Clients are trusted browser apps and web services in a realm. These clients can request a login. You can also define client specific roles.
+clients.tooltip=Clients are trusted browser apps and web services in a realm. These clients can request a login. You can also define client specific roles.
search.placeholder=Search...
create=Create
import=Import
@@ -170,7 +170,7 @@ add-client=Add Client
select-file=Select file
view-details=View details
clear-import=Clear import
-client-id.tooltip=Specifies ID referenced in URI and tokens. For example 'my-client'. For SAML this is also the expected issuer value from authn requests
+client-id.tooltip=Specifies ID referenced in URI and tokens. For example 'my-client'. For SAML this is also the expected issuer value from authn requests
client.name.tooltip=Specifies display name of the client. For example 'My Client'. Supports keys for localized values as well. For example\\: ${my_client}
client.enabled.tooltip=Disabled clients cannot initiate a login or have obtain access tokens.
consent-required=Consent Required
@@ -178,7 +178,7 @@ consent-required.tooltip=If enabled users have to consent to client access.
client-protocol=Client Protocol
client-protocol.tooltip='OpenID connect' allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server.'SAML' enables web-based authentication and authorization scenarios including cross-domain single sign-on (SSO) and uses security tokens containing assertions to pass information.
access-type=Access Type
-access-type.tooltip='Confidential' clients require a secret to initiate login protocol. 'Public' clients do not require a secret. 'Bearer-only' clients are web services that never initiate a login.
+access-type.tooltip='Confidential' clients require a secret to initiate login protocol. 'Public' clients do not require a secret. 'Bearer-only' clients are web services that never initiate a login.
standard-flow-enabled=Standard Flow Enabled
standard-flow-enabled.tooltip=This enables standard OpenID Connect redirect based authentication with authorization code. In terms of OpenID Connect or OAuth2 specifications, this enables support of 'Authorization Code Flow' for this client.
implicit-flow-enabled=Implicit Flow Enabled
@@ -192,7 +192,7 @@ include-authnstatement.tooltip=Should a statement specifying the method and time
sign-documents=Sign Documents
sign-documents.tooltip=Should SAML documents be signed by the realm?
sign-assertions=Sign Assertions
-sign-assertions.tooltip=Should assertions inside SAML documents be signed? This setting isn't needed if document is already being signed.
+sign-assertions.tooltip=Should assertions inside SAML documents be signed? This setting isn't needed if document is already being signed.
signature-algorithm=Signature Algorithm
signature-algorithm.tooltip=The signature algorithm to use to sign documents.
canonicalization-method=Canonicalization Method
@@ -200,11 +200,11 @@ canonicalization-method.tooltip=Canonicalization Method for XML signatures.
encrypt-assertions=Encrypt Assertions
encrypt-assertions.tooltip=Should SAML assertions be encrypted with client's public key using AES?
client-signature-required=Client Signature Required
-client-signature-required.tooltip=Will the client sign their saml requests and responses? And should they be validated?
+client-signature-required.tooltip=Will the client sign their saml requests and responses? And should they be validated?
force-post-binding=Force POST Binding
force-post-binding.tooltip=Always use POST binding for responses.
front-channel-logout=Front Channel Logout
-front-channel-logout.tooltip=When true, logout requires a browser redirect to client. When false, server performs a background invocation for logout.
+front-channel-logout.tooltip=When true, logout requires a browser redirect to client. When false, server performs a background invocation for logout.
force-name-id-format=Force Name ID Format
force-name-id-format.tooltip=Ignore requested NameID subject format and use admin console configured one.
name-id-format=Name ID Format
@@ -212,14 +212,14 @@ name-id-format.tooltip=The name ID format to use for the subject.
root-url=Root URL
root-url.tooltip=Root URL appended to relative URLs
valid-redirect-uris=Valid Redirect URIs
-valid-redirect-uris.tooltip=Valid URI pattern a browser can redirect to after a successful login or logout. Simple wildcards are allowed i.e. 'http://example.com/*'. Relative path can be specified too i.e. /my/relative/path/*. Relative paths will generate a redirect URI using the request's host and port. For SAML, you must set valid URI patterns if you are relying on the consumer service URL embedded with the login request.
+valid-redirect-uris.tooltip=Valid URI pattern a browser can redirect to after a successful login or logout. Simple wildcards are allowed i.e. 'http://example.com/*'. Relative path can be specified too i.e. /my/relative/path/*. Relative paths are relative to the client root URL, or if none is specified the auth server root URL is used. For SAML, you must set valid URI patterns if you are relying on the consumer service URL embedded with the login request.
base-url.tooltip=Default URL to use when the auth server needs to redirect or link back to the client.
admin-url=Admin URL
-admin-url.tooltip=URL to the admin interface of the client. Set this if the client supports the adapter REST API. This REST API allows the auth server to push revocation policies and other adminstrative tasks. Usually this is set to the base URL of the client.
+admin-url.tooltip=URL to the admin interface of the client. Set this if the client supports the adapter REST API. This REST API allows the auth server to push revocation policies and other adminstrative tasks. Usually this is set to the base URL of the client.
master-saml-processing-url=Master SAML Processing URL
-master-saml-processing-url.tooltip=If configured, this URL will be used for every binding to both the SP's Assertion Consumer and Single Logout Services. This can be individually overiden for each binding and service in the Fine Grain SAML Endpoint Configuration.
+master-saml-processing-url.tooltip=If configured, this URL will be used for every binding to both the SP's Assertion Consumer and Single Logout Services. This can be individually overiden for each binding and service in the Fine Grain SAML Endpoint Configuration.
idp-sso-url-ref=IDP Initiated SSO URL Name
-idp-sso-url-ref.tooltip=URL fragment name to reference client when you want to do IDP Initiated SSO. Leaving this empty will disable IDP Initiated SSO. The URL you will reference from your browser will be: {server-root}/realms/{realm}/protocol/saml/clients/{client-url-name}
+idp-sso-url-ref.tooltip=URL fragment name to reference client when you want to do IDP Initiated SSO. Leaving this empty will disable IDP Initiated SSO. The URL you will reference from your browser will be: {server-root}/realms/{realm}/protocol/saml/clients/{client-url-name}
idp-sso-relay-state=IDP Initiated SSO Relay State
idp-sso-relay-state.tooltip=Relay state you want to send with SAML request when you want to do IDP Initiated SSO.
web-origins=Web Origins
@@ -227,13 +227,13 @@ web-origins.tooltip=Allowed CORS origins. To permit all origins of Valid Redirec
fine-saml-endpoint-conf=Fine Grain SAML Endpoint Configuration
fine-saml-endpoint-conf.tooltip=Expand this section to configure exact URLs for Assertion Consumer and Single Logout Service.
assertion-consumer-post-binding-url=Assertion Consumer Service POST Binding URL
-assertion-consumer-post-binding-url.tooltip=SAML POST Binding URL for the client's assertion consumer service (login responses). You can leave this blank if you do not have a URL for this binding.
+assertion-consumer-post-binding-url.tooltip=SAML POST Binding URL for the client's assertion consumer service (login responses). You can leave this blank if you do not have a URL for this binding.
assertion-consumer-redirect-binding-url=Assertion Consumer Service Redirect Binding URL
-assertion-consumer-redirect-binding-url.tooltip=SAML Redirect Binding URL for the client's assertion consumer service (login responses). You can leave this blank if you do not have a URL for this binding.
+assertion-consumer-redirect-binding-url.tooltip=SAML Redirect Binding URL for the client's assertion consumer service (login responses). You can leave this blank if you do not have a URL for this binding.
logout-service-binding-post-url=Logout Service POST Binding URL
-logout-service-binding-post-url.tooltip=SAML POST Binding URL for the client's single logout service. You can leave this blank if you are using a different binding
+logout-service-binding-post-url.tooltip=SAML POST Binding URL for the client's single logout service. You can leave this blank if you are using a different binding
logout-service-redir-binding-url=Logout Service Redirect Binding URL
-logout-service-redir-binding-url.tooltip=SAML Redirect Binding URL for the client's single logout service. You can leave this blank if you are using a different binding.
+logout-service-redir-binding-url.tooltip=SAML Redirect Binding URL for the client's single logout service. You can leave this blank if you are using a different binding.
# client import
import-client=Import Client
@@ -247,12 +247,12 @@ credentials=Credentials
saml-keys=SAML Keys
roles=Roles
mappers=Mappers
-mappers.tooltip=Protocol mappers perform transformation on tokens and documents. They can do things like map user data into protocol claims, or just transform any requests going between the client and auth server.
+mappers.tooltip=Protocol mappers perform transformation on tokens and documents. They can do things like map user data into protocol claims, or just transform any requests going between the client and auth server.
scope=Scope
scope.tooltip=Scope mappings allow you to restrict which user role mappings are included within the access token requested by the client.
-sessions.tooltip=View active sessions for this client. Allows you to see which users are active and when they logged in.
+sessions.tooltip=View active sessions for this client. Allows you to see which users are active and when they logged in.
offline-access=Offline Access
-offline-access.tooltip=View offline sessions for this client. Allows you to see which users retrieve offline token and when they retrieve it. To revoke all tokens for the client, go to Revocation tab and set not before value to now.
+offline-access.tooltip=View offline sessions for this client. Allows you to see which users retrieve offline token and when they retrieve it. To revoke all tokens for the client, go to Revocation tab and set not before value to now.
clustering=Clustering
installation=Installation
installation.tooltip=Helper utility for generating various client adapter configuration formats which you can download or cut and paste to configure your clients.
@@ -359,7 +359,7 @@ key-import=Key Import
export-saml-key=Export SAML Key
import-saml-key=Import SAML Key
realm-certificate-alias=Realm Certificate Alias
-realm-certificate-alias.tooltip=Realm certificate is stored in archive too. This is the alias to it.
+realm-certificate-alias.tooltip=Realm certificate is stored in archive too. This is the alias to it.
signing-key=Signing Key
saml-signing-key=SAML Signing Key.
private-key=Private Key
@@ -422,7 +422,7 @@ identity-provider.logout-url.tooltip=End session endpoint to use to logout user
backchannel-logout=Backchannel Logout
backchannel-logout.tooltip=Does the external IDP support backchannel logout?
user-info-url=User Info URL
-user-info-url.tooltip=The User Info Url. This is optional.
+user-info-url.tooltip=The User Info Url. This is optional.
identity-provider.client-id.tooltip=The client or client identifier registered within the identity provider.
client-secret=Client Secret
show-secret=Show secret
@@ -513,10 +513,10 @@ groups=Groups
group.add-selected.tooltip=Realm roles that can be assigned to the group.
group.assigned-roles.tooltip=Realm roles mapped to the group
-group.effective-roles.tooltip=All realm role mappings. Some roles here might be inherited from a mapped composite role.
+group.effective-roles.tooltip=All realm role mappings. Some roles here might be inherited from a mapped composite role.
group.available-roles.tooltip=Assignable roles from this client.
group.assigned-roles-client.tooltip=Role mappings for this client.
-group.effective-roles-client.tooltip=Role mappings for this client. Some roles here might be inherited from a mapped composite role.
+group.effective-roles-client.tooltip=Role mappings for this client. Some roles here might be inherited from a mapped composite role.
default-roles=Default Roles
no-realm-roles-available=No realm roles available
@@ -524,10 +524,10 @@ no-realm-roles-available=No realm roles available
users=Users
user.add-selected.tooltip=Realm roles that can be assigned to the user.
user.assigned-roles.tooltip=Realm roles mapped to the user
-user.effective-roles.tooltip=All realm role mappings. Some roles here might be inherited from a mapped composite role.
+user.effective-roles.tooltip=All realm role mappings. Some roles here might be inherited from a mapped composite role.
user.available-roles.tooltip=Assignable roles from this client.
user.assigned-roles-client.tooltip=Role mappings for this client.
-user.effective-roles-client.tooltip=Role mappings for this client. Some roles here might be inherited from a mapped composite role.
+user.effective-roles-client.tooltip=Role mappings for this client. Some roles here might be inherited from a mapped composite role.
default.available-roles.tooltip=Realm level roles that can be assigned.
realm-default-roles=Realm Default Roles
realm-default-roles.tooltip=Realm level roles assigned to new users.
@@ -578,7 +578,7 @@ configure=Configure
select-realm=Select realm
add=Add
-client-template.name.tooltip=Name of the client template. Must be unique in the realm
+client-template.name.tooltip=Name of the client template. Must be unique in the realm
client-template.description.tooltip=Description of the client template
client-template.protocol.tooltip=Which SSO protocol configuration is being supplied by this client template
@@ -588,7 +588,7 @@ provider-id=Provider ID
console-display-name=Console Display Name
console-display-name.tooltip=Display name of provider when linked in admin console.
priority=Priority
-priority.tooltip=Priority of provider when doing a user lookup. Lowest first.
+priority.tooltip=Priority of provider when doing a user lookup. Lowest first.
sync-settings=Sync Settings
periodic-full-sync=Periodic Full Sync
periodic-full-sync.tooltip=Does periodic full synchronization of provider users to Keycloak should be enabled or not
@@ -612,11 +612,11 @@ allow-password-authentication=Allow Password Authentication
allow-password-authentication.tooltip=Enable/disable possibility of username/password authentication against Kerberos database
edit-mode=Edit Mode
edit-mode.tooltip=READ_ONLY means that password updates are not allowed and user always authenticates with Kerberos password. UNSYNCED means user can change his password in Keycloak database and this one will be used instead of Kerberos password then
-ldap.edit-mode.tooltip=READ_ONLY is a read only LDAP store. WRITABLE means data will be synced back to LDAP on demand. UNSYNCED means user data will be imported, but not synced back to LDAP.
+ldap.edit-mode.tooltip=READ_ONLY is a read only LDAP store. WRITABLE means data will be synced back to LDAP on demand. UNSYNCED means user data will be imported, but not synced back to LDAP.
update-profile-first-login=Update Profile First Login
update-profile-first-login.tooltip=Update profile on first login
sync-registrations=Sync Registrations
-ldap.sync-registrations.tooltip=Should newly created users be created within LDAP store? Priority effects which provider is chose to sync the new user.
+ldap.sync-registrations.tooltip=Should newly created users be created within LDAP store? Priority effects which provider is chose to sync the new user.
vendor=Vendor
ldap.vendor.tooltip=LDAP vendor (provider)
username-ldap-attribute=Username LDAP attribute
@@ -707,7 +707,7 @@ authenticator.alias.tooltip=Name of the configuration
otp-type=OTP Type
time-based=Time Based
counter-based=Counter Based
-otp-type.tooltip=totp is Time-Based One Time Password. 'hotp' is a counter base one time password in which the server keeps a counter to hash against.
+otp-type.tooltip=totp is Time-Based One Time Password. 'hotp' is a counter base one time password in which the server keeps a counter to hash against.
otp-hash-algorithm=OTP Hash Algorithm
otp-hash-algorithm.tooltip=What hashing algorithm should be used to generate the OTP.
number-of-digits=Number of Digits
@@ -839,10 +839,10 @@ credentials.temporary.tooltip=If enabled user is required to change password on
remove-totp=Remove TOTP
credentials.remove-totp.tooltip=Remove one time password generator for user.
reset-actions=Reset Actions
-credentials.reset-actions.tooltip=Set of actions to execute when sending the user a Reset Actions Email. 'Verify email' sends an email to the user to verify their email address. 'Update profile' requires user to enter in new personal information. 'Update password' requires user to enter in a new password. 'Configure TOTP' requires setup of a mobile password generator.
+credentials.reset-actions.tooltip=Set of actions to execute when sending the user a Reset Actions Email. 'Verify email' sends an email to the user to verify their email address. 'Update profile' requires user to enter in new personal information. 'Update password' requires user to enter in a new password. 'Configure TOTP' requires setup of a mobile password generator.
reset-actions-email=Reset Actions Email
send-email=Send email
-credentials.reset-actions-email.tooltip=Sends an email to user with an embedded link. Clicking on link will allow the user to execute the reset actions. They will not have to login prior to this. For example, set the action to update password, click this button, and the user will be able to change their password without logging in.
+credentials.reset-actions-email.tooltip=Sends an email to user with an embedded link. Clicking on link will allow the user to execute the reset actions. They will not have to login prior to this. For example, set the action to update password, click this button, and the user will be able to change their password without logging in.
add-user=Add user
created-at=Created At
user-enabled=User Enabled
@@ -854,20 +854,20 @@ federation-link=Federation Link
email-verified=Email Verified
email-verified.tooltip=Has the user's email been verified?
required-user-actions=Required User Actions
-required-user-actions.tooltip=Require an action when the user logs in. 'Verify email' sends an email to the user to verify their email address. 'Update profile' requires user to enter in new personal information. 'Update password' requires user to enter in a new password. 'Configure TOTP' requires setup of a mobile password generator.
+required-user-actions.tooltip=Require an action when the user logs in. 'Verify email' sends an email to the user to verify their email address. 'Update profile' requires user to enter in new personal information. 'Update password' requires user to enter in a new password. 'Configure TOTP' requires setup of a mobile password generator.
locale=Locale
select-one.placeholder=Select one...
impersonate=Impersonate
impersonate-user=Impersonate user
-impersonate-user.tooltip=Login as this user. If user is in same realm as you, your current login session will be logged out before you are logged in as this user.
+impersonate-user.tooltip=Login as this user. If user is in same realm as you, your current login session will be logged out before you are logged in as this user.
identity-provider-alias=Identity Provider Alias
provider-user-id=Provider User ID
provider-username=Provider Username
no-identity-provider-links-available=No identity provider links available
group-membership=Group Membership
leave=Leave
-group-membership.tooltip=Groups user is a member of. Select a listed group and click the Leave button to leave the group.
-membership.available-groups.tooltip=Groups a user can join. Select a group and click the join button.
+group-membership.tooltip=Groups user is a member of. Select a listed group and click the Leave button to leave the group.
+membership.available-groups.tooltip=Groups a user can join. Select a group and click the join button.
table-of-realm-users=Table of Realm Users
view-all-users=View all users
unlock-users=Unlock users
