<source>Flow used for users to authenticate.</source>
<target>Flow used for users to authenticate.</target>
</trans-unit>
<trans-unit id="sbc80eab557fbf782">
<source>Search group</source>
<target>Search group</target>
</trans-unit>
<trans-unit id="s04b7f8d6aaef3756">
<source>Users in the selected group can do search queries. If no group is selected, no LDAP Searches are allowed.</source>
<target>Users in the selected group can do search queries. If no group is selected, no LDAP Searches are allowed.</target>
</trans-unit>
<trans-unit id="se5973e7c8ba0fc71">
<source>Bind mode</source>
<target>Bind mode</target>
</trans-unit>
<trans-unit id="s8915e64b8b999bfe">
<source>Cached binding</source>
<target>Cached binding</target>
</trans-unit>
<trans-unit id="s842d690eb3c11762">
<source>Flow is executed and session is cached in memory. Flow is executed when session expires</source>
<target>Flow is executed and session is cached in memory. Flow is executed when session expires</target>
</trans-unit>
<trans-unit id="s6a66759749bf31ed">
<source>Direct binding</source>
<target>Direct binding</target>
</trans-unit>
<trans-unit id="se0adaf83627104fb">
<source>Always execute the configured bind flow to authenticate the user</source>
<target>Always execute the configured bind flow to authenticate the user</target>
</trans-unit>
<trans-unit id="scef3f4ad80abbd22">
<source>Configure how the outpost authenticates requests.</source>
<target>Configure how the outpost authenticates requests.</target>
</trans-unit>
<trans-unit id="sbcae51a6f06e53d4">
<source>Search mode</source>
<target>Search mode</target>
</trans-unit>
<trans-unit id="s9065fcccd837a679">
<source>Cached querying</source>
<target>Cached querying</target>
</trans-unit>
<trans-unit id="s30d0d0e6c626a234">
<source>The outpost holds all users and groups in-memory and will refresh every 5 Minutes</source>
<target>The outpost holds all users and groups in-memory and will refresh every 5 Minutes</target>
</trans-unit>
<trans-unit id="sffc14b8200a9f938">
<source>Direct querying</source>
<target>Direct querying</target>
</trans-unit>
<trans-unit id="sdce4680288083fe3">
<source>Always returns the latest data, but slower than cached querying</source>
<target>Always returns the latest data, but slower than cached querying</target>
</trans-unit>
<trans-unit id="s8b87df5664de7eb8">
<source>Configure how the outpost queries the core authentik server's users.</source>
<target>Configure how the outpost queries the core authentik server's users.</target>
</trans-unit>
<trans-unit id="sfe388f0313f52da2">
<source>Protocol settings</source>
<target>Protocol settings</target>
</trans-unit>
<trans-unit id="s55d731be1ef66efe">
<source>Base DN</source>
<target>Base DN</target>
</trans-unit>
<trans-unit id="s0b15ff11a0049cfd">
<source>LDAP DN under which bind requests and search requests can be made.</source>
<target>LDAP DN under which bind requests and search requests can be made.</target>
</trans-unit>
<trans-unit id="sb157267c85fdff30">
<source>Certificate</source>
<target>Certificate</target>
</trans-unit>
<trans-unit id="sac43cb9690260b86">
<source>UID start number</source>
<target>UID start number</target>
</trans-unit>
<trans-unit id="s60edbcfac8ed1f90">
<source>The start for uidNumbers, this number is added to the user.Pk to make sure that the numbers aren't too low for POSIX users. Default is 2000 to ensure that we don't collide with local users uidNumber</source>
<target>The start for uidNumbers, this number is added to the user.Pk to make sure that the numbers aren't too low for POSIX users. Default is 2000 to ensure that we don't collide with local users uidNumber</target>
</trans-unit>
<trans-unit id="s5acb607b40356974">
<source>GID start number</source>
<target>GID start number</target>
</trans-unit>
<trans-unit id="s1c8e9816dcae6d9c">
<source>The start for gidNumbers, this number is added to a number generated from the group.Pk to make sure that the numbers aren't too low for POSIX groups. Default is 4000 to ensure that we don't collide with local groups or users primary groups gidNumber</source>
<target>The start for gidNumbers, this number is added to a number generated from the group.Pk to make sure that the numbers aren't too low for POSIX groups. Default is 4000 to ensure that we don't collide with local groups or users primary groups gidNumber</target>
<source>The following keywords are supported:</source>
<target>The following keywords are supported:</target>
</trans-unit>
<trans-unit id="sbb3243352661428f">
<source>Authentication flow</source>
<target>Authentication flow</target>
</trans-unit>
<trans-unit id="sa72a3bd1e7e89926">
<source>Flow used when a user access this provider and is not authenticated.</source>
<target>Flow used when a user access this provider and is not authenticated.</target>
</trans-unit>
<trans-unit id="s62f7c59b0606a8d6">
<source>Authorization flow</source>
<target>Authorization flow</target>
</trans-unit>
<trans-unit id="sfbaeb0de54fbfdbb">
<source>Flow used when authorizing this provider.</source>
<target>Flow used when authorizing this provider.</target>
</trans-unit>
<trans-unit id="sc8de93a7dc0d78ba">
<source>Client type</source>
<target>Client type</target>
</trans-unit>
<trans-unit id="s399cc2d67d92e957">
<source>Confidential</source>
<target>Confidential</target>
</trans-unit>
<trans-unit id="s95f09b229a0a0bb0">
<source>Confidential clients are capable of maintaining the confidentiality of their credentials such as client secrets</source>
<target>Confidential clients are capable of maintaining the confidentiality of their credentials such as client secrets</target>
</trans-unit>
<trans-unit id="sdd1ff479d04ac140">
<source>Public</source>
<target>Public</target>
</trans-unit>
<trans-unit id="s51c6b8403c2dc5d9">
<source>Public clients are incapable of maintaining the confidentiality and should use methods like PKCE. </source>
<target>Public clients are incapable of maintaining the confidentiality and should use methods like PKCE.</target>
</trans-unit>
<trans-unit id="s4d00e5de1c8213b7">
<source>Client ID</source>
<target>Client ID</target>
</trans-unit>
<trans-unit id="s03fb3fa232f0434a">
<source>Client Secret</source>
<target>Client Secret</target>
</trans-unit>
<trans-unit id="sde0ad51b14f77cf6">
<source>Redirect URIs/Origins (RegEx)</source>
<target>Redirect URIs/Origins (RegEx)</target>
</trans-unit>
<trans-unit id="s7f9eb9c8bd26e8fd">
<source>Valid redirect URLs after a successful authorization flow. Also specify any origins here for Implicit flows.</source>
<target>Valid redirect URLs after a successful authorization flow. Also specify any origins here for Implicit flows.</target>
</trans-unit>
<trans-unit id="s2a369bc2febb5d55">
<source>If no explicit redirect URIs are specified, the first successfully used redirect URI will be saved.</source>
<target>If no explicit redirect URIs are specified, the first successfully used redirect URI will be saved.</target>
</trans-unit>
<trans-unit id="sa8384c9c26731f83">
<source>To allow any redirect URI, set this value to ".*". Be aware of the possible security implications this can have.</source>
<target>To allow any redirect URI, set this value to ".*". Be aware of the possible security implications this can have.</target>
</trans-unit>
<trans-unit id="s55787f4dfcdce52b">
<source>Signing Key</source>
<target>Signing Key</target>
</trans-unit>
<trans-unit id="sc6c57419ad3a01a8">
<source>Key used to sign the tokens.</source>
<target>Key used to sign the tokens.</target>
</trans-unit>
<trans-unit id="s124f93a61ee772d6">
<source>Advanced protocol settings</source>
<target>Advanced protocol settings</target>
</trans-unit>
<trans-unit id="s926e0ecf124fb01a">
<source>Access code validity</source>
<target>Access code validity</target>
</trans-unit>
<trans-unit id="sa578033f134a83b6">
<source>Configure how long access codes are valid for.</source>
<target>Configure how long access codes are valid for.</target>
</trans-unit>
<trans-unit id="sbea3db12fd799210">
<source>Access Token validity</source>
<target>Access Token validity</target>
</trans-unit>
<trans-unit id="s72559845d38bf688">
<source>Configure how long access tokens are valid for.</source>
<target>Configure how long access tokens are valid for.</target>
</trans-unit>
<trans-unit id="s821f6014c1a435b9">
<source>Refresh Token validity</source>
<target>Refresh Token validity</target>
</trans-unit>
<trans-unit id="s00c2db16ea9bc263">
<source>Configure how long refresh tokens are valid for.</source>
<target>Configure how long refresh tokens are valid for.</target>
</trans-unit>
<trans-unit id="s2e3ef41a0edd8608">
<source>Scopes</source>
<target>Scopes</target>
</trans-unit>
<trans-unit id="s3a3fae99373ce56b">
<source>Select which scopes can be used by the client. The client still has to specify the scope to access the data.</source>
<target>Select which scopes can be used by the client. The client still has to specify the scope to access the data.</target>
</trans-unit>
<trans-unit id="sffd2e553143d1b0e">
<source>Hold control/command to select multiple items.</source>
<target>Hold control/command to select multiple items.</target>
</trans-unit>
<trans-unit id="s26bf2730430efbea">
<source>Subject mode</source>
<target>Subject mode</target>
</trans-unit>
<trans-unit id="sccc47f82044453f9">
<source>Based on the User's hashed ID</source>
<target>Based on the User's hashed ID</target>
</trans-unit>
<trans-unit id="sbd5be4fb7442a34c">
<source>Based on the User's ID</source>
<target>Based on the User's ID</target>
</trans-unit>
<trans-unit id="sc9cf9ecaf9e5d67e">
<source>Based on the User's UUID</source>
<target>Based on the User's UUID</target>
</trans-unit>
<trans-unit id="s4291727352c4f295">
<source>Based on the User's username</source>
<target>Based on the User's username</target>
</trans-unit>
<trans-unit id="sd62cfc27ad4aa33b">
<source>Based on the User's Email</source>
<target>Based on the User's Email</target>
</trans-unit>
<trans-unit id="s55eb75bedf96be0f">
<source>This is recommended over the UPN mode.</source>
<target>This is recommended over the UPN mode.</target>
</trans-unit>
<trans-unit id="sf80e9547166117e6">
<source>Based on the User's UPN</source>
<target>Based on the User's UPN</target>
</trans-unit>
<trans-unit id="sde949d0ef44572eb">
<source>Requires the user to have a 'upn' attribute set, and falls back to hashed user ID. Use this mode only if you have different UPN and Mail domains.</source>
<target>Requires the user to have a 'upn' attribute set, and falls back to hashed user ID. Use this mode only if you have different UPN and Mail domains.</target>
</trans-unit>
<trans-unit id="s9f23ed1799b4d49a">
<source>Configure what data should be used as unique User Identifier. For most cases, the default should be fine.</source>
<target>Configure what data should be used as unique User Identifier. For most cases, the default should be fine.</target>
</trans-unit>
<trans-unit id="s17d1e337f6c11c1e">
<source>Include claims in id_token</source>
<target>Include claims in id_token</target>
</trans-unit>
<trans-unit id="sbf41e0db12834133">
<source>Include User claims from scopes in the id_token, for applications that don't access the userinfo endpoint.</source>
<target>Include User claims from scopes in the id_token, for applications that don't access the userinfo endpoint.</target>
</trans-unit>
<trans-unit id="s850a58c683682809">
<source>Issuer mode</source>
<target>Issuer mode</target>
</trans-unit>
<trans-unit id="sde56783222b527d6">
<source>Each provider has a different issuer, based on the application slug</source>
<target>Each provider has a different issuer, based on the application slug</target>
</trans-unit>
<trans-unit id="s8d32d7b9e8ca60b1">
<source>Same identifier is used for all providers</source>
<target>Same identifier is used for all providers</target>
</trans-unit>
<trans-unit id="s37d9155b9f4cc7bd">
<source>Configure how the issuer field of the ID Token should be filled.</source>
<target>Configure how the issuer field of the ID Token should be filled.</target>
<source>This provider will behave like a transparent reverse-proxy, except requests must be authenticated. If your upstream application uses HTTPS, make sure to connect to the outpost using HTTPS as well.</source>
<target>This provider will behave like a transparent reverse-proxy, except requests must be authenticated. If your upstream application uses HTTPS, make sure to connect to the outpost using HTTPS as well.</target>
</trans-unit>
<trans-unit id="sa29b5680cfafacc8">
<source>External host</source>
<target>External host</target>
</trans-unit>
<trans-unit id="s764bccb30868bf62">
<source>The external URL you'll access the application at. Include any non-standard port.</source>
<target>The external URL you'll access the application at. Include any non-standard port.</target>
</trans-unit>
<trans-unit id="scb317851cbcc6b12">
<source>Internal host</source>
<target>Internal host</target>
</trans-unit>
<trans-unit id="sf05e384059a0a7c1">
<source>Upstream host that the requests are forwarded to.</source>
<target>Upstream host that the requests are forwarded to.</target>
</trans-unit>
<trans-unit id="s3d34068a31cab30b">
<source>Internal host SSL Validation</source>
<target>Internal host SSL Validation</target>
</trans-unit>
<trans-unit id="s4a26798e1c3c37dd">
<source>Validate SSL Certificates of upstream servers.</source>
<target>Validate SSL Certificates of upstream servers.</target>
</trans-unit>
<trans-unit id="s44c90273f08fb718">
<source>Use this provider with nginx's auth_request or traefik's forwardAuth. Only a single provider is required per root domain. You can't do per-application authorization, but you don't have to create a provider for each application.</source>
<target>Use this provider with nginx's auth_request or traefik's forwardAuth. Only a single provider is required per root domain. You can't do per-application authorization, but you don't have to create a provider for each application.</target>
</trans-unit>
<trans-unit id="sf55d28d4dff0e41b">
<source>An example setup can look like this:</source>
<target>An example setup can look like this:</target>
</trans-unit>
<trans-unit id="sb4a1d1c19438e929">
<source>authentik running on auth.example.com</source>
<target>authentik running on auth.example.com</target>
</trans-unit>
<trans-unit id="s68f935c9ca792016">
<source>app1 running on app1.example.com</source>
<target>app1 running on app1.example.com</target>
</trans-unit>
<trans-unit id="sf813a72d8fadd765">
<source>In this case, you'd set the Authentication URL to auth.example.com and Cookie domain to example.com.</source>
<target>In this case, you'd set the Authentication URL to auth.example.com and Cookie domain to example.com.</target>
</trans-unit>
<trans-unit id="s31d15c6f16951464">
<source>Authentication URL</source>
<target>Authentication URL</target>
</trans-unit>
<trans-unit id="sa03fe48e892df2d8">
<source>The external URL you'll authenticate at. The authentik core server should be reachable under this URL.</source>
<target>The external URL you'll authenticate at. The authentik core server should be reachable under this URL.</target>
</trans-unit>
<trans-unit id="s7def067ed3ad3ad9">
<source>Cookie domain</source>
<target>Cookie domain</target>
</trans-unit>
<trans-unit id="s211b75e868072162">
<source>Set this to the domain you wish the authentication to be valid for. Must be a parent domain of the URL above. If you're running applications as app1.domain.tld, app2.domain.tld, set this to 'domain.tld'.</source>
<target>Set this to the domain you wish the authentication to be valid for. Must be a parent domain of the URL above. If you're running applications as app1.domain.tld, app2.domain.tld, set this to 'domain.tld'.</target>
</trans-unit>
<trans-unit id="s2345170f7e272668">
<source>Unknown proxy mode</source>
<target>Unknown proxy mode</target>
</trans-unit>
<trans-unit id="s7c10976de6411844">
<source>Token validity</source>
<target>Token validity</target>
</trans-unit>
<trans-unit id="s3e87ce98ba3c4d80">
<source>Configure how long tokens are valid for.</source>
<target>Configure how long tokens are valid for.</target>
</trans-unit>
<trans-unit id="sd539548ca4c71619">
<source>Additional scopes</source>
<target>Additional scopes</target>
</trans-unit>
<trans-unit id="s8f12575f694e85a2">
<source>Additional scope mappings, which are passed to the proxy.</source>
<target>Additional scope mappings, which are passed to the proxy.</target>
</trans-unit>
<trans-unit id="s93cea6ca1f93349d">
<source>Unauthenticated URLs</source>
<target>Unauthenticated URLs</target>
</trans-unit>
<trans-unit id="sc4508175bf6b09dd">
<source>Unauthenticated Paths</source>
<target>Unauthenticated Paths</target>
</trans-unit>
<trans-unit id="sc9fc206433f67588">
<source>Regular expressions for which authentication is not required. Each new line is interpreted as a new expression.</source>
<target>Regular expressions for which authentication is not required. Each new line is interpreted as a new expression.</target>
</trans-unit>
<trans-unit id="sd503fabef9691134">
<source>When using proxy or forward auth (single application) mode, the requested URL Path is checked against the regular expressions. When using forward auth (domain mode), the full requested URL including scheme and host is matched against the regular expressions.</source>
<target>When using proxy or forward auth (single application) mode, the requested URL Path is checked against the regular expressions. When using forward auth (domain mode), the full requested URL including scheme and host is matched against the regular expressions.</target>
</trans-unit>
<trans-unit id="sb488dee0be434f7e">
<source>Authentication settings</source>
<target>Authentication settings</target>
</trans-unit>
<trans-unit id="s23cee624c735f266">
<source>Intercept header authentication</source>
<target>Intercept header authentication</target>
</trans-unit>
<trans-unit id="sc007cca5af67eae0">
<source>When enabled, authentik will intercept the Authorization header to authenticate the request.</source>
<target>When enabled, authentik will intercept the Authorization header to authenticate the request.</target>
</trans-unit>
<trans-unit id="s36e630ba56617556">
<source>Send HTTP-Basic Authentication</source>
<target>Send HTTP-Basic Authentication</target>
</trans-unit>
<trans-unit id="s9d5796a4b9b7560e">
<source>Send a custom HTTP-Basic Authentication header based on values from authentik.</source>
<target>Send a custom HTTP-Basic Authentication header based on values from authentik.</target>
</trans-unit>
<trans-unit id="s11204eeb1e27ea8f">
<source>ACS URL</source>
<target>ACS URL</target>
</trans-unit>
<trans-unit id="sb7a30abc1dcf6c36">
<source>Issuer</source>
<target>Issuer</target>
</trans-unit>
<trans-unit id="sf54c562d8a10ce77">
<source>Also known as EntityID.</source>
<target>Also known as EntityID.</target>
</trans-unit>
<trans-unit id="s991b750e2d5c4234">
<source>Service Provider Binding</source>
<target>Service Provider Binding</target>
</trans-unit>
<trans-unit id="sd8f220c999726151">
<source>Redirect</source>
<target>Redirect</target>
</trans-unit>
<trans-unit id="sb357ea19a722d827">
<source>Post</source>
<target>Post</target>
</trans-unit>
<trans-unit id="s4e28e2899e08a5f8">
<source>Determines how authentik sends the response back to the Service Provider.</source>
<target>Determines how authentik sends the response back to the Service Provider.</target>
</trans-unit>
<trans-unit id="sd5a4b41c6c883b03">
<source>Audience</source>
<target>Audience</target>
</trans-unit>
<trans-unit id="sc741d9ebe07ad103">
<source>Signing Certificate</source>
<target>Signing Certificate</target>
</trans-unit>
<trans-unit id="sd6c3ddb62de0e8f7">
<source>Certificate used to sign outgoing Responses going to the Service Provider.</source>
<target>Certificate used to sign outgoing Responses going to the Service Provider.</target>
</trans-unit>
<trans-unit id="s5be3b0567172e415">
<source>Verification Certificate</source>
<target>Verification Certificate</target>
</trans-unit>
<trans-unit id="s7c27e113f90a89e0">
<source>When selected, incoming assertion's Signatures will be validated against this certificate. To allow unsigned Requests, leave on default.</source>
<target>When selected, incoming assertion's Signatures will be validated against this certificate. To allow unsigned Requests, leave on default.</target>
</trans-unit>
<trans-unit id="se6d950402810c34f">
<source>Property mappings</source>
<target>Property mappings</target>
</trans-unit>
<trans-unit id="s1a2797874b7fe852">
<source>NameID Property Mapping</source>
<target>NameID Property Mapping</target>
</trans-unit>
<trans-unit id="s256b8452664ccae4">
<source>Configure how the NameID value will be created. When left empty, the NameIDPolicy of the incoming request will be respected.</source>
<target>Configure how the NameID value will be created. When left empty, the NameIDPolicy of the incoming request will be respected.</target>
</trans-unit>
<trans-unit id="s9f91cc8bcfabb40f">
<source>Assertion valid not before</source>
<target>Assertion valid not before</target>
</trans-unit>
<trans-unit id="s733f83ff9d50da30">
<source>Configure the maximum allowed time drift for an assertion.</source>
<target>Configure the maximum allowed time drift for an assertion.</target>
</trans-unit>
<trans-unit id="s2af5754090898640">
<source>Assertion valid not on or after</source>
<target>Assertion valid not on or after</target>
</trans-unit>
<trans-unit id="s43c1f927936f0a02">
<source>Assertion not valid on or after current time + this value.</source>
<target>Assertion not valid on or after current time + this value.</target>
</trans-unit>
<trans-unit id="sad8550b8731518d8">
<source>Session valid not on or after</source>
<target>Session valid not on or after</target>
</trans-unit>
<trans-unit id="s0dd00fbaba08748a">
<source>Session not valid on or after current time + this value.</source>
<target>Session not valid on or after current time + this value.</target>
</trans-unit>
<trans-unit id="s2a0f60e74b478804">
<source>Digest algorithm</source>
<target>Digest algorithm</target>
</trans-unit>
<trans-unit id="s693d975d38ff0214">
<source>Signature algorithm</source>
<target>Signature algorithm</target>
</trans-unit>
<trans-unit id="sd1a5560fde6f2271">
<source>Successfully imported provider.</source>
<target>Successfully imported provider.</target>
</trans-unit>
<trans-unit id="s252a52330d32b900">
<source>Metadata</source>
<target>Metadata</target>
</trans-unit>
<trans-unit id="s7181a5504472e856">
<source>Apply changes</source>
<target>Apply changes</target>
</trans-unit>
<trans-unit id="s5e8250fb85d64c23">
<source>Close</source>
<target>Close</target>
</trans-unit>
<trans-unit id="sad59707375956ad2">
<source>Finish</source>
<target>Finish</target>
</trans-unit>
<trans-unit id="sc16e00a7a8b2fde2">
<source>Back</source>
<target>Back</target>
</trans-unit>
<trans-unit id="sd5903cc8de68b3fc">
<source>No form found</source>
<target>No form found</target>
</trans-unit>
<trans-unit id="s45935843b1b5b496">
<source>Form didn't return a promise for submitting</source>
<target>Form didn't return a promise for submitting</target>
</trans-unit>
<trans-unit id="s74475586afc1fb0f">
<source>Select type</source>
<target>Select type</target>
</trans-unit>
<trans-unit id="s0b3bf19b31dd6bac">
<source>Try the new application wizard</source>
<target>Try the new application wizard</target>
</trans-unit>
<trans-unit id="sa18e1c6e0e6f16cc">
<source>The new application wizard greatly simplifies the steps required to create applications and providers.</source>
<target>The new application wizard greatly simplifies the steps required to create applications and providers.</target>
<source>No policies are currently bound to this object.</source>
<target>No policies are currently bound to this object.</target>
</trans-unit>
<trans-unit id="sddb040c47daae56b">
<source>Bind existing policy</source>
<target>Bind existing policy</target>
</trans-unit>
<trans-unit id="saa855c61e0403fe6">
<source>Warning: Application is not used by any Outpost.</source>
<target>Warning: Application is not used by any Outpost.</target>
</trans-unit>
<trans-unit id="sb6cbd4f92ebaf5d8">
<source>Related</source>
<target>Related</target>
</trans-unit>
<trans-unit id="sc92ea8fbf9ba06a7">
<source>Backchannel Providers</source>
<target>Backchannel Providers</target>
</trans-unit>
<trans-unit id="sd71081c23d1cd38b">
<source>Check access</source>
<target>Check access</target>
</trans-unit>
<trans-unit id="s42cbd8dca939a9c7">
<source>Check</source>
<target>Check</target>
</trans-unit>
<trans-unit id="sf22f7f8a9309b4ed">
<source>Check Application access</source>
<target>Check Application access</target>
</trans-unit>
<trans-unit id="s2474e7fb1aec9f05">
<source>Test</source>
<target>Test</target>
</trans-unit>
<trans-unit id="s512957aa09384646">
<source>Launch</source>
<target>Launch</target>
</trans-unit>
<trans-unit id="sed02f831e653deb3">
<source>Logins over the last week (per 8 hours)</source>
<target>Logins over the last week (per 8 hours)</target>
</trans-unit>
<trans-unit id="s2b1bc31276c4c477">
<source>Policy / Group / User Bindings</source>
<target>Policy / Group / User Bindings</target>
</trans-unit>
<trans-unit id="s473f0143efa3f706">
<source>These policies control which users can access this application.</source>
<target>These policies control which users can access this application.</target>
</trans-unit>
<trans-unit id="s24875d5475e82526">
<source>Successfully updated source.</source>
<target>Successfully updated source.</target>
</trans-unit>
<trans-unit id="s60d891ed3ee9ebc5">
<source>Successfully created source.</source>
<target>Successfully created source.</target>
</trans-unit>
<trans-unit id="s8af7239354f7e7b6">
<source>Sync users</source>
<target>Sync users</target>
</trans-unit>
<trans-unit id="sd80b0b8aeae3abe3">
<source>User password writeback</source>
<target>User password writeback</target>
</trans-unit>
<trans-unit id="s2b952e9dc99cbded">
<source>Login password is synced from LDAP into authentik automatically. Enable this option only to write password changes in authentik back to LDAP.</source>
<target>Login password is synced from LDAP into authentik automatically. Enable this option only to write password changes in authentik back to LDAP.</target>
</trans-unit>
<trans-unit id="saf7ce4165a1025f6">
<source>Sync groups</source>
<target>Sync groups</target>
</trans-unit>
<trans-unit id="s2035f889f576bca6">
<source>Connection settings</source>
<target>Connection settings</target>
</trans-unit>
<trans-unit id="s0a72e65aef45b1e8">
<source>Server URI</source>
<target>Server URI</target>
</trans-unit>
<trans-unit id="sa599dbe5776897ad">
<source>Specify multiple server URIs by separating them with a comma.</source>
<target>Specify multiple server URIs by separating them with a comma.</target>
</trans-unit>
<trans-unit id="se36b55dfcf5dc80b">
<source>Enable StartTLS</source>
<target>Enable StartTLS</target>
</trans-unit>
<trans-unit id="s33683c3b1dbaf264">
<source>To use SSL instead, use 'ldaps://' and disable this option.</source>
<target>To use SSL instead, use 'ldaps://' and disable this option.</target>
</trans-unit>
<trans-unit id="s2221fef80f4753a2">
<source>TLS Verification Certificate</source>
<target>TLS Verification Certificate</target>
</trans-unit>
<trans-unit id="sb8c13bd58191cea2">
<source>When connecting to an LDAP Server with TLS, certificates are not checked by default. Specify a keypair to validate the remote certificate.</source>
<target>When connecting to an LDAP Server with TLS, certificates are not checked by default. Specify a keypair to validate the remote certificate.</target>
</trans-unit>
<trans-unit id="sb7684e2910a33a1f">
<source>Bind CN</source>
<target>Bind CN</target>
</trans-unit>
<trans-unit id="s3de6db803012016a">
<source>LDAP Attribute mapping</source>
<target>LDAP Attribute mapping</target>
</trans-unit>
<trans-unit id="s7c05ee41d634aa45">
<source>Property mappings used to user creation.</source>
<target>Property mappings used to user creation.</target>
</trans-unit>
<trans-unit id="s94333971a07803b9">
<source>Additional settings</source>
<target>Additional settings</target>
</trans-unit>
<trans-unit id="sd14a19a19d507f9e">
<source>Parent group for all the groups imported from LDAP.</source>
<target>Parent group for all the groups imported from LDAP.</target>
</trans-unit>
<trans-unit id="sfbc59ff17a73503d">
<source>User path</source>
<target>User path</target>
</trans-unit>
<trans-unit id="sd18170637295bace">
<source>Addition User DN</source>
<target>Addition User DN</target>
</trans-unit>
<trans-unit id="s9ae089fd248e72db">
<source>Additional user DN, prepended to the Base DN.</source>
<target>Additional user DN, prepended to the Base DN.</target>
</trans-unit>
<trans-unit id="s5944355d69db1fb8">
<source>Addition Group DN</source>
<target>Addition Group DN</target>
</trans-unit>
<trans-unit id="sfae9f4ea5749a36b">
<source>Additional group DN, prepended to the Base DN.</source>
<target>Additional group DN, prepended to the Base DN.</target>
</trans-unit>
<trans-unit id="s66ffc06300964849">
<source>User object filter</source>
<target>User object filter</target>
</trans-unit>
<trans-unit id="s1c2a173db0e1ec61">
<source>Consider Objects matching this filter to be Users.</source>
<target>Consider Objects matching this filter to be Users.</target>
</trans-unit>
<trans-unit id="s2ec94a7c7f5bcd1b">
<source>Group object filter</source>
<target>Group object filter</target>
</trans-unit>
<trans-unit id="saf5eb7596b3a355b">
<source>Consider Objects matching this filter to be Groups.</source>
<target>Consider Objects matching this filter to be Groups.</target>
</trans-unit>
<trans-unit id="sf325a4adba4d6278">
<source>Group membership field</source>
<target>Group membership field</target>
</trans-unit>
<trans-unit id="s76768bebabb7d543">
<source>Field which contains members of a group. Note that if using the "memberUid" field, the value is assumed to contain a relative distinguished name. e.g. 'memberUid=some-user' instead of 'memberUid=cn=some-user,ou=groups,...'</source>
<target>Field which contains members of a group. Note that if using the "memberUid" field, the value is assumed to contain a relative distinguished name. e.g. 'memberUid=some-user' instead of 'memberUid=cn=some-user,ou=groups,...'</target>
</trans-unit>
<trans-unit id="s026555347e589f0e">
<source>Object uniqueness field</source>
<target>Object uniqueness field</target>
</trans-unit>
<trans-unit id="s24211f319e5b7e98">
<source>Field which contains a unique Identifier.</source>
<target>Field which contains a unique Identifier.</target>
</trans-unit>
<trans-unit id="s900b0d85b872d134">
<source>Link users on unique identifier</source>
<target>Link users on unique identifier</target>
</trans-unit>
<trans-unit id="s6c70a73265e14521">
<source>Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses</source>
<target>Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses</target>
</trans-unit>
<trans-unit id="s995535e7af30d754">
<source>Use the user's email address, but deny enrollment when the email address already exists</source>
<target>Use the user's email address, but deny enrollment when the email address already exists</target>
</trans-unit>
<trans-unit id="s542ecb4130f6cea5">
<source>Link to a user with identical username. Can have security implications when a username is used with another source</source>
<target>Link to a user with identical username. Can have security implications when a username is used with another source</target>
</trans-unit>
<trans-unit id="s2a1debf34e5aeba4">
<source>Use the user's username, but deny enrollment when the username already exists</source>
<target>Use the user's username, but deny enrollment when the username already exists</target>
</trans-unit>
<trans-unit id="s81ce0d54727f42d2">
<source>Unknown user matching mode</source>
<target>Unknown user matching mode</target>
</trans-unit>
<trans-unit id="sd04376c4216c921f">
<source>URL settings</source>
<target>URL settings</target>
</trans-unit>
<trans-unit id="s872d0e88ab34ed83">
<source>Authorization URL</source>
<target>Authorization URL</target>
</trans-unit>
<trans-unit id="see3ff55262fd6500">
<source>URL the user is redirect to to consent the authorization.</source>
<target>URL the user is redirect to to consent the authorization.</target>
</trans-unit>
<trans-unit id="sb932dead79567c7b">
<source>Access token URL</source>
<target>Access token URL</target>
</trans-unit>
<trans-unit id="s88b8a2892635a2fc">
<source>URL used by authentik to retrieve tokens.</source>
<target>URL used by authentik to retrieve tokens.</target>
</trans-unit>
<trans-unit id="s69bd313dd12fc2f3">
<source>Profile URL</source>
<target>Profile URL</target>
</trans-unit>
<trans-unit id="sa8d83cd8023e8e4d">
<source>URL used by authentik to get user information.</source>
<target>URL used by authentik to get user information.</target>
</trans-unit>
<trans-unit id="sc7707b3ba3a2a7ca">
<source>Request token URL</source>
<target>Request token URL</target>
</trans-unit>
<trans-unit id="s3926da5b20cdf3b6">
<source>URL used to request the initial token. This URL is only required for OAuth 1.</source>
<target>URL used to request the initial token. This URL is only required for OAuth 1.</target>
</trans-unit>
<trans-unit id="s199b55513a739f43">
<source>OIDC Well-known URL</source>
<target>OIDC Well-known URL</target>
</trans-unit>
<trans-unit id="s8b149b30b5b523ef">
<source>OIDC well-known configuration URL. Can be used to automatically configure the URLs above.</source>
<target>OIDC well-known configuration URL. Can be used to automatically configure the URLs above.</target>
</trans-unit>
<trans-unit id="s9db2c836ade1339c">
<source>OIDC JWKS URL</source>
<target>OIDC JWKS URL</target>
</trans-unit>
<trans-unit id="s4b2a1b657c160f5b">
<source>JSON Web Key URL. Keys from the URL will be used to validate JWTs from this source.</source>
<target>JSON Web Key URL. Keys from the URL will be used to validate JWTs from this source.</target>
</trans-unit>
<trans-unit id="s2df0b65125600de9">
<source>OIDC JWKS</source>
<target>OIDC JWKS</target>
</trans-unit>
<trans-unit id="s02de8d9e8583b480">
<source>Raw JWKS data.</source>
<target>Raw JWKS data.</target>
</trans-unit>
<trans-unit id="s81a87652ade099e4">
<source>User matching mode</source>
<target>User matching mode</target>
</trans-unit>
<trans-unit id="s485c05d34eb00415">
<source>Delete currently set icon.</source>
<target>Delete currently set icon.</target>
</trans-unit>
<trans-unit id="se8987bdfb35e46b2">
<source>Consumer key</source>
<target>Consumer key</target>
</trans-unit>
<trans-unit id="sabaf0061f7e41b0b">
<source>Consumer secret</source>
<target>Consumer secret</target>
</trans-unit>
<trans-unit id="sa61966cd83b4924c">
<source>Additional scopes to be passed to the OAuth Provider, separated by space. To replace existing scopes, prefix with *.</source>
<target>Additional scopes to be passed to the OAuth Provider, separated by space. To replace existing scopes, prefix with *.</target>
</trans-unit>
<trans-unit id="s1cc0e66dbd2b5502">
<source>Flow settings</source>
<target>Flow settings</target>
</trans-unit>
<trans-unit id="sfe6977a3aea3ee6e">
<source>Flow to use when authenticating existing users.</source>
<target>Flow to use when authenticating existing users.</target>
</trans-unit>
<trans-unit id="s2801a48ceac691b3">
<source>Enrollment flow</source>
<target>Enrollment flow</target>
</trans-unit>
<trans-unit id="s5d0a14d29ebad561">
<source>Flow to use when enrolling new users.</source>
<target>Flow to use when enrolling new users.</target>
</trans-unit>
<trans-unit id="s91f389c796720a81">
<source>Load servers</source>
<target>Load servers</target>
</trans-unit>
<trans-unit id="s24f405197ede5ebb">
<source>Re-authenticate with plex</source>
<target>Re-authenticate with plex</target>
</trans-unit>
<trans-unit id="sc297b2e13c28ecf9">
<source>Allow friends to authenticate via Plex, even if you don't share any servers</source>
<target>Allow friends to authenticate via Plex, even if you don't share any servers</target>
</trans-unit>
<trans-unit id="sfee91e08b8b47477">
<source>Allowed servers</source>
<target>Allowed servers</target>
</trans-unit>
<trans-unit id="s216eb300543edd91">
<source>Select which server a user has to be a member of to be allowed to authenticate.</source>
<target>Select which server a user has to be a member of to be allowed to authenticate.</target>
</trans-unit>
<trans-unit id="s31d7f3ba04d306a5">
<source>SSO URL</source>
<target>SSO URL</target>
</trans-unit>
<trans-unit id="s1d9d6c5b424fdc1f">
<source>URL that the initial Login request is sent to.</source>
<target>URL that the initial Login request is sent to.</target>
</trans-unit>
<trans-unit id="sd94db2b8c85d10a6">
<source>SLO URL</source>
<target>SLO URL</target>
</trans-unit>
<trans-unit id="sc764ddf60b5149de">
<source>Optional URL if the IDP supports Single-Logout.</source>
<target>Optional URL if the IDP supports Single-Logout.</target>
</trans-unit>
<trans-unit id="se7430794fa89005a">
<source>Also known as Entity ID. Defaults the Metadata URL.</source>
<target>Also known as Entity ID. Defaults the Metadata URL.</target>
</trans-unit>
<trans-unit id="s5615bb595ad6ded6">
<source>Binding Type</source>
<target>Binding Type</target>
</trans-unit>
<trans-unit id="sa2e4d6830226d3ec">
<source>Redirect binding</source>
<target>Redirect binding</target>
</trans-unit>
<trans-unit id="s6f96a78d81ef277c">
<source>Post-auto binding</source>
<target>Post-auto binding</target>
</trans-unit>
<trans-unit id="sc2c70fd56f5d0b48">
<source>Post binding but the request is automatically sent and the user doesn't have to confirm.</source>
<target>Post binding but the request is automatically sent and the user doesn't have to confirm.</target>
</trans-unit>
<trans-unit id="s968c90258dcf7562">
<source>Post binding</source>
<target>Post binding</target>
</trans-unit>
<trans-unit id="se10bbf4cf861c81b">
<source>Signing keypair</source>
<target>Signing keypair</target>
</trans-unit>
<trans-unit id="s838ed611b533b19e">
<source>Keypair which is used to sign outgoing requests. Leave empty to disable signing.</source>
<target>Keypair which is used to sign outgoing requests. Leave empty to disable signing.</target>
</trans-unit>
<trans-unit id="s39c8c0bf4d927c9f">
<source> Allow IDP-initiated logins</source>
<target>Allow IDP-initiated logins</target>
</trans-unit>
<trans-unit id="s65d507f1513c2f03">
<source>Allows authentication flows initiated by the IdP. This can be a security risk, as no validation of the request ID is done.</source>
<target>Allows authentication flows initiated by the IdP. This can be a security risk, as no validation of the request ID is done.</target>
</trans-unit>
<trans-unit id="s297a2075bd7e40db">
<source>NameID Policy</source>
<target>NameID Policy</target>
</trans-unit>
<trans-unit id="s004e9a2c90f23900">
<source>Persistent</source>
<target>Persistent</target>
</trans-unit>
<trans-unit id="s38887b94b3320533">
<source>Email address</source>
<target>Email address</target>
</trans-unit>
<trans-unit id="s2d34c87f67f66c6a">
<source>Windows</source>
<target>Windows</target>
</trans-unit>
<trans-unit id="s1665454e31e14941">
<source>X509 Subject</source>
<target>X509 Subject</target>
</trans-unit>
<trans-unit id="s0c3ac7f9383a8cfd">
<source>Transient</source>
<target>Transient</target>
</trans-unit>
<trans-unit id="s20a0ce62823bfa97">
<source>Delete temporary users after</source>
<target>Delete temporary users after</target>
</trans-unit>
<trans-unit id="s3198c384c2f68b08">
<source>Time offset when temporary users should be deleted. This only applies if your IDP uses the NameID Format 'transient', and the user doesn't log out manually.</source>
<target>Time offset when temporary users should be deleted. This only applies if your IDP uses the NameID Format 'transient', and the user doesn't log out manually.</target>
</trans-unit>
<trans-unit id="sb32e9c1faa0b8673">
<source>Pre-authentication flow</source>
<target>Pre-authentication flow</target>
</trans-unit>
<trans-unit id="sa3c1f6ac5e63a70f">
<source>Flow used before authentication.</source>
<target>Flow used before authentication.</target>
</trans-unit>
<trans-unit id="se12969ade44cd2b6">
<source>New source</source>
<target>New source</target>
</trans-unit>
<trans-unit id="s19b09f4fc72175d1">
<source>Create a new source.</source>
<target>Create a new source.</target>
</trans-unit>
<trans-unit id="s6152026c364ad974">
<source>Sources of identities, which can either be synced into authentik's database, or can be used by users to authenticate and enroll themselves.</source>
<target>Sources of identities, which can either be synced into authentik's database, or can be used by users to authenticate and enroll themselves.</target>
<source>These bindings control which users can access this source.
You can only use policies here as access is checked before the user is authenticated.</source>
</trans-unit>
<trans-unit id="se17fcb1f159ee382">
<source>Update Plex Source</source>
<target>Update Plex Source</target>
</trans-unit>
<trans-unit id="saa10777250a6deca">
<source>Update SAML Source</source>
<target>Update SAML Source</target>
</trans-unit>
<trans-unit id="s643d8f2e5e5e930d">
<source>Successfully updated mapping.</source>
<target>Successfully updated mapping.</target>
</trans-unit>
<trans-unit id="sffeef5b119d8625c">
<source>Successfully created mapping.</source>
<target>Successfully created mapping.</target>
</trans-unit>
<trans-unit id="s1c33d22492029aba">
<source>Object field</source>
<target>Object field</target>
</trans-unit>
<trans-unit id="s06df3c3b6a503da8">
<source>Field of the user object this value is written to.</source>
<target>Field of the user object this value is written to.</target>
</trans-unit>
<trans-unit id="sd39c5e998efecf93">
<source>SAML Attribute Name</source>
<target>SAML Attribute Name</target>
</trans-unit>
<trans-unit id="scf2790cf3ad89283">
<source>Attribute name used for SAML Assertions. Can be a URN OID, a schema reference, or a any other string. If this property mapping is used for NameID Property, this field is discarded.</source>
<target>Attribute name used for SAML Assertions. Can be a URN OID, a schema reference, or a any other string. If this property mapping is used for NameID Property, this field is discarded.</target>
</trans-unit>
<trans-unit id="sab6d24c5ec8dc361">
<source>Friendly Name</source>
<target>Friendly Name</target>
</trans-unit>
<trans-unit id="s9f8aac89fe318acc">
<source>Optionally set the 'FriendlyName' value of the Assertion attribute.</source>
<target>Optionally set the 'FriendlyName' value of the Assertion attribute.</target>
</trans-unit>
<trans-unit id="s851c108679653d2a">
<source>Scope name</source>
<target>Scope name</target>
</trans-unit>
<trans-unit id="s23fd4411419fca06">
<source>Scope which the client can specify to access these properties.</source>
<target>Scope which the client can specify to access these properties.</target>
</trans-unit>
<trans-unit id="s7754f0e34f27fb6e">
<source>Description shown to the user when consenting. If left empty, the user won't be informed.</source>
<target>Description shown to the user when consenting. If left empty, the user won't be informed.</target>
</trans-unit>
<trans-unit id="sb6c3bf5489d7556e">
<source>Example context data</source>
<target>Example context data</target>
</trans-unit>
<trans-unit id="s4a697f0b36c4fe83">
<source>Active Directory User</source>
<target>Active Directory User</target>
</trans-unit>
<trans-unit id="s9277b90db38e1983">
<source>Active Directory Group</source>
<target>Active Directory Group</target>
</trans-unit>
<trans-unit id="sc2e03590269d5a10">
<source>New property mapping</source>
<target>New property mapping</target>
</trans-unit>
<trans-unit id="s713e8666ed70f8b3">
<source>Create a new property mapping.</source>
<target>Create a new property mapping.</target>
</trans-unit>
<trans-unit id="sce106606ae84d46f">
<source>Property Mappings</source>
<target>Property Mappings</target>
</trans-unit>
<trans-unit id="s271a7e04ff9865b1">
<source>Control how authentik exposes and interprets information.</source>
<target>Control how authentik exposes and interprets information.</target>
</trans-unit>
<trans-unit id="s59dc0eda07f9e2b6">
<source>Property Mapping(s)</source>
<target>Property Mapping(s)</target>
</trans-unit>
<trans-unit id="sa57c393736e2732c">
<source>Test Property Mapping</source>
<target>Test Property Mapping</target>
</trans-unit>
<trans-unit id="sc39fb3ff3753d5ab">
<source>Hide managed mappings</source>
<target>Hide managed mappings</target>
</trans-unit>
<trans-unit id="s476ffc07e6d66f18">
<source>Successfully updated token.</source>
<target>Successfully updated token.</target>
</trans-unit>
<trans-unit id="s93c1e5fbe8184895">
<source>Successfully created token.</source>
<target>Successfully created token.</target>
</trans-unit>
<trans-unit id="s5fc4269c2addee61">
<source>Unique identifier the token is referenced by.</source>
<target>Unique identifier the token is referenced by.</target>
</trans-unit>
<trans-unit id="sb8bc2b8376c96a6b">
<source>Intent</source>
<target>Intent</target>
</trans-unit>
<trans-unit id="sbd34d118bcb1aaf2">
<source>API Token</source>
<target>API Token</target>
</trans-unit>
<trans-unit id="se31d92bea7f3a186">
<source>Used to access the API programmatically</source>
<target>Used to access the API programmatically</target>
</trans-unit>
<trans-unit id="sfd586951c75eb291">
<source>App password.</source>
<target>App password.</target>
</trans-unit>
<trans-unit id="s59bf194136d0d13a">
<source>Used to login using a flow executor</source>
<target>Used to login using a flow executor</target>
</trans-unit>
<trans-unit id="s1b14062c44e5ef45">
<source>Expiring</source>
<target>Expiring</target>
</trans-unit>
<trans-unit id="safcc54b2aedb1a17">
<source>If this is selected, the token will expire. Upon expiration, the token will be rotated.</source>
<target>If this is selected, the token will expire. Upon expiration, the token will be rotated.</target>
</trans-unit>
<trans-unit id="s4165cd175bc4c0c4">
<source>Expires on</source>
<target>Expires on</target>
</trans-unit>
<trans-unit id="s1cd198d689c66e4b">
<source>API Access</source>
<target>API Access</target>
</trans-unit>
<trans-unit id="sf29883ac9ec43085">
<source>App password</source>
<target>App password</target>
</trans-unit>
<trans-unit id="sfe211545fd02f73e">
<source>Verification</source>
<target>Verification</target>
</trans-unit>
<trans-unit id="sd73b202ec04eefd9">
<source>Unknown intent</source>
<target>Unknown intent</target>
</trans-unit>
<trans-unit id="s78fd8c03f8c967f3">
<source>Tokens</source>
<target>Tokens</target>
</trans-unit>
<trans-unit id="sdcc7b2c109ce9775">
<source>Tokens are used throughout authentik for Email validation stages, Recovery keys and API access.</source>
<target>Tokens are used throughout authentik for Email validation stages, Recovery keys and API access.</target>
</trans-unit>
<trans-unit id="sf71dba2c30283a54">
<source>Expires?</source>
<target>Expires?</target>
</trans-unit>
<trans-unit id="sc7be80a7f8ec597e">
<source>Expiry date</source>
<target>Expiry date</target>
</trans-unit>
<trans-unit id="s71dcd9cf808449aa">
<source>Token(s)</source>
<target>Token(s)</target>
</trans-unit>
<trans-unit id="sb15e8daacf26bdfc">
<source>Create Token</source>
<target>Create Token</target>
</trans-unit>
<trans-unit id="s8d7ecd944ebe834b">
<source>Token is managed by authentik.</source>
<target>Token is managed by authentik.</target>
</trans-unit>
<trans-unit id="sd1288ca57e221cf9">
<source>Update Token</source>
<target>Update Token</target>
</trans-unit>
<trans-unit id="s0af6301e76e2a2a5">
<source>Successfully updated tenant.</source>
<target>Successfully updated tenant.</target>
</trans-unit>
<trans-unit id="sf55c7c06dbc2c8c6">
<source>Successfully created tenant.</source>
<target>Successfully created tenant.</target>
</trans-unit>
<trans-unit id="s41706a202b6c40f1">
<source>Domain</source>
<target>Domain</target>
</trans-unit>
<trans-unit id="se74ce42d41e392ba">
<source>Matching is done based on domain suffix, so if you enter domain.tld, foo.domain.tld will still match.</source>
<target>Matching is done based on domain suffix, so if you enter domain.tld, foo.domain.tld will still match.</target>
</trans-unit>
<trans-unit id="s11326fd2590f4e5e">
<source>Default</source>
<target>Default</target>
</trans-unit>
<trans-unit id="se1c85959463f53df">
<source>Use this tenant for each domain that doesn't have a dedicated tenant.</source>
<target>Use this tenant for each domain that doesn't have a dedicated tenant.</target>
</trans-unit>
<trans-unit id="sc19838ca8c135c1b">
<source>Branding settings</source>
<target>Branding settings</target>
</trans-unit>
<trans-unit id="s99f110d27e30b289">
<source>Title</source>
<target>Title</target>
</trans-unit>
<trans-unit id="sab6bad52985c6676">
<source>Branding shown in page title and several other places.</source>
<target>Branding shown in page title and several other places.</target>
</trans-unit>
<trans-unit id="s4f1af2b48a5e249a">
<source>Logo</source>
<target>Logo</target>
</trans-unit>
<trans-unit id="sd6b8b4156f7df696">
<source>Icon shown in sidebar/header and flow executor.</source>
<target>Icon shown in sidebar/header and flow executor.</target>
</trans-unit>
<trans-unit id="s3626433940124897">
<source>Favicon</source>
<target>Favicon</target>
</trans-unit>
<trans-unit id="se99efc0873031976">
<source>Icon shown in the browser tab.</source>
<target>Icon shown in the browser tab.</target>
</trans-unit>
<trans-unit id="s10356fd921037fbf">
<source>Default flows</source>
<target>Default flows</target>
</trans-unit>
<trans-unit id="sd216b08bafb297ee">
<source>Flow used to authenticate users. If left empty, the first applicable flow sorted by the slug is used.</source>
<target>Flow used to authenticate users. If left empty, the first applicable flow sorted by the slug is used.</target>
</trans-unit>
<trans-unit id="s35e6e60e83a8c003">
<source>Invalidation flow</source>
<target>Invalidation flow</target>
</trans-unit>
<trans-unit id="s7989db5f4819af89">
<source>Flow used to logout. If left empty, the first applicable flow sorted by the slug is used.</source>
<target>Flow used to logout. If left empty, the first applicable flow sorted by the slug is used.</target>
</trans-unit>
<trans-unit id="sfeb779d4ccbc5a0e">
<source>Recovery flow</source>
<target>Recovery flow</target>
</trans-unit>
<trans-unit id="s1c2fd8097e14a608">
<source>Recovery flow. If left empty, the first applicable flow sorted by the slug is used.</source>
<target>Recovery flow. If left empty, the first applicable flow sorted by the slug is used.</target>
</trans-unit>
<trans-unit id="s836aa192b30c21da">
<source>Unenrollment flow</source>
<target>Unenrollment flow</target>
</trans-unit>
<trans-unit id="s081d3c4b47a6ff83">
<source>If set, users are able to unenroll themselves using this flow. If no flow is set, option is not shown.</source>
<target>If set, users are able to unenroll themselves using this flow. If no flow is set, option is not shown.</target>
</trans-unit>
<trans-unit id="secbfd13bdae95a59">
<source>User settings flow</source>
<target>User settings flow</target>
</trans-unit>
<trans-unit id="s523160b433311521">
<source>If set, users are able to configure details of their profile.</source>
<target>If set, users are able to configure details of their profile.</target>
</trans-unit>
<trans-unit id="s134177568525dbc8">
<source>Device code flow</source>
<target>Device code flow</target>
</trans-unit>
<trans-unit id="s7b298427bdea81ae">
<source>If set, the OAuth Device Code profile can be used, and the selected flow will be used to enter the code.</source>
<target>If set, the OAuth Device Code profile can be used, and the selected flow will be used to enter the code.</target>
</trans-unit>
<trans-unit id="s7f4e4054fbe132e1">
<source>Other global settings</source>
<target>Other global settings</target>
</trans-unit>
<trans-unit id="sbadde673052efc02">
<source>Web Certificate</source>
<target>Web Certificate</target>
</trans-unit>
<trans-unit id="s84c5a011acd608c9">
<source>Event retention</source>
<target>Event retention</target>
</trans-unit>
<trans-unit id="s2536ac8d32d2e63f">
<source>Duration after which events will be deleted from the database.</source>
<target>Duration after which events will be deleted from the database.</target>
</trans-unit>
<trans-unit id="s7b1fba26d245cb1c">
<source>When using an external logging solution for archiving, this can be set to "minutes=5".</source>
<target>When using an external logging solution for archiving, this can be set to "minutes=5".</target>
</trans-unit>
<trans-unit id="s44536d20bb5c8257">
<source>This setting only affects new Events, as the expiration is saved per-event.</source>
<target>This setting only affects new Events, as the expiration is saved per-event.</target>
<source>Set custom attributes using YAML or JSON. Any attributes set here will be inherited by users, if the request is handled by this tenant.</source>
<target>Set custom attributes using YAML or JSON. Any attributes set here will be inherited by users, if the request is handled by this tenant.</target>
</trans-unit>
<trans-unit id="s7f9e79189a3d19e2">
<source>Tenants</source>
<target>Tenants</target>
</trans-unit>
<trans-unit id="s164be9a7537b99f6">
<source>Configure visual settings and defaults for different domains.</source>
<target>Configure visual settings and defaults for different domains.</target>
</trans-unit>
<trans-unit id="s4802636d55022ed3">
<source>Default?</source>
<target>Default?</target>
</trans-unit>
<trans-unit id="s69a56a3022c4be7f">
<source>Tenant(s)</source>
<target>Tenant(s)</target>
</trans-unit>
<trans-unit id="s1b606acd76ba2c4c">
<source>Update Tenant</source>
<target>Update Tenant</target>
</trans-unit>
<trans-unit id="s773aa6621d7e37b7">
<source>Create Tenant</source>
<target>Create Tenant</target>
</trans-unit>
<trans-unit id="s8cb7bb82e96d5d77">
<source>Policies</source>
<target>Policies</target>
</trans-unit>
<trans-unit id="sec1808532fe107b9">
<source>Allow users to use Applications based on properties, enforce Password Criteria and selectively apply Stages.</source>
<target>Allow users to use Applications based on properties, enforce Password Criteria and selectively apply Stages.</target>
</trans-unit>
<trans-unit id="se16ac750b81fa93d">
<source>Assigned to <x id="0" equiv-text="${item.boundTo}"/> object(s).</source>
<source>Recovery link cannot be emailed, user has no email address saved.</source>
<target>Recovery link cannot be emailed, user has no email address saved.</target>
</trans-unit>
<trans-unit id="s63d89a6ae0969c30">
<source>To let a user directly reset a their password, configure a recovery flow on the currently active tenant.</source>
<target>To let a user directly reset a their password, configure a recovery flow on the currently active tenant.</target>
</trans-unit>
<trans-unit id="s720594461542943f">
<source>Add User</source>
<target>Add User</target>
</trans-unit>
<trans-unit id="s4c41f3f4c23e8eaa">
<source>Warning: This group is configured with superuser access. Added users will have superuser access.</source>
<target>Warning: This group is configured with superuser access. Added users will have superuser access.</target>
</trans-unit>
<trans-unit id="scee721983b1c28d0">
<source>Add existing user</source>
<target>Add existing user</target>
</trans-unit>
<trans-unit id="sd600334ec2c39b74">
<source>Create user</source>
<target>Create user</target>
</trans-unit>
<trans-unit id="s53ad3455d9523b54">
<source>Create User</source>
<target>Create User</target>
</trans-unit>
<trans-unit id="s06c163334767a381">
<source>Create Service account</source>
<target>Create Service account</target>
</trans-unit>
<trans-unit id="sc744f3691efe310d">
<source>Hide service-accounts</source>
<target>Hide service-accounts</target>
</trans-unit>
<trans-unit id="secdb4b4c4e66aa38">
<source>Group Info</source>
<target>Group Info</target>
</trans-unit>
<trans-unit id="s005053d82b712e0a">
<source>Notes</source>
<target>Notes</target>
</trans-unit>
<trans-unit id="s634448e4942cf452">
<source>Edit the notes attribute of this group to add notes here.</source>
<target>Edit the notes attribute of this group to add notes here.</target>
</trans-unit>
<trans-unit id="s586d6bd2eca2da93">
<source>Users</source>
<target>Users</target>
</trans-unit>
<trans-unit id="sca7cfe2bef51b2a5">
<source>Root</source>
<target>Root</target>
</trans-unit>
<trans-unit id="s3616cc78631f5893">
<source>Warning: You're about to delete the user you're logged in as (<x id="0" equiv-text="${shouldShowWarning.username}"/>). Proceed at your own risk.</source>
<target>Warning: You're about to delete the user you're logged in as (
<x id="0" equiv-text="${shouldShowWarning.username}"/>). Proceed at your own risk.</target>
</trans-unit>
<trans-unit id="s510c7add9e24c306">
<source>Hide deactivated user</source>
<target>Hide deactivated user</target>
</trans-unit>
<trans-unit id="s94055b4eb957dc8f">
<source>User folders</source>
<target>User folders</target>
</trans-unit>
<trans-unit id="sa982875b258fea07">
<source>Successfully added user to group(s).</source>
<target>Successfully added user to group(s).</target>
</trans-unit>
<trans-unit id="s1bd5920d8adf2bd5">
<source>Groups to add</source>
<target>Groups to add</target>
</trans-unit>
<trans-unit id="s5f71fa3c53828e30">
<source>Remove from Group(s)</source>
<target>Remove from Group(s)</target>
</trans-unit>
<trans-unit id="sb4c9ed2a487b238f">
<source>Are you sure you want to remove user <x id="0" equiv-text="${this.targetUser?.username}"/> from the following groups?</source>
<target>Are you sure you want to remove user
<x id="0" equiv-text="${this.targetUser?.username}"/>from the following groups?</target>
</trans-unit>
<trans-unit id="s964f6725aeb7662f">
<source>Add Group</source>
<target>Add Group</target>
</trans-unit>
<trans-unit id="s65ca2f256ea09c11">
<source>Add to existing group</source>
<target>Add to existing group</target>
</trans-unit>
<trans-unit id="s505fbbdcbc6aa921">
<source>Add new group</source>
<target>Add new group</target>
</trans-unit>
<trans-unit id="s506beb486fa41241">
<source>Application authorizations</source>
<target>Application authorizations</target>
</trans-unit>
<trans-unit id="s7301a7069b7bc83e">
<source>Revoked?</source>
<target>Revoked?</target>
</trans-unit>
<trans-unit id="sd924045605feea63">
<source>Expires</source>
<target>Expires</target>
</trans-unit>
<trans-unit id="s1c8916418c334935">
<source>ID Token</source>
<target>ID Token</target>
</trans-unit>
<trans-unit id="s90760e5e02e95dfe">
<source>Refresh Tokens(s)</source>
<target>Refresh Tokens(s)</target>
</trans-unit>
<trans-unit id="s1b88fa3df4423292">
<source>Last IP</source>
<target>Last IP</target>
</trans-unit>
<trans-unit id="se63f9d833700af49">
<source>Session(s)</source>
<target>Session(s)</target>
</trans-unit>
<trans-unit id="sf679b7a62808287e">
<source>Expiry</source>
<target>Expiry</target>
</trans-unit>
<trans-unit id="sde1907073fd96017">
<source>(Current session)</source>
<target>(Current session)</target>
</trans-unit>
<trans-unit id="se8dca0132c66ae03">
<source>Permissions</source>
<target>Permissions</target>
</trans-unit>
<trans-unit id="s76881c01b6a3a8c7">
<source>Consent(s)</source>
<target>Consent(s)</target>
</trans-unit>
<trans-unit id="sea2f00b34b385a43">
<source>Successfully updated device.</source>
<target>Successfully updated device.</target>
</trans-unit>
<trans-unit id="s858e7ac4b3cf955f">
<source>Static tokens</source>
<target>Static tokens</target>
</trans-unit>
<trans-unit id="sfcfcf85a57eea78a">
<source>TOTP Device</source>
<target>TOTP Device</target>
</trans-unit>
<trans-unit id="s6a406aecb2c0e5c5">
<source>Enroll</source>
<target>Enroll</target>
</trans-unit>
<trans-unit id="sa0b01f479f40c52d">
<source>Device(s)</source>
<target>Device(s)</target>
</trans-unit>
<trans-unit id="sabb56f74492e7e96">
<source>Update Device</source>
<target>Update Device</target>
</trans-unit>
<trans-unit id="sf05c700a1250824e">
<source>Confirmed</source>
<target>Confirmed</target>
</trans-unit>
<trans-unit id="s64a33dcdaf90af26">
<source>User Info</source>
<target>User Info</target>
</trans-unit>
<trans-unit id="sc44bae5cde0083fa">
<source>Actions over the last week (per 8 hours)</source>
<target>Actions over the last week (per 8 hours)</target>
</trans-unit>
<trans-unit id="sb57dbcda1929c642">
<source>Edit the notes attribute of this user to add notes here.</source>
<target>Edit the notes attribute of this user to add notes here.</target>
</trans-unit>
<trans-unit id="s5c18cae48b93138c">
<source>Sessions</source>
<target>Sessions</target>
</trans-unit>
<trans-unit id="s27586544c447d9e3">
<source>User events</source>
<target>User events</target>
</trans-unit>
<trans-unit id="s4d31797d81e9cea3">
<source>Explicit Consent</source>
<target>Explicit Consent</target>
</trans-unit>
<trans-unit id="sb6770fa90be6d8b3">
<source>OAuth Refresh Tokens</source>
<target>OAuth Refresh Tokens</target>
</trans-unit>
<trans-unit id="s28b3de1561da72b3">
<source>MFA Authenticators</source>
<target>MFA Authenticators</target>
</trans-unit>
<trans-unit id="s7a322c89298dd27c">
<source>Successfully updated invitation.</source>
<target>Successfully updated invitation.</target>
</trans-unit>
<trans-unit id="sc554339ffc7b04e7">
<source>Successfully created invitation.</source>
<target>Successfully created invitation.</target>
</trans-unit>
<trans-unit id="sfcebd18506f1e535">
<source>Flow</source>
<target>Flow</target>
</trans-unit>
<trans-unit id="sa84a7fd11ba85e88">
<source>When selected, the invite will only be usable with the flow. By default the invite is accepted on all flows with invitation stages.</source>
<target>When selected, the invite will only be usable with the flow. By default the invite is accepted on all flows with invitation stages.</target>
</trans-unit>
<trans-unit id="s7520286c8419a266">
<source>Optional data which is loaded into the flow's 'prompt_data' context variable. YAML or JSON.</source>
<target>Optional data which is loaded into the flow's 'prompt_data' context variable. YAML or JSON.</target>
</trans-unit>
<trans-unit id="sb8795b799c70776a">
<source>Single use</source>
<target>Single use</target>
</trans-unit>
<trans-unit id="sf232d42142eacc23">
<source>When enabled, the invitation will be deleted after usage.</source>
<target>When enabled, the invitation will be deleted after usage.</target>
</trans-unit>
<trans-unit id="sa4a8086275475714">
<source>Select an enrollment flow</source>
<target>Select an enrollment flow</target>
</trans-unit>
<trans-unit id="s839cb09cb2193da9">
<source>Link to use the invitation.</source>
<target>Link to use the invitation.</target>
</trans-unit>
<trans-unit id="s8226f48cb1a80997">
<source>Invitations</source>
<target>Invitations</target>
</trans-unit>
<trans-unit id="s57448f10eb973100">
<source>Create Invitation Links to enroll Users, and optionally force specific attributes of their account.</source>
<target>Create Invitation Links to enroll Users, and optionally force specific attributes of their account.</target>
</trans-unit>
<trans-unit id="s4aee34a672e5cfc0">
<source>Created by</source>
<target>Created by</target>
</trans-unit>
<trans-unit id="sd5ba2d61ee4796fe">
<source>Invitation(s)</source>
<target>Invitation(s)</target>
</trans-unit>
<trans-unit id="s96dcf7ec8342c335">
<source>Invitation not limited to any flow, and can be used with any enrollment flow.</source>
<target>Invitation not limited to any flow, and can be used with any enrollment flow.</target>
</trans-unit>
<trans-unit id="s1b42b49e7b392013">
<source>Update Invitation</source>
<target>Update Invitation</target>
</trans-unit>
<trans-unit id="s38c72e1cf120b8d8">
<source>Create Invitation</source>
<target>Create Invitation</target>
</trans-unit>
<trans-unit id="s802826db4e2c852e">
<source>Warning: No invitation stage is bound to any flow. Invitations will not work as expected.</source>
<target>Warning: No invitation stage is bound to any flow. Invitations will not work as expected.</target>
</trans-unit>
<trans-unit id="s2f995efbb1e46b18">
<source>Auto-detect (based on your browser)</source>
<target>Auto-detect (based on your browser)</target>
</trans-unit>
<trans-unit id="s296fbffaaa7c910a">
<source>Required.</source>
<target>Required.</target>
</trans-unit>
<trans-unit id="s81ecf2d4386b8e84">
<source>Continue</source>
<target>Continue</target>
</trans-unit>
<trans-unit id="s8b2b2a43fcf688a3">
<source>Successfully updated prompt.</source>
<target>Successfully updated prompt.</target>
</trans-unit>
<trans-unit id="s5572ac4d2208f5ec">
<source>Successfully created prompt.</source>
<target>Successfully created prompt.</target>
</trans-unit>
<trans-unit id="s54e7a23a95d99649">
<source>Text: Simple Text input</source>
<target>Text: Simple Text input</target>
</trans-unit>
<trans-unit id="s63e54b86e2a2cc43">
<source>Text Area: Multiline text input</source>
<target>Text Area: Multiline text input</target>
</trans-unit>
<trans-unit id="s12de1c06a1e18cc5">
<source>Text (read-only): Simple Text input, but cannot be edited.</source>
<target>Text (read-only): Simple Text input, but cannot be edited.</target>
</trans-unit>
<trans-unit id="s4e5646b23e41231f">
<source>Text Area (read-only): Multiline text input, but cannot be edited.</source>
<target>Text Area (read-only): Multiline text input, but cannot be edited.</target>
</trans-unit>
<trans-unit id="s1e4c3de6e12cd87b">
<source>Username: Same as Text input, but checks for and prevents duplicate usernames.</source>
<target>Username: Same as Text input, but checks for and prevents duplicate usernames.</target>
</trans-unit>
<trans-unit id="s5462c7f56ed65e6c">
<source>Email: Text field with Email type.</source>
<target>Email: Text field with Email type.</target>
</trans-unit>
<trans-unit id="s1c5574968b29ab1c">
<source>Password: Masked input, multiple inputs of this type on the same prompt need to be identical.</source>
<target>Password: Masked input, multiple inputs of this type on the same prompt need to be identical.</target>
</trans-unit>
<trans-unit id="sbbb97b1c63507dc0">
<source>Number</source>
<target>Number</target>
</trans-unit>
<trans-unit id="sdae649fae731e838">
<source>Checkbox</source>
<target>Checkbox</target>
</trans-unit>
<trans-unit id="s34edeb18f887161d">
<source>Radio Button Group (fixed choice)</source>
<target>Radio Button Group (fixed choice)</target>
</trans-unit>
<trans-unit id="s57730b6870e8916c">
<source>Dropdown (fixed choice)</source>
<target>Dropdown (fixed choice)</target>
</trans-unit>
<trans-unit id="sac8252732f2edb19">
<source>Date</source>
<target>Date</target>
</trans-unit>
<trans-unit id="s45960273852a61b2">
<source>Date Time</source>
<target>Date Time</target>
</trans-unit>
<trans-unit id="sd1f81284eeb7b503">
<source>File</source>
<target>File</target>
</trans-unit>
<trans-unit id="s21e3c227cc2c5873">
<source>Separator: Static Separator Line</source>
<target>Separator: Static Separator Line</target>
</trans-unit>
<trans-unit id="s706af57c1af42c6d">
<source>Hidden: Hidden field, can be used to insert data into form.</source>
<target>Hidden: Hidden field, can be used to insert data into form.</target>
<source>authentik: Locale: Displays a list of locales authentik supports.</source>
<target>authentik: Locale: Displays a list of locales authentik supports.</target>
</trans-unit>
<trans-unit id="saf84e7732a9e1336">
<source>Preview errors</source>
<target>Preview errors</target>
</trans-unit>
<trans-unit id="sb71ace8e9b35c749">
<source>Data preview</source>
<target>Data preview</target>
</trans-unit>
<trans-unit id="s4d53f4b7ff33bedd">
<source>Unique name of this field, used for selecting fields in prompt stages.</source>
<target>Unique name of this field, used for selecting fields in prompt stages.</target>
</trans-unit>
<trans-unit id="s3b58f8d2155ae90c">
<source>Field Key</source>
<target>Field Key</target>
</trans-unit>
<trans-unit id="s2b088ba65eb69b7e">
<source>Name of the form field, also used to store the value.</source>
<target>Name of the form field, also used to store the value.</target>
</trans-unit>
<trans-unit id="s662fcb3761ad9df7">
<source>When used in conjunction with a User Write stage, use attributes.foo to write attributes.</source>
<target>When used in conjunction with a User Write stage, use attributes.foo to write attributes.</target>
</trans-unit>
<trans-unit id="s5590dbf7e425789d">
<source>Label</source>
<target>Label</target>
</trans-unit>
<trans-unit id="s0c135eba6017d94f">
<source>Label shown next to/above the prompt.</source>
<target>Label shown next to/above the prompt.</target>
</trans-unit>
<trans-unit id="sae5d87e99fe081e0">
<source>Required</source>
<target>Required</target>
</trans-unit>
<trans-unit id="s37dbfe2133b74d2d">
<source>Interpret placeholder as expression</source>
<target>Interpret placeholder as expression</target>
</trans-unit>
<trans-unit id="s4a953e6234cb4808">
<source>When checked, the placeholder will be evaluated in the same way a property mapping is.
If the evaluation fails, the placeholder itself is returned.</source>
</trans-unit>
<trans-unit id="sf90be97cb08f3d5a">
<source>Placeholder</source>
<target>Placeholder</target>
</trans-unit>
<trans-unit id="sf76ead4c4708dd06">
<source>Optionally provide a short hint that describes the expected input value.
When creating a fixed choice field, enable interpreting as expression and return a
list to return multiple choices.</source>
</trans-unit>
<trans-unit id="saa7ba2057bd524a1">
<source>Interpret initial value as expression</source>
<target>Interpret initial value as expression</target>
</trans-unit>
<trans-unit id="sd60415c7666859f0">
<source>When checked, the initial value will be evaluated in the same way a property mapping is.
If the evaluation fails, the initial value itself is returned.</source>
</trans-unit>
<trans-unit id="sa9c7044d9fd1f3e6">
<source>Initial value</source>
<target>Initial value</target>
</trans-unit>
<trans-unit id="seab35681cbf36755">
<source>Optionally pre-fill the input with an initial value.
When creating a fixed choice field, enable interpreting as expression and
return a list to return multiple default choices.</source>
</trans-unit>
<trans-unit id="s72c1c17a9bdc76ad">
<source>Help text</source>
<target>Help text</target>
</trans-unit>
<trans-unit id="s584d1c38ad20d560">
<source>Any HTML can be used.</source>
<target>Any HTML can be used.</target>
</trans-unit>
<trans-unit id="s2be6121210e2a2f8">
<source>Prompts</source>
<target>Prompts</target>
</trans-unit>
<trans-unit id="s42fc6f4b64eff5d9">
<source>Single Prompts that can be used for Prompt Stages.</source>
<target>Single Prompts that can be used for Prompt Stages.</target>
</trans-unit>
<trans-unit id="s42a1ebe17efda727">
<source>Field</source>
<target>Field</target>
</trans-unit>
<trans-unit id="s41b105819b67ee7a">
<source>Stages</source>
<target>Stages</target>
</trans-unit>
<trans-unit id="sec7443a45fd141e5">
<source>Prompt(s)</source>
<target>Prompt(s)</target>
</trans-unit>
<trans-unit id="scc733ba98740038a">
<source>Update Prompt</source>
<target>Update Prompt</target>
</trans-unit>
<trans-unit id="s61b6f3e6bc59c6dd">
<source>Create Prompt</source>
<target>Create Prompt</target>
</trans-unit>
<trans-unit id="sff5bb7742c2896c8">
<source>Target</source>
<target>Target</target>
</trans-unit>
<trans-unit id="sae5da213b7f896ed">
<source>Stage</source>
<target>Stage</target>
</trans-unit>
<trans-unit id="s0a61796c1956d32c">
<source>Evaluate when flow is planned</source>
<target>Evaluate when flow is planned</target>
</trans-unit>
<trans-unit id="sf533f13321fee530">
<source>Evaluate policies during the Flow planning process.</source>
<target>Evaluate policies during the Flow planning process.</target>
</trans-unit>
<trans-unit id="s6336fa345e96dde9">
<source>Evaluate when stage is run</source>
<target>Evaluate when stage is run</target>
</trans-unit>
<trans-unit id="sff3b708e23bb96b2">
<source>Evaluate policies before the Stage is present to the user.</source>
<target>Evaluate policies before the Stage is present to the user.</target>
</trans-unit>
<trans-unit id="s0dc46deb8f181baf">
<source>Invalid response behavior</source>
<target>Invalid response behavior</target>
</trans-unit>
<trans-unit id="seb0805249661d15b">
<source>Returns the error message and a similar challenge to the executor</source>
<target>Returns the error message and a similar challenge to the executor</target>
</trans-unit>
<trans-unit id="sd891d8463d0ebace">
<source>Restarts the flow from the beginning</source>
<target>Restarts the flow from the beginning</target>
</trans-unit>
<trans-unit id="s6b9a1dd402750a8a">
<source>Restarts the flow from the beginning, while keeping the flow context</source>
<target>Restarts the flow from the beginning, while keeping the flow context</target>
</trans-unit>
<trans-unit id="sbc88fb27a4c3b894">
<source>Configure how the flow executor should handle an invalid response to a challenge given by this bound stage.</source>
<target>Configure how the flow executor should handle an invalid response to a challenge given by this bound stage.</target>
</trans-unit>
<trans-unit id="s916b32ac64ea2b05">
<source>Successfully updated stage.</source>
<target>Successfully updated stage.</target>
</trans-unit>
<trans-unit id="s14c8f36e180d6bbc">
<source>Successfully created stage.</source>
<target>Successfully created stage.</target>
</trans-unit>
<trans-unit id="sf22a28f83cc45fcc">
<source>Stage used to configure a duo-based authenticator. This stage should be used for configuration flows.</source>
<target>Stage used to configure a duo-based authenticator. This stage should be used for configuration flows.</target>
</trans-unit>
<trans-unit id="s5adafce329aaa853">
<source>Authenticator type name</source>
<target>Authenticator type name</target>
</trans-unit>
<trans-unit id="s23e6a57201fba25e">
<source>Display name of this authenticator, used by users when they enroll an authenticator.</source>
<target>Display name of this authenticator, used by users when they enroll an authenticator.</target>
</trans-unit>
<trans-unit id="s276d751eb7a186cc">
<source>API Hostname</source>
<target>API Hostname</target>
</trans-unit>
<trans-unit id="s5b6b6e2cb884d59f">
<source>Duo Auth API</source>
<target>Duo Auth API</target>
</trans-unit>
<trans-unit id="s240ff02ce3a53dee">
<source>Integration key</source>
<target>Integration key</target>
</trans-unit>
<trans-unit id="s56fd9ed596c724fa">
<source>Secret key</source>
<target>Secret key</target>
</trans-unit>
<trans-unit id="s88870d7e499e848b">
<source>Duo Admin API (optional)</source>
<target>Duo Admin API (optional)</target>
</trans-unit>
<trans-unit id="s7f13f4a2d0370cf6">
<source>When using a Duo MFA, Access or Beyond plan, an Admin API application can be created.
This will allow authentik to import devices automatically.</source>
</trans-unit>
<trans-unit id="s9a34d1520e320465">
<source>Stage-specific settings</source>
<target>Stage-specific settings</target>
</trans-unit>
<trans-unit id="s0dfc6838c9d07677">
<source>Configuration flow</source>
<target>Configuration flow</target>
</trans-unit>
<trans-unit id="sebf44d2471b608ad">
<source>Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage.</source>
<target>Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage.</target>
</trans-unit>
<trans-unit id="s3baf512851453712">
<source>Twilio Account SID</source>
<target>Twilio Account SID</target>
</trans-unit>
<trans-unit id="sa738ce390bc24875">
<source>Get this value from https://console.twilio.com</source>
<target>Get this value from https://console.twilio.com</target>
</trans-unit>
<trans-unit id="sa7b56a80ab1801f0">
<source>Twilio Auth Token</source>
<target>Twilio Auth Token</target>
</trans-unit>
<trans-unit id="sfe99a8caa70232ab">
<source>Authentication Type</source>
<target>Authentication Type</target>
</trans-unit>
<trans-unit id="safd0363143a46a91">
<source>Basic Auth</source>
<target>Basic Auth</target>
</trans-unit>
<trans-unit id="sd06b47084fec0ec5">
<source>Bearer Token</source>
<target>Bearer Token</target>
</trans-unit>
<trans-unit id="sb1751a1411d6874f">
<source>External API URL</source>
<target>External API URL</target>
</trans-unit>
<trans-unit id="sbdc1176ff9f93da2">
<source>This is the full endpoint to send POST requests to.</source>
<target>This is the full endpoint to send POST requests to.</target>
</trans-unit>
<trans-unit id="s51da4de00984fe51">
<source>API Auth Username</source>
<target>API Auth Username</target>
</trans-unit>
<trans-unit id="s293ab4331c1dd387">
<source>This is the username to be used with basic auth or the token when used with bearer token</source>
<target>This is the username to be used with basic auth or the token when used with bearer token</target>
</trans-unit>
<trans-unit id="s634d041fd954ab20">
<source>API Auth password</source>
<target>API Auth password</target>
</trans-unit>
<trans-unit id="sb635ad3c2e357d3c">
<source>This is the password to be used with basic auth</source>
<target>This is the password to be used with basic auth</target>
</trans-unit>
<trans-unit id="sa92398dba8b12d85">
<source>Mapping</source>
<target>Mapping</target>
</trans-unit>
<trans-unit id="s38162f615710c7b4">
<source>Modify the payload sent to the custom provider.</source>
<target>Modify the payload sent to the custom provider.</target>
</trans-unit>
<trans-unit id="s5e830ae7688d1219">
<source>Stage used to configure an SMS-based TOTP authenticator.</source>
<target>Stage used to configure an SMS-based TOTP authenticator.</target>
</trans-unit>
<trans-unit id="s0d5d05bf3d122ced">
<source>Twilio</source>
<target>Twilio</target>
</trans-unit>
<trans-unit id="sc3c74f5273df459a">
<source>Generic</source>
<target>Generic</target>
</trans-unit>
<trans-unit id="sbbb2180b6aed196e">
<source>From number</source>
<target>From number</target>
</trans-unit>
<trans-unit id="sc647dcb91f6958dd">
<source>Number the SMS will be sent from.</source>
<target>Number the SMS will be sent from.</target>
</trans-unit>
<trans-unit id="s0ae0072614320ae2">
<source>Hash phone number</source>
<target>Hash phone number</target>
</trans-unit>
<trans-unit id="s9ca3310e1999fd5b">
<source>If enabled, only a hash of the phone number will be saved. This can be done for data-protection reasons. Devices created from a stage with this enabled cannot be used with the authenticator validation stage.</source>
<target>If enabled, only a hash of the phone number will be saved. This can be done for data-protection reasons. Devices created from a stage with this enabled cannot be used with the authenticator validation stage.</target>
</trans-unit>
<trans-unit id="s128e7f5f34bfa155">
<source>Stage used to configure a static authenticator (i.e. static tokens). This stage should be used for configuration flows.</source>
<target>Stage used to configure a static authenticator (i.e. static tokens). This stage should be used for configuration flows.</target>
</trans-unit>
<trans-unit id="sabf67834e35dede5">
<source>Token count</source>
<target>Token count</target>
</trans-unit>
<trans-unit id="sc5a4711395ffb043">
<source>Stage used to configure a TOTP authenticator (i.e. Authy/Google Authenticator).</source>
<target>Stage used to configure a TOTP authenticator (i.e. Authy/Google Authenticator).</target>
</trans-unit>
<trans-unit id="s9d8ad4b85287131f">
<source>Digits</source>
<target>Digits</target>
</trans-unit>
<trans-unit id="sc04e92d753742189">
<source>6 digits, widely compatible</source>
<target>6 digits, widely compatible</target>
</trans-unit>
<trans-unit id="sdc70195469e83e3f">
<source>8 digits, not compatible with apps like Google Authenticator</source>
<target>8 digits, not compatible with apps like Google Authenticator</target>
</trans-unit>
<trans-unit id="s0e15f678445dfc45">
<source>Stage used to validate any authenticator. This stage should be used during authentication or authorization flows.</source>
<target>Stage used to validate any authenticator. This stage should be used during authentication or authorization flows.</target>
</trans-unit>
<trans-unit id="s73c13e5a6f5e38a3">
<source>Device classes</source>
<target>Device classes</target>
</trans-unit>
<trans-unit id="s97d1b0070f50c07f">
<source>Static Tokens</source>
<target>Static Tokens</target>
</trans-unit>
<trans-unit id="sb8168ae309c66abc">
<source>TOTP Authenticators</source>
<target>TOTP Authenticators</target>
</trans-unit>
<trans-unit id="sde47e4d8b9b21b59">
<source>WebAuthn Authenticators</source>
<target>WebAuthn Authenticators</target>
</trans-unit>
<trans-unit id="s8da88a8a5750bce1">
<source>Duo Authenticators</source>
<target>Duo Authenticators</target>
</trans-unit>
<trans-unit id="s4d182bae8a578010">
<source>SMS-based Authenticators</source>
<target>SMS-based Authenticators</target>
</trans-unit>
<trans-unit id="sd8d9451f86502d1a">
<source>Device classes which can be used to authenticate.</source>
<target>Device classes which can be used to authenticate.</target>
</trans-unit>
<trans-unit id="se2e9f5a32c93e5f7">
<source>Last validation threshold</source>
<target>Last validation threshold</target>
</trans-unit>
<trans-unit id="s951281efc92b03fc">
<source>If any of the devices user of the types selected above have been used within this duration, this stage will be skipped.</source>
<target>If any of the devices user of the types selected above have been used within this duration, this stage will be skipped.</target>
</trans-unit>
<trans-unit id="s681074b6c1f19c08">
<source>Not configured action</source>
<target>Not configured action</target>
</trans-unit>
<trans-unit id="sa2c29dc5ed47b26d">
<source>Force the user to configure an authenticator</source>
<target>Force the user to configure an authenticator</target>
</trans-unit>
<trans-unit id="sa30c58514a3dc0fb">
<source>Deny the user access</source>
<target>Deny the user access</target>
</trans-unit>
<trans-unit id="s1e0de9c4f66dc371">
<source>WebAuthn User verification</source>
<target>WebAuthn User verification</target>
</trans-unit>
<trans-unit id="sdb7b2173869822bc">
<source>User verification must occur.</source>
<target>User verification must occur.</target>
</trans-unit>
<trans-unit id="s7683363cdf78cf31">
<source>User verification is preferred if available, but not required.</source>
<target>User verification is preferred if available, but not required.</target>
</trans-unit>
<trans-unit id="scb43f5faeb6a7ca9">
<source>User verification should not occur.</source>
<target>User verification should not occur.</target>
</trans-unit>
<trans-unit id="scae166352a31032c">
<source>Configuration stages</source>
<target>Configuration stages</target>
</trans-unit>
<trans-unit id="s6941a67f0038ba4c">
<source>Stages used to configure Authenticator when user doesn't have any compatible devices. After this configuration Stage passes, the user is not prompted again.</source>
<target>Stages used to configure Authenticator when user doesn't have any compatible devices. After this configuration Stage passes, the user is not prompted again.</target>
</trans-unit>
<trans-unit id="s7e5af9c6ba6f5cc6">
<source>When multiple stages are selected, the user can choose which one they want to enroll.</source>
<target>When multiple stages are selected, the user can choose which one they want to enroll.</target>
</trans-unit>
<trans-unit id="s34b23ebbac9f6ab9">
<source>User verification</source>
<target>User verification</target>
</trans-unit>
<trans-unit id="s9ea472b555374771">
<source>Resident key requirement</source>
<target>Resident key requirement</target>
</trans-unit>
<trans-unit id="s5fbaeb14f42815e5">
<source>Authenticator Attachment</source>
<target>Authenticator Attachment</target>
</trans-unit>
<trans-unit id="s502d2473587032e1">
<source>No preference is sent</source>
<target>No preference is sent</target>
</trans-unit>
<trans-unit id="s60cc554fde2676cb">
<source>A non-removable authenticator, like TouchID or Windows Hello</source>
<target>A non-removable authenticator, like TouchID or Windows Hello</target>
</trans-unit>
<trans-unit id="sdf1d8edef27236f0">
<source>A "roaming" authenticator, like a YubiKey</source>
<target>A "roaming" authenticator, like a YubiKey</target>
</trans-unit>
<trans-unit id="sfffba7b23d8fb40c">
<source>This stage checks the user's current session against the Google reCaptcha (or compatible) service.</source>
<target>This stage checks the user's current session against the Google reCaptcha (or compatible) service.</target>
</trans-unit>
<trans-unit id="sfd1af96798dd8a5f">
<source>Public Key</source>
<target>Public Key</target>
</trans-unit>
<trans-unit id="sf339673f0f76a8bd">
<source>Public key, acquired from https://www.google.com/recaptcha/intro/v3.html.</source>
<target>Public key, acquired from https://www.google.com/recaptcha/intro/v3.html.</target>
</trans-unit>
<trans-unit id="s83d0f62ad1731a03">
<source>Private Key</source>
<target>Private Key</target>
</trans-unit>
<trans-unit id="s892d2731a6f22e59">
<source>Private key, acquired from https://www.google.com/recaptcha/intro/v3.html.</source>
<target>Private key, acquired from https://www.google.com/recaptcha/intro/v3.html.</target>
</trans-unit>
<trans-unit id="scb6620fcd5bff04c">
<source>Advanced settings</source>
<target>Advanced settings</target>
</trans-unit>
<trans-unit id="s39e436de1dc4df4f">
<source>JS URL</source>
<target>JS URL</target>
</trans-unit>
<trans-unit id="s170b705c55ecb2ae">
<source>URL to fetch JavaScript from, defaults to recaptcha. Can be replaced with any compatible alternative.</source>
<target>URL to fetch JavaScript from, defaults to recaptcha. Can be replaced with any compatible alternative.</target>
</trans-unit>
<trans-unit id="s275021658614ce9e">
<source>API URL</source>
<target>API URL</target>
</trans-unit>
<trans-unit id="sc8a79fddea3ab4a9">
<source>URL used to validate captcha response, defaults to recaptcha. Can be replaced with any compatible alternative.</source>
<target>URL used to validate captcha response, defaults to recaptcha. Can be replaced with any compatible alternative.</target>
</trans-unit>
<trans-unit id="s1cd617e7bbe278d0">
<source>Prompt for the user's consent. The consent can either be permanent or expire in a defined amount of time.</source>
<target>Prompt for the user's consent. The consent can either be permanent or expire in a defined amount of time.</target>
</trans-unit>
<trans-unit id="s26513c9dd154f041">
<source>Always require consent</source>
<target>Always require consent</target>
</trans-unit>
<trans-unit id="s8ce8bdc9cc9c8604">
<source>Consent given last indefinitely</source>
<target>Consent given last indefinitely</target>
</trans-unit>
<trans-unit id="sb986f15fa9b17805">
<source>Consent expires.</source>
<target>Consent expires.</target>
</trans-unit>
<trans-unit id="s6f328f2d8382d998">
<source>Consent expires in</source>
<target>Consent expires in</target>
</trans-unit>
<trans-unit id="se0c660020d9cf5b7">
<source>Offset after which consent expires.</source>
<target>Offset after which consent expires.</target>
</trans-unit>
<trans-unit id="s22b10ed263b96194">
<source>Dummy stage used for testing. Shows a simple continue button and always passes.</source>
<target>Dummy stage used for testing. Shows a simple continue button and always passes.</target>
</trans-unit>
<trans-unit id="sdb861d9906f18ac2">
<source>Throw error?</source>
<target>Throw error?</target>
</trans-unit>
<trans-unit id="s31ebc5431d677f5d">
<source>SMTP Host</source>
<target>SMTP Host</target>
</trans-unit>
<trans-unit id="s289fce7e694b98ac">
<source>SMTP Port</source>
<target>SMTP Port</target>
</trans-unit>
<trans-unit id="se4a9da0295597e73">
<source>SMTP Username</source>
<target>SMTP Username</target>
</trans-unit>
<trans-unit id="s593db2c00d6516a2">
<source>SMTP Password</source>
<target>SMTP Password</target>
</trans-unit>
<trans-unit id="s0d4268408182491d">
<source>Use TLS</source>
<target>Use TLS</target>
</trans-unit>
<trans-unit id="s480c6c40a248f7d2">
<source>Use SSL</source>
<target>Use SSL</target>
</trans-unit>
<trans-unit id="sc1feadd25659c94d">
<source>From address</source>
<target>From address</target>
</trans-unit>
<trans-unit id="sa248e1021d2c27b5">
<source>Verify the user's email address by sending them a one-time-link. Can also be used for recovery to verify the user's authenticity.</source>
<target>Verify the user's email address by sending them a one-time-link. Can also be used for recovery to verify the user's authenticity.</target>
</trans-unit>
<trans-unit id="s87b7e3bc944c728c">
<source>Activate pending user on success</source>
<target>Activate pending user on success</target>
</trans-unit>
<trans-unit id="s9e9c8d99f4c26baf">
<source>When a user returns from the email successfully, their account will be activated.</source>
<target>When a user returns from the email successfully, their account will be activated.</target>
</trans-unit>
<trans-unit id="s618d4e53f455c834">
<source>Use global settings</source>
<target>Use global settings</target>
</trans-unit>
<trans-unit id="sae1e1a59d22609c4">
<source>When enabled, global Email connection settings will be used and connection settings below will be ignored.</source>
<target>When enabled, global Email connection settings will be used and connection settings below will be ignored.</target>
</trans-unit>
<trans-unit id="sb1fe947f9ad27b9d">
<source>Token expiry</source>
<target>Token expiry</target>
</trans-unit>
<trans-unit id="s1c6ba8d100453392">
<source>Time in minutes the token sent is valid.</source>
<target>Time in minutes the token sent is valid.</target>
</trans-unit>
<trans-unit id="se47baf2fd16b9d2b">
<source>Template</source>
<target>Template</target>
</trans-unit>
<trans-unit id="s4af8a3ce5a600855">
<source>Let the user identify themselves with their username or Email address.</source>
<target>Let the user identify themselves with their username or Email address.</target>
</trans-unit>
<trans-unit id="s592ab7d2bc1b8973">
<source>User fields</source>
<target>User fields</target>
</trans-unit>
<trans-unit id="s61e48919db20538a">
<source>UPN</source>
<target>UPN</target>
</trans-unit>
<trans-unit id="s4cdae7635e757555">
<source>Fields a user can identify themselves with. If no fields are selected, the user will only be able to use sources.</source>
<target>Fields a user can identify themselves with. If no fields are selected, the user will only be able to use sources.</target>
</trans-unit>
<trans-unit id="s3380d7cbcebe50f6">
<source>Password stage</source>
<target>Password stage</target>
</trans-unit>
<trans-unit id="s08c91cb1a2cd3d97">
<source>When selected, a password field is shown on the same page instead of a separate page. This prevents username enumeration attacks.</source>
<target>When selected, a password field is shown on the same page instead of a separate page. This prevents username enumeration attacks.</target>
</trans-unit>
<trans-unit id="sd97d8d0906e6cc47">
<source>Case insensitive matching</source>
<target>Case insensitive matching</target>
</trans-unit>
<trans-unit id="s8aaad223e954f9ca">
<source>When enabled, user fields are matched regardless of their casing.</source>
<target>When enabled, user fields are matched regardless of their casing.</target>
</trans-unit>
<trans-unit id="sbab723b98dcfe23f">
<source>Show matched user</source>
<target>Show matched user</target>
</trans-unit>
<trans-unit id="se50a08ab71bb96ed">
<source>When a valid username/email has been entered, and this option is enabled, the user's username and avatar will be shown. Otherwise, the text that the user entered will be shown.</source>
<target>When a valid username/email has been entered, and this option is enabled, the user's username and avatar will be shown. Otherwise, the text that the user entered will be shown.</target>
</trans-unit>
<trans-unit id="s0295ce5d6f635d75">
<source>Source settings</source>
<target>Source settings</target>
</trans-unit>
<trans-unit id="s91e3a47599412f51">
<source>Sources</source>
<target>Sources</target>
</trans-unit>
<trans-unit id="s17a679298216aca9">
<source>Select sources should be shown for users to authenticate with. This only affects web-based sources, not LDAP.</source>
<target>Select sources should be shown for users to authenticate with. This only affects web-based sources, not LDAP.</target>
</trans-unit>
<trans-unit id="sa41aee3ae04c9216">
<source>Show sources' labels</source>
<target>Show sources' labels</target>
</trans-unit>
<trans-unit id="s54cd35e6224ba65d">
<source>By default, only icons are shown for sources. Enable this to show their full names.</source>
<target>By default, only icons are shown for sources. Enable this to show their full names.</target>
</trans-unit>
<trans-unit id="s9ee20003cb116abf">
<source>Passwordless flow</source>
<target>Passwordless flow</target>
</trans-unit>
<trans-unit id="s0c8c4d2bb0a9162a">
<source>Optional passwordless flow, which is linked at the bottom of the page. When configured, users can use this flow to authenticate with a WebAuthn authenticator, without entering any details.</source>
<target>Optional passwordless flow, which is linked at the bottom of the page. When configured, users can use this flow to authenticate with a WebAuthn authenticator, without entering any details.</target>
</trans-unit>
<trans-unit id="s01a3a7f48ee4edaf">
<source>Optional enrollment flow, which is linked at the bottom of the page.</source>
<target>Optional enrollment flow, which is linked at the bottom of the page.</target>
</trans-unit>
<trans-unit id="s82188c9542510212">
<source>Optional recovery flow, which is linked at the bottom of the page.</source>
<target>Optional recovery flow, which is linked at the bottom of the page.</target>
</trans-unit>
<trans-unit id="s3e59b8b2debf0209">
<source>This stage can be included in enrollment flows to accept invitations.</source>
<target>This stage can be included in enrollment flows to accept invitations.</target>
</trans-unit>
<trans-unit id="s79ad406777feab1f">
<source>Continue flow without invitation</source>
<target>Continue flow without invitation</target>
</trans-unit>
<trans-unit id="s61ccefd661ac2296">
<source>If this flag is set, this Stage will jump to the next Stage when no Invitation is given. By default this Stage will cancel the Flow when no invitation is given.</source>
<target>If this flag is set, this Stage will jump to the next Stage when no Invitation is given. By default this Stage will cancel the Flow when no invitation is given.</target>
</trans-unit>
<trans-unit id="sdc30bddeda2f0225">
<source>Validate the user's password against the selected backend(s).</source>
<target>Validate the user's password against the selected backend(s).</target>
</trans-unit>
<trans-unit id="sb8d4f44a1d5b9a14">
<source>Backends</source>
<target>Backends</target>
</trans-unit>
<trans-unit id="sba42248f3f27955c">
<source>User database + standard password</source>
<target>User database + standard password</target>
</trans-unit>
<trans-unit id="s3330adb3f0922f7b">
<source>User database + app passwords</source>
<target>User database + app passwords</target>
</trans-unit>
<trans-unit id="sc10db51c9bb77d5c">
<source>User database + LDAP password</source>
<target>User database + LDAP password</target>
</trans-unit>
<trans-unit id="sd35ae4be63df1f9f">
<source>Selection of backends to test the password against.</source>
<target>Selection of backends to test the password against.</target>
</trans-unit>
<trans-unit id="s482ae78809a6822b">
<source>Flow used by an authenticated user to configure their password. If empty, user will not be able to configure change their password.</source>
<target>Flow used by an authenticated user to configure their password. If empty, user will not be able to configure change their password.</target>
</trans-unit>
<trans-unit id="s77994108c886b965">
<source>Failed attempts before cancel</source>
<target>Failed attempts before cancel</target>
</trans-unit>
<trans-unit id="sa9020b93c3bd7235">
<source>How many attempts a user has before the flow is canceled. To lock the user out, use a reputation policy and a user_write stage.</source>
<target>How many attempts a user has before the flow is canceled. To lock the user out, use a reputation policy and a user_write stage.</target>
</trans-unit>
<trans-unit id="s5170f9ef331949c0">
<source>Show arbitrary input fields to the user, for example during enrollment. Data is saved in the flow context under the 'prompt_data' variable.</source>
<target>Show arbitrary input fields to the user, for example during enrollment. Data is saved in the flow context under the 'prompt_data' variable.</target>
</trans-unit>
<trans-unit id="s36cb242ac90353bc">
<source>Fields</source>
<target>Fields</target>
</trans-unit>
<trans-unit id="s2d5f69929bb7221d">
<source><x id="0" equiv-text="${prompt.name}"/> ("<x id="1" equiv-text="${prompt.fieldKey}"/>", of type <x id="2" equiv-text="${prompt.type}"/>)</source>
<target>
<x id="0" equiv-text="${prompt.name}"/>("
<x id="1" equiv-text="${prompt.fieldKey}"/>", of type
<x id="2" equiv-text="${prompt.type}"/>)</target>
</trans-unit>
<trans-unit id="s3b7b519444181264">
<source>Validation Policies</source>
<target>Validation Policies</target>
</trans-unit>
<trans-unit id="s59691290a232c687">
<source>Selected policies are executed when the stage is submitted to validate the data.</source>
<target>Selected policies are executed when the stage is submitted to validate the data.</target>
</trans-unit>
<trans-unit id="sbf4ef82e04772a4e">
<source>Delete the currently pending user. CAUTION, this stage does not ask for confirmation. Use a consent stage to ensure the user is aware of their actions.</source>
</trans-unit>
<trans-unit id="s8cc920e6a8430a0d">
<source>Log the currently pending user in.</source>
<target>Log the currently pending user in.</target>
</trans-unit>
<trans-unit id="sb85ffe141d7c229d">
<source>Session duration</source>
<target>Session duration</target>
</trans-unit>
<trans-unit id="sece294cd51a85745">
<source>Determines how long a session lasts. Default of 0 seconds means that the sessions lasts until the browser is closed.</source>
<target>Determines how long a session lasts. Default of 0 seconds means that the sessions lasts until the browser is closed.</target>
</trans-unit>
<trans-unit id="sf7949fbbab2eb566">
<source>Different browsers handle session cookies differently, and might not remove them even when the browser is closed.</source>
<target>Different browsers handle session cookies differently, and might not remove them even when the browser is closed.</target>
</trans-unit>
<trans-unit id="s53bbc3ae4b5fa1d0">
<source>See here.</source>
<target>See here.</target>
</trans-unit>
<trans-unit id="s2512334108f06a5a">
<source>Stay signed in offset</source>
<target>Stay signed in offset</target>
</trans-unit>
<trans-unit id="s1608b2f94fa0dbd4">
<source>If set to a duration above 0, the user will have the option to choose to "stay signed in", which will extend their session by the time specified here.</source>
<target>If set to a duration above 0, the user will have the option to choose to "stay signed in", which will extend their session by the time specified here.</target>
</trans-unit>
<trans-unit id="s542a71bb8f41e057">
<source>Terminate other sessions</source>
<target>Terminate other sessions</target>
</trans-unit>
<trans-unit id="sa920231366378c90">
<source>When enabled, all previous sessions of the user will be terminated.</source>
<target>When enabled, all previous sessions of the user will be terminated.</target>
</trans-unit>
<trans-unit id="sfee06600c15082a9">
<source>Remove the user from the current session.</source>
<target>Remove the user from the current session.</target>
</trans-unit>
<trans-unit id="s927398c400970760">
<source>Write any data from the flow's context's 'prompt_data' to the currently pending user. If no user
is pending, a new user is created, and data is written to them.</source>
</trans-unit>
<trans-unit id="sb379d861cbed0b47">
<source>Never create users</source>
<target>Never create users</target>
</trans-unit>
<trans-unit id="s81d673755a86a4f0">
<source>When no user is present in the flow context, the stage will fail.</source>
<target>When no user is present in the flow context, the stage will fail.</target>
</trans-unit>
<trans-unit id="s9940e3f073fbdbd4">
<source>Create users when required</source>
<target>Create users when required</target>
</trans-unit>
<trans-unit id="s5414356cc10e80fe">
<source>When no user is present in the the flow context, a new user is created.</source>
<target>When no user is present in the the flow context, a new user is created.</target>
</trans-unit>
<trans-unit id="s57337099d96ce6d2">
<source>Always create new users</source>
<target>Always create new users</target>
</trans-unit>
<trans-unit id="se80dd66f23b4fc39">
<source>Create a new user even if a user is in the flow context.</source>
<target>Create a new user even if a user is in the flow context.</target>
</trans-unit>
<trans-unit id="sed3512fe4560c7f4">
<source>Create users as inactive</source>
<target>Create users as inactive</target>
</trans-unit>
<trans-unit id="s9193ef1a39a6c872">
<source>Mark newly created users as inactive.</source>
<target>Mark newly created users as inactive.</target>
</trans-unit>
<trans-unit id="s89d1847b5e4ad225">
<source>User path template</source>
<target>User path template</target>
</trans-unit>
<trans-unit id="s18269e3889d6fa54">
<source>Path new users will be created under. If left blank, the default path will be used.</source>
<target>Path new users will be created under. If left blank, the default path will be used.</target>
</trans-unit>
<trans-unit id="sc1cb0eef9ed94e6a">
<source>Newly created users are added to this group, if a group is selected.</source>
<target>Newly created users are added to this group, if a group is selected.</target>
</trans-unit>
<trans-unit id="sd8417b41ca27bc8f">
<source>New stage</source>
<target>New stage</target>
</trans-unit>
<trans-unit id="s293801033f9fc0d0">
<source>Create a new stage.</source>
<target>Create a new stage.</target>
</trans-unit>
<trans-unit id="s71633a67e0d7c0e4">
<source>Successfully imported device.</source>
<target>Successfully imported device.</target>
</trans-unit>
<trans-unit id="s7d61705dfb120d7b">
<source>The user in authentik this device will be assigned to.</source>
<target>The user in authentik this device will be assigned to.</target>
</trans-unit>
<trans-unit id="s5eaf1d304e03ed4b">
<source>Duo User ID</source>
<target>Duo User ID</target>
</trans-unit>
<trans-unit id="s003847d8bc01c676">
<source>The user ID in Duo, can be found in the URL after clicking on a user.</source>
<target>The user ID in Duo, can be found in the URL after clicking on a user.</target>
<source>Stages are single steps of a Flow that a user is guided through. A stage can only be executed from within a flow.</source>
<target>Stages are single steps of a Flow that a user is guided through. A stage can only be executed from within a flow.</target>
</trans-unit>
<trans-unit id="sb69a4b0acd0895f2">
<source>Flows</source>
<target>Flows</target>
</trans-unit>
<trans-unit id="s0eaf755fa88c8d97">
<source>Stage(s)</source>
<target>Stage(s)</target>
</trans-unit>
<trans-unit id="s3914cb410fca44d4">
<source>Import</source>
<target>Import</target>
</trans-unit>
<trans-unit id="s8a67b33a0d70d322">
<source>Import Duo device</source>
<target>Import Duo device</target>
</trans-unit>
<trans-unit id="s48cf8fd56b1237ed">
<source>Successfully updated flow.</source>
<target>Successfully updated flow.</target>
</trans-unit>
<trans-unit id="sc3e0c240b159fbce">
<source>Successfully created flow.</source>
<target>Successfully created flow.</target>
</trans-unit>
<trans-unit id="s925936f647ae52cc">
<source>Shown as the Title in Flow pages.</source>
<target>Shown as the Title in Flow pages.</target>
</trans-unit>
<trans-unit id="s50719dda8f90abf4">
<source>Visible in the URL.</source>
<target>Visible in the URL.</target>
</trans-unit>
<trans-unit id="s0f4c6540c30bd8b4">
<source>Designation</source>
<target>Designation</target>
</trans-unit>
<trans-unit id="sb25d9afe10941425">
<source>Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.</source>
<target>Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.</target>
</trans-unit>
<trans-unit id="sb36e4c05244278c1">
<source>No requirement</source>
<target>No requirement</target>
</trans-unit>
<trans-unit id="s7b105164d209f670">
<source>Require authentication</source>
<target>Require authentication</target>
</trans-unit>
<trans-unit id="s239c2a351cde6d39">
<source>Require no authentication.</source>
<target>Require no authentication.</target>
</trans-unit>
<trans-unit id="s98beadfeeb3acb66">
<source>Require superuser.</source>
<target>Require superuser.</target>
</trans-unit>
<trans-unit id="sfad9279cc42c6b61">
<source>Required authentication level for this flow.</source>
<target>Required authentication level for this flow.</target>
</trans-unit>
<trans-unit id="sb56674c9ea4f0588">
<source>Behavior settings</source>
<target>Behavior settings</target>
</trans-unit>
<trans-unit id="sb6d7d58cb0a1544e">
<source>Compatibility mode</source>
<target>Compatibility mode</target>
</trans-unit>
<trans-unit id="s14ace18ccf4fb86d">
<source>Increases compatibility with password managers and mobile devices.</source>
<target>Increases compatibility with password managers and mobile devices.</target>
</trans-unit>
<trans-unit id="scfbc2f1396ee8550">
<source>Denied action</source>
<target>Denied action</target>
</trans-unit>
<trans-unit id="sff38031cf061e3ae">
<source>Will follow the ?next parameter if set, otherwise show a message</source>
<target>Will follow the ?next parameter if set, otherwise show a message</target>
</trans-unit>
<trans-unit id="s936bf4342b182ad4">
<source>Will either follow the ?next parameter or redirect to the default interface</source>
<target>Will either follow the ?next parameter or redirect to the default interface</target>
</trans-unit>
<trans-unit id="s22b0e8c5277dd5a9">
<source>Will notify the user the flow isn't applicable</source>
<target>Will notify the user the flow isn't applicable</target>
</trans-unit>
<trans-unit id="s2eeca5cfc99ef19b">
<source>Decides the response when a policy denies access to this flow for a user.</source>
<target>Decides the response when a policy denies access to this flow for a user.</target>
</trans-unit>
<trans-unit id="sbaf20067de176c90">
<source>Appearance settings</source>
<target>Appearance settings</target>
</trans-unit>
<trans-unit id="s2e4818861000b13f">
<source>Layout</source>
<target>Layout</target>
</trans-unit>
<trans-unit id="s1efbfc3937d565bd">
<source>Background</source>
<target>Background</target>
</trans-unit>
<trans-unit id="s374abf1a54d87b67">
<source>Background shown during execution.</source>
<target>Background shown during execution.</target>
</trans-unit>
<trans-unit id="s3ebf4c166058afce">
<source>Clear background</source>
<target>Clear background</target>
</trans-unit>
<trans-unit id="sb24755ea94bef31d">
<source>Delete currently set background image.</source>
<target>Delete currently set background image.</target>
</trans-unit>
<trans-unit id="sb904f23f17b60c3a">
<source>Successfully imported flow.</source>
<target>Successfully imported flow.</target>
</trans-unit>
<trans-unit id="s344c4a2a48997e18">
<source>.yaml files, which can be found on goauthentik.io and can be exported by authentik.</source>
<target>.yaml files, which can be found on goauthentik.io and can be exported by authentik.</target>
</trans-unit>
<trans-unit id="sc816360d6f5a1eeb">
<source>Flows describe a chain of Stages to authenticate, enroll or recover a user. Stages are chosen based on policies applied to them.</source>
<target>Flows describe a chain of Stages to authenticate, enroll or recover a user. Stages are chosen based on policies applied to them.</target>
</trans-unit>
<trans-unit id="s6f857299d5db1ecf">
<source>Flow(s)</source>
<target>Flow(s)</target>
</trans-unit>
<trans-unit id="s9e830cbc0b42a514">
<source>Update Flow</source>
<target>Update Flow</target>
</trans-unit>
<trans-unit id="s2f1bcfcc5cae94c3">
<source>Create Flow</source>
<target>Create Flow</target>
</trans-unit>
<trans-unit id="s832282d415294df4">
<source>Import Flow</source>
<target>Import Flow</target>
</trans-unit>
<trans-unit id="s098237f7ccb4dc4a">
<source>Successfully cleared flow cache</source>
<target>Successfully cleared flow cache</target>
</trans-unit>
<trans-unit id="s59572c1be31a812e">
<source>Failed to delete flow cache</source>
<target>Failed to delete flow cache</target>
</trans-unit>
<trans-unit id="sa2b727168b090d34">
<source>Clear Flow cache</source>
<target>Clear Flow cache</target>
</trans-unit>
<trans-unit id="sf12d588a76ba7e51">
<source>Are you sure you want to clear the flow cache?
This will cause all flows to be re-evaluated on their next usage.</source>
</trans-unit>
<trans-unit id="sbe47a5bdeec19ab0">
<source>Stage binding(s)</source>
<target>Stage binding(s)</target>
</trans-unit>
<trans-unit id="sfa88f413e287bb0f">
<source>Stage type</source>
<target>Stage type</target>
</trans-unit>
<trans-unit id="s04440099d97c0bef">
<source>Edit Stage</source>
<target>Edit Stage</target>
</trans-unit>
<trans-unit id="s980270d0fab7ecb3">
<source>Update Stage binding</source>
<target>Update Stage binding</target>
</trans-unit>
<trans-unit id="sfe938c1585e0bf68">
<source>These bindings control if this stage will be applied to the flow.</source>
<target>These bindings control if this stage will be applied to the flow.</target>
</trans-unit>
<trans-unit id="sfac6f995c7670559">
<source>No Stages bound</source>
<target>No Stages bound</target>
</trans-unit>
<trans-unit id="s955c1fec1c6fb970">
<source>No stages are currently bound to this flow.</source>
<target>No stages are currently bound to this flow.</target>
</trans-unit>
<trans-unit id="s9a393a04eaf1eb0e">
<source>Create Stage binding</source>
<target>Create Stage binding</target>
</trans-unit>
<trans-unit id="s207e8b106806d7e4">
<source>Bind stage</source>
<target>Bind stage</target>
</trans-unit>
<trans-unit id="scc2e420c54dc8089">
<source>Bind existing stage</source>
<target>Bind existing stage</target>
</trans-unit>
<trans-unit id="s30d1f50f476c3f48">
<source>Flow Overview</source>
<target>Flow Overview</target>
</trans-unit>
<trans-unit id="s77099d752f1ab773">
<source>Related actions</source>
<target>Related actions</target>
</trans-unit>
<trans-unit id="sd07866d9f38b2c50">
<source>Execute flow</source>
<target>Execute flow</target>
</trans-unit>
<trans-unit id="s9ff3121d30f88d52">
<source>Normal</source>
<target>Normal</target>
</trans-unit>
<trans-unit id="s6e4c997a101b6abf">
<source>with current user</source>
<target>with current user</target>
</trans-unit>
<trans-unit id="s8ecdbff1a7329b64">
<source>with inspector</source>
<target>with inspector</target>
</trans-unit>
<trans-unit id="s3576aead3e68c5c9">
<source>Export flow</source>
<target>Export flow</target>
</trans-unit>
<trans-unit id="s293aa6a6446fb153">
<source>Export</source>
<target>Export</target>
</trans-unit>
<trans-unit id="se2c3cbf2ed1403f1">
<source>Stage Bindings</source>
<target>Stage Bindings</target>
</trans-unit>
<trans-unit id="s78c08391ffbfb8c0">
<source>These bindings control which users can access this flow.</source>
<target>These bindings control which users can access this flow.</target>
<source>Local (notifications will be created within authentik)</source>
<target>Local (notifications will be created within authentik)</target>
</trans-unit>
<trans-unit id="sede0abbf2b612812">
<source>Webhook (generic)</source>
<target>Webhook (generic)</target>
</trans-unit>
<trans-unit id="s76f5dca6404a1210">
<source>Webhook (Slack/Discord)</source>
<target>Webhook (Slack/Discord)</target>
</trans-unit>
<trans-unit id="s6873bdbfa24615fb">
<source>Webhook URL</source>
<target>Webhook URL</target>
</trans-unit>
<trans-unit id="s25ec2846f6b88214">
<source>Webhook Mapping</source>
<target>Webhook Mapping</target>
</trans-unit>
<trans-unit id="sca2879d96f58a39c">
<source>Send once</source>
<target>Send once</target>
</trans-unit>
<trans-unit id="s2430e000b7cfefd0">
<source>Only send notification once, for example when sending a webhook into a chat channel.</source>
<target>Only send notification once, for example when sending a webhook into a chat channel.</target>
</trans-unit>
<trans-unit id="s819509c33a7534ac">
<source>Notification Transports</source>
<target>Notification Transports</target>
</trans-unit>
<trans-unit id="s57072ffb92b6c9c8">
<source>Define how notifications are sent to users, like Email or Webhook.</source>
<target>Define how notifications are sent to users, like Email or Webhook.</target>
</trans-unit>
<trans-unit id="s624256f8a4bb4c89">
<source>Notification transport(s)</source>
<target>Notification transport(s)</target>
</trans-unit>
<trans-unit id="sac1332e6f421526e">
<source>Update Notification Transport</source>
<target>Update Notification Transport</target>
</trans-unit>
<trans-unit id="s6b5002c605b39d6d">
<source>Create Notification Transport</source>
<target>Create Notification Transport</target>
</trans-unit>
<trans-unit id="s0a39e4f61ccafacb">
<source>Successfully updated rule.</source>
<target>Successfully updated rule.</target>
</trans-unit>
<trans-unit id="s72e102414fec81a4">
<source>Successfully created rule.</source>
<target>Successfully created rule.</target>
</trans-unit>
<trans-unit id="sa55ee64c5c51df0f">
<source>Select the group of users which the alerts are sent to. If no group is selected the rule is disabled.</source>
<target>Select the group of users which the alerts are sent to. If no group is selected the rule is disabled.</target>
</trans-unit>
<trans-unit id="sffa171e11d4ae513">
<source>Transports</source>
<target>Transports</target>
</trans-unit>
<trans-unit id="s7b18721be331241e">
<source>Select which transports should be used to notify the user. If none are selected, the notification will only be shown in the authentik UI.</source>
<target>Select which transports should be used to notify the user. If none are selected, the notification will only be shown in the authentik UI.</target>
</trans-unit>
<trans-unit id="scd0cfe87af6f2ff2">
<source>Severity</source>
<target>Severity</target>
</trans-unit>
<trans-unit id="s98c3bdf4fd5cdf65">
<source>Notification Rules</source>
<target>Notification Rules</target>
</trans-unit>
<trans-unit id="s107bf77afb93c9b8">
<source>Send notifications whenever a specific Event is created and matched by policies.</source>
<target>Send notifications whenever a specific Event is created and matched by policies.</target>
</trans-unit>
<trans-unit id="sf3f9a0feaf083207">
<source>Sent to group</source>
<target>Sent to group</target>
</trans-unit>
<trans-unit id="sc92ed9d5e01d3f24">
<source>Notification rule(s)</source>
<target>Notification rule(s)</target>
</trans-unit>
<trans-unit id="s5140d157642d7362">
<source>None (rule disabled)</source>
<target>None (rule disabled)</target>
</trans-unit>
<trans-unit id="sd1146418b344f81f">
<source>Update Notification Rule</source>
<target>Update Notification Rule</target>
</trans-unit>
<trans-unit id="sbbc1de43ab6c1f76">
<source>Create Notification Rule</source>
<target>Create Notification Rule</target>
</trans-unit>
<trans-unit id="s5795b310ab271d20">
<source>These bindings control upon which events this rule triggers.
Bindings to groups/users are checked against the user of the event.</source>
</trans-unit>
<trans-unit id="s90c3b62194fe8508">
<source>Outpost Deployment Info</source>
<target>Outpost Deployment Info</target>
</trans-unit>
<trans-unit id="s35f9df7668d5fa79">
<source>View deployment documentation</source>
<target>View deployment documentation</target>
</trans-unit>
<trans-unit id="sad09c62cb4ebae68">
<source>Click to copy token</source>
<target>Click to copy token</target>
</trans-unit>
<trans-unit id="s0e03fe2dc5b9164b">
<source>If your authentik Instance is using a self-signed certificate, set this value.</source>
<target>If your authentik Instance is using a self-signed certificate, set this value.</target>
</trans-unit>
<trans-unit id="sc21032b0d37882a0">
<source>If your authentik_host setting does not match the URL you want to login with, add this setting.</source>
<target>If your authentik_host setting does not match the URL you want to login with, add this setting.</target>
</trans-unit>
<trans-unit id="s6f270e1668c036e9">
<source>Successfully updated outpost.</source>
<target>Successfully updated outpost.</target>
</trans-unit>
<trans-unit id="s79aed8154d7c472c">
<source>Successfully created outpost.</source>
<target>Successfully created outpost.</target>
</trans-unit>
<trans-unit id="s8afc8c5aafb392d3">
<source>Radius</source>
<target>Radius</target>
</trans-unit>
<trans-unit id="s03970aa76a09982d">
<source>Integration</source>
<target>Integration</target>
</trans-unit>
<trans-unit id="s9c29565c5ae1cc92">
<source>Selecting an integration enables the management of the outpost by authentik.</source>
<target>Selecting an integration enables the management of the outpost by authentik.</target>
</trans-unit>
<trans-unit id="sf9b1c0661a02d9f9">
<source>Configuration</source>
<target>Configuration</target>
</trans-unit>
<trans-unit id="s3abecf1e778c9625">
<source>See more here:</source>
<target>See more here:</target>
</trans-unit>
<trans-unit id="s74cb3d66f6a668e1">
<source>Documentation</source>
<target>Documentation</target>
</trans-unit>
<trans-unit id="saa8939ac88a76f98">
<source>Last seen</source>
<target>Last seen</target>
</trans-unit>
<trans-unit id="s1ac2653a6492b435">
<source><x id="0" equiv-text="${this.outpostHealth.version}"/>, should be <x id="1" equiv-text="${this.outpostHealth.versionShould}"/></source>
<target>
<x id="0" equiv-text="${this.outpostHealth.version}"/>, should be
<source>Successfully created integration.</source>
<target>Successfully created integration.</target>
</trans-unit>
<trans-unit id="se9b1fec72ffd8f48">
<source>Local</source>
<target>Local</target>
</trans-unit>
<trans-unit id="sc1231049879b8d33">
<source>If enabled, use the local connection. Required Docker socket/Kubernetes Integration.</source>
<target>If enabled, use the local connection. Required Docker socket/Kubernetes Integration.</target>
</trans-unit>
<trans-unit id="s13de04774ff0f210">
<source>Docker URL</source>
<target>Docker URL</target>
</trans-unit>
<trans-unit id="sa7fcf026bd25f231">
<source>Can be in the format of 'unix://' when connecting to a local docker daemon, using 'ssh://' to connect via SSH, or 'https://:2376' when connecting to a remote system.</source>
<target>Can be in the format of 'unix://' when connecting to a local docker daemon, using 'ssh://' to connect via SSH, or 'https://:2376' when connecting to a remote system.</target>
</trans-unit>
<trans-unit id="saf1d289e3137c2ea">
<source>CA which the endpoint's Certificate is verified against. Can be left empty for no validation.</source>
<target>CA which the endpoint's Certificate is verified against. Can be left empty for no validation.</target>
<source>Use Server URI for SNI verification</source>
</trans-unit>
<trans-unit id="se65beb94fffc3c4b">
<source>Required for servers using TLS 1.3+</source>
</trans-unit>
<trans-unit id="s5506b35a1bceb141">
<source>Client certificate keypair to authenticate against the LDAP Server's Certificate.</source>
</trans-unit>
<trans-unit id="s4647b2c92638d6fd">
<source>The certificate for the above configured Base DN. As a fallback, the provider uses a self-signed certificate.</source>
</trans-unit>
<trans-unit id="scd247ffad6e04ac0">
<source>TLS Server name</source>
</trans-unit>
<trans-unit id="s2acef4f6ba39bf11">
<source>DNS name for which the above configured certificate should be used. The certificate cannot be detected based on the base DN, as the SSL/TLS negotiation happens before such data is exchanged.</source>
<source>When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon.</source>
<source>Estimated user count one year from now based on <x id="0" equiv-text="${this.forecast?.internalUsers}"/> current internal users and <x id="1" equiv-text="${this.forecast?.forecastedInternalUsers}"/> forecasted internal users.</source>
<source>Estimated user count one year from now based on <x id="0" equiv-text="${this.forecast?.externalUsers}"/> current external users and <x id="1" equiv-text="${this.forecast?.forecastedExternalUsers}"/> forecasted external users.</source>
<source>The number of tokens generated whenever this stage is used. Every token generated per stage execution will be attached to a single static device.</source>
</trans-unit>
<trans-unit id="s4aacc4e0277c1042">
<source>Token length</source>
</trans-unit>
<trans-unit id="s6931695c4f563bc4">
<source>The length of the individual generated tokens. Can be increased to improve security.</source>
<source>Use this provider with nginx's auth_request or traefik's forwardAuth. Each application/domain needs its own provider. Additionally, on each domain, /outpost.goauthentik.io must be routed to the outpost (when using a managed outpost, this is done for you).</source>
</trans-unit>
<trans-unit id="scb58b8a60cad8762">
<source>Default relay state</source>
</trans-unit>
<trans-unit id="s6827a456c9dfc6ee">
<source>When using IDP-initiated logins, the relay state will be set to this value.</source>
<source>One hint, 'New Application Wizard', is currently hidden</source>
</trans-unit>
<trans-unit id="s61bd841e66966325">
<source>External applications that use authentik as an identity provider via protocols like OAuth2 and SAML. All applications are shown here, even ones you cannot access.</source>
</trans-unit>
<trans-unit id="s1cc306d8e28c4464">
<source>Deny message</source>
</trans-unit>
<trans-unit id="s6985c401e1100122">
<source>Message shown when this stage is run.</source>