mirror of
https://github.com/zitadel/zitadel.git
synced 2025-12-07 07:16:54 +00:00
40082745f4
# Which Problems Are Solved The current login will always prefer external authentication (through an IdP) over local authentication. So as soon as either the user had connected to an IdP or even when the login policy was just set up to have an IdP allowed, users would be redirected to that IdP for (re)authentication. This could lead to problems, where the IdP was not available or any other error occurred in the process (such as secret expired for EntraID). Even when local authentication (passkeys or password) was allowed for the corresponding user, they would always be redirected to the IdP again, preventing any authentication. If admins were affected, they might not even be able to update the client secret of the IdP. # How the Problems Are Solved Errors during the external IdP flow are handled in an `externalAuthFailed` function, which will check if the organisation allows local authentication and if the user has set up such. If either password or passkeys is set up, the corresponding login page will be presented to the user. As already with local auth passkeys is preferred over password authentication. The user is informed that the external login failed and fail back to local auth as an error on the corresponding page in a focused mode. Any interaction or after 5 second the focus mode is disabled. # Additional Changes None. # Additional Context closes #6466
526 lines
18 KiB
YAML
526 lines
18 KiB
YAML
Login:
|
|
Title: Welcome Back!
|
|
Description: Enter your login data.
|
|
TitleLinking: Login for user linking
|
|
DescriptionLinking: Enter your login data to link your external user.
|
|
LoginNameLabel: Login Name
|
|
UsernamePlaceHolder: username
|
|
LoginnamePlaceHolder: username@domain
|
|
ExternalUserDescription: Login with an external user.
|
|
MustBeMemberOfOrg: The user must be member of the {{.OrgName}} organization.
|
|
RegisterButtonText: Register
|
|
NextButtonText: Next
|
|
|
|
LDAP:
|
|
Title: Login
|
|
Description: Enter your login data.
|
|
LoginNameLabel: Login Name
|
|
PasswordLabel: Password
|
|
NextButtonText: Next
|
|
|
|
SelectAccount:
|
|
Title: Select Account
|
|
Description: Use your account
|
|
TitleLinking: Select account for user linking
|
|
DescriptionLinking: Select your account to link with your external user.
|
|
OtherUser: Other User
|
|
SessionState0: active
|
|
SessionState1: Signed out
|
|
MustBeMemberOfOrg: The user must be member of the {{.OrgName}} organization.
|
|
|
|
Password:
|
|
Title: Password
|
|
Description: Enter your login data.
|
|
PasswordLabel: Password
|
|
MinLength: Must be at least
|
|
MinLengthp2: characters long.
|
|
MaxLength: Must be less than 70 characters long.
|
|
HasUppercase: Must include an uppercase letter.
|
|
HasLowercase: Must include a lowercase letter.
|
|
HasNumber: Must include a number.
|
|
HasSymbol: Must include a symbol.
|
|
Confirmation: Password confirmation matched.
|
|
ResetLinkText: Reset Password
|
|
BackButtonText: Back
|
|
NextButtonText: Next
|
|
|
|
UsernameChange:
|
|
Title: Change Username
|
|
Description: Set your new username
|
|
UsernameLabel: Username
|
|
CancelButtonText: Cancel
|
|
NextButtonText: Next
|
|
|
|
UsernameChangeDone:
|
|
Title: Username Changed
|
|
Description: Your username was changed successfully.
|
|
NextButtonText: Next
|
|
|
|
InitPassword:
|
|
Title: Set Password
|
|
Description: You have received a code, which you have to enter in the form below, to set your new password.
|
|
CodeLabel: Code
|
|
NewPasswordLabel: New Password
|
|
NewPasswordConfirmLabel: Confirm Password
|
|
ResendButtonText: Resend Code
|
|
NextButtonText: Next
|
|
|
|
InitPasswordDone:
|
|
Title: Password Set
|
|
Description: Password successfully set
|
|
NextButtonText: Next
|
|
CancelButtonText: Cancel
|
|
|
|
InitUser:
|
|
Title: Activate User
|
|
Description: Verify your e-mail with the code below and set your password.
|
|
CodeLabel: Code
|
|
NewPasswordLabel: New Password
|
|
NewPasswordConfirm: Confirm Password
|
|
NextButtonText: Next
|
|
ResendButtonText: Resend Code
|
|
|
|
InitUserDone:
|
|
Title: User Activated
|
|
Description: Email verified and Password successfully set
|
|
NextButtonText: Next
|
|
CancelButtonText: Cancel
|
|
|
|
InviteUser:
|
|
Title: Activate User
|
|
Description: Verify your e-mail with the code below and set your password.
|
|
CodeLabel: Code
|
|
NewPasswordLabel: New Password
|
|
NewPasswordConfirm: Confirm Password
|
|
NextButtonText: Next
|
|
ResendButtonText: Resend Code
|
|
|
|
InitMFAPrompt:
|
|
Title: 2-Factor Setup
|
|
Description: 2-factor authentication gives you an additional security for your user account. This ensures that only you have access to your account.
|
|
Provider0: Authenticator App (e.g Google/Microsoft Authenticator, Authy)
|
|
Provider1: Device dependent (e.g FaceID, Windows Hello, Fingerprint)
|
|
Provider3: OTP SMS
|
|
Provider4: OTP Email
|
|
NextButtonText: Next
|
|
SkipButtonText: Skip
|
|
|
|
InitMFAOTP:
|
|
Title: 2-Factor Verification
|
|
Description: Create your 2-factor. Download an authenticator app if you do not already have one.
|
|
OTPDescription: Scan the code with your authenticator app (e.g Google/Microsoft Authenticator, Authy) or copy the secret and insert the generated code below.
|
|
SecretLabel: Secret
|
|
CodeLabel: Code
|
|
NextButtonText: Next
|
|
CancelButtonText: Cancel
|
|
|
|
InitMFAOTPSMS:
|
|
Title: 2-Factor Verification
|
|
DescriptionPhone: Create your 2-factor. Enter your phone number to verify it.
|
|
DescriptionCode: Create your 2-factor. Enter the received code to verify your phone number.
|
|
PhoneLabel: Phone
|
|
CodeLabel: Code
|
|
EditButtonText: Edit
|
|
ResendButtonText: Resend Code
|
|
NextButtonText: Next
|
|
|
|
InitMFAU2F:
|
|
Title: Add Security Key
|
|
Description: A security key is a verification method that can be built into your phone, use Bluetooth, or plug directly into your computer's USB port.
|
|
TokenNameLabel: Name of the security key / device
|
|
NotSupported: WebAuthN is not supported by your browser. Please ensure it is up to date or use a different one (e.g. Chrome, Safari, Firefox)
|
|
RegisterTokenButtonText: Add security key
|
|
ErrorRetry: Retry, create a new challenge or choose a different method.
|
|
|
|
InitMFADone:
|
|
Title: 2-factor Verified
|
|
Description: Awesome! You just successfully set up your 2-factor and made your account way more secure. The Factor has to be entered on each login.
|
|
NextButtonText: Next
|
|
CancelButtonText: Cancel
|
|
|
|
MFAProvider:
|
|
Provider0: Authenticator App (e.g Google/Microsoft Authenticator, Authy)
|
|
Provider1: Device dependent (e.g FaceID, Windows Hello, Fingerprint)
|
|
Provider3: OTP SMS
|
|
Provider4: OTP Email
|
|
ChooseOther: or choose another option
|
|
|
|
VerifyMFAOTP:
|
|
Title: Verify 2-Factor
|
|
Description: Verify your second factor
|
|
CodeLabel: Code
|
|
NextButtonText: Next
|
|
|
|
VerifyOTP:
|
|
Title: Verify 2-Factor
|
|
Description: Verify your second factor
|
|
CodeLabel: Code
|
|
ResendButtonText: Resend Code
|
|
NextButtonText: Next
|
|
|
|
VerifyMFAU2F:
|
|
Title: 2-Factor Verification
|
|
Description: Verify your 2-Factor with the registered device (e.g FaceID, Windows Hello, Fingerprint)
|
|
NotSupported: WebAuthN is not supported by your browser. Make sure you are using the newest version or change your browser to a supported one (Chrome, Safari, Firefox)
|
|
ErrorRetry: Retry, create a new request or choose a other method.
|
|
ValidateTokenButtonText: Verify 2-Factor
|
|
|
|
Passwordless:
|
|
Title: Login Passwordless
|
|
Description: Login with authentication methods provided by your device like FaceID, Windows Hello or Fingerprint.
|
|
NotSupported: WebAuthN is not supported by your browser. Please ensure it is up to date or use a different one (e.g. Chrome, Safari, Firefox)
|
|
ErrorRetry: Retry, create a new challenge or choose a different method.
|
|
LoginWithPwButtonText: Login with password
|
|
ValidateTokenButtonText: Login with passwordless
|
|
|
|
PasswordlessPrompt:
|
|
Title: Passwordless Setup
|
|
Description: Would you like to setup passwordless login? (Authentication methods of your device like FaceID, Windows Hello or Fingerprint)
|
|
DescriptionInit: You need to set up passwordless login. Use the link you were given to register your device.
|
|
PasswordlessButtonText: Go passwordless
|
|
NextButtonText: Next
|
|
SkipButtonText: Skip
|
|
|
|
PasswordlessRegistration:
|
|
Title: Passwordless Setup
|
|
Description: Add your authentication by providing a name (e.g MyMobilePhone, MacBook, etc) and then clicking on the 'Register passwordless' button below.
|
|
TokenNameLabel: Name of the device
|
|
NotSupported: WebAuthN is not supported by your browser. Please ensure it is up to date or use a different one (e.g. Chrome, Safari, Firefox)
|
|
RegisterTokenButtonText: Register passwordless
|
|
ErrorRetry: Retry, create a new challenge or choose a different method.
|
|
|
|
PasswordlessRegistrationDone:
|
|
Title: Passwordless Set Up
|
|
Description: Device for passwordless successfully added.
|
|
DescriptionClose: You may now close this window.
|
|
NextButtonText: Next
|
|
CancelButtonText: Cancel
|
|
|
|
PasswordChange:
|
|
Title: Change Password
|
|
Description: Change your password. Enter your old and new password.
|
|
ExpiredDescription: You password has expired and has to be changed. Enter your old and new password.
|
|
OldPasswordLabel: Old Password
|
|
NewPasswordLabel: New Password
|
|
NewPasswordConfirmLabel: Password confirmation
|
|
CancelButtonText: Cancel
|
|
NextButtonText: Next
|
|
Footer: Footer
|
|
|
|
PasswordChangeDone:
|
|
Title: Change Password
|
|
Description: Your password was changed successfully.
|
|
NextButtonText: Next
|
|
|
|
PasswordResetDone:
|
|
Title: Password Reset Link Sent
|
|
Description: Check your email to reset your password.
|
|
NextButtonText: Next
|
|
|
|
EmailVerification:
|
|
Title: E-Mail Verification
|
|
Description: We have sent you an email to verify your address. Please enter the code in the form below.
|
|
CodeLabel: Code
|
|
NextButtonText: Next
|
|
ResendButtonText: Resend Code
|
|
|
|
EmailVerificationDone:
|
|
Title: E-Mail Verification
|
|
Description: Your email address has been successfully verified.
|
|
NextButtonText: Next
|
|
CancelButtonText: Cancel
|
|
LoginButtonText: Login
|
|
|
|
RegisterOption:
|
|
Title: Registration Options
|
|
Description: Choose how you'd like to register
|
|
RegisterUsernamePasswordButtonText: With username and password
|
|
ExternalLoginDescription: or register with an external user
|
|
LoginButtonText: Login
|
|
|
|
RegistrationUser:
|
|
Title: Registration
|
|
Description: Enter your Userdata. Your email address will be used as your login name.
|
|
DescriptionOrgRegister: Enter your Userdata.
|
|
EmailLabel: E-Mail
|
|
UsernameLabel: Username
|
|
FirstnameLabel: Given name
|
|
LastnameLabel: Family name
|
|
LanguageLabel: Language
|
|
German: Deutsch
|
|
English: English
|
|
Italian: Italiano
|
|
French: Français
|
|
Chinese: 简体中文
|
|
Polish: Polski
|
|
Japanese: 日本語
|
|
Spanish: Español
|
|
Bulgarian: Български
|
|
Portuguese: Português
|
|
Macedonian: Македонски
|
|
Czech: Čeština
|
|
Russian: Русский
|
|
Dutch: Nederlands
|
|
Swedish: Svenska
|
|
Indonesian: Bahasa Indonesia
|
|
Hungarian: Magyar
|
|
Korean: 한국어
|
|
GenderLabel: Gender
|
|
Female: Female
|
|
Male: Male
|
|
Diverse: diverse / X
|
|
PasswordLabel: Password
|
|
PasswordConfirmLabel: Password confirmation
|
|
TosAndPrivacyLabel: Terms and conditions
|
|
TosConfirm: I accept the
|
|
TosLinkText: TOS
|
|
PrivacyConfirm: I accept the
|
|
PrivacyLinkText: privacy policy
|
|
ExternalLogin: or register with an external user
|
|
BackButtonText: Login
|
|
NextButtonText: Next
|
|
|
|
ExternalRegistrationUserOverview:
|
|
Title: External User Registration
|
|
Description: We have taken your user details from the selected provider. You may now change or complete them.
|
|
EmailLabel: E-Mail
|
|
UsernameLabel: Username
|
|
FirstnameLabel: Given name
|
|
LastnameLabel: Family name
|
|
NicknameLabel: Nickname
|
|
PhoneLabel: Phone number
|
|
LanguageLabel: Language
|
|
German: Deutsch
|
|
English: English
|
|
Italian: Italiano
|
|
French: Français
|
|
Chinese: 简体中文
|
|
Polish: Polski
|
|
Japanese: 日本語
|
|
Spanish: Español
|
|
Bulgarian: Български
|
|
Portuguese: Português
|
|
Macedonian: Македонски
|
|
Czech: Čeština
|
|
Russian: Русский
|
|
Dutch: Nederlands
|
|
Swedish: Svenska
|
|
Indonesian: Bahasa Indonesia
|
|
Hungarian: Magyar
|
|
Korean: 한국어
|
|
TosAndPrivacyLabel: Terms and conditions
|
|
TosConfirm: I accept the
|
|
TosLinkText: TOS
|
|
PrivacyConfirm: I accept the
|
|
PrivacyLinkText: privacy policy
|
|
ExternalLogin: or register with an external user
|
|
BackButtonText: Nack
|
|
NextButtonText: Save
|
|
|
|
RegistrationOrg:
|
|
Title: Organization Registration
|
|
Description: Enter your organization name and userdata.
|
|
OrgNameLabel: Organization name
|
|
EmailLabel: E-Mail
|
|
UsernameLabel: Username
|
|
FirstnameLabel: Given name
|
|
LastnameLabel: Family name
|
|
PasswordLabel: Password
|
|
PasswordConfirmLabel: Password confirmation
|
|
TosAndPrivacyLabel: Terms and conditions
|
|
TosConfirm: I accept the
|
|
TosLinkText: TOS
|
|
PrivacyConfirm: I accept the
|
|
PrivacyLinkText: privacy policy
|
|
SaveButtonText: Create organization
|
|
|
|
LoginSuccess:
|
|
Title: Login Successful
|
|
AutoRedirectDescription: You will be directed back to your application automatically. If not, click on the button below. You may close the window afterwards.
|
|
RedirectedDescription: You may now close this window.
|
|
NextButtonText: Next
|
|
|
|
LogoutDone:
|
|
Title: Logged Out
|
|
Description: You have logged out successfully.
|
|
LoginButtonText: Login
|
|
|
|
LinkingUserPrompt:
|
|
Title: Existing User Found
|
|
Description: "Do you want to link your existing account:"
|
|
LinkButtonText: Link
|
|
OtherButtonText: Other options
|
|
|
|
LinkingUsersDone:
|
|
Title: Linking User
|
|
Description: User linked.
|
|
CancelButtonText: Cancel
|
|
NextButtonText: Next
|
|
|
|
ExternalNotFound:
|
|
Title: External User Not Found
|
|
Description: External user not found. Do you want to link your user or auto-register a new one?
|
|
LinkButtonText: Link
|
|
AutoRegisterButtonText: Register
|
|
TosAndPrivacyLabel: Terms and conditions
|
|
TosConfirm: I accept the
|
|
TosLinkText: TOS
|
|
PrivacyConfirm: I accept the
|
|
PrivacyLinkText: privacy policy
|
|
German: Deutsch
|
|
English: English
|
|
Italian: Italiano
|
|
French: Français
|
|
Chinese: 简体中文
|
|
Polish: Polski
|
|
Japanese: 日本語
|
|
Spanish: Español
|
|
Bulgarian: Български
|
|
Portuguese: Português
|
|
Macedonian: Македонски
|
|
Czech: Čeština
|
|
Russian: Русский
|
|
Dutch: Nederlands
|
|
Swedish: Svenska
|
|
Indonesian: Bahasa Indonesia
|
|
Hungarian: Magyar
|
|
Korean: 한국어
|
|
DeviceAuth:
|
|
Title: Device Authorization
|
|
UserCode:
|
|
Label: User Code
|
|
Description: Enter the user code presented on the device.
|
|
ButtonNext: Next
|
|
Action:
|
|
Description: Grant device access.
|
|
GrantDevice: you are about to grant device
|
|
AccessToScopes: access to the following scopes
|
|
Button:
|
|
Allow: Allow
|
|
Deny: Deny
|
|
Done:
|
|
Description: Done.
|
|
Approved: Device authorization approved. You may now return to the device.
|
|
Denied: Device authorization denied. You may now return to the device.
|
|
|
|
Footer:
|
|
PoweredBy: Powered By
|
|
Tos: TOS
|
|
PrivacyPolicy: Privacy policy
|
|
Help: Help
|
|
SupportEmail: Support E-mail
|
|
|
|
SignIn: Sign in with {{.Provider}}
|
|
|
|
Errors:
|
|
Internal: An internal error occurred
|
|
AuthRequest:
|
|
NotFound: Could not find authrequest
|
|
UserAgentNotCorresponding: User Agent does not correspond
|
|
UserAgentNotFound: User Agent ID not found
|
|
TokenNotFound: Token not found
|
|
RequestTypeNotSupported: Request type is not supported
|
|
MissingParameters: Required parameters missing
|
|
User:
|
|
NotFound: User could not be found
|
|
AlreadyExists: User already exists
|
|
Inactive: User is inactive
|
|
NotFoundOnOrg: User could not be found on chosen organization
|
|
NotAllowedOrg: User is no member of the required organization
|
|
NotMatchingUserID: User and user in authrequest don't match
|
|
UserIDMissing: UserID is empty
|
|
Invalid: Invalid userdata
|
|
DomainNotAllowedAsUsername: Domain is already reserved and cannot be used
|
|
NotAllowedToLink: User is not allowed to link with external login provider
|
|
Profile:
|
|
NotFound: Profile not found
|
|
NotChanged: Profile not changed
|
|
Empty: Profile is empty
|
|
FirstNameEmpty: Given name in profile is empty
|
|
LastNameEmpty: Family name in profile is empty
|
|
IDMissing: Profile ID is missing
|
|
Email:
|
|
NotFound: Email not found
|
|
Invalid: Email is invalid
|
|
AlreadyVerified: Email is already verified
|
|
NotChanged: Email not changed
|
|
Empty: Email is empty
|
|
IDMissing: Email ID is missing
|
|
Phone:
|
|
NotFound: Phone not found
|
|
Invalid: Phone is invalid
|
|
AlreadyVerified: Phone already verified
|
|
Empty: Phone is empty
|
|
NotChanged: Phone not changed
|
|
Address:
|
|
NotFound: Address not found
|
|
NotChanged: Address not changed
|
|
Username:
|
|
AlreadyExists: Username already taken
|
|
Reserved: Username is already taken
|
|
Empty: Username is empty
|
|
Password:
|
|
ConfirmationWrong: Password confirmation is wrong
|
|
Empty: Password is empty
|
|
Invalid: Password is invalid
|
|
InvalidAndLocked: Password is invalid and user is locked, contact your administrator.
|
|
NotChanged: New password cannot be the same as your current password
|
|
UsernameOrPassword:
|
|
Invalid: Username or Password is invalid
|
|
PasswordComplexityPolicy:
|
|
NotFound: Password policy not found
|
|
MinLength: Password is too short
|
|
HasLower: Password must contain lower letter
|
|
HasUpper: Password must contain upper letter
|
|
HasNumber: Password must contain number
|
|
HasSymbol: Password must contain symbol
|
|
Code:
|
|
Expired: Code is expired
|
|
Invalid: Code is invalid
|
|
Empty: Code is empty
|
|
CryptoCodeNil: Crypto code is nil
|
|
NotFound: Could not find code
|
|
GeneratorAlgNotSupported: Unsupported generator algorithm
|
|
EmailVerify:
|
|
UserIDEmpty: UserID is empty
|
|
ExternalData:
|
|
CouldNotRead: External data could not be read correctly
|
|
MFA:
|
|
NoProviders: No available multifactor providers
|
|
OTP:
|
|
AlreadyReady: Multifactor OTP (OneTimePassword) is already setup
|
|
NotExisting: Multifactor OTP (OneTimePassword) doesn't exist
|
|
InvalidCode: Invalid code
|
|
NotReady: Multifactor OTP (OneTimePassword) isn't ready
|
|
Locked: User is locked
|
|
SomethingWentWrong: Something went wrong
|
|
NotActive: User is not active
|
|
ExternalIDP:
|
|
IDPTypeNotImplemented: IDP Type is not implemented
|
|
NotAllowed: External Login Provider not allowed
|
|
IDPConfigIDEmpty: Identity Provider ID is empty
|
|
ExternalUserIDEmpty: External User ID is empty
|
|
UserDisplayNameEmpty: User Display Name is empty
|
|
NoExternalUserData: No external User Data received
|
|
CreationNotAllowed: Creation of a new user is not allowed on this provider
|
|
LinkingNotAllowed: Linking of a user is not allowed on this provider
|
|
NoOptionAllowed: Neither creation of linking is allowed on this provider. Please contact your administrator.
|
|
LoginFailedSwitchLocal: |
|
|
Login at External IDP failed. Falling back to local login.
|
|
|
|
Error details: {{.Details}}
|
|
GrantRequired: Login not possible. The user is required to have at least one grant on the application. Please contact your administrator.
|
|
ProjectRequired: Login not possible. The organization of the user must be granted to the project. Please contact your administrator.
|
|
IdentityProvider:
|
|
InvalidConfig: Identity Provider configuration is invalid
|
|
IAM:
|
|
LockoutPolicy:
|
|
NotExisting: Lockout Policy not existing
|
|
Org:
|
|
LoginPolicy:
|
|
RegistrationNotAllowed: Registration is not allowed
|
|
DeviceAuth:
|
|
NotExisting: User Code doesn't exist
|
|
|
|
optional: (optional)
|