English 英语 Japanese 日语 Korean 韩语 Chinese (Simplified) 简体中文 Chinese (Traditional) 繁体中文 Auto-detect 自动检测 Label for the auto-detect locale option in language selection dropdown Select language 语言选择 Label for the language selection dropdown () () Locale option label showing the localized language name along with the native language name in parentheses. Dismiss 取消 Connection error, reconnecting... 连接错误，正在重新连接…… An unknown error occurred 发生了未知的错误 Please check the browser console for more details. 请检查浏览器控制台以获取更多信息。 Status messages 状态消息 Settings 设置 Stop impersonation 停止模拟身份 Avatar image 头像图片 Sign out 注销 Admin 管理员 Home 主页 authentik Logo authentik 图标 Collapse navigation 收起导航 Expand navigation 展开导航 User interface 用户界面 Loading... 正在加载…… Application 应用程序 Logins 登录 Failed to fetch 拉取失败 FIPS Status FIPS 状态 OK 好的 FIPS compliance: passing FIPS 合规性：通过 Unverified 未验证 FIPS compliance: unverified FIPS 合规性：未验证 Show less 显示更少 Show more 显示更多 UID UID Name 名称 App 应用 Model Name 模型名称 Message 消息 Subject 主题 From 来自 To 至 Context 上下文 User 用户 Changes made: 作出的修改： Key 键名 Previous value 之前的值 New value 新值 - - Added ID 已添加 ID Removed ID 已删除 ID Cleared 已清除 Affected model: 受影响的模型： Authorized application: 已授权应用程序： Using flow 使用流程 Email info: 电子邮件信息： Secret: Secret： Exception 异常 Open issue on GitHub... 在 GitHub 上提出议题... Expression 表达式 Binding 绑定 Request 请求 Object 对象 Result 结果 Passing 通过 Messages 消息 New version available 新版本可用 Using source 使用源 Attempted to log in as 已尝试以 身份登录 No additional data available. 没有可用的额外数据。 Loading 正在加载 no tabs defined 未定义选项卡 Details 详情 : ： Required 必需 There was an error submitting the form. 在提交表单时发生了错误。 Close dialog 关闭对话框 API Access API 访问权限 App password 应用密码 Recovery 恢复 Verification 验证 Unknown intent 未知意图 Login 登录 Failed login 登录失败 Logout 注销 User was written to 用户被写入 Suspicious request 可疑请求 Password set 密码已设置 Secret was viewed Secret 已查看 Secret was rotated Secret 已轮换 Invitation used 已使用邀请 Application authorized 应用程序已授权 Source linked 源已链接 Impersonation started 已开始模拟身份 Impersonation ended 已结束模拟身份 Flow execution 流程执行 Policy execution 策略执行 Policy exception 策略异常 Property Mapping exception 属性映射异常 System task execution 系统任务执行 System task exception 系统任务异常 General system exception 一般系统异常 Configuration error 配置错误 Model created 模型已创建 Model updated 模型已更新 Model deleted 模型已删除 Email sent 已发送电子邮件 Update available 更新可用 Alert 注意 Notice 通知 Warning 警告 Unknown severity 未知严重程度 Static tokens 静态令牌 TOTP Device TOTP 设备 A code has been sent to your address: 一份代码已发送到您的电子邮箱地址： A code has been sent to your email address. 一份代码已发送到您的电子邮箱。 A one-time use code has been sent to you via SMS text message. 一份一次性代码以通过短信发送给您。 Open your authenticator app to retrieve a one-time use code. 打开您的两步验证应用收取一次性代码。 Enter a one-time recovery code for this user. 为此用户输入一次性恢复代码。 Enter the code from your authenticator device. 请输入来自您身份验证设备的代码。 Internal 内部 External 外部 Service account 服务账户 Service account (internal) 服务账户（内部） Remove item 删除项目 table pagination 表分页 - of - / Go to previous page 前往上一页 Go to next page 前往下一页 This field is required. 此字段是必需的。 Search... 搜索... Search 搜索 Query suggestions 查询建议 Query input 查询输入 Table Search 搜索表 Clear search 清除搜索 Sort by "" 按“”排序 No objects found. 未找到对象。 Failed to fetch objects. 拉取对象失败。 Select "" row 选择“”行 Collapse row 收起行 Expand row 展开行 Refresh 刷新 actions 操作 Select all rows on page ( of selected) 选择当前页面上的所有行（已选择 行，共 行） Last refreshed 上次刷新 table 表 Table content 表内容 Column actions 列操作 Anonymous user 匿名用户 On behalf of 代表 Authenticated as 以 身份通过验证 Recent events 近期事件 Events 事件 Action 操作 Creation Date 创建日期 Client IP 客户端 IP No Events found. 未找到事件。 No matching events could be found. 未找到匹配的事件 System Status 系统状态 Embedded outpost is not configured correctly. 嵌入式前哨配置不正确。 Check outposts. 检查前哨。 HTTPS is not detected correctly 未正确检测到 HTTPS Server and client are further than 5 seconds apart. 服务器和客户端的时间相差超过 5 秒。 Everything is ok. 一切正常。 Version 版本 Based on 基于 is available! 可用！ An outpost is on an incorrect version! 一个前哨的版本不正确！ Up-to-date! 最新！ Latest version unknown 最新版本未知 Workers Worker No workers connected. Background tasks will not run. 没有 Workers 连接，后台任务将无法运行。 Worker with incorrect version connected. 错误版本的 Worker 已连接。 Failed to fetch data. 拉取数据失败。 Chart 图表 Event volume chart 事件容量图表 Authorizations 授权 Successful Logins 成功登录 Failed Logins 失败登录 Cancel 取消 Synchronization status chart 同步状态图表 SCIM Provider SCIM 提供程序 Google Workspace Provider Google Workspace 提供程序 Microsoft Entra Provider Microsoft Entra 提供程序 LDAP Source LDAP 源 Kerberos Source Kerberos 源 Healthy 健康 Failed 已失败 Unsynced / N/A 未同步 / N/A Outpost status chart 前哨状态图表 Healthy outposts 健康的前哨 Outdated outposts 过时的前哨 Unhealthy outposts 不健康的前哨 Operation failed to complete 完成操作失败 Quick actions 快速操作 Not found 未找到 The URL "" was not found. 未找到 URL " "。 Return home 返回主页 Skip to content 跳到内容 Create a new application 创建新应用程序 Check the logs 检查日志 Explore integrations 探索集成 Manage users 管理用户 Check the release notes 查看发行日志 Overview 总览 Outpost status 前哨状态 Sync status 同步状态 Logins and authorizations over the last week (per 8 hours) 过去一周的登录与身份验证次数（每 8 小时） Apps with most usage 使用率最高的应用 Welcome, 欢迎， Welcome 欢迎 General system status 常规系统状态 Objects created 已创建对象 Users created per day in the last month 上个月中每天创建的用户 Users created 已创建用户 Logins per day in the last month 上个月中每天的登录次数 Failed Logins per day in the last month 上个月中每天的失败登录次数 Failed logins 失败登录 User Statistics 用户统计 Yes 是 No 否 No log messages. 没有日志消息。 Timestamp 时间戳 Attributes 属性 Time 时间 Level 等级 Event 事件 Logger 日志记录器 Not used by any other object. 不被任何其他对象使用。 object will be DELETED 对象将被删除 connection will be deleted 连接将被删除 reference will be reset to default value 引用将被重置为默认值 reference will be set to an empty value 引用将被设置为空值 () （ ） Delete 删除 deleted 已删除 ID ID Successfully deleted 成功删除 Failed to delete : 删除 失败： Delete 删除 Are you sure you want to delete ? 您确定要删除 吗？ No form found 未找到表单 Form actions 表单操作 Submit action 提交操作 Cancel action 取消操作 Successfully updated schedule. 已成功更新定时任务。 Crontab Crontab Paused 已暂停 Pause this schedule 暂停这个定时任务 Failed to fetch objects: 拉取对象失败： Successfully assigned permission. 已成功分配权限。 Role 角色 Assign 分配 Assign permission to role 为角色分配权限 Permission(s) 权限 Permission 权限 Superuser 超级用户 Model 模型 Select permissions to assign 选择权限以分配 Add 添加 Permissions to add 要添加的权限 Select permissions 选择权限 Assigned to role 分配到角色 Assign permission 分配权限 Role doesn't have view permission so description cannot be retrieved. 角色不具有查看权限，所以无法获取描述。 Permissions set on roles which affect this object. 为影响此对象的角色设置的权限。 Assigned global permissions 分配的全局权限 Assigned object permissions 分配的对象权限 Permissions assigned to this role which affect all object instances of a given type. 分配给该角色的权限，会影响给定类型的所有对象实例。 Close 关闭 Permissions 权限 Waiting to run 等待运行 Consumed 就绪 Pre-processing 预处理中 Running 运行中 Post-processing 后处理中 Successful 成功 Error 错误 Unknown 未知 Running tasks 运行中的任务 Queued tasks 队列中的任务 Successful tasks 成功的任务 Error tasks 发生错误的任务 Task 任务 Queue 队列 Retries 重试次数 Planned execution time 计划执行时间 Last updated 上次更新 Status 状态 Actions 操作 Row Actions 行操作 Show only standalone tasks 只显示无关联的任务 Exclude successful tasks 排除成功任务 Retry task 重试任务 Current execution logs 当前执行日志 Previous executions logs 先前的执行日志 Schedule 定时任务 Next run 下次运行 Last status 上次状态 Show only standalone schedules 只显示无关联的定时任务 Run scheduled task now 立即运行定时任务 Update Schedule 更新定时任务 Edit 编辑 Tasks 任务 Schedules 定时任务 System Tasks 系统任务 Long-running operations which authentik executes in the background. authentik 在后台执行的长时间运行的操作。 Next 下一步 Back 返回 Wizard steps 向导步骤 Wizard navigation 向导导航 New application 新应用程序 Create a new application and configure a provider for it. 创建一个应用程序并为它配置提供程序。 Any policy must match to grant access 必须匹配任意策略才能授予访问权限。 All policies must match to grant access 必须匹配所有策略才能授予访问权限 An application name is required 需要应用程序名称 Not a valid URL 不是有效的 URL Not a valid slug 不是有效的 Slug Configure the Application 配置应用程序 Type an application name... 输入应用名称.... Application Name 应用名称 The name displayed in the application library. 展示在应用程序库中的名字。 Slug Slug Internal application name used in URLs. 在 URL 中使用的应用内部名称。 Group 组 e.g. Collaboration, Communication, Internal, etc. 例如合作、沟通、内部等 Optionally enter a group name. Applications with identical groups are shown grouped together. 输入可选的分组名称。分组相同的应用程序会显示在一起。 Policy engine mode 策略引擎模式 UI Settings 用户界面设置 Launch URL 启动 URL https://... https://... If left empty, authentik will try to extract the launch URL based on the selected provider. 如果留空，authentik 将尝试根据选定的提供程序提取启动 URL。 Open in new tab 在新标签页中打开 If checked, the launch URL will open in a new browser tab or window from the user's application library. 如果勾选，在用户的应用程序库中时，启动 URL 将会在新浏览器标签页或窗口中打开。 Select all rows 选择所有行 Bind existing policy/group/user 绑定已有策略/组/用户 Order 顺序 Enabled 已启用 Timeout 超时 Configure Bindings 配置绑定 Policy 策略 Group 组 User 用户 Configure Policy/User/Group Bindings 配置策略/用户/组绑定 These policies control which users can access this application. 这些策略控制哪些用户可以访问此应用程序。 No bound policies. 没有绑定的策略 No policies are currently bound to this object. 当前没有策略绑定到此对象。 Bind policy/group/user 绑定策略/组/用户 Configure Policy Bindings 配置策略绑定 Pass 通过 Don't Pass 不通过 Edit Binding 编辑绑定 Save Binding 保存绑定 Create a Policy/User/Group Binding 创建一个策略/用户/组绑定 Policy 策略 Negate result 反转结果 Negates the outcome of the binding. Messages are unaffected. 反转绑定的结果。消息不受影响。 Failure result 失败结果 Enterprise only 仅限企业版 Learn more about the enterprise license. 了解更多企业版许可证的信息。 Apply changes 应用更改 UNNAMED 未命名 Wizard content 向导内容 Finish 完成 Icon 图标 Choose a Provider 选择提供程序 Please choose a provider type before proceeding. 请在继续前选择一个提供程序类型。 Choose a Provider Type 选择提供程序类型 Certificate 证书 Select a certificate... 选择一个证书... Authentication 身份验证 Authorization 授权 Enrollment 注册 Invalidation 失效 Stage Configuration 阶段配置 Unenrollment 删除账户 Unknown designation 未知用途 Stacked 叠放 Content left 内容左侧 Content right 内容右侧 Sidebar left 边栏左侧 Sidebar right 边栏右侧 Unknown layout 未知布局 Select a flow... 选择一个流程... Add All Available 添加所有可用 Remove All Available 删除所有可用 Remove 删除 Remove All 删除所有 Pagination 分页 Available options 可用选项 Selected options 已选项目 Search ... 搜索 ... (Format: hours=-1;minutes=-2;seconds=-3). （格式：hours=-1;minutes=-2;seconds=-3）。 (Format: hours=1;minutes=2;seconds=3). （格式：hours=1;minutes=2;seconds=3）。 The following keywords are supported: 支持以下关键字： Cached binding 缓存绑定 Flow is executed and session is cached in memory. Flow is executed when session expires 流程与会话会在内存中执行与缓存。会话过期时执行流程 Direct binding 直接绑定 Always execute the configured bind flow to authenticate the user 总是执行配置的绑定流程，以验证用户的身份。 Cached querying 缓存查询 The outpost holds all users and groups in-memory and will refresh every 5 Minutes 前哨将所有用户和组保存在内存中，并每 5 分钟刷新一次 Direct querying 直接查询 Always returns the latest data, but slower than cached querying 总是返回最新数据，但比缓存查询慢。 When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon. 启用时，可以通过在密码后添加分号和 TOTP 代码来使用基于代码的多因素身份验证。仅在所有绑定到此提供程序的用户都已配置 TOTP 设备的情况下才应该启用，否则密码可能会因为包含分号而被错误地拒绝。 The certificate for the above configured Base DN. As a fallback, the provider uses a self-signed certificate. 为上方配置 Base DN 提供的证书。作为回退，提供程序使用一个自签名证书。 DNS name for which the above configured certificate should be used. The certificate cannot be detected based on the base DN, as the SSL/TLS negotiation happens before such data is exchanged. 上方配置证书应该使用的 DNS 名称。无法基于 Base DN 检测证书，因为 SSL/TLS 协商发生在此类数据交换之前。 The start for uidNumbers, this number is added to the user.Pk to make sure that the numbers aren't too low for POSIX users. Default is 2000 to ensure that we don't collide with local users uidNumber 起始 uidNumbers，这个数字会被添加到 user.Pk 中，以确保对于 POSIX 用户来说，这个数字不会太低。默认值为 2000，以确保我们不会与本地用户的 uidNumber 发生冲突 The start for gidNumbers, this number is added to a number generated from the group.Pk to make sure that the numbers aren't too low for POSIX groups. Default is 4000 to ensure that we don't collide with local groups or users primary groups gidNumber 起始 gidNumbers，这个数字会被添加到从 group.Pk 生成的数字中，以确保对于 POSIX 用户来说，这个数字不会太低。默认值为 4000，以确保我们不会与本地群组或用户主组的 gidNumber 发生冲突 Provider Name 提供程序名 Type a provider name... 输入提供者名称.... Configure how the outpost authenticates requests. 配置前哨如何验证请求的身份。 Configure how the outpost queries the core authentik server's users. 配置前哨如何查询核心 authentik 服务器的用户。 Code-based MFA Support 基于代码的 MFA 支持 Flow settings 流程设置 Flow used for users to authenticate. 用于验证用户身份的流程。 Flow used for unbinding users. 用于取消绑定用户的流程。 Protocol settings 协议设置 Base DN Base DN LDAP DN under which bind requests and search requests can be made. 可以发出绑定请求和搜索请求的 LDAP DN。 Configure LDAP Provider 配置 LDAP 提供程序 Show field content 显示字段内容 Hide field content 隐藏字段内容 Add entry 添加条目 Strict 严格 Regex 正则表达式 URL URL Confidential 机密 Confidential clients are capable of maintaining the confidentiality of their credentials such as client secrets 机密客户端有能力维护其凭据例如客户端密钥的机密性。 Public 公开 Public clients are incapable of maintaining the confidentiality and should use methods like PKCE. 公开客户端没有能力维护其凭据的机密性，应该使用 PKCE 等方法。 Back-channel 反向通道 Server-to-server logout notifications 服务器到服务器注销通知 Front-channel 正向通道 Browser iframe logout notifications 浏览器 iframe 注销通知 Based on the User's hashed ID 基于哈希过的用户 ID Based on the User's ID 基于用户 ID Based on the User's UUID 基于用户 UUID Based on the User's username 基于用户名 Based on the User's Email 基于用户电子邮箱 This is recommended over the UPN mode. 相比于 UPN，更推荐此模式。 Based on the User's UPN 基于用户 UPN Requires the user to have a 'upn' attribute set, and falls back to hashed user ID. Use this mode only if you have different UPN and Mail domains. 需要用户设置过“upn”属性，否则回退到哈希过的用户 ID。仅应在您拥有不同 UPN 和邮件域时使用此模式。 Each provider has a different issuer, based on the application slug 根据应用程序 Slug，每个提供程序都有不同的颁发者 Same identifier is used for all providers 所有提供程序都使用相同的标识符 To allow any redirect URI, set the mode to Regex and the value to ".*". Be aware of the possible security implications this can have. 要允许任何重定向 URI，请设置模式为正则表达式，并将此值设置为 ".*"。请注意这可能带来的安全影响。 Authorization flow 授权流程 Select an authorization flow... 选择一个授权流程... Flow used when authorizing this provider. 授权此提供程序时使用的流程。 Client ID 客户端 ID Client Secret 客户端 Secret Redirect URIs/Origins (RegEx) 重定向 URI/Origin（正则） Logout URI 注销 URI URI to send logout notifications to when users log out. Required for OpenID Connect Logout functionality. Logout Method 注销方法 The logout method determines how the logout URI is called — back-channel (server-to-server) or front-channel (browser iframe). Signing Key 签名密钥 Select a signing key... 选择一个签名密钥.. Key used to sign the tokens. 用于签名令牌的密钥。 Advanced flow settings 高级流程设置 Select an authentication flow... 选择一个身份验证流程... Flow used when a user access this provider and is not authenticated. 当用户访问此提供程序并且尚未验证身份时使用的流程。 Select an invalidation flow... 选择一个失效流程... Flow used when logging out of this provider. 注销此提供程序时使用的流程。 Advanced protocol settings 高级协议设置 Configure how long access codes are valid for. 配置访问代码的有效期限。 Configure how long access tokens are valid for. 配置访问令牌的有效期限。 Configure how long refresh tokens are valid for. 配置刷新令牌的有效期限。 When renewing a refresh token, if the existing refresh token's expiry is within this threshold, the refresh token will be renewed. Set to seconds=0 to always renew the refresh token. 续订刷新令牌时，如果现有刷新令牌的有效期在阈值内，则将续订刷新令牌。设置为 seconds=0 表示始终续订刷新令牌。 Scopes 作用域 Available Scopes 可用作用域 Selected Scopes 已选作用域 Select which scopes can be used by the client. The client still has to specify the scope to access the data. 选择客户端可以使用哪些作用域。客户端仍然需要指定访问数据的范围。 Encryption Key 加密密钥 Select an encryption key... 选择一个加密密钥... Key used to encrypt the tokens. Only enable this if the application using this provider supports JWE tokens. 用于加密令牌的密钥。仅当使用此提供程序的应用程序支持 JWE 令牌时启用此功能。 authentik only supports RSA-OAEP-256 for encryption. authentik 仅支持使用 RSA-OAEP-256 用于加密。 Configure what data should be used as unique User Identifier. For most cases, the default should be fine. 配置应将哪些数据用作唯一用户标识符。在大多数情况下保持默认值即可。 Include claims in id_token 在 id_token 中包含声明 Include User claims from scopes in the id_token, for applications that don't access the userinfo endpoint. 对于不访问 userinfo 端点的应用程序，将来自作用域的用户声明包含在 id_token 中。 Issuer mode Issuer 模式 Configure how the issuer field of the ID Token should be filled. 配置如何填写 ID 令牌的颁发者字段。 Machine-to-Machine authentication settings M2M（机器到机器）身份验证设置 Federated OIDC Sources 联邦式 OIDC 源 Available Sources 可用源 Selected Sources 已选源 JWTs signed by certificates configured in the selected sources can be used to authenticate to this provider. 在选定源中配置的证书签名的 JWT 可以用于此提供程序的身份验证。 Available Providers 可用提供程序 Selected Providers 已选提供程序 JWTs signed by the selected providers can be used to authenticate to this provider. 由已选提供程序签发的 JWT 可以用于此提供程序的身份验证。 Configure OAuth2 Provider 配置 OAuth2 提供程序 Successfully updated provider. 已成功更新提供程序。 Successfully created provider. 已成功创建提供程序。 An error occurred while updating the provider. 更新提供程序时发生了错误。 An error occurred while creating the provider. 创建提供程序时发生了错误。 HTTP-Basic Username Key HTTP-Basic 用户名键 User/Group Attribute used for the user part of the HTTP-Basic Header. If not set, the user's Email address is used. 用于 HTTP-Basic 标头用户名部分的用户/组属性。如果未设置，则使用用户的电子邮件地址。 HTTP-Basic Password Key HTTP-Basic 密码键 User/Group Attribute used for the password part of the HTTP-Basic Header. 用于 HTTP-Basic 标头的密码部分的用户/组属性。 Proxy 代理 Forward auth (single application) Forward Auth（单应用） Forward auth (domain level) Forward Auth（域名级） This provider will behave like a transparent reverse-proxy, except requests must be authenticated. If your upstream application uses HTTPS, make sure to connect to the outpost using HTTPS as well. 除了请求必须经过身份验证外，此提供程序的行为类似于透明反向代理。如果您的上游应用程序使用 HTTPS，请确保连接到前哨时也使用 HTTPS。 External host 外部主机 The external URL you'll access the application at. Include any non-standard port. 您将通过此外部 URL 访问应用程序。请包括任何非标准端口。 Internal host 内部主机 http(s)://... http(s)://... Upstream host that the requests are forwarded to. 请求被转发到的上游主机。 Internal host SSL Validation 内部主机 SSL 验证 Validate SSL Certificates of upstream servers. 验证上游服务器的 SSL 证书。 Use this provider with nginx's auth_request or traefik's forwardAuth. Each application/domain needs its own provider. Additionally, on each domain, /outpost.goauthentik.io must be routed to the outpost (when using a managed outpost, this is done for you). 与 nginx 的 auth_request 或 traefik 的 ForwardAuth 一起使用此提供程序。每个应用程序/域名都需要自己的提供程序。此外，在每个域名上，/outpost.goauthentik.io 必须路由到前哨（在使用托管的 Outpost 时，这已经为您处理好了）。 Use this provider with nginx's auth_request or traefik's forwardAuth. Only a single provider is required per root domain. You can't do per-application authorization, but you don't have to create a provider for each application. 与 nginx 的 auth_request 或 traefik 的 ForwardAuth 一起使用此提供程序。每个根域名只需要一个提供程序。您无法管理每个应用程序的授权，但不必为每个应用程序分别创建提供程序。 An example setup can look like this: 设置示例如下所示： authentik running on auth.example.com auth.example.com 上运行的 authentik app1 running on app1.example.com app1.example.com 上运行的 app1 In this case, you'd set the Authentication URL to auth.example.com and Cookie domain to example.com. 在这种情况下，您需要将身份验证 URL 设置为 auth.example.com，并将 Cookie 域名设置为 example.com。 Authentication URL 身份验证 URL The external URL you'll authenticate at. The authentik core server should be reachable under this URL. 您将在此外部 URL 进行身份验证。通过此 URL 应该可以访问到 authentik 核心服务器。 Cookie domain Cookie 域名 domain.tld Set this to the domain you wish the authentication to be valid for. Must be a parent domain of the URL above. If you're running applications as app1.domain.tld, app2.domain.tld, set this to 'domain.tld'. 将此设置为您希望身份验证有效的域名。必须是上述 URL 的父域名。如果您的应用部署在 app1.domain.tld、app2.domain.tld，请将其设置为 “domain.tld”。 Token validity 令牌有效性 Configure how long tokens are valid for. 配置令牌的有效期限。 Additional scopes 额外的作用域 Additional scope mappings, which are passed to the proxy. 传递给代理的额外作用域映射。 Unauthenticated URLs 不验证身份的 URL Unauthenticated Paths 不验证身份的路径 Regular expressions for which authentication is not required. Each new line is interpreted as a new expression. 用于描述何处不需要身份验证的正则表达式。每个新行都被解释为一个新的表达式。 When using proxy or forward auth (single application) mode, the requested URL Path is checked against the regular expressions. When using forward auth (domain mode), the full requested URL including scheme and host is matched against the regular expressions. 使用代理或 Forward Auth（单应用）模式时，将根据正则表达式检查请求的 URL 路径。使用 Forward Auth（域名模式）时，将根据正则表达式检查请求的完整 URL（包括协议和主机名）。 Authentication settings 身份验证设置 Intercept header authentication 拦截身份验证标头 When enabled, authentik will intercept the Authorization header to authenticate the request. 启用时，authentik 将会拦截 Authorization 标头以认证请求。 Send HTTP-Basic Authentication 发送 HTTP-Basic 身份验证 Send a custom HTTP-Basic Authentication header based on values from authentik. 根据来自 authentik 的值发送自定义 HTTP-Basic 身份验证标头。 Configure Proxy Provider 配置代理提供程序 Configure Remote Access Provider 配置远程访问提供程序 Connection expiry 连接过期 Determines how long a session lasts before being disconnected and requiring re-authorization. 设置会话在被断开连接并需要重新授权之前持续的时间。 Property mappings 属性映射 Available Property Mappings 可用属性映射 Selected Property Mappings 已选属性映射 List of CIDRs (comma-seperated) that clients can connect from. A more specific CIDR will match before a looser one. Clients connecting from a non-specified CIDR will be dropped. 允许客户端连接的 CIDR 列表（逗号分隔）。严格的 CIDR 会在宽松的之前匹配。来自 CIDR 范围外的客户端连接将会被丢弃。 Shared secret 共享密钥 Client Networks 客户端网络 Certificate used for EAP-TLS. Requires Mutual TLS Stage in authentication flow. 用于 EAP-TLS 的证书。需要身份验证流程中的相互 TLS 阶段。 Configure Radius Provider 配置 Radius 提供程序 Redirect 重定向 Post Post Sign assertions 签名断言 When enabled, the assertion element of the SAML response will be signed. 启用时，SAML 响应的断言元素会被签名。 Sign responses 签名响应 When enabled, the SAML response will be signed. 启用时，SAML 响应会被签名。 Sign logout requests 签名注销请求 When enabled, SAML logout requests will be signed. 启用时，将签名 SAML 注销请求 Front-channel (Iframe) 正向通道（iframe） Front-channel (Native) Back-channel (POST) 反向通道（POST） SLS Binding SLS 绑定 Determines how authentik sends the logout response back to the Service Provider. 确定 authentik 如何将注销响应发送回服务提供程序。 Method to use for logout when SLS URL is configured. 配置 SLS URL 时用于注销的方法。 ACS URL ACS URL Service Provider Binding 服务提供程序绑定 Determines how authentik sends the response back to the Service Provider. 确定 authentik 如何将响应发送回服务提供程序。 Issuer 颁发者 Also known as Entity ID. 又称之为 Entity ID Audience Audience SLS URL SLS URL Optional Single Logout Service URL to send logout responses to. If not set, no logout response will be sent. 可选的单点注销服务 URL，用于发送注销响应。如果未设置，则不会发送注销响应。 Signing Certificate 签名证书 Certificate used to sign outgoing Responses going to the Service Provider. 证书，用于签署发送给服务提供程序的传出响应。 Verification Certificate 验证证书 When selected, incoming assertion's Signatures will be validated against this certificate. To allow unsigned Requests, leave on default. 选中后，传入断言的签名将根据此证书进行验证。要允许未签名的请求，请保留默认值。 Encryption Certificate 加密证书 When selected, assertions will be encrypted using this keypair. 选择此选项时，断言将以此密钥对加密。 Available User Property Mappings 可用用户属性映射 Selected User Property Mappings 已选用户属性映射 NameID Property Mapping NameID 属性映射 Configure how the NameID value will be created. When left empty, the NameIDPolicy of the incoming request will be respected. 配置如何创建 NameID 值。如果留空，将遵守传入请求的 NameIDPolicy。 AuthnContextClassRef Property Mapping AuthnContextClassRef 属性映射 Configure how the AuthnContextClassRef value will be created. When left empty, the AuthnContextClassRef will be set based on which authentication methods the user used to authenticate. 配置如何创建 AuthnContextClassRef 值。留空时，AuthnContextClassRef 会基于用户使用的身份验证方式设置。 Assertion valid not before 不在此刻之前，断言有效 Configure the maximum allowed time drift for an assertion. 为断言配置允许的最大时间漂移。 Assertion valid not on or after 不在此刻或之后，断言有效 Assertion not valid on or after current time + this value. 从当前时间经过多久时或之后，断言无效。 Session valid not on or after 不在此刻或之后，会话有效 Session not valid on or after current time + this value. 从当前时间经过多久时或之后，会话无效。 Default relay state 默认中继状态 When using IDP-initiated logins, the relay state will be set to this value. 当使用 IDP 发起的登录时，中继状态会被设置为此值。 Default NameID Policy 默认 NameID 策略 Persistent 持久的 Email address 电子邮箱地址 Windows Windows X509 Subject X509 主题 Transient 暂时的 Configure the default NameID Policy used by IDP-initiated logins and when an incoming assertion doesn't specify a NameID Policy (also applies when using a custom NameID Mapping). 配置 IDP 发起的登录或传入的断言未指定 NameID 策略时所使用的默认 NameID 策略（使用自定义 NameID 映射也适用）。 Digest algorithm 摘要算法 Signature algorithm 签名算法 Configure SAML Provider 配置 SAML 提供程序 Token 令牌 Token to authenticate with. 用于身份验证的令牌。 OAuth Source OAuth 源 Specify OAuth source used for authentication. 指定用于身份验证的 OAuth 源。 OAuth Parameters OAuth 参数 Additional OAuth parameters, such as grant_type. 额外的 OAuth 参数，例如 grant_type SCIM base url, usually ends in /v2. SCIM 基础 URL，通常以 /v2 结尾。 Verify SCIM server's certificates 验证 SCIM 服务器证书 Authentication Mode 身份验证模式 Authenticate SCIM requests using a static token. 使用静态令牌验证 SCIM 请求。 OAuth OAuth Authenticate SCIM requests using OAuth. 使用 OAuth 验证 SCIM 请求 Compatibility Mode 兼容模式 Default 默认 Default behavior. 默认行为。 AWS AWS Altered behavior for usage with Amazon Web Services. 更改行为以使用 Amazon Web 服务。 Slack Slack Altered behavior for usage with Slack. 更改行为以使用 Slack。 Salesforce Salesforce Altered behavior for usage with Salesforce. 更改行为以使用 Salesforce。 Alter authentik's behavior for vendor-specific SCIM implementations. 更改 authentik 的行为，以兼容特定厂商的 SCIM 实现。 Enable dry-run mode 启用试运行模式 When enabled, mutating requests will be dropped and logged instead. 启用时，变更请求将会被放弃，仅记录日志。 User filtering 用户过滤 Exclude service accounts 排除服务账户 Only sync users within the selected group. 只同步选定组中的用户。 Attribute mapping 属性映射 User Property Mappings 用户属性映射 Property mappings used to user mapping. 用于用户映射的属性映射。 Group Property Mappings 组属性映射 Available Group Property Mappings 可用组属性映射 Selected Group Property Mappings 已选组属性映射 Property mappings used to group creation. 用于创建组的属性映射。 Sync settings 同步设置 Page size 页面大小 Controls the number of objects synced in a single task. 控制单个任务中同步的对象数量 Page timeout 页面超时 Timeout for synchronization of a single page. 单页同步超时 Configure SCIM Provider 配置 SCIM 提供程序 Configure Provider 配置提供程序 Type 类型 None 无 strict 严格 regexp 正则表达式 Forward auth (domain-level) Forward Auth（域名级） Unknown proxy mode 未知代理模式 Mode 模式 Internal Host 内部主机 External Host 外部主机 Basic-Auth 基本身份验证 Unknown type 未知类型 Redirect URIs 重定向 URI Review and Submit Application 检查与提交应用程序 There was an error in the application. 应用程序中存在一个错误。 Review the application. 检查此应用程序。 There was an error in the provider. 提供程序中存在一个错误。 Review the provider. 检查此提供程序。 There was an error. Please go back and review the application. 存在一个错误。请返回检查此应用程序。 There was an error: 存在一个错误： Please go back and review the application. 请返回检查此应用程序。 There was an error creating the application, but no error message was sent. Please review the server logs. 创建应用程序时存在一个错误，但未发送错误消息。请检查服务器日志。 Review the Application and Provider 检查应用程序和提供程序 Provider 提供程序 Your application has been saved 您的应用程序已保存 Saving application... 正在保存应用程序... authentik was unable to complete this process. authentik 无法完成此操作。 Don't show this message again. 不要再显示此消息。 One hint, 'New Application Wizard', is currently hidden “新应用程序向导”提示目前已隐藏 Restore Application Wizard Hint 恢复应用程序向导提示 Create with wizard 通过向导创建 Successfully imported provider. 已成功导入提供程序。 Metadata 元数据 Create 创建 New Provider 新建提供程序 Open the wizard to create a new provider. 打开向导来创建新提供程序。 Credentials 凭据 Google Cloud credentials file. Google Cloud 凭据文件。 Delegated Subject 委托主题 Email address of the user the actions of authentik will be delegated to. 接受 authentik 操作委托的用户电子邮件地址。 Default group email domain 默认组电子邮件域 Default domain that is used to generate a group's email address. Can be customized using property mappings. 用于生成组内电子邮件的默认域。可以通过属性映射进行自定义。 User deletion action 用户删除动作 User is deleted 用户被删除 Suspend 停用 User is suspended, and connection to user in authentik is removed. 用户被停用，authentik 与此用户的连接被删除。 Do Nothing 什么也不做 The connection is removed but the user is not modified 连接被删除，但用户未被修改 Determines what authentik will do when a User is deleted. 决定当用户被删除时，authentik 应该做什么。 Group deletion action 组删除动作 Group is deleted 组被删除 The connection is removed but the group is not modified 连接被删除，但组未被修改 Determines what authentik will do when a Group is deleted. 决定当组被删除时，authentik 应该做什么。 Client ID for the app registration. 应用注册的客户端 ID。 Client secret for the app registration. 应用注册的客户端密钥。 Tenant ID 租户 ID ID of the tenant accounts will be synced into. 将被同步的租户账户 ID。 Delete authorization on disconnect 断开连接时删除授权 When enabled, connection authorizations will be deleted when a client disconnects. This will force clients with flaky internet connections to re-authorize the endpoint. 启用时，客户端断开连接时，其连接授权将会被删除。这会导致网络连接不稳定的客户端重新授权此端点。 Connection settings. 连接设置。 Key used to sign the events. 用于签名事件的密钥。 Event Retention 事件保留 Determines how long events are stored for. If an event could not be sent correctly, its expiration is also increased by this duration. 设置事件存储多久时间。如果无法成功发送事件，则此时长也会添加到事件的过期时间。 Providers 提供程序 Provide support for protocols like SAML and OAuth to assigned applications. 为分配的应用程序提供对 SAML 和 OAuth 等协议的支持。 Provider Search 搜索提供程序 Provider(s) 提供程序 Assigned to application 分配给应用程序 Assigned to application (backchannel) 绑定到应用（反向通道） Provider not assigned to any application. 提供程序未分配给任何应用程序。 Update 更新 Successfully triggered sync. 已成功触发同步。 Log messages 日志消息 Override dry-run mode 覆盖试运行模式 When enabled, this sync will still execute mutating requests regardless of the dry-run mode in the provider. 启用时，此同步仍将执行变更请求，无论提供程序是否启用试运行模式。 Sync 同步 Sync Group 同步组 Google Workspace Group(s) Google Workspace 组 Sync User 同步用户 Google Workspace User(s) Google Workspace 用户 Username 用户名 Current status 当前状态 Sync is currently running. 当前正在同步。 Sync is not currently running. 当前不在同步。 Last successful sync 上次成功同步 No successful sync found. 未找到成功的同步。 Last sync status 上次同步状态 Changelog 更新日志 Provisioned Users 预配用户 Provisioned Groups 预配组 Warning: Provider is not assigned to an application as backchannel provider. 警告：提供程序未作为反向通道分配给应用程序。 Dry-run 试运行 Update Google Workspace Provider Google Workspace 提供程序 Either input a full URL, a relative path, or use 'fa://fa-test' to use the Font Awesome icon "fa-test". 输入完整 URL、相对路径，或者使用 'fa://fa-test' 来使用 Font Awesome 图标 "fa-test"。 Path template for users created. Use placeholders like `%(slug)s` to insert the source slug. 创建用户的路径模板。使用占位符如 `%(slug)s` 插入源 Slug。 Successfully updated application. 已成功更新应用程序。 Successfully created application. 已成功创建应用程序。 Using this form will only create an Application. In order to authenticate with the application, you will have to manually pair it with a Provider. 此表单只会创建应用程序。要设置此应用程序的身份验证，您需要手动为它配对一个提供程序。 Select a provider that this application should use. 选择此应用应该使用的提供程序。 Backchannel Providers 反向通道提供程序 Select backchannel providers which augment the functionality of the main provider. 选择可为主要提供程序增强功能的反向通道提供程序。 Add provider 添加提供程序 UI settings 用户界面设置 Icon 图标 Publisher 发布者 Description 描述 Create Application 创建应用程序 Warning: Provider is not used by any Outpost. 警告：提供程序未被任何前哨使用。 Assigned to application 分配给应用程序 Update LDAP Provider 更新 LDAP 提供程序 How to connect 如何连接 Connect to the LDAP Server on port 389: 通过端口 389 连接到 LDAP 服务器： Check the IP of the Kubernetes service, or 检查 Kubernetes 服务的 IP，或者 The Host IP of the docker host Docker 宿主机的主机 IP Bind DN 绑定 DN Bind Password 绑定密码 Your authentik password 您的 authentik 密码 Search base 搜索 Base Microsoft Entra Group(s) Microsoft Entra 组 Microsoft Entra User(s) Microsoft Entra 用户 Update Microsoft Entra Provider 更新 Microsoft Entra 提供程序 Preview 预览 Warning: Provider is not used by an Application. 警告：提供程序未被任何应用程序使用。 OpenID Configuration URL OpenID 配置 URL OpenID Configuration Issuer OpenID 配置颁发者 Authorize URL 授权 URL Token URL 令牌 URL Userinfo URL 用户信息 URL Logout URL 注销 URL JWKS URL JWKS URL JWT payload JWT 载荷 Preview for user 用户预览 Nginx (Ingress) Nginx（Ingress） Nginx (Proxy Manager) Nginx（Proxy Manager） Nginx (standalone) Nginx（独立） Traefik (Ingress) Traefik（Ingress） Traefik (Compose) Traefik（Compose） Traefik (Standalone) Traefik（独立） Caddy (Standalone) Caddy（独立） Update Proxy Provider 更新代理提供程序 Protocol Settings 协议设置 Allowed Redirect URIs 允许的重定向 URI Setup 设置 No additional setup is required. 无需进行额外设置。 Connection Token(s) 连接令牌 Endpoint 端点 Successfully updated endpoint. 已成功更新端点。 Successfully created endpoint. 已成功创建端点。 Protocol 协议 RDP RDP SSH SSH VNC VNC Host 主机 Hostname/IP to connect to. Optionally specify the port. 要连接的主机名/IP。端口号是可选的。 Maximum concurrent connections 最大并发连接数 Maximum concurrent allowed connections to this endpoint. Can be set to -1 to disable the limit. 允许到此端点的最大并发连接数。可以设置为 -1 以禁用限制。 Advanced settings 高级设置 Search for users by username or display name... 按用户名或显示名搜索用户... Search Users 搜索用户 Select Users 选择用户 Active 激活 Last login 上次登录 Show inactive users 显示不活跃的用户 Select users 选择用户 Confirm 确认 Successfully updated group. 已成功更新组。 Successfully created group. 已成功创建组。 Type a group name... 输入组名.. Group Name 组名 Superuser Privileges 超级用户权限 Whether users added to this group will have superuser privileges. 指定添加到该组的用户是否具有超级用户权限。 Parent Group 父组 Roles 角色 Available Roles 可用角色 Selected Roles 已选角色 Select roles to grant this groups' users' permissions from the selected roles. 选择角色，为该组内用户授予所选角色的权限。 Set custom attributes using YAML or JSON. 使用 YAML 或 JSON 设置自定义属性。 Successfully updated binding. 已成功更新绑定。 Successfully created binding. 已成功创建绑定。 Result used when policy execution fails. 策略执行失败时的结果。 Successfully updated policy. 已成功更新策略。 Successfully created policy. 已成功创建策略。 A policy used for testing. Always returns the same result as specified below after waiting a random duration. 用于测试的策略。等待随机时长后，始终返回下面指定的结果。 Execution logging 记录执行日志 When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged. 启用此选项后，将记录此策略的所有执行日志。默认情况下，只记录执行错误。 Policy-specific settings 特定策略设置 Pass policy? 通过策略？ Wait (min) 等待（最短） The policy takes a random time to execute. This controls the minimum time it will take. 策略需要一段随机时间来执行。这将控制所需的最短时间。 Wait (max) 等待（最长） Matches an event against a set of criteria. If any of the configured values match, the policy passes. 根据一组条件匹配事件。如果任何配置的值匹配，则策略将通过。 Match created events with this action type. When left empty, all action types will be matched. 将创建的事件与此操作类型匹配。留空时，所有操作类型都将匹配。 Matches Event's Client IP (strict matching, for network matching use an Expression Policy). 匹配事件的客户端 IP（严格匹配，要网络匹配请使用表达式策略）。 Match events created by selected application. When left empty, all applications are matched. 匹配选定应用程序创建的事件。如果留空，则匹配所有应用程序。 Match events created by selected model. When left empty, all models are matched. 匹配选定模型创建的事件。如果留空，则匹配所有模型。 Checks if the request's user's password has been changed in the last x days, and denys based on settings. 检查过去 x 天内请求的用户密码是否已更改，并根据设置拒绝。 Maximum age (in days) 最长使用期限（单位为天） Only fail the policy, don't invalidate user's password 仅使策略失败，不使用户的密码失效 Executes the python snippet to determine whether to allow or deny a request. 执行 Python 代码段以确定是允许还是拒绝请求。 Expression using Python. 使用 Python 的表达式。 See documentation for a list of all variables. 请阅读文档了解完整变量列表。 Ensure the user satisfies requirements of geography or network topology, based on IP address. If any of the configured values match, the policy passes. 确保用户满足基于 IP 地址的地理或网络拓扑要求。如果任何配置的值匹配，则策略通过。 Distance settings 距离设置 Check historical distance of logins 检查历史登录距离 When this option enabled, the GeoIP data of the policy request is compared to the specified number of historical logins. 启用此选项时，策略请求的 GeoIP 数据会用来与指定数量的历史登录比较。 Maximum distance 最大距离 Maximum distance a login attempt is allowed from in kilometers. 允许登录请求的最大距离，单位为千米。 Distance tolerance 距离误差 Tolerance in checking for distances in kilometers. 检查距离时允许的误差，单位为千米。 Historical Login Count 历史登录次数 Amount of previous login events to check against. 检查指定次数的历史登录事件。 Check impossible travel 检查不可能的行程 When this option enabled, the GeoIP data of the policy request is compared to the specified number of historical logins and if the travel would have been possible in the amount of time since the previous event. 启用此选项时，策略请求的 GeoIP 数据会用来与指定数量的历史登录比较，以及自上次活动以来移动的距离是否可能在该时段内完成。 Impossible travel tolerance 不可能行程的误差 Static rule settings 静态规则设置 ASNs ASN List of autonomous system numbers. Comma separated. E.g. 13335, 15169, 20940 ASN 列表。逗号分隔。例如 13335, 15169, 20940 Countries 地区 Available Countries 可用地区 Selected Countries 已选地区 Static rules 静态规则 Minimum length 最小长度 Minimum amount of Uppercase Characters 最低大写字符数 Minimum amount of Lowercase Characters 最低小写字符数 Minimum amount of Digits 最低数字字符数 Minimum amount of Symbols Characters 最低符号字符数 Error message 错误消息 Symbol charset 符号字符集 Characters which are considered as symbols. 被视为符号的字符。 HaveIBeenPwned settings HaveIBeenPwned 设置 Allowed count 允许的计数 Allow up to N occurrences in the HIBP database. HIBP 数据库中最多允许 N 次出现。 zxcvbn settings zxcvbn 设置 Score threshold 分数阈值 If the password's score is less than or equal this value, the policy will fail. 如果密码分数小于等于此值，则策略失败。 0: Too guessable: risky password. (guesses < 10^3) 0：过于易猜测：密码有风险。（猜测次数 < 10^3） 1: Very guessable: protection from throttled online attacks. (guesses < 10^6) 1：非常易猜测：可以防范受限的在线攻击。（猜测次数 < 10^6） 2: Somewhat guessable: protection from unthrottled online attacks. (guesses < 10^8) 2：有些易猜测：可以防范不受限的在线攻击。（猜测次数 < 10^8） 3: Safely unguessable: moderate protection from offline slow-hash scenario. (guesses < 10^10) 3：难以猜测：适度防范离线慢速哈希场景。（猜测次数 < 10^10） 4: Very unguessable: strong protection from offline slow-hash scenario. (guesses >= 10^10) 4：非常难以猜测：高度防范离线慢速哈希场景。（猜测次数 >= 10^10） Checks the value from the policy request against several rules, mostly used to ensure password strength. 根据多条规则检查策略请求中的值，这些规则主要用于确保密码强度。 Password field 密码字段 Field key to check, field keys defined in Prompt stages are available. 要检查的字段键，可以使用输入阶段中定义的字段键。 Check static rules 检查静态规则 Check haveibeenpwned.com 检查 haveibeenpwned.com For more info see: 更多信息请看： Check zxcvbn 检查 zxcvbn Password strength estimator created by Dropbox, see: Dropbox 制作的密码强度估算器，详见： Allows/denys requests based on the users and/or the IPs reputation. 根据用户和/或 IP 信誉允许/拒绝请求。 Invalid login attempts will decrease the score for the client's IP, and the username they are attempting to login as, by one. 无效的登录尝试将降低客户端 IP 及其尝试登录的用户名的分数。 The policy passes when the reputation score is below the threshold, and doesn't pass when either or both of the selected options are equal or above the threshold. 当信誉分数低于阈值时策略通过，而当其中一个或两个选定选项 大于等于阈值时策略不通过。 Check IP 检查 IP Check Username 检查用户名 Threshold 阈值 Ensure that the user's new password is different from their previous passwords. The number of past passwords to check is configurable. 确保用户的密码与之前使用的不同。可以配置检查多少个历史密码。 Number of previous passwords to check 检查历史密码数量 Create Binding 创建绑定 Members 成员 Warning: Adding the user to the selected group(s) will give them superuser permissions. 警告：将用户添加到所选的组会使其获得超级用户权限。 Company employees with access to the full enterprise feature set. 公司员工可以访问完整的企业版功能。 External consultants or B2C customers without access to enterprise features. 外部顾问或 B2C 客户无法访问企业版功能。 Machine-to-machine authentication or other automations. M2M（机器到机器）身份验证或其他自动化操作。 Successfully created user and added to group 成功创建用户，并将用户加入到组 Successfully created user. 已成功创建用户。 The user's primary identifier used for authentication. 150 characters or fewer. 用于身份认证的用户主标识符。不超过 150 个字符。 Display Name 显示名称 Type an optional display name... 输入显示名称...（可选） The user's display name. 用户的显示名称 User type 用户类型 Internal Service account 内部服务账户 Managed by authentik and cannot be assigned manually. 由 authentik 管理并且不能被手动分配。 Email Address 电子邮箱地址 Type an optional email address... 输入电子邮箱地址...（可选） Whether this user is active and allowed to authenticate. Setting this to inactive can be used to temporarily disable a user without deleting their account. 指定此用户是否处于活动状态并允许进行身份验证。将其设置为非活动状态可用于暂时禁用用户而不删除其帐户。 Path 路径 Type a path for the user... 为用户输入路径... Paths can be used to organize users into folders depending on which source created them or organizational structure. 用户路径可用于根据创建用户的来源或组织结构将用户组织到文件夹中。 Paths may not start or end with a slash, but they can contain any other character as path segments. The paths are currently purely used for organization, it does not affect their permissions, group memberships, or anything else. 用户路径不能以斜杠开头或结尾，但可以包含任何其他字符作为路径段。路径目前仅用于组织，不会影响其权限、组成员身份或其他任何内容。 Edit Policy 编辑策略 Edit Group 编辑组 Edit User 编辑用户 Policy binding(s) 策略绑定 No Policies bound. 未绑定策略。 Policy actions 策略操作 Create and bind Policy 创建与绑定策略 Bind existing 绑定已存在的 The currently selected policy engine mode is : 当前所选策略引擎模式为 ： Endpoint(s) 端点 These bindings control which users will have access to this endpoint. Users must also have access to the application. 这些绑定控制哪些用户能够访问此端点。用户必须也能访问此应用程序。 Connections 连接 Update RAC Provider 更新 RAC 提供程序 Endpoints 端点 Update Radius Provider 更新 Radius 提供程序 Download 下载 Copy download URL 复制下载 URL Download signing certificate 下载签名证书 Related objects 相关对象 Update SAML Provider 更新 SAML 提供程序 SAML Configuration SAML 配置 EntityID/Issuer EntityID/签发者 SSO URL (Post) SSO URL（Post） SSO URL (Redirect) SSO URL（重定向） SSO URL (IdP-initiated Login) SSO URL（IDP 发起的登录） SLO URL (Post) SLO URL（Post） SLO URL (Redirect) SLO URL（重定向） SAML Metadata SAML 元数据 Example SAML attributes 示例 SAML 属性 NameID attribute NameID 属性 SCIM Group(s) SCIM 组 SCIM User(s) SCIM 用户 Update SCIM Provider 更新 SCIM 提供程序 Send us feedback! 给我们发送反馈！ SSF URL SSF URL No assigned application 无分配应用 Streams 流 Applications 应用程序 External applications that use as an identity provider via protocols like OAuth2 and SAML. All applications are shown here, even ones you cannot access. 通过 OAuth2 和 SAML 等协议，使用 作为身份提供程序的外部应用程序。此处显示了所有应用程序，即使您无法访问的也包括在内。 Application Icon 应用程序图标 Provider Type 提供程序类型 Applications Documentation 应用程序文档 Application(s) 应用程序 Application icon for "" “”的应用程序图标 Update Application 更新应用程序 Edit "" 编辑“” Open "" 打开“” Open 打开 Successfully cleared application cache 已成功清除应用程序缓存 Failed to delete application cache 删除应用程序缓存失败 Clear cache 清除缓存 Clear Application cache 清除应用程序缓存 Are you sure you want to clear the application cache? This will cause all policies to be re-evaluated on their next usage. 确实要清除应用程序缓存吗？这将导致所有策略在下次使用时重新评估。 Successfully sent test-request. 已成功发送测试请求。 Successfully updated entitlement. 已成功更新授权。 Successfully created entitlement. 已成功创建授权。 Application entitlement(s) 应用程序授权 Update Entitlement 更新授权 These bindings control which users have access to this entitlement. 这些绑定控制哪些用户可以访问此授权。 No app entitlements created. 未创建应用程序授权。 This application does currently not have any application entitlements defined. 此应用程序目前没有定义任何应用程序授权。 Create Entitlement 创建授权 Create entitlement 创建授权 Failed to fetch application "". 获取应用程序“”失败。 Warning: Application is not used by any Outpost. 警告：应用并没有被任何前哨站使用 Related 相关 Check access 检查访问权限 Check 检查 Test 测试 Launch 启动 Logins over the last week (per 8 hours) 过去一周的登录次数（每 8 小时） Application entitlements 应用程序授权 Application entitlements are in preview. 应用程序授权目前处于预览状态。 Send us feedback! 给我们发送反馈 These entitlements can be used to configure user access in this application. 这些授权可以用于配置用户对应用程序的访问。 Policy / Group / User Bindings 策略 / 组 / 用户绑定 Loading application... 正在加载应用程序.. Successfully updated device. 已成功更新设备。 Device name... 设备名称... Device name 设备名 Device Group 设备组 Connector setup 设置连接器 Copy 复制 Download the latest package from here: 从此处下载最新包: Afterwards, select the enrollment token you want to use: 接着, 选择希望使用的注册令牌: macOS macOS Linux Linux Configured connector does not support setup. 已配置的连接器不支持设置。 No connectors configured. Navigate to connectors in the sidebar and create a connector. 没有已配置的连接器。请先导航到侧边栏中的 "连接器" 并创建一个。 Unix Unix BSD BSD Android 安卓 iOS IOS Devices 设备 OS 操作系统 Endpoint Devices are in preview. 端点设备功能目前处于预览状态。 Total devices 总设备数 Total count of devices across all groups 所有组中的设备总数 Unreachable devices 不可及设备数 Devices that authentik hasn't received information about in 24h. authentik 在 24 小时内未能收到任何信息的设备总数 Outdated agents 过时的 Agent Devices running an outdated version of an agent 运行旧版 authentik Agent 的设备总数 Update Device 更新设备 Endpoint Device(s) 端点设备 Device 设备 Loading device... 加载设备中... Device details 设备详情 Hostname 主机名 Serial number 序列号 Operating system 操作系统 Firewall enabled 防火墙启用状态 Hardware 硬件 Manufacturer 制造商 CPU CPU x x Memory 内存 Disk encryption 硬盘加密 Users / Groups 用户 / 组 Processes 进程 Connector name 连接器名称 Flow used for users to authorize. 用于用户授权的流程 Certificate used for signing device compliance challenges. 用于签署设备合规性挑战的证书。 Session duration 会话持续时间 Configure how long an authenticated session is valid for. 配置已认证会话的有效时长。 Terminate authenticated sessions on token expiry 令牌过期时终止已认证会话 Refresh interval 更新频率 Interval how frequently the agent tries to update its config. authentik Agent 尝试更新自身配置的频率。 Unix settings Unix 设置 NSS User ID offset NSS 用户 ID 偏移 NSS Group ID offset NSS 组 ID 偏移 Connectors are required to create devices. Depending on connector type, agents either directly talk to them or they talk to and external API to create devices. 连接器是创建设备所必需的。根据连接器类型的不同, authentik Agents 会直接与设备通信, 或者与外部 API 通信来创建设备。 Connectors 连接器 Connector(s) 连接器 Successfully updated token. 已成功更新令牌。 Successfully created token. 已成功创建令牌。 Expires on 过期时间 Token name 令牌名称 Expiring 即将过期 Expires? 过期？ Expiry date 过期日期 Enrollment Token(s) 注册令牌 Copy token 复制令牌 Enrollment Tokens 注册令牌 Device access groups 设备访问权限组 Create groups of devices to manage access. 创建设备组以管理访问权。 Device Group(s) 设备组 Successfully updated source. 已成功更新源。 Successfully created source. 已成功创建源。 Link users on unique identifier 使用唯一标识符链接用户 Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses 链接到电子邮件地址相同的用户。当源不验证电子邮件地址时，可能会有安全隐患 Use the user's email address, but deny enrollment when the email address already exists 使用用户的电子邮件地址，但在电子邮件地址已存在时拒绝注册 Link to a user with identical username. Can have security implications when a username is used with another source 链接到用户名相同的用户。当其他源使用相同用户名时，可能会有安全隐患 Use the user's username, but deny enrollment when the username already exists 使用用户的用户名，但在用户名已存在时拒绝注册 Unknown user matching mode 未知用户匹配模式 Link to a group with identical name. Can have security implications when a group is used with another source 链接到名称相同的组。当其他源使用相同组名时，可能会有安全隐患。 Use the group's name, but deny enrollment when the name already exists 使用组的名称，但在名称已存在时拒绝注册。 Promoted When enabled, this source will be displayed as a prominent button on the login page, instead of a small icon. 启用后，此来源将在登录页面上显示为一个醒目的按钮，而不是一个小图标。 Update internal password on login 登录时更新内部密码 When the user logs in to authentik using this source password backend, update their credentials in authentik. 当用户使用此源密码后端登录 authentik 时，在 authentik 内更新他们的凭据。 Sync users 同步用户 User password writeback 用户密码写回 Enable this option to write password changes made in authentik back to Kerberos. Ignored if sync is disabled. 启用此选项会将 authentik 作出的密码修改写入回 Kerberos。如果未启用同步则忽略。 Realm settings 领域设置 Realm 领域 Kerberos 5 configuration Kerberos 5 配置 Kerberos 5 configuration. See man krb5.conf(5) for configuration format. If left empty, a default krb5.conf will be used. Kerberos 5 配置。请阅读 man krb5.conf(5) 了解配置格式。如果留空，则使用默认的 krb5.conf。 User matching mode 用户匹配模式 Group matching mode 组匹配模式 Sync connection settings 同步连接设置 KAdmin type KAdmin 类型 MIT krb5 kadmin MIT krb5 kadmin Heimdal kadmin Heimdal kadmin Sync principal 同步主体 Principal used to authenticate to the KDC for syncing. 向 KDC 进行身份验证以进行同步的主体。 Sync password 同步密码 Password used to authenticate to the KDC for syncing. Optional if Sync keytab or Sync credentials cache is provided. 向 KDC 进行身份验证以进行同步的密码。如果提供了同步 Keytab 或同步凭据缓存，则此选项是可选的。 Sync keytab 同步 Keytab Keytab used to authenticate to the KDC for syncing. Optional if Sync password or Sync credentials cache is provided. Must be base64 encoded or in the form TYPE:residual. 向 KDC 进行身份验证以进行同步的 Keytab。如果提供了同步密码或同步凭据缓存，则此选项是可选的。必须以 Base64 编码，或者形式为 TYPE:residual。 Sync credentials cache 同步凭据缓存 Credentials cache used to authenticate to the KDC for syncing. Optional if Sync password or Sync keytab is provided. Must be in the form TYPE:residual. 向 KDC 进行身份验证以进行同步的凭据缓存。如果提供了同步密码或同步 Keytab，则此选项是可选的。形式必须为 TYPE:residual。 SPNEGO settings SPNEGO 设置 SPNEGO server name SPNEGO 服务器名称 Force the use of a specific server name for SPNEGO. Must be in the form HTTP@domain 强制为 SPNEGO 使用特定服务器名称。形式必须为 HTTP@域名 SPNEGO keytab SPNEGO Keytab Keytab used for SPNEGO. Optional if SPNEGO credentials cache is provided. Must be base64 encoded or in the form TYPE:residual. SPNEGO 使用的 Keytab。如果提供了 SPNEGO 凭据缓存，则此选项是可选的。必须以 Base64 编码，或者形式为 TYPE:residual。 SPNEGO credentials cache SPNEGO 凭据缓存 Credentials cache used for SPNEGO. Optional if SPNEGO keytab is provided. Must be in the form TYPE:residual. SPNEGO 使用的凭据缓存。如果提供了 SPNEGO Keytab，则此选项是可选的。形式必须为 TYPE:residual。 Kerberos Attribute mapping Kerberos 属性映射 Property mappings for user creation. 用于创建用户的属性映射。 Property mappings for group creation. 用于创建组的属性映射。 Flow to use when authenticating existing users. 认证已存在用户时所使用的流程。 Enrollment flow 注册流程 Flow to use when enrolling new users. 新用户注册的流程。 Additional settings 其他设置 User path 用户路径 Login password is synced from LDAP into authentik automatically. Enable this option only to write password changes in authentik back to LDAP. 登录密码会自动从 LDAP 同步到 authentik。启用此选项可将 authentik 中的密码更改写回至 LDAP。 Sync groups 同步组 Delete Not Found Objects 删除不存在对象 Delete authentik users and groups which were previously supplied by this source, but are now missing from it. 删除之前由此源提供，但现已缺失的用户和组。 Connection settings 连接设置 Server URI 服务器 URI Specify multiple server URIs by separating them with a comma. 通过用逗号分隔多个服务器 URI 来指定它们。 Enable StartTLS 启用 StartTLS To use SSL instead, use 'ldaps://' and disable this option. 要改用 SSL，请使用 'ldaps: //' 并禁用此选项。 Use Server URI for SNI verification SNI 验证时使用服务器 URI Required for servers using TLS 1.3+ 使用 TLS 1.3+ 的服务器必需 TLS Verification Certificate TLS 验证证书 When connecting to an LDAP Server with TLS, certificates are not checked by default. Specify a keypair to validate the remote certificate. 使用 TLS 连接到 LDAP 服务器时，默认情况下不检查证书。指定密钥对以验证远程证书。 TLS Client authentication certificate TLS 客户端身份验证证书 Client certificate keypair to authenticate against the LDAP Server's Certificate. 基于 LDAP 服务端证书进行身份验证的客户端证书密钥对。 Bind CN 绑定 CN LDAP Attribute mapping LDAP 属性映射 Parent group for all the groups imported from LDAP. 从 LDAP 导入的所有组的父组。 Additional User DN 额外的用户 DN Additional user DN, prepended to the Base DN. 额外的用户 DN，添加到 Base DN 起始处。 Additional Group DN 额外的组 DN Additional group DN, prepended to the Base DN. 额外的组 DN，添加到 Base DN 起始处。 User object filter 用户对象筛选器 Consider Objects matching this filter to be Users. 将与此筛选器匹配的对象视为用户。 Group object filter 组对象过滤器 Consider Objects matching this filter to be Groups. 将与此过滤器匹配的对象视为组。 Group membership field 组成员资格字段 Field which contains members of a group. The value of this field is matched against User membership attribute. 包含组成员的字段。此字段的值与用户成员关系属性匹配。 User membership attribute 用户成员关系属性 Attribute which matches the value of Group membership field. 匹配组成员关系字段值的属性。 Lookup using user attribute 使用用户属性查询 Field which contains DNs of groups the user is a member of. This field is used to lookup groups from users, e.g. 'memberOf'. To lookup nested groups in an Active Directory environment use 'memberOf:1.2.840.113556.1.4.1941:'. 包含用户所属组 DN 的字段。此字段用于从用户查询组，例如 'memberOf'。要在 Active Directory 环境中查询嵌套组，则使用 'memberOf:1.2.840.113556.1.4.1941:'。 Object uniqueness field 对象唯一性字段 Field which contains a unique Identifier. 包含唯一标识符的字段。 HTTP Basic Auth HTTP 基本身份验证 Include the client ID and secret as request parameters 包括客户端 ID 和密钥作为请求参数 Plain 明文 S256 S256 URL settings URL 设置 Authorization URL 授权 URL URL the user is redirect to to consent the authorization. 用户被重定向到以同意授权的 URL。 Access token URL 访问令牌 URL URL used by authentik to retrieve tokens. authentik 用来获取令牌的 URL。 Profile URL 个人资料 URL URL used by authentik to get user information. authentik 用来获取用户信息的 URL。 Request token URL 请求令牌 URL URL used to request the initial token. This URL is only required for OAuth 1. 用于请求初始令牌的 URL。只有 OAuth 1 才需要此网址。 OIDC Well-known URL OIDC Well-known URL OIDC well-known configuration URL. Can be used to automatically configure the URLs above. OIDC Well-known 配置 URL。可用于自动配置上述 URL。 OIDC JWKS URL OIDC JWKS URL JSON Web Key URL. Keys from the URL will be used to validate JWTs from this source. JSON Web Key URL。来自此 URL 的 Key 将被用于验证此身份来源的 JWT。 OIDC JWKS OIDC JWKS Raw JWKS data. 原始 JWKS 数据。 PKCE Method PKCE 方法 Configure Proof Key for Code Exchange for this source. 为该源配置代码交换的验证密钥。 Authorization code authentication method Authorization code 身份验证方法 How to perform authentication during an authorization_code token request flow 在 authorization_code 令牌请求流程期间，如何执行身份验证 Consumer key 消费者 Key Also known as Client ID. 也称为客户端 ID。 Consumer secret 消费者 Secret Also known as Client Secret. 也称为客户端密钥。 Additional scopes to be passed to the OAuth Provider, separated by space. To replace existing scopes, prefix with *. 要传递给 OAuth 提供程序的其他作用域，用空格分隔。要替换已存在的作用域，请添加前缀 *。 OAuth Attribute mapping OAuth 属性映射 Load servers 加载服务器 Re-authenticate with Plex 使用 Plex 重新验证身份 Allow friends to authenticate via Plex, even if you don't share any servers 允许好友通过 Plex 进行身份验证，即使您不共享任何服务器。 Allowed servers 允许的服务器 Select which server a user has to be a member of to be allowed to authenticate. 选择用户必须是哪个服务器的成员才能进行身份验证。 Plex Attribute mapping Plex 属性映射 Verify Assertion Signature 验证断言签名 When enabled, authentik will look for a Signature inside of the Assertion element. 启用后，authentik 将在断言元素内寻找签名。 Verify Response Signature 验证响应签名 When enabled, authentik will look for a Signature inside of the Response element. 启用后，authentik 将在响应元素内寻找签名。 SSO URL SSO URL URL that the initial Login request is sent to. 初始登录请求发送到的 URL。 SLO URL SLO URL Optional URL if the IDP supports Single-Logout. 如果 IDP 支持单点注销，则为可选 URL。 Also known as Entity ID. Defaults the Metadata URL. 也称为 Entity ID。 默认为元数据 URL。 Binding Type 绑定类型 Redirect binding 重定向绑定 Post-auto binding 自动 Post 绑定 Post binding but the request is automatically sent and the user doesn't have to confirm. Post 绑定，但请求会被自动发送，不需要用户确认。 Post binding Post 绑定 Signing keypair 签名密钥对 Keypair which is used to sign outgoing requests. Leave empty to disable signing. 用于签名传出请求的密钥对。留空则禁用签名。 Allow IDP-initiated logins 允许 IDP 发起的登录 Allows authentication flows initiated by the IdP. This can be a security risk, as no validation of the request ID is done. 允许由 IdP 启动的身份验证流程。这可能存在安全风险，因为未对请求 ID 进行验证。 NameID Policy NameID 策略 Delete temporary users after 多久后删除临时用户 Time offset when temporary users should be deleted. This only applies if your IDP uses the NameID Format 'transient', and the user doesn't log out manually. 删除临时用户的时间偏移。这仅适用于您的 IDP 使用 NameID 格式 'transient' 且用户未手动注销的情况。 When selected, encrypted assertions will be decrypted using this keypair. 选择此选项时，被加密的断言将以此密钥对解密。 SAML Attribute mapping SAML 属性映射 Pre-authentication flow 身份验证前流程 Flow used before authentication. 身份验证之前使用的流程。 SCIM Attribute mapping SCIM 属性映射 Bot username 机器人用户名 Bot token 机器人令牌 Request access to send messages from your bot 请求访问权限以从您的机器人发送消息 Telegram Attribute mapping Telegram 属性映射 Federation and Social login 联结与社交登录 Sources of identities, which can either be synced into authentik's database, or can be used by users to authenticate and enroll themselves. 身份来源，既可以同步到 authentik 的数据库中，也可以被用户用来进行身份验证和注册。 Source(s) 源 Disabled 已禁用 Built-in 内置 Kerberos Source is in preview. Kerberos 源目前处于预览状态。 Update Kerberos Source 更新 Kerberos 源 Connectivity 连接性 Global status 全局状态 Vendor 供应商 OAuth Source OAuth 源 Group mappings can only be checked if a user is already logged in when trying to access this source. 组绑定仅会在已登录用户访问此源时检查。 User mappings can only be checked if a user is already logged in when trying to access this source. 用户绑定仅会在已登录用户访问此源时检查。 Generic OpenID Connect 通用 OpenID 连接 Unknown provider type 未知提供程序类型 Callback URL 回调 URL Access Key 访问密钥 Diagram 流程图 Policy Bindings 策略绑定 These bindings control which users can access this source. You can only use policies here as access is checked before the user is authenticated. 这些绑定控制哪些用户可以访问此源。 您只能在此处使用策略，因为访问权限会在验证用户身份之前检查。 Update Plex Source 更新 Plex 源 Update SAML Source 更新 SAML 源 Update SCIM Source 更新 SCIM 源 SCIM Base URL SCIM Base URL Telegram bot Telegram 机器人 Update Telegram Source 更新 Telegram 源 Successfully updated mapping. 已成功更新映射。 Successfully created mapping. 已成功创建映射。 Unconfigured 未配置 This option will not be changed by this mapping. 此选项不会被此映射更改。 General settings 常规设置 Password 密码 RDP settings RDP 设置 Ignore server certificate 忽略服务器证书 Enable wallpaper 启用壁纸 Enable font-smoothing 启用字体平滑 Enable full window dragging 启用完整窗口拖拽 SAML Attribute Name SAML 属性名称 Attribute name used for SAML Assertions. Can be a URN OID, a schema reference, or a any other string. If this property mapping is used for NameID Property, this field is discarded. 用于 SAML 断言的属性名称。可以是 URN OID、Schema Reference 或任何其他字符串。如果此属性映射用于 NameID 属性，则会丢弃此字段。 Friendly Name 友好显示名称 Optionally set the 'FriendlyName' value of the Assertion attribute. 可选，设置断言属性的“FriendlyName”值。 Scope name 作用域名称 Scope which the client can specify to access these properties. 客户端可以指定的访问这些属性的范围。 Description shown to the user when consenting. If left empty, the user won't be informed. 同意授权时向用户显示的描述。如果留空，则不会告知用户。 Active Directory User Active Directory 用户 Active Directory Group Active Directory 组 Property Mappings 属性映射 Control how authentik exposes and interprets information. 控制 authentik 如何公开和处理信息。 Property Mapping(s) 属性映射 Hide managed mappings 隐藏管理映射 Identifier 标识符 Unique identifier the token is referenced by. 引用令牌的唯一标识符。 Intent 意图 API Token API Token Used to access the API programmatically 用于编程方式访问 API App password. 应用密码。 Used to login using a flow executor 使用流程执行器登录 Tokens 令牌 Tokens are used throughout authentik for Email validation stages, Recovery keys and API access. 令牌在整个 authentik 中用于电子邮件验证阶段、恢复密钥和 API 访问。 Token(s) 令牌 Create Token 创建令牌 Token is managed by authentik. 令牌由 authentik 管理。 Update Token 更新令牌 Editing is disabled for managed tokens 托管令牌的编辑已被禁用 Successfully updated brand. 已成功更新品牌。 Successfully created brand. 已成功创建品牌。 Domain 域名 Matching is done based on domain suffix, so if you enter domain.tld, foo.domain.tld will still match. 根据域名后缀完成匹配，因此，如果您输入 domain.tld，foo.domain.tld 仍将匹配。 Use this brand for each domain that doesn't have a dedicated brand. 所有未设置专用品牌的域名都将使用此品牌。 Branding settings 品牌设置 Title 标题 Branding shown in page title and several other places. 品牌信息显示在页面标题和其他几个地方。 Logo Logo Logo shown in sidebar/header and flow executor. 在侧边栏/标题和流程执行器中显示的图标。 Favicon 网站图标 Icon shown in the browser tab. 浏览器选项卡中显示的图标。 Default flow background 默认流程背景 Default background used during flow execution. Can be overridden per flow. 流程执行过程中使用的默认背景。可以按流程单独覆盖。 Custom CSS 自定义 CSS Custom CSS to apply to pages when this brand is active. 当品牌启用时，应用到页面的自定义 CSS。 External user settings 外部用户设置 Default application 默认应用程序 Select an application... 选择一个应用程序... When configured, external users will automatically be redirected to this application when not attempting to access a different application 配置时，外部用户会被自动重定向到此应用程序，除非用户尝试访问其他应用程序 Default flows 默认流程 Flow used to authenticate users. If left empty, the first applicable flow sorted by the slug is used. 用于对用户进行身份验证的流程。如果留空，则使用按 Slug 排序的第一个适用流程。 Flow used to logout. If left empty, the first applicable flow sorted by the slug is used. 用于注销的流程。如果留空，则使用按 Slug 排序的第一个适用流程。 Recovery flow 恢复流程 Select a recovery flow... 选择一个恢复流程... Unenrollment flow 删除账户流程 Select an unenrollment flow... 选择一个删除账户流程... If set, users are able to unenroll themselves using this flow. If no flow is set, option is not shown. 如果已设置，则用户可以使用此流程自行删除账户。如果未设置流程，则不显示选项。 User settings flow 用户设置流程 Select a user settings flow... 选择一个用户设置流程... If set, users are able to configure details of their profile. 设置后，用户可以配置他们个人资料的详细信息。 Device code flow 设备代码流程 Select a device code flow... 选择一个设备代码流程... If set, the OAuth Device Code profile can be used, and the selected flow will be used to enter the code. 如果设置，则 OAuth 设备代码用户资料可用，并且选定的流程将会用于输入代码。 Other global settings 其他全局设置 Web Certificate Web 证书 Client Certificates 客户端证书 Available Certificates 可用证书 Selected Certificates 已选证书 Set custom attributes using YAML or JSON. Any attributes set here will be inherited by users, if the request is handled by this brand. 使用 YAML 或 JSON 格式设置自定义属性。如果请求由此品牌处理，则用户会继承此处设置的任何自定义属性。 Search by domain or brand name... 按域名或品牌名搜索... Brands 品牌 Configure visual settings and defaults for different domains. 配置不同域名的可视化设置和默认值。 Brand name 品牌名称 Default? 默认？ Brand(s) 品牌 Policies 策略 Allow users to use Applications based on properties, enforce Password Criteria and selectively apply Stages. 允许用户根据属性使用应用程序、强制使用密码标准以及选择性地应用阶段。 Assigned to object(s). 已分配给 个对象。 Warning: Policy is not assigned. 警告：策略未分配。 Policy / Policies 策略 Successfully cleared policy cache 已成功清除策略缓存 Failed to delete policy cache 删除策略缓存失败 Clear Policy cache 清除策略缓存 Are you sure you want to clear the policy cache? This will cause all policies to be re-evaluated on their next usage. 确实要清除策略缓存吗？这将导致所有策略在下次使用时重新评估。 Reputation scores 信誉分数 Reputation for IP and user identifiers. Scores are decreased for each failed login and increased for each successful login. IP 和用户标识符的信誉。每次登录失败分数都会降低，每次登录成功分数都会增加。 IP IP Score 分数 Updated 已更新 Reputation 信誉 Search for a group by name… 按名字搜索组... Group Search 搜索组 Groups 组 Group users together and give them permissions based on the membership. 将用户分组在一起，并根据成员资格为他们授予权限。 Superuser privileges? 超级用户权限？ Group(s) 组 View details of group "" 查看“”组的详情 Create group 创建组 Create and assign a group with the same name as the user. 创建并分配与用户同名的组。 Whether the token will expire. Upon expiration, the token will be rotated. 指定令牌是否会过期。过期后，令牌将被轮换。 Use the username and password below to authenticate. The password can be retrieved later on the Tokens page. 使用下面的用户名和密码进行身份验证。密码可以稍后在令牌页面上获取。 Valid for 360 days, after which the password will automatically rotate. You can copy the password from the Token List. 有效期为 360 天，之后密码将自动轮换。您可以从令牌列表中复制密码。 Are you sure you want to delete ? 您确定要删除 吗？ The following objects use 以下对象使用 connecting object will be deleted 连接对象将被删除 Successfully updated 成功更新 Failed to update : 更新 失败： Are you sure you want to update ? 您确定要更新 吗？ Impersonating user... 正在模拟身份... This may take a few seconds. 这可能会花费几秒。 Reason 原因 Reason for impersonating the user 模拟此用户的原因 A brief explanation of why you are impersonating the user. This will be included in audit logs. 简要说明您为何模拟该用户。此信息将包含在审计日志中。 New Password 新密码 Successfully updated password. 已成功更新密码。 Email stage 电子邮件阶段 Successfully added user(s). 成功添加用户。 Users 用户 Open user selection dialog 打开用户选择对话框 Add users 添加用户 User(s) 用户 removed 已删除 Impersonate 模拟身份 Temporarily assume the identity of this user 临时假定此用户的身份 User status 用户状态 Inactive 未激活 Regular user 普通用户 Change status 更改状态 Deactivate 停用 Activate 激活 Update 's password 更新 的密码 Set password 设置密码 Send link 发送链接 Send recovery link to user 向用户发送恢复链接 Email recovery link 电子邮件恢复链接 Assign Additional Users 分配额外的用户 Warning: This group is configured with superuser access. Added users will have superuser access. 警告：此组已配置为超级用户权限。加入的用户将会拥有超级用户权限。 New User 新建用户 This user will be added to the group "". 此用户将会被添加到组 “”。 Hide service-accounts 隐藏服务账户 Group Info 组信息 Notes 备注 Edit the notes attribute of this group to add notes here. 编辑该组的备注属性以在此处添加备注。 Unnamed 未命名 Collapse "" 收起“” Expand "" 展开“” Select "" 选择“” Items of "" “”的项目 Root 根 Search by username, email, etc... 按用户名、电子邮箱...搜索 User Search 搜索用户 Warning: You're about to delete the user you're logged in as (). Proceed at your own risk. 警告：您即将删除当前登录的用户（ ）。如果继续，请自担风险。 Show deactivated users 显示未激活的用户 No name set 未设置名称 Create recovery link 创建恢复链接 User folders 用户目录 User paths 用户路径 Successfully added user to group(s). 成功添加用户到组。 Groups to add 要添加的组 Add group 添加组 Remove from Group(s) 从组中删除 Are you sure you want to remove user from the following groups? 您确定要从以下组中删除用户 吗？ Add to existing group 添加到已有组 Add new group 添加新组 Application authorizations 应用程序授权 Revoked? 已吊销？ Expires 过期 ID Token ID 令牌 Access Tokens(s) 访问令牌 Refresh Tokens(s) 刷新令牌 Last IP 上次 IP Last used 上次使用 Session(s) 会话 Expiry 过期 (Current session) （当前会话） Consent(s) 同意授权 Reputation score(s) 信誉分数 Disconnect 断开连接 Successfully disconnected source 解绑成功 Failed to disconnected source: 解绑源失败： Connect 连接 Error: unsupported source settings: 错误：不支持的源设置： "" source “” 源 No services available. 没有可用的服务。 Source Settings 源设置 Confirmed 已确认 Created at 创建于 Last updated at 上次更新于 Last used at 上次使用于 Device type cannot be deleted 设备类型 无法被删除 Device(s) 设备 Email 电子邮箱 Last password change 上次修改密码 User Info 用户信息 Lock the user out of this system 在此系统中锁定用户 Allow the user to log in and use this system 允许用户登录并使用此系统 Sessions 会话 Explicit Consent 明确同意授权 OAuth Access Tokens OAuth 访问令牌 OAuth Refresh Tokens OAuth 刷新令牌 MFA Authenticators MFA 身份验证器 Connected services 已连接服务 RAC Connections RAC 连接 Actions over the last week (per 8 hours) 过去一周的操作（每 8 小时） Edit the notes attribute of this user to add notes here. 编辑该用户的备注属性以在此处添加备注。 User events 用户事件 Credentials / Tokens 凭据 / 令牌 Successfully updated role. 已成功更新角色。 Successfully created role. 已成功创建角色。 Manage roles which grant permissions to objects within authentik. 管理向 authentik 中的对象授予权限的角色。 Role(s) 角色 Successfully updated initial permissions. 已成功更新初始权限。 Successfully created initial permissions. 已成功创建初始权限。 When a user with the selected Role creates an object, the Initial Permissions will be applied to that object. 当所选角色的用户创建对象时，初始权限会应用于该对象。 Available Permissions 可用权限 Selected Permissions 已选权限 Permissions to grant when a new object is created. 创建新对象时授予的权限。 Initial Permissions 初始权限 Set initial permissions for newly created objects. 为新创建的对象设置初始权限。 Role Info 角色信息 Role 角色 Successfully updated invitation. 已成功更新邀请。 Successfully created invitation. 已成功创建邀请。 The name of an invitation must be a slug: only lower case letters, numbers, and the hyphen are permitted here. 邀请名称必须是一个 Slug：仅允许小写字母、数字和连字符。 Flow 流程 When selected, the invite will only be usable with the flow. By default the invite is accepted on all flows with invitation stages. 选中时，此邀请仅可在对应流程中使用。默认情况下，此邀请接受所有流程的邀请阶段。 Custom attributes 自定义属性 Optional data which is loaded into the flow's 'prompt_data' context variable. YAML or JSON. 加载到流程的 'prompt_data' 上下文变量中的可选数据。YAML 或 JSON。 Single use 一次性使用 When enabled, the invitation will be deleted after usage. 启用后，邀请将在使用后被删除。 Select an enrollment flow 选择注册流程 Link to use the invitation. 使用邀请的链接。 Invitations 邀请 Create Invitation Links to enroll Users, and optionally force specific attributes of their account. 创建邀请链接以注册用户，并可选地强制设置其账户的特定属性。 Created by 创建者 Invitation(s) 邀请 Invitation not limited to any flow, and can be used with any enrollment flow. 邀请没有限制到任何流程，可以用于任何注册流程。 Warning: No invitation stage is bound to any flow. Invitations will not work as expected. 警告：没有邀请阶段绑定到任何流程。邀请将无法按预期工作。 Not you? 不是您？ Required. 必需。 Continue 继续 Successfully updated prompt. 已成功更新输入项。 Successfully created prompt. 已成功创建输入项。 Text: Simple Text input 文本：简单文本输入 Text Area: Multiline text input 文本框：多行文本输入。 Text (read-only): Simple Text input, but cannot be edited. 文本（只读）：简单文本输入，但无法编辑。 Text Area (read-only): Multiline text input, but cannot be edited. 文本框（只读）：多行文本输入，但无法编辑。 Username: Same as Text input, but checks for and prevents duplicate usernames. 用户名：与文本输入相同，但检查并防止用户名重复。 Email: Text field with Email type. 电子邮箱：电子邮箱类型的文本字段。 Password: Masked input, multiple inputs of this type on the same prompt need to be identical. 密码：屏蔽显示输入内容，多个此类型的输入如果在同一个输入项下，则内容需要相同。 Number 数字 Checkbox 复选框 Radio Button Group (fixed choice) 单选按钮组（固定选项） Dropdown (fixed choice) 下拉框（固定选项） Date 日期 Date Time 日期时间 File 文件 Separator: Static Separator Line 分隔符：静态分隔线 Hidden: Hidden field, can be used to insert data into form. 隐藏：隐藏字段，可用于将数据插入表单。 Static: Static value, displayed as-is. 静态：静态值，按原样显示。 authentik: Locale: Displays a list of locales authentik supports. authentik：语言：显示 authentik 支持的语言设置。 Preview errors 预览错误 Data preview 数据预览 Unique name of this field, used for selecting fields in prompt stages. 此字段的唯一名称，用于选择输入阶段的字段。 Field Key 字段键 Name of the form field, also used to store the value. 表单域的名称，也用于存储值。 When used in conjunction with a User Write stage, use attributes.foo to write attributes. 当与用户写入阶段结合使用时，请使用 attributes.foo 来编写属性。 Label 标签 Label shown next to/above the prompt. 标签会显示在输入侧方/上方。 Interpret placeholder as expression 将占位符解释为表达式 When checked, the placeholder will be evaluated in the same way a property mapping is. If the evaluation fails, the placeholder itself is returned. 勾选时，占位符将以与属性映射相同的方式评估。 如果评估失败，则返回占位符本身。 Placeholder 占位符 Optionally provide a short hint that describes the expected input value. When creating a fixed choice field, enable interpreting as expression and return a list to return multiple choices. 可选的简短提示，用来描述期望的输入值。 在创建固定选项字段时，启用以表达式解释， 并返回多个选项的列表。 Interpret initial value as expression 将初始值解释为表达式 When checked, the initial value will be evaluated in the same way a property mapping is. If the evaluation fails, the initial value itself is returned. 勾选时，初始值将以与属性映射相同的方式评估。 如果评估失败，则返回初始值本身。 Initial value 初始值 Optionally pre-fill the input with an initial value. When creating a fixed choice field, enable interpreting as expression and return a list to return multiple default choices. 可选的预设输入初始值。 在创建固定选项字段时，启用以表达式解释， 并返回多个默认选项的列表。 Help text 帮助文本 Any HTML can be used. 可以使用任何 HTML。 Prompts 输入 Single Prompts that can be used for Prompt Stages. 可用于输入阶段的单个输入项。 Field 字段 Stages 阶段 Prompt(s) 输入 Create Prompt 创建输入 Successfully updated stage. 已成功更新阶段。 Successfully created stage. 已成功创建阶段。 Stage used to configure a duo-based authenticator. This stage should be used for configuration flows. 用来配置基于 Duo 的身份验证器的阶段。此阶段应该用于配置流程。 Authenticator type name 身份验证类型名称 Display name of this authenticator, used by users when they enroll an authenticator. 此验证器的显示名称，在用户注册验证器时使用。 API Hostname API 主机名 Duo Auth API Duo Auth API Integration key 集成密钥 Secret key Secret 密钥 Duo Admin API (optional) Duo Admin API（可选） When using a Duo MFA, Access or Beyond plan, an Admin API application can be created. This will allow authentik to import devices automatically. 使用 Duo MFA 的 Access 或 Beyond 计划时，可以创建 Admin API 应用程序。这允许 authentik 自动导入设备。 Stage-specific settings 阶段特定设置 Configuration flow 配置流程 Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage. 经过身份验证的用户用来配置此阶段的流程。如果为空，用户将无法配置此阶段。 SMTP Host SMTP 主机 SMTP Port SMTP 端口 SMTP Username SMTP 用户名 SMTP Password SMTP 密码 Use TLS 使用 TLS Use SSL 使用 SSL From address 发件人地址 Email address the verification email will be sent from. 用于发送验证邮件的电子邮件地址。 Stage used to configure an email-based authenticator. 用来配置基于电子邮件的身份验证器的阶段。 Use global connection settings 使用全局连接设置 When enabled, global email connection settings will be used and connection settings below will be ignored. 启用后，将使用全局电子邮件连接设置，下面的连接设置将被忽略。 Subject of the verification email. 验证邮件的主题。 Token expiration 令牌过期时间 Time the token sent is valid (Format: hours=3,minutes=17,seconds=300). 发出令牌有效的时间（格式：hours=3,minutes=17,seconds=300）。 Template 模板 Loading templates... 正在加载模板... Template used for the verification email. 用于验证电子邮箱的模板。 Twilio Account SID Twilio 账户 SID Get this value from https://console.twilio.com 从 https://console.twilio.com 获取此值 Twilio Auth Token Twilio 身份验证令牌 Authentication Type 身份验证类型 Basic Auth 基本身份验证 Bearer Token Bearer 令牌 External API URL 外部 API URL This is the full endpoint to send POST requests to. 这是向其发送 POST 请求的完整终端节点。 API Auth Username API 身份验证用户名 This is the username to be used with basic auth or the token when used with bearer token 这是用于 Basic 身份验证的用户名，或是使用 Bearer 令牌时的令牌 API Auth password API 身份验证密码 This is the password to be used with basic auth 这是用于 Basic 身份验证的密码 Stage used to configure an SMS-based TOTP authenticator. 用来配置基于短信的 TOTP 身份验证器的阶段。 Twilio Twilio Generic 通用 From number 发信人号码 Number the SMS will be sent from. 短信的发信人号码。 Mapping 映射 Modify the payload sent to the provider. 修改发送到提供程序的载荷。 Hash phone number 哈希电话号码 If enabled, only a hash of the phone number will be saved. This can be done for data-protection reasons. Devices created from a stage with this enabled cannot be used with the authenticator validation stage. 如果启用，仅保存电话号码的哈希。这是出于数据保护的原因。如果设备创建自启用此选项的阶段，则无法在验证阶段使用身份验证器。 Stage used to configure a static authenticator (i.e. static tokens). This stage should be used for configuration flows. 用来配置静态身份验证器（即静态令牌）的阶段。此阶段应该用于配置流程。 Token count 令牌计数 The number of tokens generated whenever this stage is used. Every token generated per stage execution will be attached to a single static device. 使用此阶段时生成的令牌数量。每次阶段执行中生成的每个令牌都会被附加到单个静态设备上。 Token length 令牌长度 Stage used to configure a TOTP authenticator (i.e. Authy/Google Authenticator). 用来配置 TOTP 身份验证器（即 Authy/Google 身份验证器）的阶段。 Digits 数字 6 digits, widely compatible 6 位数字，广泛兼容 8 digits, not compatible with apps like Google Authenticator 8 位数字，与 Google 身份验证器等应用不兼容 Static Tokens 静态令牌 TOTP Authenticators TOTP 身份验证器 WebAuthn Authenticators WebAuthn 身份验证器 Duo Authenticators Duo 身份验证器 SMS-based Authenticators 基于短信的身份验证器 Email-based Authenticators 基于电子邮件的身份验证器 Stage used to validate any authenticator. This stage should be used during authentication or authorization flows. 用来验证任何身份验证器的阶段。此阶段应在身份验证或授权流程中使用。 Device classes 设备类型 Device classes which can be used to authenticate. 可用于进行身份验证的设备类型。 Last validation threshold 上次验证阈值 If the user has successfully authenticated with a device in the classes listed above within this configured duration, this stage will be skipped. 如果用户在配置的持续时间内通过上面列出类别中的设备验证身份成功，则跳过此阶段。 Not configured action 未配置操作 Force the user to configure an authenticator 强制用户配置身份验证器 Deny the user access 拒绝用户访问 Configuration stages 配置阶段 Available Stages 可用阶段 Selected Stages 已选阶段 Stages used to configure Authenticator when user doesn't have any compatible devices. After this configuration Stage passes, the user is not prompted again. 当用户没有任何兼容的设备时，用来配置身份验证器的阶段。此阶段通过后，将不再请求此用户。 When multiple stages are selected, the user can choose which one they want to enroll. 选中多个阶段时，用户可以选择要注册哪个。 WebAuthn-specific settings WebAuthn 特定设置 WebAuthn User verification WebAuthn 用户验证 User verification must occur. 必须进行用户验证。 User verification is preferred if available, but not required. 如果可用，则首选用户验证，但不是必需的。 User verification should not occur. 不应进行用户验证。 WebAuthn Device type restrictions WebAuthn 设备类型限制 Available Device types 可用设备类型 Selected Device types 已选设备类型 Optionally restrict which WebAuthn device types may be used. When no device types are selected, all devices are allowed. 可选的 WebAuthn 可用设备类型限制。如果未选择设备类型，则允许所有设备。 This restriction only applies to devices created in authentik 2024.4 or later. 此限制仅适用于在 authentik 2024.4 或更新版本中创建的设备。 Stage used to configure a WebAuthn authenticator (i.e. Yubikey, FaceID/Windows Hello). 用来配置 WebAuthn 身份验证器（即 Yubikey、FaceID/Windows Hello）的阶段。 User verification 用户验证 Required: User verification must occur. 必需：必须进行用户验证。 Preferred: User verification is preferred if available, but not required. 首选：尽可能进行用户验证，但不是必须。 Discouraged: User verification should not occur. 避免：不应该进行用户验证。 Resident key requirement 常驻钥匙要求 Required: The authenticator MUST create a dedicated credential. If it cannot, the RP is prepared for an error to occur 必需：身份验证器必须创建专用凭据。如果不能，RP 预期会发生错误 Preferred: The authenticator can create and store a dedicated credential, but if it doesn't that's alright too 首选：身份验证器可以创建和存储专用凭据，但不创建也可以 Discouraged: The authenticator should not create a dedicated credential 避免：身份验证器不应该创建专用凭据 Authenticator Attachment 身份验证器附件 No preference is sent 不发送偏好 A non-removable authenticator, like TouchID or Windows Hello 不可移除的身份验证器，例如 TouchID 或 Windows Hello A "roaming" authenticator, like a YubiKey 像 YubiKey 这样的“漫游”身份验证器 Maximum registration attempts 最大注册尝试次数 Maximum allowed registration attempts. When set to 0 attempts, attempts are not limited. 允许的最大注册尝试次数。设置为 0 则不限制次数。 Device type restrictions 设备类型限制 Public Key 公钥 Private Key 私钥 Interactive 交互式 Prompt for the user's consent. The consent can either be permanent or expire in a defined amount of time. 请求用户同意授权。同意授权可以是永久性的，也可以在规定的时间后过期。 Always require consent 始终需要征得同意授权 Consent given lasts indefinitely 无限期同意授权 Consent expires 同意授权会过期 Consent expires in 同意授权过期时间 Offset after which consent expires. 同意过期后的偏移。 Statically deny the flow. To use this stage effectively, disable *Evaluate when flow is planned* on the respective binding. 静态拒绝流。要有效地使用此阶段，请在相应的绑定上禁用*规划时进行评估*。 Deny message 拒绝消息 Message shown when this stage is run. 此阶段运行时显示的消息。 Dummy stage used for testing. Shows a simple continue button and always passes. 用于测试的虚拟阶段。显示一个简单的“继续”按钮，并且始终通过。 Throw error? 抛出错误？ Verify the user's email address by sending them a one-time-link. Can also be used for recovery to verify the user's authenticity. 通过向用户发送一次性链接来验证用户的电子邮件地址。也可用于在恢复时验证用户的真实性。 Activate pending user on success 成功时激活待处理用户 When a user returns from the email successfully, their account will be activated. 当用户成功自电子邮件中返回时，其账户将被激活。 Time the token sent is valid. 发出令牌的有效时间。 Account Recovery Max Attempts 帐户恢复最大尝试次数 Account Recovery Cache Timeout 帐户恢复缓存超时 The time window used to count recent account recovery attempts. 最近帐户恢复尝试次数的时间窗口。 A selection is required 需要进行选择 UPN UPN Let the user identify themselves with their username or Email address. 让用户使用用户名或电子邮件地址来标识自己。 User fields 用户字段 Fields a user can identify themselves with. If no fields are selected, the user will only be able to use sources. 用户可以用来标识自己的字段。如果未选择任何字段，则用户将只能使用源。 Password stage 密码阶段 When selected, a password field is shown on the same page instead of a separate page. This prevents username enumeration attacks. 选中后，密码字段将显示在同一页面，而不是单独的页面上。这样可以防止用户名枚举攻击。 Captcha stage 验证码阶段 When set, adds functionality exactly like a Captcha stage, but baked into the Identification stage. 设置后，添加与验证码阶段完全相同的功能，但融入识别阶段。 Case insensitive matching 不区分大小写的匹配 When enabled, user fields are matched regardless of their casing. 启用后，无论大小写如何，都将匹配用户字段。 Pretend user exists 假作用户存在 When enabled, the stage will always accept the given user identifier and continue. 启用时，此阶段总是会接受指定的用户 ID 并继续。 Show matched user 显示匹配的用户 When a valid username/email has been entered, and this option is enabled, the user's username and avatar will be shown. Otherwise, the text that the user entered will be shown. 如果输入了有效的用户名/电子邮箱，并且启用了此选项，则会显示用户的用户名和头像。否则，将显示用户输入的文本。 Enable "Remember me on this device" 启用“在此设备上记住我” When enabled, the user can save their username in a cookie, allowing them to skip directly to entering their password. 启用时，用户可以在 Cookie 中保存用户名，以直接跳过输入密码。 Source settings 源设置 Sources 源 Select sources should be shown for users to authenticate with. This only affects web-based sources, not LDAP. 选择的源应显示给用户进行身份验证。这只会影响基于 Web 的源，而不影响 LDAP。 Show sources' labels 显示源的标签 By default, only icons are shown for sources. Enable this to show their full names. 默认情况下，只为源显示图标。启用此选项可显示它们的全名。 Passwordless flow 无密码流程 Optional passwordless flow, which is linked at the bottom of the page. When configured, users can use this flow to authenticate with a WebAuthn authenticator, without entering any details. 可选的无密码流程，链接在页面底部。配置后，用户可以使用此流程通过 WebAuthn 身份验证器进行验证，无需输入任何详细信息。 Optional enrollment flow, which is linked at the bottom of the page. 可选注册流程，链接在页面底部。 Optional recovery flow, which is linked at the bottom of the page. 可选的恢复流程，链接在页面底部。 This stage can be included in enrollment flows to accept invitations. 此阶段可以包含在注册流程中以接受邀请。 Continue flow without invitation 在没有邀请的情况下继续流程 If this flag is set, this Stage will jump to the next Stage when no Invitation is given. By default this Stage will cancel the Flow when no invitation is given. 如果设置了此标志，则当没有发出邀请时，此阶段将跳转到下一个阶段。默认情况下，当没有发出邀请时，此阶段将取消流程。 Client-certificate/mTLS authentication/enrollment. 客户端证书/mTLS 身份验证/注册。 Certificate optional 证书可选 If no certificate was provided, this stage will succeed and continue to the next stage. 如果未提供证书，此阶段会成功并继续到下一阶段。 Certificate required 需要证书 If no certificate was provided, this stage will stop flow execution. 如果未提供证书，此阶段会停止流程执行。 Certificate authorities 证书机构（CA） Configure the certificate authority client certificates are validated against. The certificate authority can also be configured on a brand, which allows for different certificate authorities for different domains. 配置用于验证客户端证书的证书机构。证书机构也可以在品牌中配置，这样可以为不同的域配置不同的证书机构。 Certificate attribute 证书属性 Common Name 常用名 Configure the attribute of the certificate used to look for a user. 配置用于查询用户的证书属性。 User attribute 用户属性 Configure the attribute of the user used to look for a user. 配置用于查询用户的用户属性。 User database + standard password 用户数据库 + 标准密码 User database + app passwords 用户数据库 + 应用程序密码 User database + LDAP password 用户数据库 + LDAP 密码 User database + Kerberos password 用户数据库 + Kerberos 密码 Validate the user's password against the selected backend(s). 根据选定的后端验证用户的密码。 Backends 后端 Selection of backends to test the password against. 选择用于测试密码的后端。 Flow used by an authenticated user to configure their password. If empty, user will not be able to change their password. 经过身份验证的用户用来配置其密码的流程。如果为空，用户将无法配置更改其密码。 Failed attempts before cancel 取消前的的尝试失败 How many attempts a user has before the flow is canceled. To lock the user out, use a reputation policy and a user_write stage. 在取消流程之前，用户可以尝试多少次。要锁定用户，请使用信誉策略和 user_write 阶段。 Provide users with a 'show password' button. 为用户提供“显示密码”按钮。 ("", of type ) （“”，类型为 ） Show arbitrary input fields to the user, for example during enrollment. Data is saved in the flow context under the 'prompt_data' variable. 向用户显示任意输入字段，例如在注册期间。数据保存在流程上下文中的 'prompt_data' 变量下。 Fields 字段 Available Fields 可用字段 Selected Fields 已选字段 Validation Policies 验证策略 Available Policies 可用策略 Selected Policies 已选策略 Selected policies are executed when the stage is submitted to validate the data. 当阶段被提交以验证数据时，执行选定的策略。 Redirect the user to another flow, potentially with all gathered context 将用户重定向到另一个流程，可能包含所有已收集的上下文 Static 静态 Target URL 目标 URL Redirect the user to a static URL. 将用户重定向到一个静态 URL。 Target Flow 目标流程 Redirect the user to a Flow. 将用户重定向到一个流程。 Keep flow context 保留流程上下文 Inject an OAuth or SAML Source into the flow execution. This allows for additional user verification, or to dynamically access different sources for different user identifiers (username, email address, etc). 将 OAuth 或 SAML 源注入到流程执行过程中。这允许额外的用户验证，或者基于不同的用户标识符（用户名、电子邮件地址等）动态访问不同的源。 Source 源 Resume timeout 恢复超时 Amount of time a user can take to return from the source to continue the flow. 用户从源返回并继续流程可以消耗的时间。 Delete the currently pending user. CAUTION, this stage does not ask for confirmation. Use a consent stage to ensure the user is aware of their actions. 删除当前待处理的用户。注意，这个阶段不要求确认。使用同意授权阶段来确保用户知道自己的行为。 Log the currently pending user in. 登录当前待处理的用户。 Determines how long a session lasts. Default of 0 seconds means that the sessions lasts until the browser is closed. 确定会话持续多长时间。默认为 0 秒意味着会话持续到浏览器关闭为止。 Different browsers handle session cookies differently, and might not remove them even when the browser is closed. 不同浏览器处理会话 Cookie 的方式不同，即使关闭浏览器，也不能保证它们会被删除。 See here. 详见这里。 Stay signed in offset 保持登录偏移量 If set to a duration above 0, the user will have the option to choose to "stay signed in", which will extend their session by the time specified here. 如果设置时长大于 0，用户可以选择“保持登录”选项，这将使用户的会话延长此处设置的时间。 Remember device 记住设备 If set to a duration above 0, a cookie will be stored for the duration specified which will allow authentik to know if the user is signing in from a new device. 如果设置大于 0 的时长，则会以该时长存储一条 Cookie，使 authentik 知道用户是否从新设备登录。 Network binding 网络绑定 No binding 无绑定 Bind ASN 绑定 ASN Bind ASN and Network 绑定 ASN 和网络 Bind ASN, Network and IP 绑定 ASN、网络和 IP Configure if sessions created by this stage should be bound to the Networks they were created in. 配置由此阶段创建的会话是否应该绑定到创建它们的网络。 GeoIP binding GeoIP 绑定 Bind Continent 绑定大陆 Bind Continent and Country 绑定大陆和国家 Bind Continent, Country and City 绑定大陆、国家和城市 Configure if sessions created by this stage should be bound to their GeoIP-based location 配置由此阶段创建的会话是否应该绑定到基于 GeoIP 的位置。 Terminate other sessions 终止其他会话 When enabled, all previous sessions of the user will be terminated. 启用时，此用户的所有过往会话将会被终止。 Remove the user from the current session. 从当前会话中移除用户。 Write any data from the flow's context's 'prompt_data' to the currently pending user. If no user is pending, a new user is created, and data is written to them. 将流程上下文的 'prompt_data' 中的任何数据写入当前待处理的用户。 如果没有用户处于待处理状态，则会创建新用户并向其写入数据。 Never create users 从不创建用户 When no user is present in the flow context, the stage will fail. 如果流程上下文中没有出现用户，此阶段失败。 Create users when required 如果需要则创建用户 When no user is present in the the flow context, a new user is created. 如果流程上下文中没有出现用户，则创建新用户。 Always create new users 总是创建新用户 Create a new user even if a user is in the flow context. 即使用户在流程上下文中，仍然创建新用户。 Create users as inactive 创建未激活用户 Mark newly created users as inactive. 将新创建的用户标记为未激活。 Internal users might be users such as company employees, which will get access to the full Enterprise feature set. 内部用户可能是企业员工等，有权访问完整的企业版功能。 External users might be external consultants or B2C customers. These users don't get access to enterprise features. 外部用户可能是外部顾问或 B2C 客户等。这些用户无权访问企业版功能。 Service accounts should be used for machine-to-machine authentication or other automations. 服务账户应该用于机器到机器（M2M）身份验证或其他自动化操作。 User type used for newly created users. 新创建用户使用的用户类型。 User path template 用户路径模板 Path new users will be created under. If left blank, the default path will be used. 新用户将会在此路径下创建。如果留空，则使用默认路径。 Newly created users are added to this group, if a group is selected. 如果选择了组，则会将新创建的用户添加到该组。 Target 目标 Stage 阶段 Evaluate when flow is planned 流程被规划时评估 Evaluate policies during the Flow planning process. 在流程规划过程中评估策略。 Evaluate when stage is run 阶段被运行时评估 Evaluate policies before the Stage is presented to the user. 在阶段即将呈现给用户时评估策略。 Invalid response behavior 无效响应行为 Returns the error message and a similar challenge to the executor 向执行器返回错误消息和类似的质询 Restarts the flow from the beginning 从头开始重新启动流程 Restarts the flow from the beginning, while keeping the flow context 从头开始重新启动流程，同时保留流程上下文 Configure how the flow executor should handle an invalid response to a challenge given by this bound stage. 针对由此绑定阶段提供的质询，配置流程执行器应如何处理对此质询的无效响应。 Successfully imported device. 已成功导入设备。 The user in authentik this device will be assigned to. 此设备要绑定的 authentik 用户。 Duo User ID Duo 用户 ID The user ID in Duo, can be found in the URL after clicking on a user. Duo 中的用户 ID，可以点击用户之后，在 URL 中找到。 Automatic import 自动导入 Successfully imported devices. 已成功导入 个设备。 Start automatic import 开始自动导入 Or manually import 或者手动导入 Endpoint Google Chrome Device Trust is in preview. 端点 Google Chrome 设备信任处于预览状态。 Stage used to verify users' browsers using Google Chrome Device Trust. This stage can be used in authentication/authorization flows. 通过 Google Chrome 设备信任来验证用户浏览器的阶段。此阶段可在身份验证/授权流程中使用。 Google Verified Access API Google Verified Access API Stages are single steps of a Flow that a user is guided through. A stage can only be executed from within a flow. 阶段是引导用户完成流程的单个步骤。阶段只能在流程内部执行。 Flows 流程 Stage(s) 阶段 Import 导入 Import devices 导入设备 Successfully updated flow. 已成功更新流程。 Successfully created flow. 已成功创建流程。 Shown as the Title in Flow pages. 显示为流程页面中的标题。 Visible in the URL. 在 URL 中可见。 Designation 指定 Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. 决定此流程的用途。例如，当未经身份验证的用户访问 authentik 时，会重定向到身份验证流程。 No requirement 无要求 Require authentication 需要身份验证 Require no authentication 需要无身份验证 Require superuser 需要管理员用户 Require being redirected from another flow 需要重定向自另一个流程 Require Outpost (flow can only be executed from an outpost) 需要前哨（流程只能从前哨执行） Required authentication level for this flow. 此流程需要身份验证等级。 Behavior settings 行为设置 Compatibility mode 兼容模式 Increases compatibility with password managers and mobile devices. 增强与移动设备与密码管理器的兼容性。 Denied action 拒绝操作 Will follow the ?next parameter if set, otherwise show a message 将会首先遵循 ?next 参数，如果不存在则显示一条消息 Will either follow the ?next parameter or redirect to the default interface 将会遵循 ?next 参数或者重定向到默认接口 Will notify the user the flow isn't applicable 将会通知用户此流程不适用 Decides the response when a policy denies access to this flow for a user. 当一条策略拒绝用户访问此流程时决定响应。 Appearance settings 外观设置 Layout 布局 Background 背景 Background shown during execution. 执行过程中显示的背景。 .yaml files, which can be found in the Example Flows documentation 请上传 .yaml 文件, 它们可以在 "示例流程" 文档中被找到 Flows describe a chain of Stages to authenticate, enroll or recover a user. Stages are chosen based on policies applied to them. 流程描述了一系列用于对用户进行身份验证、注册或恢复的阶段。阶段是根据应用于它们的策略来选择的。 Flow(s) 流程 Execute "" 执行“” Execute 执行 Export "" 导出“” Export 导出 Successfully cleared flow cache 已成功清除流程缓存 Failed to delete flow cache 删除流程缓存失败 Clear Flow cache 清除流程缓存 Are you sure you want to clear the flow cache? This will cause all flows to be re-evaluated on their next usage. 确实要清除流程缓存吗？ 这将导致所有流程在下次使用时重新评估。 Stage binding(s) 阶段绑定 Stage type 阶段类型 Edit Stage 编辑阶段 These bindings control if this stage will be applied to the flow. 这些绑定控制是否将此阶段应用于流程。 No Stages bound 未绑定阶段 No stages are currently bound to this flow. 目前没有阶段绑定到此流程。 Flow Overview 流程总览 Flow Info 流程信息 Related actions 相关操作 Execute flow 执行流程 Execute "" normally 正常执行“” Normal 正常 Execute "" as current user 以当前用户身份执行“” Current user 当前用户 Execute "" with inspector 附加检视器执行“” Use inspector 使用检视器 Stage Bindings 阶段绑定 These bindings control which users can access this flow. 这些绑定控制哪些用户可以访问此流程。 Event Log 事件日志 Brand 品牌 Show details 显示详情 Event info 事件信息 Created 创建时间 Raw event info 原始事件信息 Event 事件 Successfully updated transport. 已成功更新传输。 Successfully created transport. 已成功创建传输。 Send once 发送一次 Only send notification once, for example when sending a webhook into a chat channel. 仅发送一次通知，例如在向聊天频道发送 Webhook 时。 Local (notifications will be created within authentik) 本地（通知在 authentik 内创建） Webhook (generic) Webhook（通用） Webhook (Slack/Discord) Webhook（Slack/Discord） Webhook URL Webhook URL Webhook Body Mapping Webhook 主体映射 Webhook Header Mapping Webhook 标头映射 Email Subject Prefix 电子邮件主题前缀 Email Template 电子邮件模板 Notification Transports 通知传输 Define how notifications are sent to users, like Email or Webhook. 定义如何向用户发送通知，例如电子邮件或 Webhook。 Notification transport(s) 通知传输 Successfully updated rule. 已成功更新规则。 Successfully created rule. 已成功创建规则。 Select the group of users which the alerts are sent to. 选择一组用于发送警告的用户。 If no group is selected and 'Send notification to event user' is disabled the rule is disabled. 如果未选择组，并且“发送通知给事件用户”被禁用，则此规则被禁用。 Send notification to event user 发送通知给事件用户 Transports 传输 Available Transports 可用传输 Selected Transports 已选传输 Select which transports should be used to notify the user. If none are selected, the notification will only be shown in the authentik UI. 选择应使用哪些传输方式来通知用户。如果未选择任何内容，则通知将仅显示在 authentik UI 中。 Severity 严重程度 Notification Rules 通知规则 Send notifications whenever a specific Event is created and matched by policies. 每当特定事件被创建并匹配策略时，都会发送通知。 Sent to group 已发送到组 Notification rule(s) 通知规则 These bindings control upon which events this rule triggers. Bindings to groups/users are checked against the user of the event. 这些绑定控制此规则触发的事件。 针对组/用户的绑定会检查与事件相关的用户。 Outpost Deployment Info 前哨部署信息 View deployment documentation 查看部署文档 If your authentik Instance is using a self-signed certificate, set this value. 如果您的 authentik 实例正在使用自签名证书，请设置此值。 If your authentik_host setting does not match the URL you want to login with, add this setting. 如果您的 authentik_host 设置与您要登录时使用的网址不匹配，请添加此设置。 Successfully updated outpost. 已成功更新前哨。 Successfully created outpost. 已成功创建前哨。 LDAP LDAP Radius Radius RAC RAC Integration 集成 Selecting an integration enables the management of the outpost by authentik. 选择集成使 authentik 能够管理前哨。 Available Applications 可用应用 Selected Applications 已选应用 Configuration 配置 (build ) （构建 ） (FIPS) （FIPS） Last seen 上次出现 , should be ，应该是 Not available 不可用 Last seen: () 上次出现：（） Outposts 前哨 Outposts are deployments of authentik components to support different environments and protocols, like reverse proxies. 前哨是对 authentik 组件的部署，用于支持不同的环境和协议，例如反向代理。 Health and Version 健康状态与版本 Warning: authentik Domain is not configured, authentication will not work. 警告：未配置 authentik 域名，身份验证将不起作用。 Logging in via . 通过 登录。 No integration active 没有激活的集成 Outpost(s) 前哨 Successfully updated integration. 已成功更新集成。 Successfully created integration. 已成功创建集成。 Local 本地 Docker URL Docker URL Can be in the format of unix:// when connecting to a local docker daemon, using ssh:// to connect via SSH, or https://:2376 when connecting to a remote system. 可以使用 unix:// 格式连接本地 Docker 守护程序， 使用 ssh:// 通过 SSH 连接，或者 使用 https://:2376 连接到远程系统。 CA which the endpoint's Certificate is verified against. Can be left empty for no validation. 验证端点证书所依据的 CA。可以留空，表示不进行验证。 TLS Authentication Certificate/SSH Keypair TLS 身份验证证书/SSH 密钥对 Certificate/Key used for authentication. Can be left empty for no authentication. 用于身份验证的证书/密钥。可以留空表示不验证。 When connecting via SSH, this keypair is used for authentication. 通过 SSH 连接时，此密钥对用于身份验证。 Kubeconfig Kubeconfig Verify Kubernetes API SSL Certificate 验证 Kubernetes API SSL 证书 Outpost integrations 前哨集成 Outpost integrations define how authentik connects to external platforms to manage and deploy Outposts. 前哨集成定义了 authentik 如何连接到外部平台以管理和部署前哨。 State 状态 Unhealthy 不健康 Outpost integration(s) 前哨集成 Successfully generated certificate-key pair. 已成功生成证书密钥对。 Subject-alt name 替代名称 Optional, comma-separated SubjectAlt Names. 可选，逗号分隔的替代名称。 Validity days 有效天数 Private key Algorithm 私钥算法 RSA RSA ECDSA ECDSA Algorithm used to generate the private key. 用于生成私钥的算法。 Successfully updated certificate-key pair. 已成功更新证书密钥对。 Successfully created certificate-key pair. 已成功创建证书密钥对。 PEM-encoded Certificate data. PEM 编码的证书数据。 Optional Private Key. If this is set, you can use this keypair for encryption. 可选私钥。如果设置，则可以使用此密钥对来加密。 Certificate-Key Pairs 证书密钥对 Import certificates of external providers or create certificates to sign requests with. 导入外部提供商的证书或创建用于签名请求的证书。 Private key available? 私钥可用吗？ Managed by authentik 由 authentik 管理 Managed by authentik (Discovered) 由 authentik 管理（已发现） Yes () 是（ ） Update Certificate-Key Pair 更新证书密钥对 Certificate Fingerprint (SHA1) 证书指纹（SHA1） Certificate Fingerprint (SHA256) 证书指纹（SHA256） Certificate Subject 证书主题 Download Certificate 下载证书 Download Private key 下载私钥 Generate 生成 Link Title 链接标题 Successfully updated settings. 已成功更新设置。 Avatars 头像 Configure how authentik should show avatars for users. The following values can be set: 配置 authentik 应该如何显示用户头像。可以配置为以下值： Disables per-user avatars and just shows a 1x1 pixel transparent picture 禁用单用户头像，仅显示 1x1 像素的透明图片 Uses gravatar with the user's email address 根据用户的电子邮件地址使用 Gravatar Generated avatars based on the user's name 根据用户的名称生成头像 Any URL: If you want to use images hosted on another server, you can set any URL. Additionally, these placeholders can be used: 任意 URL：如果您想使用托管在其他服务器上的图像，可以设置为任意 URL。此外，还可以使用以下占位符： The user's username 用户名 The email address, md5 hashed 电子邮件地址，经过 MD5 哈希 The user's UPN, if set (otherwise an empty string) 用户的 UPN，如果存在（否则为空字符串） An attribute path like attributes.something.avatar, which can be used in combination with the file field to allow users to upload custom avatars for themselves. 任意形如 attributes.something.avatar 的属性 路径，可以与文件字段相组合，以允许用户 自行上传自定义头像。 Multiple values can be set, comma-separated, and authentik will fallback to the next mode when no avatar could be found. 可以设置多个以逗号分隔的值，如果 authentik 无法找到头像，就会回退到下一个模式。 For example, setting this to gravatar,initials will attempt to get an avatar from Gravatar, and if the user has not configured on there, it will fallback to a generated avatar. 例如，将该选项设置为 gravatar,initials， 就会创建从 Gravatar 获取头像，如果用户没有在那里 设置过，就回退到生成头像。 Allow users to change name 允许用户修改名称 Enable the ability for users to change their name. 启用用户修改自己名称的能力。 Allow users to change email 允许用户修改电子邮件地址 Enable the ability for users to change their email. 启用用户修改自己电子邮件地址的能力。 Allow users to change username 允许用户修改用户名 Enable the ability for users to change their username. 启用用户修改自己用户名的能力。 Event retention 事件保留 Duration after which events will be deleted from the database. 事件从数据库中删除的时间，超过这个时间就会被删除。 When using an external logging solution for archiving, this can be set to minutes=5. 当使用外部日志解决方案进行存档时，可以 设置为 minutes=5。 This setting only affects new Events, as the expiration is saved per-event. 此设置仅影响新事件，因为过期时间是分事件保存的。 Reputation: lower limit 信誉：下限值 Reputation cannot decrease lower than this value. Zero or negative. 信誉无法降低到此值以下。可为零或负数。 Reputation: upper limit 信誉：上限值 Reputation cannot increase higher than this value. Zero or positive. 信誉无法提高到此值以上。可为零或正数。 Footer links 页脚链接 This option configures the footer links on the flow executor pages. The URL is limited to web and mail addresses. If the name is left blank, the URL will be shown. 此选项配置流程执行器页面上的页脚链接。URL 限为 Web 和电子邮件地址。如果名称留空，则显示 URL 自身。 GDPR compliance GDPR 合规性 When enabled, all the events caused by a user will be deleted upon the user's deletion. 启用时，所有由用户造成的事件会在相应用户被删除时一并删除。 Impersonation 模拟身份 Globally enable/disable impersonation. 全局启用/禁用模拟身份。 Require reason for impersonation 需要模拟原因 Require administrators to provide a reason for impersonating a user. 需要管理员提供模拟用户的原因。 Default token duration 默认令牌持续时间 Default duration for generated tokens 生成令牌的默认持续时间 Default token length 默认令牌长度 Default length of generated tokens 生成令牌的默认长度 Flags 标志 Save 保存 System settings 系统设置 Successfully updated instance. 已成功更新实例。 Successfully created instance. 已成功创建实例。 Disabled blueprints are never applied. 禁用的蓝图永远不会应用。 Local path 本地路径 OCI Registry OCI Registry OCI URL OCI URL A valid OCI manifest URL, prefixed with the protocol e.g. oci://registry.domain.tld/path/to/manifest 有效的 OCI 清单 URL，以协议为前缀 例如 oci://registry.domain.tld/path/to/manifest Read more about 阅读更多关于 OCI Support OCI 支持 Blueprint 蓝图 Configure the blueprint context, used for templating. 配置蓝图上下文，用于模板操作。 Orphaned 孤立 Blueprints 蓝图 Automate and template configuration within authentik. 在 authentik 内的自动化与模板配置。 Last applied 上次应用 Blueprint(s) 蓝图 Apply "" blueprint 应用“”蓝图 Apply 应用 Successfully updated license. 已成功更新许可证。 Successfully created license. 已成功创建许可证。 Install ID 安装 ID License key 许可证密钥 Expired 已过期 Expiring soon 即将过期 Unlicensed 未许可 Read Only 只读 Valid 有效 Current license status 当前许可证状态 Overall license status 总体许可证状态 Internal user usage 内部用户用量 % % External user usage 外部用户用量 Licenses 许可证 Manage enterprise licenses 管理企业版许可证 No licenses found. 未找到许可证。 License(s) 许可证 Forecast internal users 预测内部用户 Estimated user count one year from now based on current internal users and forecasted internal users. 根据当前 名内部用户和 名预测的内部用户，估算从此时起一年后的用户数。 Approximately 大约 Forecast external users 预测外部用户 Estimated user count one year from now based on current external users and forecasted external users. 根据当前 名外部用户和 名预测的外部用户，估算从此时起一年后的用户数。 Cumulative license expiry 累计许可证过期时间 No expiry 没有过期时间 Internal: 内部： External: 外部： Your Install ID 您的安装 ID Go to Customer Portal 前往客户中心 Learn more 了解更多 Install 安装 Release 发布版 Development 开发版 UI Version 界面版本 Build 构建 Python version Python 版本 Platform 平台 Kernel 内核 OpenSSL OpenSSL Enterprise 企业版 Collapse 收起 Expand 展开 navigation 导航 Dashboards 仪表板 Endpoint Devices 端点设备 Logs 日志 Customization 自定义 Flows and Stages 流程与阶段 Directory 目录 Tokens and App passwords 令牌和应用程序密码 System 系统 Certificates 证书 Outpost Integrations 前哨集成 Warning: The current user count has exceeded the configured licenses. 警告：当前用户数超过了配置的许可证限制 Warning: One or more license(s) have expired. 警告：一个或多个许可证已过期。 Warning: One or more license(s) will expire within the next 2 weeks. 警告：一个或多个许可证将在 2 星期内过期。 Caution: This authentik instance has entered read-only mode due to expired/exceeded licenses. 注意：由于许可证过期/超限，此 authentik 实例已进入只读模式。 Click here for more info. 点击这里了解更多。 This authentik instance uses a Trial license. 此 authentik 实例使用的是试用许可证。 This authentik instance uses a Non-production license. 此 authentik 实例使用的是非生产许可证。 A newer version () of the UI is available. 新版本界面（）可用。 API drawer API 抽屉 API Requests API 请求 Open API Browser 打开 API 浏览器 Close API drawer 关闭 API 抽屉 View details for 查看 详情 Mark as read 标记为已读 Successfully cleared notifications 已成功清除通知 No notifications found. 未找到通知。 You don't have any notifications currently. 您当前没有任何通知。 Notifications 通知 Open about dialog 打开关于对话框 Product name 产品名 Product version 产品版本 Version 版本 Global navigation 全局导航 WebAuthn requires this page to be accessed via HTTPS. WebAuthn 需要此页面通过 HTTPS 访问。 WebAuthn not supported by browser. 浏览器不支持 WebAuthn。 API request failed API 请求失败 Site links 网站链接 Powered by authentik 由 authentik 强力驱动 Authenticating with Apple... 正在使用 Apple 进行身份验证... Retry 重试 Authenticating with Plex... 正在使用 Plex 进行身份验证... Waiting for authentication... 正在等待身份验证… If no Plex popup opens, click the button below. 如果 Plex 没有弹出窗口，则点击下面的按钮。 Open login 打开登录 Authenticating with Telegram... 正在使用 Telegram 进行身份验证... Click the button below to start. 单击下面的按钮开始。 User information 用户信息 Something went wrong! Please try again later. 发生了某些错误！请稍后重试。 Request ID 请求 ID You may close this page now. 您可以关闭此页面了。 Follow redirect 跟随重定向 Flow inspector 流程检视器 Close flow inspector 关闭流程检视器 Next stage 下一阶段 Stage name 阶段名称 Stage kind 阶段种类 Stage object 阶段对象 This flow is completed. 此流程已完成。 Plan history 规划历史记录 Current plan context 当前计划上下文 Session ID 会话 ID Flow inspector loading 正在加载流程检视器 Request has been denied. 请求被拒绝。 Show password 显示密码 Hide password 隐藏密码 Please enter your password 请输入您的密码 Caps Lock is enabled. 大写锁定已启用。 CAPTCHA challenge CAPTCHA 挑战 Verifying... 正在验证... Remember me on this device 在此设备上记住我 Continue with 以 继续 Need an account? 需要一个账户？ Sign up. 注册。 Forgot username or password? 忘记用户名或密码？ Additional actions 更多操作 Select one of the options below to continue. 选择以下选项之一以继续。 Or 或者 Use a security key 使用安全密钥 Login sources 登录可用的源 Forgot password? 忘记密码了吗？ Application requires following permissions: 应用程序需要以下权限： Application already has access to the following permissions: 应用程序已经获得以下权限： Application requires following new permissions: 应用程序需要以下新权限： Stage name: 阶段名称： Check your Inbox for a verification email. 检查您的收件箱是否有验证电子邮件。 QR-Code to setup a time-based one-time password 设置基于时间的一次性密码的二维码 Copy time-based one-time password configuration 复制基于时间的一次性密码的配置 Copy TOTP Config 复制 TOTP 配置 Please scan the QR code above using the Microsoft Authenticator, Google Authenticator, or other authenticator apps on your device, and enter the code the device displays below to finish setting up the MFA device. 请用 Microsoft 身份验证器、Google 身份验证器或您设备上的其他身份验证器应用扫描上面的二维码，然后在下方输入设备上显示的代码，以完成 MFA 设备设置。 Time-based one-time password 基于时间的一次性密码 TOTP Code TOTP 代码 Type your TOTP code... 输入您的 TOTP 代码... Type your time-based one-time password code. 输入您的基于时间的一次性密码。 Duo activation QR code Duo 激活二维码 Alternatively, if your current device has Duo installed, click on this link: 或者，如果您当前的设备已安装 Duo，请点击此链接： Duo activation Duo 激活 Check status 检查状态 Make sure to keep these tokens in a safe place. 确保将这些令牌保存在安全的地方。 Configure your email 配置您的电子邮件 Please enter your email address. 请输入您的电子邮件地址。 Code 代码 Please enter the code you received via email 请输入您通过电子邮件收到的代码 Phone number 电话号码 Please enter your Phone number. 请输入您的电话号码。 Please enter the code you received via SMS 请输入您通过短信收到的验证码 Select another authentication method 选择另一种身份验证方法 Authentication code 身份验证代码 Static token 静态令牌 Type an authentication code... 输入身份验证代码... Sending Duo push notification... 正在发送 Duo 推送通知... Failed to authenticate 身份验证失败 Authenticating... 正在验证身份... Retry authentication 重试身份验证 Duo push-notifications Duo 推送通知 Receive a push notification on your device. 在您的设备上接收推送通知。 Traditional authenticator 传统身份验证器 Use a code-based authenticator. 使用基于代码的身份验证器。 Recovery keys 恢复密钥 In case you lose access to your primary authenticators. 以防您无法访问主要身份验证器。 SMS 短信 Tokens sent via SMS. 通过短信发送的令牌。 Tokens sent via email. 通过电子邮件发送的令牌。 Unknown device 未知设备 An unknown device class was provided. 提供了位置的设备类型。 Select an authentication method 选择身份验证方法 Select a configuration stage 选择配置阶段 Stay signed in? 保持登录？ Select Yes to reduce the number of times you're asked to sign in. 选择“是”以减少您被要求登录的次数。 Device Code 设备代码 Please enter your code 请输入您的代码 You've successfully authenticated your device. 您成功验证了此设备的身份。 You've logged out of . You can go back to the overview to launch another application, or log out of your authentik account. 您已成功注销 。现在您可以返回总览页来启动其他应用，或者注销您的 authentik 账户。 Go back to overview 返回总览 Log out of 注销 Log back into 重新登录 SAML Provider SAML 提供程序 SAML logout complete SAML 登出完成 Redirecting to SAML provider: 正在重定向到 SAML 提供程序： Posting logout request to SAML provider: 正在向 SAML 提供程序 发送注销请求 Unknown Provider 未知提供程序 Logging out of providers... 正在从提供程序登出... Single Logout 单点登出 Open flow inspector 打开流程检视器 Authentication form 身份验证表单 Failed to register. Please try again. 注册失败。请重试。 Registering... 正在注册... Failed to register 注册失败 Retry registration 重试注册 Idle 闲置 Connecting 正在连接 Waiting 正在等待 Connected 已连接 Disconnecting 正在断开连接 Disconnected 已断开连接 Connection failed after attempts. 连接在 次尝试后失败。 Re-connecting in second(s). 将在 秒后重新连接。 Connecting... 正在连接… Please wait while the content is loading 请稍候，内容正在加载 application 应用程序 Actions for "" “” 的动作 Edit application... 编辑应用程序... Refer to documentation 查阅文档 No Applications available. 没有可用的应用程序。 Either no applications are defined, or you don’t have access to any. 没有定义应用程序，或者您无权访问任何应用程序。 Ungrouped 未分组 My Applications 我的应用 Search for an application by name... 按名字搜索应用程序... Search returned no results. 搜索未返回结果。 My applications 我的应用 Application list 应用程序列表 Failed to fetch applications. 拉取应用程序失败。 Change your password 更改您的密码 Change password 更改密码 Delete account 删除账户 Successfully updated details 已成功更新详情 Open settings 打开设置 No settings flow configured. 未配置设置流程 Update details 更新详情 Device type cannot be edited 设备类型 无法被编辑 Enroll 注册 Edit device 编辑设备 User settings 用户设置 User details 用户详情 Consent 同意授权 MFA Devices MFA 设备 Connect your user account to the services listed below, to allow you to login using the service instead of traditional credentials. 将您的用户账户连接到下面列出的服务，以允许您使用该服务而不是传统凭据登录。 Admin interface 管理员界面 ... ... Truncation ellipsis Via 通过 reference will be left dangling 引用将悬空 Failed to fetch files 文件拉取失败 You can also enter a URL (https://...), Font Awesome icon (fa://fa-icon-name), or upload a new file. 您还可以输入网址（https://...）、Font Awesome 图标（fa://fa-icon-name）或上传新文件。 Select from uploaded files, or type a Font Awesome icon (fa://fa-icon-name) or URL. 从已上传的文件中选择, 也可以输入一个 Font Awesome 图标 (fa://fa-icon-name) 或 URL。 This type is deprecated. 此类型已弃用。 No connectors configured. Navigate to Connectors in the sidebar and first create a connector. 没有已配置的连接器。请先导航到侧边栏中的 "连接器" 并创建一个。 Home directory 主目录 Successfully updated agent connector. 已成功更新 Agent 连接器。 Successfully created agent connector. 已成功创建 Agent 连接器。 Device compliance settings 设备合规性设置 Challenge certificate 挑战证书 Challenge idle timeout 挑战空闲超时 Duration the flow executor will wait before continuing without a response. 流程执行器在未收到响应之前将等待多长时间。 Trigger check-in on device 触发设备上的认证 Configure how devices connect with authentik and ingest external device data. 配置设备将如何连接到 authentik, 以及如何收集外部设备数据。 Stage which associates the currently used device with the current session. 将当前使用的设备与当前会话关联起来的阶段。 Connector 连接器 Device optional 设备可选 If no device was provided, this stage will succeed and continue to the next stage. 如果没有提供设备，则此阶段将成功并继续进入下一阶段。 Device required 需要设备 If no device was provided, this stage will stop flow execution. 如果没有提供设备，此阶段将停止流程执行。 File uploaded successfully 成功上传文件 File Name 文件名 Type an optional custom file name... 输入文件名...（可选） Optionally rename the file (without extension). Leave empty to keep the original filename. 重命名文件（可选，无扩展名）。留空则保留原文件名。 Files 文件 Manage uploaded files. 管理已上传的文件。 file 文件 files 文件 Upload 上传 Upload File 上传文件 Failed to validate device. 验证设备失败。 Verifying your device... 正在验证你的设备... Service Provider Config cache timeout 服务提供程序配置缓存超时 Cache duration for ServiceProviderConfig responses. Set minutes=0 to disable caching. ServiceProviderConfig 响应的缓存持续时间。填写 minutes=0 可禁用此设置。 JWTs signed by the selected providers can be used to authenticate to devices. 由已选提供程序签发的 JWT 可以用于设备的身份验证。 Score Configuration 分数配置 This CAPTCHA provider does not support scoring. Score thresholds will be ignored. 此 CAPTCHA 提供程序不支持评分。分数阈值将被忽略。 Score Minimum Threshold 分数最小阈值 Minimum required score to allow continuing. Lower scores indicate more suspicious behavior. 允许继续的最小分数。分数越低则行为越可疑。 Score Maximum Threshold 分数最大阈值 Maximum allowed score to allow continuing. Set to -1 to disable upper bound checking. 允许继续的最小分数。设置为 -1 以禁用上界检查。 Error on Invalid Score 分数无效时报错 When enabled and the score is outside the threshold, the user will not be able to continue. When disabled, the user can continue and the score can be used in policies. 启用时，如果分数在设置的阈值之外，用户将无法继续。禁用时，用户可以继续，并且该分数在策略中使用。 Advanced Settings 高级设置 JavaScript URL JavaScript URL URL to fetch the CAPTCHA JavaScript library from. Automatically set based on provider selection but can be customized. 获取 CAPTCHA JavaScript 库的 URL。该 URL 会根据选择提供程序自动设置，也可以自定义。 API Verification URL API 验证 URL URL used to validate CAPTCHA response on the backend. Automatically set based on provider selection but can be customized. 用于在后端验证 CAPTCHA 响应的 URL。根据选择的提供程序自动设置，也可以自定义。 This stage checks the user's current session against a CAPTCHA service to prevent automated abuse. 此阶段使用 CAPTCHA 服务检查用户的当前会话，以防止自动化滥用。 CAPTCHA Provider CAPTCHA 提供程序 Enable this if the CAPTCHA requires user interaction (clicking checkbox, solving puzzles, etc.). Required for reCAPTCHA v2, hCaptcha interactive mode, and Cloudflare Turnstile. 如果验证码需要用户交互（例如点击复选框、解谜等），请启用。reCAPTCHA v2、hCaptcha 交互模式和 Cloudflare Turnstile 均需要启用。 Flow Examples 示例流程 Type an outpost name... 输入前哨名称... Outpost Name 前哨名称 Outpost configuration 前哨配置 Delete Object Permission 删除对象权限 Global and object permission 全局权限与对象权限 Global permission 全局权限 Object permission 对象权限 Permissions on this object 此对象上的权限 Permissions assigned to this role affecting specific object instances. 分配给该用户的权限，会影响特定对象实例。 Parents 父级 Available Groups 可用的组 Selected Groups 已选的组 A group recursively inherits every role from its ancestors. 一个组递归地继承其祖先的所有角色。 User updated. 用户已更新 User created and added to group 已创建用户，并将用户加入到组 User created and added to role 已创建用户，并将用户加入到角色 User created. 用户已创建 Successfully downloaded ! 下载 成功！ Show MDM configuration 显示MDM配置 Hide MDM configuration 隐藏MDM配置 Is Primary user 是主用户 Primary 主用户 Remove User(s) 删除用户 Are you sure you want to remove the selected users from ? 您确定要从 中删除选定的用户吗？ Are you sure you want to remove the selected users? 您确定要删除选定的用户吗？ This user will be added to the role "". 此用户将会被添加到角色 “”。 Successfully added user to role(s). 成功添加用户到角色。 Roles to add 要添加的角色 Add role 添加角色 Remove from Role(s) 从角色中删除 Are you sure you want to remove user from the following roles? 您确定要从以下角色中删除用户 吗？ Add to existing role 添加到已有角色 Add new role 添加新角色 Hide managed roles 隐藏管理角色 Flags allow you to enable new functionality and behaviour in authentik early. 标志允许你提前启用 authentik 的新功能和行为 Refresh other flow tabs upon authentication When enabled, other flow tabs in a session will refresh upon a successful authentication. Data export ready 数据导出就绪 Data Exports 数据导出 Manage past data exports. 管理过往数据导出。 Data type 数据类型 Requested by 发起请求的是 Creation date 创建日期 Completed 已完成 Row actions 行操作 Data export(s) 数据导出 Query parameters 查询参数 SAML metadata XML file to import provider settings from. 用于导入提供程序设置的 SAML 元数据 XML 文件。 Configure SAML Provider from Metadata 使用元数据配置 SAML 提供程序 Outgoing syncs will not be triggered. Immediate 立刻 Outgoing syncs will be triggered immediately for each object that is updated. This can create many background tasks and is therefore not recommended Deferred until end 推迟到最后 Outgoing syncs will be triggered at the end of the source synchronization. Outgoing sync trigger mode Successfully connected source 成功连接到源 Failed to connect source: 连接到源失败： Passkey settings Passkey 设置 WebAuthn Authenticator Validation Stage WebAuthn 身份验证器验证阶段 When set, allows users to authenticate using passkeys directly from the browser's autofill dropdown without entering a username first. 设置后，允许用户直接从浏览器的自动填充下拉菜单中使用 passkey 进行身份验证，而无需先输入用户名。 Pagination: default page size 分页: 默认每页条数 Default page size for API requests not specifying a page size. 当 API 请求未指定每页条数时, 使用的默认每页条数 Pagination: maximum page size 分页: 最大每页条数 Maximum page size for API requests. API 请求的最大每页条数 When enabled, notification will be sent to the user that triggered the event in addition to any users in the group above. The event user will always be the first user, to send a notification only to the event user enabled 'Send once' in the notification transport. If no group is selected and 'Send notification to event user' is disabled the rule is disabled. 启用时，通知不仅会发送给触发事件的用户，还会发送到组中的任何用户。事件用户将总是第一个用户，要只向事件用户发送通知，则需要在通知传输中启用“发送一次”。如果没有选择组，并且“向事件用户发送通知”没有启用，则此规则被禁用。 Local connection 本地连接 Requires Docker socket/Kubernetes Integration. 需要 Docker Socket 或 Kubernetes 集成。 Next, download the configuration to deploy the authentik Agent via MDM 然后, 下载配置文件以通过 MDM 部署 authentik Agent Device Access Group 设备访问权限组 Select a device access group to be added to upon enrollment. 选择一个注册时将加入的设备访问权限组。 To create a data export, navigate to Directory > Users or to Events > Logs. 要创建数据导出, 导航到 目录 > 用户 或 事件 > 日志 Choose the object permissions that you want the selected role to have on this object. These object permissions are in addition to any global permissions already within the role. 选择您希望所选角色对该对象拥有的对象权限。这些对象权限是对该角色已有的任何全局权限的补充。 Device access group 设备访问权限组 Primary disk size 主磁盘存储大小 Primary disk usage 主磁盘存储用量 The start for user ID numbers, this number is added to the user ID to make sure that the numbers aren't too low for POSIX users. Default is 2000 to prevent collisions with local users. 用户 ID 的起始值，该数字会添加到用户 ID 中，以确保 POSIX 用户使用的 ID 不会太小。默认值为 2000，以防止与本地用户发生冲突。 The start for group ID numbers, this number is added to a number generated from the groups' ID to make sure that the numbers aren't too low for POSIX groups. Default is 4000 to prevent collisions with local groups. 组 ID 的起始值，该数字会添加到组 ID 中，以确保 POSIX 组使用的 ID 不会太小。默认值为 4000，以防止与本地组发生冲突。 Data exports are not available as storage for reports is not configured. 数据导出不可用, 因为用于报告的存储后端未配置。 will collect all objects with the specified parameters: 将收集所有符合指定参数的对象： Successfully requested data export 已成功请求导出数据 Failed to export data 导出数据失败 Export data 导出数据 English (Pseudo-Accents) 英语（伪口音） Finished 已完成 Queued 已排队 Configured file backend does not support file management. 当前已配置的文件后端不支持文件管理 Please ensure the data folder is mounted or S3 storage is configured. 请确保数据文件夹已挂载, 或 S3 存储已配置 View details... 显示详情... Type a connector name... 输入连接器名称... Type a name for the token... 输入令牌名称... Type a unique identifier... 输入唯一标识符... Type a token description... 输入令牌描述... Integrations synced in the last 12 hours. 过去 12 小时内同步的集成。 Loading data 正在加载 的数据 Label for progress bar shown when table data is loading Assigned Roles 已分配角色 All Roles 所有角色 Inherited from parent group 继承自父组 Inherited from group 继承自组 Inherited 继承的 Toggle API requests drawer 打开或关闭 API 请求抽屉 API Drawer API 抽屉 Toggle notifications drawer 打开或关闭通知抽屉 Notification Drawer 通知抽屉 Failed to fetch notifications. 拉取通知失败。 Clear all notifications 清除所有通知 Close notification drawer 关闭通知抽屉 No MFA devices enrolled. 没有注册 MFA 设备。 User Tokens 用户令牌 No User Tokens enrolled. 没有注册用户令牌。 unread 条未读 Indicates the number of unread notifications in the notification drawer Agent version: Agent 版本： Warning: Flow imports are blueprint files, which may contain objects other than flows (such as users, policies, etc). 警告：导入的流程是蓝图文件，其中可能包含流程以外的对象（例如用户、策略等）。 You should only import files from trusted sources and review blueprints before importing them. 您应该只从可信来源导入文件，并在导入前检查蓝图。 The length of the individual generated tokens. Can be set to a maximum of 100 characters. 生成的单个令牌的长度。最大可设置为 100 个字符。 Close sidebar 关闭侧边栏 Open sidebar 打开侧边栏 Certificate-Key Pair 证书密钥对 Avatar for 的头像 User avatar 用户头像 Go back 返回 A verification token has been sent to your configured email address: 一份验证代码已发送到您配置的电子邮箱地址： Displayed when a verification token has been sent to the user's configured email address. A verification token has been sent to your email address. 一份验证代码已发送到您的电子邮箱。 Displayed when a verification token has been sent to the user's email address. application found for "" applications found for "" application available 应用程序可用 applications available 应用程序可用 Type to filter applications 输入以过滤应用程序 Screen reader hint to inform the user they can filter the application list by typing Press Enter to open 按下 Enter 打开 Screen reader hint to inform the user they can open the selected application by pressing Enter Press Enter to open 按下 Enter 打开 Screen reader hint to inform the user they can open the selected application by pressing Enter Open "" 打开“” Screen reader label for the application card Active Sessions 活动会话 Successfully revoked session(s) for user(s) 成功撤销 个用户的 个会话 Failed to revoke sessions: 撤销会话失败： Revoke Sessions 撤销会话 Are you sure you want to revoke all sessions for user(s)? 您确定要撤销 个用户的所有会话吗？ This will force the selected users to re-authenticate on all their devices. 这将强制选定的用户在其所有设备上重新进行身份验证。 Security key 安全密钥 Use a Passkey or security key to prove your identity. 使用 passkey 或安全密钥证明您的身份。 Include additional data in Audit logs 在审计日志中包含额外数据 When enabled, additional data about objects added/removed is saved in the audit log. May reduce performance in certain requests. 启用时，有关添加/删除对象的额外数据将保存在审计日志中。这可能会降低某些请求的性能。 Successfully updated Fleet connector. Successfully created Fleet connector. Fleet settings Fleet Server URL Fleet API Token Map users When enabled, users detected by Fleet will be mapped in authentik, granting them access to the device. Map teams to device access group When enabled, Fleet teams will be mapped to Device access groups. Missing device access groups are automatically created. Devices assigned to a different group are not re-assigned Software Paste your license key... You can select from popular providers with preset configurations or choose a custom setup to specify your own endpoints and keys. Paste your CAPTCHA public key... Secret Key Paste your CAPTCHA secret key... Stage Name Type a stage name... The unique name used internally to identify the stage. Google reCAPTCHA v2 reCAPTCHA admin console Google reCAPTCHA v3 reCAPTCHA admin console Google reCAPTCHA Enterprise Google Cloud Console hCaptcha hCaptcha dashboard Cloudflare Turnstile Cloudflare dashboard Custom Type an email address... The public key is used by authentik to render the CAPTCHA widget. Description for CAPTCHA public key field. The secret key allows communication between authentik and the CAPTCHA provider to validate user responses. Description for CAPTCHA secret key field. Modify Help text for secret input field to indicate that clicking will allow changing the value. API keys can be obtained from the Supplementary help text with link to provider dashboard. Filename can only contain letters, numbers, dots, hyphens, underscores, slashes, and the placeholder %(theme)s item marked to add. items marked to add. item selected. items selected. item marked to remove. items marked to remove. Reply URL Update WS-Federation Provider WS-Federation Configuration WS-Federation URL Realm (wtrealm) WS-Federation Metadata Example WS-Federation attributes Group Filter Groups to be synced. If empty, all groups will be synced. Custom Attributes No custom attributes defined. The CAPTCHA challenge failed to load. Could not find a suitable CAPTCHA provider. Copy time-based one-time password secret Copy Secret ED25519 ED448 Enrollment Token New Token Create link To email a recovery link, set an email address for this user. To create a recovery link, set a recovery flow for the current brand. Recovery link Successfully queued email. Token duration If a recovery token already exists, its duration is updated. copied to clipboard. Copied to clipboard. Clipboard not available. Please copy the value manually. An unknown error occurred while retrieving the token. TOTP Config Paste this URL into your authenticator app to set up a time-based one-time password. TOTP Secret Paste this secret into your authenticator app to set up a time-based one-time password. Type a unique identifier for this token... Type a description for this token... Create App Password New App Password Sidebar left (frame background) Sidebar right (frame background) Configuration warning Lifecycle Rules Lifecycle Object Lifecycle Management is in preview. Select a group... Select a role... Select an object... Rule Name Type a name for this lifecycle rule... Interval The interval between opening new reviews for matching objects. Grace period The duration of time before an open review is considered overdue. Reviewer groups Min reviewers Number of users from the selected reviewer groups that must approve the review. Min reviewers is per-group Reviewers Object type When set, the rule will apply to the selected individual object. Otherwise, the rule applies to all objects of the selected type. Available Users Selected Users A review will require approval from each of the users selected here in addition to group members as per above settings. Notification transports Select which transports should be used to notify the user. Object Lifecycle Rules Schedule periodic reviews for objects in authentik. Lifecycle rule(s) No reviews yet. Reviewed on Reviewer Note No review iteration found for this object. At least user from this group: . At least user from these groups: . At least users from this group: . At least users from these groups: . Review opened on Grace period till Next review date Latest review for this object Review state Required reviewers Reviews Review Notes Type optional notes to include in this review... Open Reviews See all currently open reviews. Only show reviews where I am a reviewer Opened Grace period ends Pending review Reviewed Overdue Canceled An unknown error occurred while submitting the form. Sign logout response When enabled, SAML logout responses will be signed. Posting logout response to SAML provider: If checked, approving a review will require at least that many users from each of the selected groups. When disabled, the value is a total across all groups. Review initiated Review overdue Review attested Review completed Copy Link Send Send Invitation via Email Send via Email Please enter at least one email address Invitation emails queued for sending to recipient(s). Check the System Tasks for more information. Failed to queue invitation emails: Never No flow set One email address per line, or comma/semicolon separated. Each recipient will receive a separate email with an invitation link. CC A comma-separated list of addresses to receive copies of the invitation. Recipients will receive the full list of other addresses in this list. BCC A comma-separated list of addresses to receive copies of the invitation. Recipients will not receive the addresses of other recipients. Select the email template to use for sending invitations. Site footer Enter the email address or username associated with your account. You're about to be redirected to the following URL. Log in to continue to . Continuous Login Successfully updated Google Chrome connector. Successfully created Google Chrome connector. Google settings Webhook Certificate Authority Keypair used to validate the certificate of the webhook endpoint. When not configured, the standard CA bundle is used. Security key (e.g. YubiKey) Client device (e.g. Touch ID, Windows Hello) Hybrid (e.g. QR code, phone) WebAuthn Hints Available Hints Selected Hints Optional hints to guide the browser in prioritizing the preferred authenticator type. Order matters - the first hint has highest priority. These are advisory and may be ignored by browsers. Hints Optional hints to guide the browser in prioritizing the preferred authenticator type during registration. Order matters - the first hint has highest priority. These are advisory and may be ignored by browsers. Filtering See documentation for path rules and theme-aware names. See documentation for supported values. No assertion was returned by the authenticator Authentication was cancelled or timed out Registration was cancelled or timed out. Please try again. An error occurred while creating the credential. Please try again. Server validation of credential failed Require policies for application access Configure if applications without any policy/group/user bindings should be accessible to any user. Upon successful authentication, re-start authentication in other open tabs. About authentik Create a new application... Username or email address... Type an optional publisher name... Type an optional description... New Application Opens the new application wizard, which will guide you through creating a new application with an existing provider. Opens the new application form, which will guide you through creating a new application with an existing provider. Clear Cache Search for a provider... e.g. my-application The publisher is shown in the application library. The description is shown in the application library and may provide additional information about the application to end users. Select Groups New Group User New Role User Add Existing User Add New User New Group User... New Role User... New Service Account... Start Export Assign Additional Roles Role Name Type a name for this role... This name will be used to identify the role within authentik. Service Account Service Accounts Impersonate User Impersonate Set Password User "" search find Search the docs for "" New Tab Command palette No commands No matching commands. No commands are currently available. Fetching users... No matching users No matching users. Jump to Search for Open View New Tab Peek Integrations Documentation Release notes New in authentik About authentik Session Navigate to Interface API requests drawer Toggle Notifications drawer Reloads page authentik information Landmark: Switch to tab Save Changes Resend Email Open Command Palette Label for the button that opens the command palette Type a command... Label for the command palette input What are you looking for? Placeholder for the command palette input Type a username or email address... Placeholder for the user search command in the admin interface The headline for a form that creates or updates a model instance. Open Command Palette Tooltip for the button that opens the command palette Configure WS-Federation Provider Outpost No instances running. New Outpost No providers configured. Outpost Info Health Configured providers Detailed health (data is cached so may be out of date) Webex Altered behavior for usage with Cisco Webex. Statistics Authorizations (24 hours) Authorizations (7 days) Authorizations (1 month) Prevent duplicate devices When enabled, any unique authenticator can only be registered once. Successfully imported blueprint. File upload Warning: Blueprint files may contain objects such as users, policies and expression. Force authentication When enabled, the IdP is requested to force re-authentication of the user, even if the user has an existing session. / instances are healthy. Federated OAuth2/OpenID Providers Info Verify Push stream endpoints' certificate Stream(s) Delivery method Delivery Method Pull Push post logout authorization Valid redirect URIs after a successful authorization or invalidation flow. Also specify any origins here for Implicit flows. Use the type dropdown to designate URIs for authorization or post-logout redirection. If no explicit authorization redirect URIs are specified, the first successfully used authorization redirect URI will be saved. Post Logout No connectivity status available. LDAP Group(s) Connect Group Successfully connected user. The unique identifier of this object in LDAP, the value of the '' attribute. LDAP User(s) Connect User Object Identifier () Synced Users Synced Groups Avatar Save changes Edit Settings Server Version Applications search Search for application by name, group or provider... New Application options Select a ... Application Details Provider Details Flow Blueprint Flow Blueprints Select a blueprint... Search for a blueprint by name or path... Type a name for this certificate... e.g. mydomain.com, *.mydomain.com, mydomain.local Import Existing Certificate Name Type a name for this certificate-key pair... Search for a certificate or key name... Select a device access group... No enrollment tokens found for this connector. Search for an enrollment token... Search connectors by name or type... Endpoint Connector Endpoint Connectors Provide your Fleet API token... Device Access Groups Search device groups by name... Search devices by name, OS, or group... Enterprise License Enterprise Licenses Search for a license by name... Notification Rule Type a name for this rule... Search for a notification rule by name, severity or group... Notification Transport Transport Name Type a name for this transport... Search for a notification transport by name or mode... Search for a file by name... New Stage Bind Existing Stage Flow Name Type a name for this flow... Type a title for this flow... e.g. my-flow Select a designation... Search for a flow by name or identifier... Stage Binding Select a stage... Select one or more users to assign... Lifecycle Rule Search for a lifecycle rule by name or target... Search tasks... Review Outpost Integration Search outposts by name, type or assigned integration... Search for an outpost integration by name, type or assigned integration... Open the wizard to create a new service connection. New Outpost Integration Open the wizard to create a new policy. Policy Name Type a policy name... Policy Binding Search for a policy by name or type... New Policy Search for a reputation by identifier or IP... Property Mapping Mapping Name Type a name for this mapping... Search for a property mapping by name or type... New Property Mapping Run Test Example Context Data Select a user... Bind Mode Search Mode Bind Flow Unbind Flow TLS Server Name UID Start Number GID Start Number Authorization Flow Client Type Authentication Flow Invalidation Flow Access Code Validity Access Token Validity Refresh Token Validity Refresh Token Threshold Subject Mode Search for provider by name, type or assigned application... RAC Endpoint RAC Endpoints Endpoint Name Type a name for this endpoint... e.g. myserver.example.com, 10.0.0.1:22 Create an endpoint to get started. Search for an endpoint by name or host... Initial Permission Name Type a name for these initial permissions... Search for initial permissions by name... Create an initial permission to get started. Role Object Permission Role Object Permissions Object Permission Object Permissions Update Search for a role... Source Name Type a name for this source... e.g. my-kerberos-source e.g. my-oauth-source e.g. my-plex-source e.g. my-saml-source e.g. my-scim-source Search for a source... e.g. my-telegram-source Duo Device Duo Devices Importing Type the Duo user ID for this device... Invitation Invitation Name Search for an invitation by name... Prompt Search for a prompt by name, field or type... Search for a stage name, type, or flow... User creation mode Search for a token identifier, user, or intent... Review Credentials Type a username for the service account... Internal User Internal Users External User External Users Type a username for the internal user... Type a username for the external user... Open the new user wizard Select email stage... Copying ... Copying to clipboard... e.g. my-slug Create Create Copy to clipboard Entity Edit "" Edit Open "" permissions Open permissions New New Create Creating Edit Save Changes Saving Changes... An error occurred while loading . Select an option... Choose Type Choose type Details Cancel wizard Search for an endpoint by name... No endpoints found for this application. Launch Endpoint Wizard ARIA label for the creation wizard when no entity singular is provided. New Wizard ARIA label for the creation wizard, where the entity singular is interpolated. Create New Entity Header for the creation wizard when no entity singular is provided. Create New Header for the creation wizard, where the entity singular is interpolated. ... The message shown while a form is being submitted. Query Event query using the AKQL syntax. See documentation for examples. Access Checking with New Provider... with Existing Provider... Select one or more backchannel providers... Device Select one or more groups... Select one or more roles... Select one or more permissions... Avatar for Username: Display name: Dialog content