text/microsoft-resx 2.0 System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 Home Home page Policies Enabled Two-step Login Require users to set up two-step login on their personal accounts. Master Password Set minimum requirements for master password strength. Password Generator Set minimum requirements for password generator configuration. Edit Policy - {0} Organization members who are not Owners or Administrators and do not have two-step login enabled for their personal account will be removed from the organization and will receive an email notifying them about the change. Save Cancel Minimum Complexity Score Minimum Length Weak Good Strong Default Type User Preference Password Passphrase Minimum Special Minimum Numbers Minimum Number of Words Capitalize Include Number Warning A-Z a-z 0-9 !@#$%^&* Select The field {0} must be greater than or equal to {1}. Single Sign-On Edit SSO Configuration Type OpenID Connect SAML 2.0 SSO Configuration OpenID Connect Configuration Authority Client ID Client Secret Callback Path Signed Out Callback Path SAML Service Provider Configuration Entity ID SP Entity ID SAML 2.0 Metadata URL Assertion Consumer Service (ACS) URL Validate Certificates Name ID Format Not Configured A SAML Name ID format Unspecified A SAML Name ID format Email Address A SAML Name ID format X.509 Subject Name A SAML Name ID format Windows Domain Qualified Name Kerberos Principal Name Entity Identifier Persistent A SAML Name ID format Transient A SAML Name ID format Private Key SAML Identity Provider Configuration Single Sign On Service URL Single Log Out Service URL Public Key Want Assertions Signed Signing Algorithm Signing Behavior Minimum Incoming Signing Algorithm Binding Type Artifact Resolution Service URL X509 Public Certificate Outbound Signing Algorithm Allow Unsolicited Authentication Response Disable Outbound Logout Requests Want Authentication Requests Signed Metadata Address Get Claims From User Info Endpoint The Authority field is required on a Open ID Connect configuration. The Client ID field is required on a Open ID Connect configuration. The Client Secret field is required on a Open ID Connect configuration. The Callback Path field is required on a Open ID Connect configuration. The Service Provider Configuration Entity Id field is required on a SAML configuration. The Identity Provider Configuration Entity Id field is required on a SAML configuration. If SAML Signing Behavior is set to never, public and private service provider keys are required. If SAML Binding Type is set to artifact, identity provider resolution service URL is required. If Identity Provider Entity ID is not a URL, single sign on service URL is required. The configured authentication scheme is not valid: "{0}" No scheme or handler for this SSO configuration found. SSO is not yet enabled for this organization. No SSO configuration exists for this organization. SSO is not allowed for this organization. Organization not found from identifier. No organization identifier provided. Invalid authentication options provided to SAML2 scheme. Invalid authentication options provided to OpenID Connect scheme. Post configuration not executed against OpenID Connect scheme. Reading OpenID Connect metadata failed. No OpenID Connect metadata could be found or loaded. Error performing pre validation. Error There was an unexpected error during single sign-on. There was an unexpected error during single sign-on. Please go back to <a href="{0}">{0}</a>. Request ID Redirecting You are now being returned to the application. Once complete, you may close this tab. If IdP Wants Authn Requests Signed Always Never The IdP public certificate provided is invalid: {0} The IdP public certificate provided is not a valid Base64 encoded string, contains illegal characters or whitespace, or is incomplete. The IdP public certificate provided does not appear to be a valid certificate, please ensure this is a valid, Base64 encoded PEM or CER format public certificate valid for signing: {0} Copy the OIDC callback path to your clipboard Copy the OIDC signed out callback path to your clipboard Copy the SP Entity Id to your clipboard Copy the SAML 2.0 Metadata URL to your clipboard View the SAML 2.0 Metadata (opens in a new window) Copy the Assertion Consumer Service (ACS) URL to your clipboard Redirect A SAML binding type, Redirect HTTP POST A SAML binding type, HTTP POST Artifact A SAML binding type, Artifact No domain_hint provided. invalid return URL External authentication error Unknown userid Organization not found or SSO configuration not enabled SSO provider, {0} is not an organization id Cannot find email claim Invalid user identifier. Supplied userId and token did not match. Could not find organization for '{0}' No seats available for organization, '{0}' User, '{0}', has already been invited to this organization, '{1}'. Accept the invite in order to log in with SSO. You were removed from the organization managing single sign-on for your account. Contact the organization administrator for help regaining access to your account. You were removed from the organization managing single sign-on for your account. Create a new account to continue using Bitwarden. Redirect GET An OIDC Connect Redirect Behavior, Redirect; Emits a 302 response to redirect the user agent to the OpenID Connect provider using a GET request. Form POST An OIDC Connect Redirect Behavior, Form POST; Emits an HTML form to redirect the user agent to the OpenID Connect provider using a POST request. OIDC Redirect Behavior Single Organization Restrict users from being able to join any other organizations. Organization members who are not Owners or Administrators and are already a part of another organization will be removed from this organization and will receive an email notifying them about the change. Single Sign-On Authentication Require users to log in with the Enterprise Single Sign-On method. Prerequisite The Single Organization enterprise policy must be enabled before activating this policy. Single Organization policy not enabled. Organization Owners and Administrators are exempt from this policy's enforcement. Personal Ownership Require users to save vault items to an organization by removing the personal ownership option. Organization users that can manage the organization's policies are exempt from this policy's enforcement. Disable Send 'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated. Do not allow users to create or edit a Bitwarden Send. Deleting an existing Send is still allowed. 'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated. Organization Owners and Administrators are exempt from this policy's enforcement. Send Options 'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated. Options Do not allow users to hide their email address when creating or editing a Send. 'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated. Set options for creating and editing Sends. 'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated. Organization Owners and Administrators are exempt from this policy's enforcement. You must manually disable the Single Sign-On Authentication policy before this policy can be disabled. Disable personal ownership for organization users Additional/Custom Scopes (comma delimited) Additional/Custom User ID Claim Types (comma delimited) Additional/Custom Email Claim Types (comma delimited) Additional/Custom Name Claim Types (comma delimited) Requested Authentication Context Class Reference values (acr_values) 'acr_values' is an explicit OIDC param, see https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest. It should not be translated. Expected "acr" Claim Value In Response (acr validation) 'acr' is an explicit OIDC claim type, see https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.2 (acr). It should not be translated. Access Denied to this resource. Expected authentication context class reference (acr) was not returned with the authentication response or is invalid. 'acr' is an explicit OIDC claim type, see https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.2 (acr). It should not be translated. Master Password Reset Allow administrators in the organization to reset organization users' master password. Users in the organization will need to self-enroll or be auto-enrolled before administrators can reset their master password. Automatic Enrollment All users will be automatically enrolled in password reset once their invite is accepted and will not be allowed to withdraw. Users already in the organization will not be retroactively enrolled in password reset. They will need to self-enroll before administrators can reset their master password. Require new users to be enrolled automatically Artifact resolution service URL contains illegal characters. Single log out service URL contains illegal characters. Single sign on service URL contains illegal characters. Single sign on redirect token is missing from the request. Single sign on redirect token is invalid or expired.