diff --git a/locales/en/LC_MESSAGES/oidc.po b/locales/en/LC_MESSAGES/oidc.po
index ec4a6a11..a754c677 100644
--- a/locales/en/LC_MESSAGES/oidc.po
+++ b/locales/en/LC_MESSAGES/oidc.po
@@ -1,219 +1,566 @@
-msgid "{oidc:add_client}"
-msgstr "Add client"
+msgid ""
+msgstr ""
+"Project-Id-Version: \n"
+"POT-Creation-Date: \n"
+"PO-Revision-Date: \n"
+"Last-Translator: \n"
+"Language-Team: \n"
+"Language: en\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Domain: oidc\n"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Forms/ClientForm.php:372
+msgid "-"
+msgstr "-"
+
+msgid ""
+"A globally unique URI that is bound to the entity. URI must have https or "
+"http scheme and host / domain. It can contain path, but no query, or "
+"fragment component."
+msgstr ""
 
-msgid "{oidc:search}"
-msgstr "Search"
+msgid "Access Token"
+msgstr ""
 
-msgid "{oidc:no_clients}"
-msgstr "No clients"
+msgid "Activated"
+msgstr ""
 
-msgid "{oidc:client_list}"
-msgstr "Client list"
+msgid "Add Client"
+msgstr ""
 
-msgid "{oidc:client:name}"
-msgstr "Name"
+msgid "Administrator"
+msgstr ""
 
-msgid "{oidc:client:description}"
-msgstr "Description"
+msgid "All database migrations are implemented."
+msgstr ""
 
-msgid "{oidc:client:identifier}"
-msgstr "Client ID"
+msgid "Allowed Origins"
+msgstr ""
 
-msgid "{oidc:client:secret}"
-msgstr "Client secret"
+msgid "Allowed Origins (for public client)"
+msgstr ""
 
-msgid "{oidc:client:auth_source}"
-msgstr "Authentication source"
+msgid "Allowed origins for public clients"
+msgstr ""
 
-msgid "{oidc:client:redirect_uri}"
-msgstr "Redirect URIs"
+msgid ""
+"Allowed redirect URIs to use after client initiated logout. Must be a valid "
+"URI, one per line. Example: https://example.org/foo?bar=1"
+msgstr ""
 
-msgid "{oidc:client:scopes}"
-msgstr "Scopes"
+msgid ""
+"Allowed redirect URIs to which the authorization response will be sent. Must "
+"be a valid URI, one per line. Example: https://example.org/foo?bar=1"
+msgstr ""
 
-msgid "{oidc:client:owner}"
-msgstr "Owner"
+msgid "Are you sure you want to delete this client?"
+msgstr ""
 
-msgid "{oidc:submit}"
-msgstr "Submit"
+msgid "Are you sure you want to reset client secret?"
+msgstr ""
 
-msgid "{oidc:create}"
-msgstr "Create"
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Forms/ClientForm.php:363
+msgid "At least one redirect URI is required."
+msgstr ""
 
-msgid "{oidc:save}"
-msgstr "Save"
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Forms/ClientForm.php:378
+msgid "At least one scope is required."
+msgstr ""
 
-msgid "{oidc:return}"
-msgstr "Return"
+msgid "Authentication"
+msgstr ""
 
-msgid "{oidc:install}"
-msgstr "Install"
+msgid "Authentication Context Class References (ACRs)"
+msgstr ""
 
-msgid "{oidc:copy}"
-msgstr "Copy code"
+msgid "Authentication Processing Filters"
+msgstr ""
 
-msgid "{oidc:copied}"
-msgstr "Copied!"
+msgid "Authentication Source"
+msgstr ""
 
-msgid "{oidc:confirm}"
-msgstr "Confirm"
+msgid "Authentication Sources to ACRs Map"
+msgstr ""
 
-msgid "{oidc:client:delete}"
-msgstr "Delete OpenID Connect Client"
+msgid ""
+"Authentication source for this particular client. If no authentication "
+"source is selected, the default one from configuration file will be used."
+msgstr ""
 
-msgid "{oidc:client:confirm_delete}"
-msgstr "Please, confirm than you want to delete this client. This action cannot be undone."
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Forms/ClientForm.php:369
+msgid "Authentication source"
+msgstr ""
 
-msgid "{oidc:edit}"
-msgstr "Edit"
+msgid "Authority Hints"
+msgstr ""
 
-msgid "{oidc:delete}"
-msgstr "Delete"
+msgid "Authorization Code"
+msgstr ""
 
-msgid "{oidc:client:added}"
-msgstr "The client was added successfully."
+msgid "Back"
+msgstr ""
 
-msgid "{oidc:client:removed}"
-msgstr "The client was removed successfully."
+msgid "Back-channel Logout URI"
+msgstr ""
 
-msgid "{oidc:client:updated}"
-msgstr "The client was updated successfully."
+msgid "Before running the migrations, make sure that the database user has proper privileges to change the scheme (for example alter, create, drop, index). After running the migrations, it is a good practice to remove those privileges."
+msgstr ""
 
-msgid "{oidc:client:redirect_uri_help}"
+msgid ""
+"By default, form is populated with current OP issuer and configured Trust "
+"Anchors, but you are free to adjust entries as needed."
 msgstr ""
-"Allowed redirect URIs to which the authorization response will be sent. Must be a valid URI, one per line. "
-"Example: https://example.org/foo?bar=1"
-""
 
-msgid "{oidc:client:auth_source_help}"
+msgid "Cache"
 msgstr ""
-"Authentication source for this particular client. "
-"If no authentication source is selected, the default one from configuration file will be used."
-""
 
-msgid "{oidc:client:name_not_empty}"
-msgstr "Please, enter a name."
+msgid "Cache Adapter"
+msgstr ""
 
-msgid "{oidc:client:redirect_uri_not_empty}"
-msgstr "Please, enter an URI at least."
+msgid "Cache Duration For Produced Artifacts"
+msgstr ""
 
-msgid "{oidc:client:redirect_uri_not_valid}"
-msgstr "Some of the redirect URIs are not valid."
+msgid ""
+"Choose if client is confidential or public. Confidential clients are capable "
+"of maintaining the confidentiality of their credentials (e.g., client "
+"implemented on a secure server with restricted access to the client "
+"credentials), or capable of secure client authentication using other means. "
+"Public clients are incapable of maintaining the confidentiality of their "
+"credentials (e.g., clients executing on the device used by the resource "
+"owner, such as an installed native application or a web browser-based "
+"application), and incapable of secure client authentication via any other "
+"means."
+msgstr ""
 
-msgid "{oidc:client:auth_source_not_empty}"
-msgstr "Please, select an Auth Source."
+msgid ""
+"Choose if the client is allowed to participate in federation context or not."
+msgstr ""
 
-msgid "{oidc:client:scopes_not_empty}"
-msgstr "Please, select a scope at least."
+msgid "Client"
+msgstr ""
 
-msgid "{oidc:client:reset_secret}"
-msgstr "Reset secret"
+msgid "Client Registration Types"
+msgstr ""
 
-msgid "{oidc:client:reset_secret_warning}"
-msgstr "This action will change your client secret and it can not be undone."
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:113
+msgid "Client Registry"
+msgstr ""
 
-msgid "{oidc:client:secret_updated}"
-msgstr "The client secret was updated successfully."
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:201
+msgid "Client has been added."
+msgstr ""
 
-msgid "{oidc:install:oauth2}"
-msgstr "Check if you want to migrate data from legacy oauth2 module"
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:147
+msgid "Client has been deleted."
+msgstr ""
 
-msgid "{oidc:install:description}"
-msgstr "This wizard will help you create the database and migrate information if necessary."
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:277
+msgid "Client has been updated."
+msgstr ""
 
-msgid "{oidc:install:finished}"
-msgstr "The database has been created."
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:120
+msgid "Client secret has been reset."
+msgstr ""
 
-msgid "{oidc:import:finished}"
-msgstr "Old oauth2 module clients has been imported."
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:183
+msgid "Client with generated ID already exists."
+msgstr ""
 
-msgid "{oidc:client:is_enabled}"
-msgstr "Activated"
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:190
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:265
+msgid "Client with given entity identifier already exists."
+msgstr ""
 
-msgid "{oidc:client:deactivated}"
-msgstr "Deactivated"
+msgid "Confidential"
+msgstr ""
 
-msgid "{oidc:title}"
-msgstr "OpenID Connect Client Registry"
+msgid "Configuration URL"
+msgstr ""
 
-msgid "{oidc:client:confidential}"
-msgstr "Confidential"
+msgid "Contacts"
+msgstr ""
 
-msgid "{oidc:client:confidential_help}"
+msgid "Created at"
 msgstr ""
-"Choose if client is confidential or public. Confidential clients are capable of maintaining the confidentiality "
-"of their credentials (e.g., client implemented on a secure server with restricted access to the client credentials), "
-"or capable of secure client authentication using other means. Public clients are incapable of maintaining the "
-"confidentiality of their credentials (e.g., clients executing on the device used by the resource owner, such as an "
-"installed native application or a web browser-based application), and incapable of secure client authentication via "
-"any other means. "
-""
 
-msgid "{oidc:client:public}"
-msgstr "Public"
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:106
+msgid "Database Migrations"
+msgstr ""
 
-msgid "{oidc:client:type}"
-msgstr "Type"
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ConfigController.php:46
+msgid "Database is already migrated."
+msgstr ""
 
-msgid "{oidc:client:client}"
-msgstr "Client"
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ConfigController.php:52
+msgid "Database migrated successfully."
+msgstr ""
 
-msgid "{oidc:client:state}"
-msgstr "State"
+msgid "Default Authentication Source"
+msgstr ""
 
-msgid "{oidc:client:csrf_error}"
-msgstr "Your session has expired. Please return to the home page and try again."
+msgid "Delete"
+msgstr ""
 
-msgid "{oidc:client:allowed_origin}"
-msgstr "Allowed origins for public clients"
+msgid "Description"
+msgstr ""
 
-msgid "{oidc:client:allowed_origin_help}"
+msgid "Disabled"
 msgstr ""
-"URLs as allowed origins for CORS requests, for public clients running in browser. Must have http:// or https:// "
-"scheme, and at least one 'domain.top-level-domain' pair, or more subdomains. Top-level-domain may end with '.'. "
-"No userinfo, path, query or fragment components allowed. May end with port number. One per line. Example: "
-"https://example.org"
-""
 
-msgid "{oidc:client:allowed_origin_not_valid}"
-msgstr "Some of the allowed origins are not valid."
+msgid "Discovery URL"
+msgstr ""
 
-msgid "{oidc:client:post_logout_redirect_uri}"
-msgstr "Post-logout redirect URIs"
+msgid "Edit"
+msgstr ""
 
-msgid "{oidc:client:post_logout_redirect_uri_help}"
+msgid "Edit Client"
 msgstr ""
-"Allowed redirect URIs to use after client initiated logout. Must be a valid URI, one per line. "
-"Example: https://example.org/foo?bar=1"
-""
 
-msgid "{oidc:client:post_logout_redirect_uri_not_valid}"
-msgstr "Some of the post-logout redirect URIs are not valid."
+msgid "Enabled"
+msgstr ""
 
-msgid "{oidc:client:backchannel_logout_uri}"
-msgstr "Back-Channel Logout URI"
+msgid ""
+"Enter if client supports Back-Channel Logout specification. When logout is "
+"initiated at the OpenID Provider, it will send a Logout Token to this URI in "
+"order to notify the client about that event. Must be a valid URI. Example: "
+"https://example.org/foo?bar=1"
+msgstr ""
 
-msgid "{oidc:client:backchannel_logout_uri_help}"
+msgid "Enter one Trust Anchor ID per line."
 msgstr ""
-"Enter if client supports Back-Channel Logout specification. When logout is initiated at the OpenID Provider, it will "
-"send a Logout Token to this URI in order to notify the client about that event. Must be a valid URI. "
-"Example: https://example.org/foo?bar=1"
-""
 
-msgid "{oidc:client:backchannel_logout_uri_not_valid}"
-msgstr "Back-Channel Logout URI is not valid."
+msgid "Entity"
+msgstr ""
 
-msgid "{oidc:logout:page_title_success}"
-msgstr "Logout Successful"
+msgid "Entity Identifier"
+msgstr ""
 
-msgid "{oidc:logout:page_title_fail}"
-msgstr "Logout Failed"
+msgid "Entity Statement Duration"
+msgstr ""
 
-msgid "{oidc:logout:info_title}"
-msgstr "Info"
+msgid "Expires at"
+msgstr ""
 
-msgid "{oidc:logout:info_message_success}"
-msgstr "You can now close this window or navigate to another page."
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Codebooks/RegistrationTypeEnum.php:18
+msgid "Federated Automatic"
+msgstr ""
 
-msgid "{oidc:logout:info_message_fail}"
-msgstr "Requested session was not found or it is expired."
\ No newline at end of file
+msgid "Federation Enabled"
+msgstr ""
+
+msgid "Federation JWKS"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:127
+msgid "Federation Settings"
+msgstr ""
+
+msgid "Forced ACR For Cookie Authentication"
+msgstr ""
+
+msgid "Homepage URI"
+msgstr ""
+
+msgid "Identifier"
+msgstr ""
+
+msgid "Info"
+msgstr ""
+
+msgid "Is Federated"
+msgstr ""
+
+msgid "Issuer"
+msgstr ""
+
+msgid ""
+"JSON object (string) representing JWKS document containing protocol public "
+"keys. Note that this should be different from Federation JWKS. Will be used "
+"if JWKS URI is not set. Example: {\"keys\":[{\"kty\": \"RSA\",\"n\": \"...\","
+"\"e\": \"AQAB\",\"kid\": \"pro123\",\"use\": \"sig\",\"alg\": \"RS256\"}]}"
+msgstr ""
+
+msgid ""
+"JSON object (string) representing federation JWKS. This can be used, for "
+"example, in entity statements. Note that this should be different from "
+"Protocol JWKS. Example: {\"keys\":[{\"kty\": \"RSA\",\"n\": \"...\",\"e\": "
+"\"AQAB\",\"kid\": \"fed123\",\"use\": \"sig\",\"alg\": \"RS256\"}]}"
+msgstr ""
+
+msgid "JWKS"
+msgstr ""
+
+msgid "JWKS URI"
+msgstr ""
+
+msgid "Leaf Entity ID"
+msgstr ""
+
+msgid "Log messages"
+msgstr ""
+
+msgid ""
+"Log messages will show if any warnings or errors were raised during chain "
+"resolution."
+msgstr ""
+
+msgid ""
+"Log messages will show if any warnings or errors were raised during "
+"validation."
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:90
+msgid "Log out"
+msgstr ""
+
+msgid "Logo URI"
+msgstr ""
+
+msgid "Logout Failed"
+msgstr ""
+
+msgid "Logout Info"
+msgstr ""
+
+msgid "Logout Successful"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Codebooks/RegistrationTypeEnum.php:17
+msgid "Manual"
+msgstr ""
+
+msgid "Maximum Cache Duration For Fetched Artifacts"
+msgstr ""
+
+msgid "N/A"
+msgstr ""
+
+msgid "Name"
+msgstr ""
+
+msgid "Name and description"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Forms/ClientForm.php:357
+msgid "Name is required."
+msgstr ""
+
+msgid "never"
+msgstr ""
+
+msgid "No"
+msgstr ""
+
+msgid "No clients registered."
+msgstr ""
+
+msgid "No entries."
+msgstr ""
+
+msgid ""
+"Note that this will first resolve Trust Chain between given entity and Trust "
+"Anchor, and only then do the Trust Mark validation."
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/hooks/hook_adminmenu.php:24
+msgid "OIDC"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/hooks/hook_federationpage.php:34
+msgid "OIDC Client Registry"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/hooks/hook_federationpage.php:38
+msgid "OIDC Installation"
+msgstr ""
+
+msgid ""
+"One or more values from the list. If not selected, falls back to 'automatic'"
+msgstr ""
+
+msgid "OpenID Federation Related Properties"
+msgstr ""
+
+msgid "Organization Name"
+msgstr ""
+
+msgid "Owner"
+msgstr ""
+
+msgid "PKI"
+msgstr ""
+
+msgid "Path"
+msgstr ""
+
+msgid "Policy URI"
+msgstr ""
+
+msgid "Post-logout Redirect URIs"
+msgstr ""
+
+msgid "Private Key"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:120
+msgid "Protocol Settings"
+msgstr ""
+
+msgid "Public"
+msgstr ""
+
+msgid "Public Key"
+msgstr ""
+
+msgid "Redirect URI"
+msgstr ""
+
+msgid "Redirect URIs"
+msgstr ""
+
+msgid "Refresh Token"
+msgstr ""
+
+msgid "Registration Types"
+msgstr ""
+
+msgid "Registration"
+msgstr ""
+
+msgid "Requested session was not found or it is expired."
+msgstr ""
+
+msgid "Reset"
+msgstr ""
+
+msgid "Resolved chains"
+msgstr ""
+
+msgid "Run migrations"
+msgstr ""
+
+msgid "Scopes"
+msgstr ""
+
+msgid "Secret"
+msgstr ""
+
+msgid "Signed JWKS URI"
+msgstr ""
+
+msgid "Signing Algorithm"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Admin/Authorization.php:44
+msgid "SimpleSAMLphp admin access required."
+msgstr ""
+
+msgid "Status"
+msgstr ""
+
+msgid "Supported ACRs"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:134
+msgid "Test Trust Chain Resolution"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:141
+msgid "Test Trust Mark Validation"
+msgstr ""
+
+msgid ""
+"There are database migrations that have not been implemented.\n"
+"                Use the button below to run them now."
+msgstr ""
+
+msgid "Tokens Time-To-Live (TTL)"
+msgstr ""
+
+msgid "Total chains"
+msgstr ""
+
+msgid "Trust Anchor ID"
+msgstr ""
+
+msgid "Trust Anchor IDs"
+msgstr ""
+
+msgid "Trust Anchors"
+msgstr ""
+
+msgid "Trust Mark ID"
+msgstr ""
+
+msgid ""
+"Trust Mark validation passed (there were no warnings or errors during "
+"validation)."
+msgstr ""
+
+msgid "Trust Marks"
+msgstr ""
+
+msgid "Type"
+msgstr "Type"
+
+msgid ""
+"URL to a JWKS document containing protocol public keys. Will be used if "
+"Signed JWKS URI is not set. Example: https://example.org/jwks"
+msgstr ""
+
+msgid ""
+"URL to a JWS document containing protocol public keys in JWKS format (claim "
+"'keys'). Example: https://example.org/signed-jwks"
+msgstr ""
+
+msgid ""
+"URLs as allowed origins for CORS requests, for public clients running in "
+"browser. Must have http:// or https:// scheme, and at least one 'domain.top-"
+"level-domain' pair, or more subdomains. Top-level-domain may end with '.'. "
+"No userinfo, path, query or fragment components allowed. May end with port "
+"number. One per line. Example: https://example.org"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Admin/Authorization.php:36
+msgid "Unable to initiate SimpleSAMLphp admin authentication."
+msgstr ""
+
+msgid "Updated at"
+msgstr ""
+
+msgid "User Entity Cache Duration"
+msgstr ""
+
+msgid "User Identifier Attribute"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Admin/Authorization.php:61
+msgid "User not authorized."
+msgstr ""
+
+msgid "Yes"
+msgstr ""
+
+msgid "You can now close this window or navigate to another page."
+msgstr ""
+
+msgid ""
+"You can use the form below to test Trust Chain resolution from a leaf entity "
+"ID to Trust Anchors."
+msgstr ""
+
+msgid ""
+"You can use the form below to test Trust Mark validation for particular "
+"entity under given Trust Anchor."
+msgstr ""
+
+msgid "Your session has expired. Please return to the home page and try again."
+msgstr ""
+
+msgid "disabled"
+msgstr ""
+
+msgid "enabled"
+msgstr ""
diff --git a/locales/es/LC_MESSAGES/oidc.po b/locales/es/LC_MESSAGES/oidc.po
index 49358c34..299a0f78 100644
--- a/locales/es/LC_MESSAGES/oidc.po
+++ b/locales/es/LC_MESSAGES/oidc.po
@@ -1,140 +1,566 @@
-msgid "OpenID Connect Client Registry"
-msgstr "Registro de clientes OpenID Connect"
+msgid ""
+msgstr ""
+"Project-Id-Version: \n"
+"POT-Creation-Date: \n"
+"PO-Revision-Date: \n"
+"Last-Translator: \n"
+"Language-Team: \n"
+"Language: es\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Domain: oidc\n"
 
-msgid "{oidc:add_client}"
-msgstr "Añadir cliente"
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Forms/ClientForm.php:372
+msgid "-"
+msgstr "-"
 
-msgid "{oidc:search}"
-msgstr "Buscar"
+msgid ""
+"A globally unique URI that is bound to the entity. URI must have https or "
+"http scheme and host / domain. It can contain path, but no query, or "
+"fragment component."
+msgstr ""
 
-msgid "{oidc:no_clients}"
-msgstr "No hay clientes"
+msgid "Access Token"
+msgstr ""
 
-msgid "{oidc:client_list}"
-msgstr "Lista de clientes"
+msgid "Activated"
+msgstr ""
 
-msgid "{oidc:client:name}"
-msgstr "Nombre"
+msgid "Add Client"
+msgstr ""
 
-msgid "{oidc:client:description}"
-msgstr "Descripción"
+msgid "Administrator"
+msgstr ""
 
-msgid "{oidc:client:identifier}"
-msgstr "Client id."
+msgid "All database migrations are implemented."
+msgstr ""
 
-msgid "{oidc:client:secret}"
-msgstr "Client secret"
+msgid "Allowed Origins"
+msgstr ""
 
-msgid "{oidc:client:auth_source}"
-msgstr "Auth. source"
+msgid "Allowed Origins (for public client)"
+msgstr ""
 
-msgid "{oidc:client:redirect_uri}"
-msgstr "URI de redirección"
+msgid "Allowed origins for public clients"
+msgstr ""
 
-msgid "{oidc:client:scopes}"
-msgstr "Scopes"
+msgid ""
+"Allowed redirect URIs to use after client initiated logout. Must be a valid "
+"URI, one per line. Example: https://example.org/foo?bar=1"
+msgstr ""
 
-msgid "{oidc:submit}"
-msgstr "Enviar"
+msgid ""
+"Allowed redirect URIs to which the authorization response will be sent. Must "
+"be a valid URI, one per line. Example: https://example.org/foo?bar=1"
+msgstr ""
 
-msgid "{oidc:create}"
-msgstr "Crear"
+msgid "Are you sure you want to delete this client?"
+msgstr ""
 
-msgid "{oidc:save}"
-msgstr "Guardar"
+msgid "Are you sure you want to reset client secret?"
+msgstr ""
 
-msgid "{oidc:return}"
-msgstr "Volver"
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Forms/ClientForm.php:363
+msgid "At least one redirect URI is required."
+msgstr ""
 
-msgid "{oidc:install}"
-msgstr "Instalar"
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Forms/ClientForm.php:378
+msgid "At least one scope is required."
+msgstr ""
 
-msgid "{oidc:copy}"
-msgstr "Copiar código"
+msgid "Authentication"
+msgstr ""
 
-msgid "{oidc:copied}"
-msgstr "¡Copiado!"
+msgid "Authentication Context Class References (ACRs)"
+msgstr ""
 
-msgid "{oidc:confirm}"
-msgstr "Confirmar"
+msgid "Authentication Processing Filters"
+msgstr ""
 
-msgid "{oidc:client:delete}"
-msgstr "Borrar Client OpenID Connect"
+msgid "Authentication Source"
+msgstr ""
 
-msgid "{oidc:client:confirm_delete}"
-msgstr "Por favor, confirme que desea borrar este cliente. Esta acción no se puede deshacer."
+msgid "Authentication Sources to ACRs Map"
+msgstr ""
 
-msgid "{oidc:edit}"
-msgstr "Editar"
+msgid ""
+"Authentication source for this particular client. If no authentication "
+"source is selected, the default one from configuration file will be used."
+msgstr ""
 
-msgid "{oidc:delete}"
-msgstr "Borrar"
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Forms/ClientForm.php:369
+msgid "Authentication source"
+msgstr ""
 
-msgid "{oidc:client:added}"
-msgstr "El cliente fue añadido con éxito."
+msgid "Authority Hints"
+msgstr ""
 
-msgid "{oidc:client:removed}"
-msgstr "El cliente fue eliminado con éxito."
+msgid "Authorization Code"
+msgstr ""
 
-msgid "{oidc:client:updated}"
-msgstr "El cliente fue actualizado con éxito."
+msgid "Back"
+msgstr ""
 
-msgid "{oidc:client:redirect_uri_help}"
-msgstr "Añada una URI válida por línea"
+msgid "Back-channel Logout URI"
+msgstr ""
 
-msgid "{oidc:client:auth_source_help}"
-msgstr "If no auth. source is selected, the default one from configuration file will be used."
+msgid "Before running the migrations, make sure that the database user has proper privileges to change the scheme (for example alter, create, drop, index). After running the migrations, it is a good practice to remove those privileges."
+msgstr ""
 
-msgid "{oidc:client:name_not_empty}"
-msgstr "El nombre no puede estar en blanco."
+msgid ""
+"By default, form is populated with current OP issuer and configured Trust "
+"Anchors, but you are free to adjust entries as needed."
+msgstr ""
 
-msgid "{oidc:client:redirect_uri_not_empty}"
-msgstr "Añada al menos una dirección."
+msgid "Cache"
+msgstr ""
 
-msgid "{oidc:client:redirect_uri_not_valid}"
-msgstr "Algunas de las direcciones de redirección no son válidas."
+msgid "Cache Adapter"
+msgstr ""
 
-msgid "{oidc:client:auth_source_not_empty}"
-msgstr "Seleccione un AuthSource."
+msgid "Cache Duration For Produced Artifacts"
+msgstr ""
 
-msgid "{oidc:client:scopes_not_empty}"
-msgstr "Seleccione al menos un scope."
+msgid ""
+"Choose if client is confidential or public. Confidential clients are capable "
+"of maintaining the confidentiality of their credentials (e.g., client "
+"implemented on a secure server with restricted access to the client "
+"credentials), or capable of secure client authentication using other means. "
+"Public clients are incapable of maintaining the confidentiality of their "
+"credentials (e.g., clients executing on the device used by the resource "
+"owner, such as an installed native application or a web browser-based "
+"application), and incapable of secure client authentication via any other "
+"means."
+msgstr ""
 
-msgid "{oidc:client:reset_secret}"
-msgstr "Resetear secreto"
+msgid ""
+"Choose if the client is allowed to participate in federation context or not."
+msgstr ""
 
-msgid "{oidc:client:reset_secret_warning}"
-msgstr "Esta acción cambiará su secreto de cliente y no puede deshacerse."
+msgid "Client"
+msgstr ""
 
-msgid "{oidc:client:secret_updated}"
-msgstr "El secreto de cliente fue actualizado con éxito."
+msgid "Client Registration Types"
+msgstr ""
 
-msgid "{oidc:install:oauth2}"
-msgstr "Marque si quiere migrar los datos del módulo obsoleto oauth2"
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:113
+msgid "Client Registry"
+msgstr ""
 
-msgid "{oidc:install:description}"
-msgstr "Este asistente le ayudará a crear la base de datos y a migrar información si fuera necesario."
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:201
+msgid "Client has been added."
+msgstr ""
 
-msgid "{oidc:install:finished}"
-msgstr "La base de datos ha sido creada."
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:147
+msgid "Client has been deleted."
+msgstr ""
 
-msgid "{oidc:import:finished}"
-msgstr "Los clientes del módulo oauth2 han sido importados."
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:277
+msgid "Client has been updated."
+msgstr ""
 
-msgid "{oidc:client:is_enabled}"
-msgstr "Activado"
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:120
+msgid "Client secret has been reset."
+msgstr ""
 
-msgid "{oidc:oidc:title}"
-msgstr "Registro de clientes OpenID Connect"
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:183
+msgid "Client with generated ID already exists."
+msgstr ""
 
-msgid "{oidc:client:is_confidential}"
-msgstr "Cliente confidencial"
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:190
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:265
+msgid "Client with given entity identifier already exists."
+msgstr ""
 
-msgid "{oidc:client:is_confidential_help}"
-msgstr "Elija si el cliente es confidencial o público."
+msgid "Confidential"
+msgstr ""
 
-msgid "{oidc:client:state}"
-msgstr "Estado"
+msgid "Configuration URL"
+msgstr ""
 
-msgid "{oidc:client:csrf_error}"
-msgstr "Su sesión ha expirado. Por favor, vuelva a la página de inicio e inténtelo de nuevo."
+msgid "Contacts"
+msgstr ""
+
+msgid "Created at"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:106
+msgid "Database Migrations"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ConfigController.php:46
+msgid "Database is already migrated."
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ConfigController.php:52
+msgid "Database migrated successfully."
+msgstr ""
+
+msgid "Default Authentication Source"
+msgstr ""
+
+msgid "Delete"
+msgstr ""
+
+msgid "Description"
+msgstr ""
+
+msgid "Disabled"
+msgstr ""
+
+msgid "Discovery URL"
+msgstr ""
+
+msgid "Edit"
+msgstr ""
+
+msgid "Edit Client"
+msgstr ""
+
+msgid "Enabled"
+msgstr ""
+
+msgid ""
+"Enter if client supports Back-Channel Logout specification. When logout is "
+"initiated at the OpenID Provider, it will send a Logout Token to this URI in "
+"order to notify the client about that event. Must be a valid URI. Example: "
+"https://example.org/foo?bar=1"
+msgstr ""
+
+msgid "Enter one Trust Anchor ID per line."
+msgstr ""
+
+msgid "Entity"
+msgstr ""
+
+msgid "Entity Identifier"
+msgstr ""
+
+msgid "Entity Statement Duration"
+msgstr ""
+
+msgid "Expires at"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Codebooks/RegistrationTypeEnum.php:18
+msgid "Federated Automatic"
+msgstr ""
+
+msgid "Federation Enabled"
+msgstr ""
+
+msgid "Federation JWKS"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:127
+msgid "Federation Settings"
+msgstr ""
+
+msgid "Forced ACR For Cookie Authentication"
+msgstr ""
+
+msgid "Homepage URI"
+msgstr ""
+
+msgid "Identifier"
+msgstr ""
+
+msgid "Info"
+msgstr ""
+
+msgid "Is Federated"
+msgstr ""
+
+msgid "Issuer"
+msgstr ""
+
+msgid ""
+"JSON object (string) representing JWKS document containing protocol public "
+"keys. Note that this should be different from Federation JWKS. Will be used "
+"if JWKS URI is not set. Example: {\"keys\":[{\"kty\": \"RSA\",\"n\": \"...\","
+"\"e\": \"AQAB\",\"kid\": \"pro123\",\"use\": \"sig\",\"alg\": \"RS256\"}]}"
+msgstr ""
+
+msgid ""
+"JSON object (string) representing federation JWKS. This can be used, for "
+"example, in entity statements. Note that this should be different from "
+"Protocol JWKS. Example: {\"keys\":[{\"kty\": \"RSA\",\"n\": \"...\",\"e\": "
+"\"AQAB\",\"kid\": \"fed123\",\"use\": \"sig\",\"alg\": \"RS256\"}]}"
+msgstr ""
+
+msgid "JWKS"
+msgstr ""
+
+msgid "JWKS URI"
+msgstr ""
+
+msgid "Leaf Entity ID"
+msgstr ""
+
+msgid "Log messages"
+msgstr ""
+
+msgid ""
+"Log messages will show if any warnings or errors were raised during chain "
+"resolution."
+msgstr ""
+
+msgid ""
+"Log messages will show if any warnings or errors were raised during "
+"validation."
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:90
+msgid "Log out"
+msgstr ""
+
+msgid "Logo URI"
+msgstr ""
+
+msgid "Logout Failed"
+msgstr ""
+
+msgid "Logout Info"
+msgstr ""
+
+msgid "Logout Successful"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Codebooks/RegistrationTypeEnum.php:17
+msgid "Manual"
+msgstr ""
+
+msgid "Maximum Cache Duration For Fetched Artifacts"
+msgstr ""
+
+msgid "N/A"
+msgstr ""
+
+msgid "Name"
+msgstr ""
+
+msgid "Name and description"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Forms/ClientForm.php:357
+msgid "Name is required."
+msgstr ""
+
+msgid "never"
+msgstr ""
+
+msgid "No"
+msgstr ""
+
+msgid "No clients registered."
+msgstr ""
+
+msgid "No entries."
+msgstr ""
+
+msgid ""
+"Note that this will first resolve Trust Chain between given entity and Trust "
+"Anchor, and only then do the Trust Mark validation."
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/hooks/hook_adminmenu.php:24
+msgid "OIDC"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/hooks/hook_federationpage.php:34
+msgid "OIDC Client Registry"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/hooks/hook_federationpage.php:38
+msgid "OIDC Installation"
+msgstr ""
+
+msgid ""
+"One or more values from the list. If not selected, falls back to 'automatic'"
+msgstr ""
+
+msgid "OpenID Federation Related Properties"
+msgstr ""
+
+msgid "Organization Name"
+msgstr ""
+
+msgid "Owner"
+msgstr ""
+
+msgid "PKI"
+msgstr ""
+
+msgid "Path"
+msgstr ""
+
+msgid "Policy URI"
+msgstr ""
+
+msgid "Post-logout Redirect URIs"
+msgstr ""
+
+msgid "Private Key"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:120
+msgid "Protocol Settings"
+msgstr ""
+
+msgid "Public"
+msgstr ""
+
+msgid "Public Key"
+msgstr ""
+
+msgid "Redirect URI"
+msgstr ""
+
+msgid "Redirect URIs"
+msgstr ""
+
+msgid "Refresh Token"
+msgstr ""
+
+msgid "Registration Types"
+msgstr ""
+
+msgid "Registration"
+msgstr ""
+
+msgid "Requested session was not found or it is expired."
+msgstr ""
+
+msgid "Reset"
+msgstr ""
+
+msgid "Resolved chains"
+msgstr ""
+
+msgid "Run migrations"
+msgstr ""
+
+msgid "Scopes"
+msgstr ""
+
+msgid "Secret"
+msgstr ""
+
+msgid "Signed JWKS URI"
+msgstr ""
+
+msgid "Signing Algorithm"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Admin/Authorization.php:44
+msgid "SimpleSAMLphp admin access required."
+msgstr ""
+
+msgid "Status"
+msgstr ""
+
+msgid "Supported ACRs"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:134
+msgid "Test Trust Chain Resolution"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:141
+msgid "Test Trust Mark Validation"
+msgstr ""
+
+msgid ""
+"There are database migrations that have not been implemented.\n"
+"                Use the button below to run them now."
+msgstr ""
+
+msgid "Tokens Time-To-Live (TTL)"
+msgstr ""
+
+msgid "Total chains"
+msgstr ""
+
+msgid "Trust Anchor ID"
+msgstr ""
+
+msgid "Trust Anchor IDs"
+msgstr ""
+
+msgid "Trust Anchors"
+msgstr ""
+
+msgid "Trust Mark ID"
+msgstr ""
+
+msgid ""
+"Trust Mark validation passed (there were no warnings or errors during "
+"validation)."
+msgstr ""
+
+msgid "Trust Marks"
+msgstr ""
+
+msgid "Type"
+msgstr "Type"
+
+msgid ""
+"URL to a JWKS document containing protocol public keys. Will be used if "
+"Signed JWKS URI is not set. Example: https://example.org/jwks"
+msgstr ""
+
+msgid ""
+"URL to a JWS document containing protocol public keys in JWKS format (claim "
+"'keys'). Example: https://example.org/signed-jwks"
+msgstr ""
+
+msgid ""
+"URLs as allowed origins for CORS requests, for public clients running in "
+"browser. Must have http:// or https:// scheme, and at least one 'domain.top-"
+"level-domain' pair, or more subdomains. Top-level-domain may end with '.'. "
+"No userinfo, path, query or fragment components allowed. May end with port "
+"number. One per line. Example: https://example.org"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Admin/Authorization.php:36
+msgid "Unable to initiate SimpleSAMLphp admin authentication."
+msgstr ""
+
+msgid "Updated at"
+msgstr ""
+
+msgid "User Entity Cache Duration"
+msgstr ""
+
+msgid "User Identifier Attribute"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Admin/Authorization.php:61
+msgid "User not authorized."
+msgstr ""
+
+msgid "Yes"
+msgstr ""
+
+msgid "You can now close this window or navigate to another page."
+msgstr ""
+
+msgid ""
+"You can use the form below to test Trust Chain resolution from a leaf entity "
+"ID to Trust Anchors."
+msgstr ""
+
+msgid ""
+"You can use the form below to test Trust Mark validation for particular "
+"entity under given Trust Anchor."
+msgstr ""
+
+msgid "Your session has expired. Please return to the home page and try again."
+msgstr ""
+
+msgid "disabled"
+msgstr ""
+
+msgid "enabled"
+msgstr ""
diff --git a/locales/fr/LC_MESSAGES/oidc.po b/locales/fr/LC_MESSAGES/oidc.po
index d171b146..fe3cd317 100644
--- a/locales/fr/LC_MESSAGES/oidc.po
+++ b/locales/fr/LC_MESSAGES/oidc.po
@@ -5,188 +5,562 @@ msgstr ""
 "PO-Revision-Date: \n"
 "Last-Translator: \n"
 "Language-Team: \n"
+"Language: fr\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
-"Language: fr\n"
-"X-Generator: Poedit 2.2.1\n"
+"X-Domain: oidc\n"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Forms/ClientForm.php:372
+msgid "-"
+msgstr "-"
+
+msgid ""
+"A globally unique URI that is bound to the entity. URI must have https or "
+"http scheme and host / domain. It can contain path, but no query, or "
+"fragment component."
+msgstr ""
+
+msgid "Access Token"
+msgstr ""
+
+msgid "Activated"
+msgstr ""
+
+msgid "Add Client"
+msgstr ""
+
+msgid "Administrator"
+msgstr ""
+
+msgid "All database migrations are implemented."
+msgstr ""
+
+msgid "Allowed Origins"
+msgstr ""
 
-#, fuzzy
-msgid "{oidc:add_client}"
-msgstr "Ajouter un client"
+msgid "Allowed Origins (for public client)"
+msgstr ""
 
-#, fuzzy
-msgid "{oidc:search}"
-msgstr "Rechercher"
+msgid "Allowed origins for public clients"
+msgstr ""
 
-#, fuzzy
-msgid "{oidc:no_clients}"
-msgstr "Aucun client"
+msgid ""
+"Allowed redirect URIs to use after client initiated logout. Must be a valid "
+"URI, one per line. Example: https://example.org/foo?bar=1"
+msgstr ""
 
-#, fuzzy
-msgid "{oidc:client_list}"
-msgstr "Liste des clients"
+msgid ""
+"Allowed redirect URIs to which the authorization response will be sent. Must "
+"be a valid URI, one per line. Example: https://example.org/foo?bar=1"
+msgstr ""
+
+msgid "Are you sure you want to delete this client?"
+msgstr ""
 
-#, fuzzy
-msgid "{oidc:client:name}"
-msgstr "Nom"
+msgid "Are you sure you want to reset client secret?"
+msgstr ""
 
-msgid "{oidc:client:description}"
-msgstr "Description"
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Forms/ClientForm.php:363
+msgid "At least one redirect URI is required."
+msgstr ""
 
-msgid "{oidc:client:identifier}"
-msgstr "Client id."
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Forms/ClientForm.php:378
+msgid "At least one scope is required."
+msgstr ""
 
-msgid "{oidc:client:secret}"
-msgstr "Client secret"
+msgid "Authentication"
+msgstr ""
 
-msgid "{oidc:client:auth_source}"
-msgstr "Auth. source"
+msgid "Authentication Context Class References (ACRs)"
+msgstr ""
 
-msgid "{oidc:client:redirect_uri}"
-msgstr "Redirect URI"
+msgid "Authentication Processing Filters"
+msgstr ""
 
-msgid "{oidc:client:scopes}"
-msgstr "Scopes"
+msgid "Authentication Source"
+msgstr ""
 
-#, fuzzy
-msgid "{oidc:submit}"
-msgstr "Soumettre"
+msgid "Authentication Sources to ACRs Map"
+msgstr ""
 
-#, fuzzy
-msgid "{oidc:create}"
-msgstr "Créer"
+msgid ""
+"Authentication source for this particular client. If no authentication "
+"source is selected, the default one from configuration file will be used."
+msgstr ""
 
-#, fuzzy
-msgid "{oidc:save}"
-msgstr "Enregistrer"
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Forms/ClientForm.php:369
+msgid "Authentication source"
+msgstr ""
 
-#, fuzzy
-msgid "{oidc:return}"
-msgstr "Retour"
+msgid "Authority Hints"
+msgstr ""
 
-#, fuzzy
-msgid "{oidc:install}"
-msgstr "Installer"
+msgid "Authorization Code"
+msgstr ""
 
-#, fuzzy
-msgid "{oidc:copy}"
-msgstr "Copier le code"
+msgid "Back"
+msgstr ""
 
-#, fuzzy
-msgid "{oidc:copied}"
-msgstr "Copié!"
+msgid "Back-channel Logout URI"
+msgstr ""
 
-#, fuzzy
-msgid "{oidc:confirm}"
-msgstr "Confirmer"
+msgid "Before running the migrations, make sure that the database user has proper privileges to change the scheme (for example alter, create, drop, index). After running the migrations, it is a good practice to remove those privileges."
+msgstr ""
 
-msgid "{oidc:client:delete}"
-msgstr "Détruire le client OpenID Connect"
+msgid ""
+"By default, form is populated with current OP issuer and configured Trust "
+"Anchors, but you are free to adjust entries as needed."
+msgstr ""
 
-#, fuzzy
-msgid "{oidc:client:confirm_delete}"
-msgstr "Confirmer la suppression du client. Cette action est irréversible."
+msgid "Cache"
+msgstr ""
 
-#, fuzzy
-msgid "{oidc:delete}"
-msgstr "Supprimer"
+msgid "Cache Adapter"
+msgstr ""
 
-msgid "{oidc:edit}"
-msgstr "Modifier"
+msgid "Cache Duration For Produced Artifacts"
+msgstr ""
 
-#, fuzzy
-msgid "{oidc:client:added}"
-msgstr "Ajout du client réussi."
+msgid ""
+"Choose if client is confidential or public. Confidential clients are capable "
+"of maintaining the confidentiality of their credentials (e.g., client "
+"implemented on a secure server with restricted access to the client "
+"credentials), or capable of secure client authentication using other means. "
+"Public clients are incapable of maintaining the confidentiality of their "
+"credentials (e.g., clients executing on the device used by the resource "
+"owner, such as an installed native application or a web browser-based "
+"application), and incapable of secure client authentication via any other "
+"means."
+msgstr ""
 
-#, fuzzy
-msgid "{oidc:client:removed}"
-msgstr "Suppression du client réussie."
+msgid ""
+"Choose if the client is allowed to participate in federation context or not."
+msgstr ""
 
-#, fuzzy
-msgid "{oidc:client:updated}"
-msgstr "Mise à jour du client réussie."
+msgid "Client"
+msgstr ""
 
-#, fuzzy
-msgid "{oidc:client:redirect_uri_help}"
-msgstr "Ajouter un URI valide."
+msgid "Client Registration Types"
+msgstr ""
 
-msgid "{oidc:client:auth_source_help}"
-msgstr "If no auth. source is selected, the default one from configuration file will be used."
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:113
+msgid "Client Registry"
+msgstr ""
 
-#, fuzzy
-msgid "{oidc:client:name_not_empty}"
-msgstr "Saisir un nom pour le client."
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:201
+msgid "Client has been added."
+msgstr ""
 
-#, fuzzy
-msgid "{oidc:client:redirect_uri_not_empty}"
-msgstr "Saisir au moins un URI."
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:147
+msgid "Client has been deleted."
+msgstr ""
 
-#, fuzzy
-msgid "{oidc:client:redirect_uri_not_valid}"
-msgstr "Certaines des adresses de redirection ne sont pas valides."
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:277
+msgid "Client has been updated."
+msgstr ""
 
-#, fuzzy
-msgid "{oidc:client:auth_source_not_empty}"
-msgstr "Sélectionner un Auth. source."
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:120
+msgid "Client secret has been reset."
+msgstr ""
 
-#, fuzzy
-msgid "{oidc:client:scopes_not_empty}"
-msgstr "Sélectionner au moins une valeur de scope"
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:183
+msgid "Client with generated ID already exists."
+msgstr ""
 
-#, fuzzy
-msgid "{oidc:client:reset_secret}"
-msgstr "Réinitialiser la valeur de Client secret."
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:190
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:265
+msgid "Client with given entity identifier already exists."
+msgstr ""
 
-#, fuzzy
-msgid "{oidc:client:reset_secret_warning}"
-msgstr "Cette action modifiera la valeur de Client secret et est irréversible."
+msgid "Confidential"
+msgstr ""
 
-#, fuzzy
-msgid "{oidc:client:secret_updated}"
-msgstr "Mise à jour réussie de la valeur de Client secret."
+msgid "Configuration URL"
+msgstr ""
 
-msgid "{oidc:install:oauth2}"
-msgstr "Vérifier si vous voulez migrer les données depuis le module désuet oauth2."
+msgid "Contacts"
+msgstr ""
 
-#, fuzzy
-msgid "{oidc:install:description}"
-msgstr "L'installateur aidera à créer la base de données et à migrer les informations, si nécessaire. "
+msgid "Created at"
+msgstr ""
 
-#, fuzzy
-msgid "{oidc:install:finished}"
-msgstr "La base de données a été créée."
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:106
+msgid "Database Migrations"
+msgstr ""
 
-#, fuzzy
-msgid "{oidc:import:finished}"
-msgstr "Les clients du module désuet oauth2 ont été importés."
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ConfigController.php:46
+msgid "Database is already migrated."
+msgstr ""
 
-#, fuzzy
-msgid "{oidc:client:is_enabled}"
-msgstr "Activé"
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ConfigController.php:52
+msgid "Database migrated successfully."
+msgstr ""
 
-msgid "{oidc:client:deactivated}"
-msgstr "Désactivé"
+msgid "Default Authentication Source"
+msgstr ""
 
-msgid "{oidc:client:confidential}"
-msgstr "Confidentiel"
+msgid "Delete"
+msgstr ""
 
-msgid "{oidc:client:client}"
-msgstr "Client"
+msgid "Description"
+msgstr ""
 
-msgid "{oidc:client:type}"
-msgstr "Taper"
+msgid "Disabled"
+msgstr ""
 
-msgid "{oidc:client:confidential_help}"
+msgid "Discovery URL"
 msgstr ""
-"Choisissez si le client est confidentiel ou public. Les clients confidentiels sont capables de maintenir la "
-"confidentialité de leurs informations d'identification (par exemple, client implémenté sur un serveur sécurisé avec "
-"un accès restreint aux informations d'identification du client), ou capable de sécuriser l'authentification du client "
-"par d'autres moyens. Les clients publics sont incapables de maintenir le confidentialité de leurs informations "
-"d'identification (par exemple, les clients s'exécutant sur le périphérique utilisé par le propriétaire de la "
-"ressource, tel qu'un application native installée ou application basée sur un navigateur Web), et incapable de "
-"sécuriser l'authentification du client via tout autre moyen."
-""
 
-msgid "{oidc:client:public_client}"
-msgstr "Client public"
\ No newline at end of file
+msgid "Edit"
+msgstr ""
+
+msgid "Edit Client"
+msgstr ""
+
+msgid "Enabled"
+msgstr ""
+
+msgid ""
+"Enter if client supports Back-Channel Logout specification. When logout is "
+"initiated at the OpenID Provider, it will send a Logout Token to this URI in "
+"order to notify the client about that event. Must be a valid URI. Example: "
+"https://example.org/foo?bar=1"
+msgstr ""
+
+msgid "Enter one Trust Anchor ID per line."
+msgstr ""
+
+msgid "Entity"
+msgstr ""
+
+msgid "Entity Identifier"
+msgstr ""
+
+msgid "Entity Statement Duration"
+msgstr ""
+
+msgid "Expires at"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Codebooks/RegistrationTypeEnum.php:18
+msgid "Federated Automatic"
+msgstr ""
+
+msgid "Federation Enabled"
+msgstr ""
+
+msgid "Federation JWKS"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:127
+msgid "Federation Settings"
+msgstr ""
+
+msgid "Forced ACR For Cookie Authentication"
+msgstr ""
+
+msgid "Homepage URI"
+msgstr ""
+
+msgid "Identifier"
+msgstr ""
+
+msgid "Info"
+msgstr ""
+
+msgid "Is Federated"
+msgstr ""
+
+msgid "Issuer"
+msgstr ""
+
+msgid ""
+"JSON object (string) representing JWKS document containing protocol public "
+"keys. Note that this should be different from Federation JWKS. Will be used "
+"if JWKS URI is not set. Example: {\"keys\":[{\"kty\": \"RSA\",\"n\": \"...\","
+"\"e\": \"AQAB\",\"kid\": \"pro123\",\"use\": \"sig\",\"alg\": \"RS256\"}]}"
+msgstr ""
+
+msgid ""
+"JSON object (string) representing federation JWKS. This can be used, for "
+"example, in entity statements. Note that this should be different from "
+"Protocol JWKS. Example: {\"keys\":[{\"kty\": \"RSA\",\"n\": \"...\",\"e\": "
+"\"AQAB\",\"kid\": \"fed123\",\"use\": \"sig\",\"alg\": \"RS256\"}]}"
+msgstr ""
+
+msgid "JWKS"
+msgstr ""
+
+msgid "JWKS URI"
+msgstr ""
+
+msgid "Leaf Entity ID"
+msgstr ""
+
+msgid "Log messages"
+msgstr ""
+
+msgid ""
+"Log messages will show if any warnings or errors were raised during chain "
+"resolution."
+msgstr ""
+
+msgid ""
+"Log messages will show if any warnings or errors were raised during "
+"validation."
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:90
+msgid "Log out"
+msgstr ""
+
+msgid "Logo URI"
+msgstr ""
+
+msgid "Logout Failed"
+msgstr ""
+
+msgid "Logout Info"
+msgstr ""
+
+msgid "Logout Successful"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Codebooks/RegistrationTypeEnum.php:17
+msgid "Manual"
+msgstr ""
+
+msgid "Maximum Cache Duration For Fetched Artifacts"
+msgstr ""
+
+msgid "N/A"
+msgstr ""
+
+msgid "Name"
+msgstr ""
+
+msgid "Name and description"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Forms/ClientForm.php:357
+msgid "Name is required."
+msgstr ""
+
+msgid "never"
+msgstr ""
+
+msgid "No"
+msgstr ""
+
+msgid "No clients registered."
+msgstr ""
+
+msgid "No entries."
+msgstr ""
+
+msgid ""
+"Note that this will first resolve Trust Chain between given entity and Trust "
+"Anchor, and only then do the Trust Mark validation."
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/hooks/hook_adminmenu.php:24
+msgid "OIDC"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/hooks/hook_federationpage.php:34
+msgid "OIDC Client Registry"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/hooks/hook_federationpage.php:38
+msgid "OIDC Installation"
+msgstr ""
+
+msgid ""
+"One or more values from the list. If not selected, falls back to 'automatic'"
+msgstr ""
+
+msgid "OpenID Federation Related Properties"
+msgstr ""
+
+msgid "Organization Name"
+msgstr ""
+
+msgid "Owner"
+msgstr ""
+
+msgid "PKI"
+msgstr ""
+
+msgid "Path"
+msgstr ""
+
+msgid "Policy URI"
+msgstr ""
+
+msgid "Post-logout Redirect URIs"
+msgstr ""
+
+msgid "Private Key"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:120
+msgid "Protocol Settings"
+msgstr ""
+
+msgid "Public"
+msgstr ""
+
+msgid "Public Key"
+msgstr ""
+
+msgid "Redirect URI"
+msgstr ""
+
+msgid "Redirect URIs"
+msgstr ""
+
+msgid "Refresh Token"
+msgstr ""
+
+msgid "Registration Types"
+msgstr ""
+
+msgid "Registration"
+msgstr ""
+
+msgid "Requested session was not found or it is expired."
+msgstr ""
+
+msgid "Reset"
+msgstr ""
+
+msgid "Resolved chains"
+msgstr ""
+
+msgid "Run migrations"
+msgstr ""
+
+msgid "Scopes"
+msgstr ""
+
+msgid "Secret"
+msgstr ""
+
+msgid "Signed JWKS URI"
+msgstr ""
+
+msgid "Signing Algorithm"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Admin/Authorization.php:44
+msgid "SimpleSAMLphp admin access required."
+msgstr ""
+
+msgid "Status"
+msgstr ""
+
+msgid "Supported ACRs"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:134
+msgid "Test Trust Chain Resolution"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:141
+msgid "Test Trust Mark Validation"
+msgstr ""
+
+msgid ""
+"There are database migrations that have not been implemented.\n"
+"                Use the button below to run them now."
+msgstr ""
+
+msgid "Tokens Time-To-Live (TTL)"
+msgstr ""
+
+msgid "Total chains"
+msgstr ""
+
+msgid "Trust Anchor ID"
+msgstr ""
+
+msgid "Trust Anchor IDs"
+msgstr ""
+
+msgid "Trust Anchors"
+msgstr ""
+
+msgid "Trust Mark ID"
+msgstr ""
+
+msgid ""
+"Trust Mark validation passed (there were no warnings or errors during "
+"validation)."
+msgstr ""
+
+msgid "Trust Marks"
+msgstr ""
+
+msgid "Type"
+msgstr "Type"
+
+msgid ""
+"URL to a JWKS document containing protocol public keys. Will be used if "
+"Signed JWKS URI is not set. Example: https://example.org/jwks"
+msgstr ""
+
+msgid ""
+"URL to a JWS document containing protocol public keys in JWKS format (claim "
+"'keys'). Example: https://example.org/signed-jwks"
+msgstr ""
+
+msgid ""
+"URLs as allowed origins for CORS requests, for public clients running in "
+"browser. Must have http:// or https:// scheme, and at least one 'domain.top-"
+"level-domain' pair, or more subdomains. Top-level-domain may end with '.'. "
+"No userinfo, path, query or fragment components allowed. May end with port "
+"number. One per line. Example: https://example.org"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Admin/Authorization.php:36
+msgid "Unable to initiate SimpleSAMLphp admin authentication."
+msgstr ""
+
+msgid "Updated at"
+msgstr ""
+
+msgid "User Entity Cache Duration"
+msgstr ""
+
+msgid "User Identifier Attribute"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Admin/Authorization.php:61
+msgid "User not authorized."
+msgstr ""
+
+msgid "Yes"
+msgstr ""
+
+msgid "You can now close this window or navigate to another page."
+msgstr ""
+
+msgid ""
+"You can use the form below to test Trust Chain resolution from a leaf entity "
+"ID to Trust Anchors."
+msgstr ""
+
+msgid ""
+"You can use the form below to test Trust Mark validation for particular "
+"entity under given Trust Anchor."
+msgstr ""
+
+msgid "Your session has expired. Please return to the home page and try again."
+msgstr ""
+
+msgid "disabled"
+msgstr ""
+
+msgid "enabled"
+msgstr ""
diff --git a/locales/hr/LC_MESSAGES/oidc.po b/locales/hr/LC_MESSAGES/oidc.po
new file mode 100644
index 00000000..4d9ac306
--- /dev/null
+++ b/locales/hr/LC_MESSAGES/oidc.po
@@ -0,0 +1,614 @@
+msgid ""
+msgstr ""
+"Project-Id-Version: \n"
+"POT-Creation-Date: \n"
+"PO-Revision-Date: \n"
+"Last-Translator: \n"
+"Language-Team: \n"
+"Language: hr\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Domain: oidc\n"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Forms/ClientForm.php:372
+msgid "-"
+msgstr "-"
+
+msgid ""
+"A globally unique URI that is bound to the entity. URI must have https or "
+"http scheme and host / domain. It can contain path, but no query, or "
+"fragment component."
+msgstr "Globalno jedinstveni URI koji je vezan za entitet. URI mora imati https ili "
+"http shemu i naziv poslužitelja / domena. Može sadržavati putanju, ali ne i query ili "
+"fragment komponentu."
+
+msgid "Access Token"
+msgstr "Pristupni token"
+
+msgid "Activated"
+msgstr "Aktiviran"
+
+msgid "Add Client"
+msgstr "Dodaj klijenta"
+
+msgid "Administrator"
+msgstr "Administrator"
+
+msgid "All database migrations are implemented."
+msgstr "Sve migracije baze podataka su implementirane."
+
+msgid "Allowed Origins"
+msgstr "Dopuštena izvorišta"
+
+msgid "Allowed Origins (for public client)"
+msgstr "Dopuštena izvorišta (za javne klijente)"
+
+msgid "Allowed origins for public clients"
+msgstr "Dopuštena izvorišta za javne klijente"
+
+msgid ""
+"Allowed redirect URIs to use after client initiated logout. Must be a valid "
+"URI, one per line. Example: https://example.org/foo?bar=1"
+msgstr ""
+"Dopušteni URIji za preusmjeravnje nakon odjave koju pokrene klijent. Mora biti valjan "
+"URI, jedan po retku. Primjer: https://example.org/foo?bar=1"
+
+msgid ""
+"Allowed redirect URIs to which the authorization response will be sent. Must "
+"be a valid URI, one per line. Example: https://example.org/foo?bar=1"
+msgstr ""
+"Dopušteni URIji za preusmjeravanje na koje će biti poslan autorizacijski odgovor. Mora "
+"biti valjan URI, jedan po retku. Primjer: https://example.org/foo?bar=1"
+
+msgid "Are you sure you want to delete this client?"
+msgstr "Jeste li sigurni da želite izbrisati ovog klijenta?"
+
+msgid "Are you sure you want to reset client secret?"
+msgstr "Jeste li sigurni da želite resetirati tajnu klijenta?"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Forms/ClientForm.php:363
+msgid "At least one redirect URI is required."
+msgstr "Potreban je najmanje jedan URI za preusmjeravanje."
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Forms/ClientForm.php:378
+msgid "At least one scope is required."
+msgstr "Potreban je najmanje jedan opseg."
+
+msgid "Authentication"
+msgstr "Autentikacija"
+
+msgid "Authentication Context Class References (ACRs)"
+msgstr "Reference klase konteksta autentikacije (ACRovi)"
+
+msgid "Authentication Processing Filters"
+msgstr "Filteri za obradu autentikacije"
+
+msgid "Authentication Source"
+msgstr "Autentikacijski izvor"
+
+msgid "Authentication Sources to ACRs Map"
+msgstr "Mapa autentikacijskih izvora na ACRove"
+
+msgid ""
+"Authentication source for this particular client. If no authentication "
+"source is selected, the default one from configuration file will be used."
+msgstr ""
+"Autentikacijski izvor za ovog klijenta. Ako nije odabran autentikacijski "
+"izvor, koristit će se zadani iz konfiguracijske datoteke."
+
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Forms/ClientForm.php:369
+msgid "Authentication source"
+msgstr "Autentikacijski izvor"
+
+msgid "Authority Hints"
+msgstr "Sugestije autoriteta"
+
+msgid "Authorization Code"
+msgstr "Autorizacijski kod"
+
+msgid "Back"
+msgstr "Natrag"
+
+msgid "Back-channel Logout URI"
+msgstr "URI za odjavu u pozadinskom kanalu"
+
+msgid "Before running the migrations, make sure that the database user has proper privileges to change the scheme (for example alter, create, drop, index). After running the migrations, it is a good practice to remove those privileges."
+msgstr "Prije pokretanja migracija, provjerite ima li korisnik baze podataka odgovarajuće privilegije za promjenu sheme (na primjer, alter, create, drop, index). Nakon pokretanja migracija, dobra je praksa ukloniti te privilegije."
+
+msgid ""
+"By default, form is populated with current OP issuer and configured Trust "
+"Anchors, but you are free to adjust entries as needed."
+msgstr ""
+"Prema zadanim postavkama, obrazac je popunjen trenutnim izdavateljem OP-a i konfiguriranim Sidrom"
+"povjerenja, ali vrijednosti možete slobodno prilagoditi prema potrebi."
+
+msgid "Cache"
+msgstr "Predmemorija"
+
+msgid "Cache Adapter"
+msgstr "Adapter za predmemoriju"
+
+msgid "Cache Duration For Produced Artifacts"
+msgstr "Trajanje predmemorije za proizvedene artefakte "
+
+msgid ""
+"Choose if client is confidential or public. Confidential clients are capable "
+"of maintaining the confidentiality of their credentials (e.g., client "
+"implemented on a secure server with restricted access to the client "
+"credentials), or capable of secure client authentication using other means. "
+"Public clients are incapable of maintaining the confidentiality of their "
+"credentials (e.g., clients executing on the device used by the resource "
+"owner, such as an installed native application or a web browser-based "
+"application), and incapable of secure client authentication via any other "
+"means."
+msgstr ""
+"Odaberite je li klijent povjerljiv ili javan. Povjerljivi klijenti su sposobni "
+"održavati tajnost njihovih vjerodajnica (npr. klijent "
+"implementiran na sigurnom poslužitelju s ograničenim pristupom klijentskim "
+"vjerodajnicama) ili sposobni za autentikaciju klijenta korištenjem drugih sredstava. "
+"Javni klijenti nisu u stanju održavati tajnost svojih "
+"vjerodajnica (npr. klijenti koji se izvršavaju na uređaju kojeg koristi vlasnik resursa, "
+"kao što je instalirana izvorna aplikacija ili web-preglednik) "
+"i koji nisu sposobni za autentikacijju klijenta putem bilo kojeg drugog sredstva."
+
+msgid ""
+"Choose if the client is allowed to participate in federation context or not."
+msgstr "Odaberite smije li klijent sudjelovati u kontekstu federacije ili ne."
+
+msgid "Client"
+msgstr "Klijent"
+
+msgid "Client Registration Types"
+msgstr "Tipovi registracije klijenta"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:113
+msgid "Client Registry"
+msgstr "Registar klijenata"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:201
+msgid "Client has been added."
+msgstr "Klijent je dodan."
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:147
+msgid "Client has been deleted."
+msgstr "Klijen je obrisan."
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:277
+msgid "Client has been updated."
+msgstr "Klijent je ažuriran."
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:120
+msgid "Client secret has been reset."
+msgstr "Tajna klijenta je resetirana"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:183
+msgid "Client with generated ID already exists."
+msgstr "Klijent s generiranim ID-om već postoji."
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:190
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:265
+msgid "Client with given entity identifier already exists."
+msgstr "Klijent s danim identifikatorom entiteta već postoji."
+
+msgid "Confidential"
+msgstr "Povjerljiv"
+
+msgid "Configuration URL"
+msgstr "Konfiguracijski URL"
+
+msgid "Contacts"
+msgstr "Kontakti"
+
+msgid "Created at"
+msgstr "Stvoreno u"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:106
+msgid "Database Migrations"
+msgstr "Migracije baze podataka"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ConfigController.php:46
+msgid "Database is already migrated."
+msgstr "Baza podataka je već migrirana."
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ConfigController.php:52
+msgid "Database migrated successfully."
+msgstr "Baza podataka je uspješno migrirana."
+
+msgid "Default Authentication Source"
+msgstr "Zadani autentikacijski izvor"
+
+msgid "Delete"
+msgstr "Obriši"
+
+msgid "Description"
+msgstr "Opis"
+
+msgid "Disabled"
+msgstr "Onemogućeno"
+
+msgid "Discovery URL"
+msgstr "URL za otkrivanje"
+
+msgid "Edit"
+msgstr "Uredi"
+
+msgid "Edit Client"
+msgstr "Uredi klijenta"
+
+msgid "Enabled"
+msgstr "Omogućeno"
+
+msgid ""
+"Enter if client supports Back-Channel Logout specification. When logout is "
+"initiated at the OpenID Provider, it will send a Logout Token to this URI in "
+"order to notify the client about that event. Must be a valid URI. Example: "
+"https://example.org/foo?bar=1"
+msgstr ""
+"Unesite ako klijent podržava odjavu u pozadinskom kanalu. Kada je odjava "
+"pokrenuta kod pružatelja OpenID-a, poslat će token za odjavu na ovaj URI "
+"kako bi obavijestio klijenta o tom događaju. Mora biti važeći URI. Primjer: "
+"https://example.org/foo?bar=1"
+
+msgid "Enter one Trust Anchor ID per line."
+msgstr "Unesi jedno sidro povjerenja po retku"
+
+msgid "Entity"
+msgstr "Entitet"
+
+msgid "Entity Identifier"
+msgstr "Identifikator entiteta"
+
+msgid "Entity Statement Duration"
+msgstr "Trajanje izjave o entitetu"
+
+msgid "Expires at"
+msgstr "Ističe u"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Codebooks/RegistrationTypeEnum.php:18
+msgid "Federated Automatic"
+msgstr "Federirano automatski"
+
+msgid "Federation Enabled"
+msgstr "Federacija omogućena"
+
+msgid "Federation JWKS"
+msgstr "Federacijski JWKS"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:127
+msgid "Federation Settings"
+msgstr "Federacijske postavke"
+
+msgid "Forced ACR For Cookie Authentication"
+msgstr "Forsirani ACR za autentikaciju putem kolačića"
+
+msgid "Homepage URI"
+msgstr "URI početne stranice"
+
+msgid "Identifier"
+msgstr "Identifikator"
+
+msgid "Info"
+msgstr "Informacije"
+
+msgid "Is Federated"
+msgstr "Je li federiran"
+
+msgid "Issuer"
+msgstr "Izdavatelj"
+
+msgid ""
+"JSON object (string) representing JWKS document containing protocol public "
+"keys. Note that this should be different from Federation JWKS. Will be used "
+"if JWKS URI is not set. Example: {\"keys\":[{\"kty\": \"RSA\",\"n\": \"...\","
+"\"e\": \"AQAB\",\"kid\": \"pro123\",\"use\": \"sig\",\"alg\": \"RS256\"}]}"
+msgstr ""
+"JSON objekt (niz znakova) koji predstavlja JWKS dokument koji sadrži javni ključ za prtokol. "
+"Imajte na umu da bi se ovo trebalo razlikovati od federacijskog JWKS. Koristit će se "
+"ako JWKS URI nije postavljen. Primjer: {\"keys\":[{\"kty\": \"RSA\",\"n\": \"...\","
+"\"e\": \"AQAB\",\"kid\": \"pro123\",\"use\": \"sig\",\"alg\": \"RS256\"}]}"
+
+msgid ""
+"JSON object (string) representing federation JWKS. This can be used, for "
+"example, in entity statements. Note that this should be different from "
+"Protocol JWKS. Example: {\"keys\":[{\"kty\": \"RSA\",\"n\": \"...\",\"e\": "
+"\"AQAB\",\"kid\": \"fed123\",\"use\": \"sig\",\"alg\": \"RS256\"}]}"
+msgstr ""
+"JSON objekt (niz znakova) koji predstavlja federaciju JWKS. Ovo se može koristiti, na "
+"primjer, u izjavama o entitetu. Imajte na umu da bi se ovo trebalo razlikovati od "
+"JWKS protokola. Primjer: {\"keys\":[{\"kty\": \"RSA\",\"n\": \"...\",\"e\": "
+"\"AQAB\",\"kid\": \"fed123\",\"use\": \"sig\",\"alg\": \"RS256\"}]}"
+
+msgid "JWKS"
+msgstr "JWKS"
+
+msgid "JWKS URI"
+msgstr "JWKS URI"
+
+msgid "Leaf Entity ID"
+msgstr "ID entiteta lista"
+
+msgid "Log messages"
+msgstr "Dnevnik poruka"
+
+msgid ""
+"Log messages will show if any warnings or errors were raised during chain "
+"resolution."
+msgstr "Dnevnik poruka pokazat će jesu li se tijekom razrješenja lanca povjerenja dogodila ikakva upozorenja ili pogreške."
+
+msgid ""
+"Log messages will show if any warnings or errors were raised during "
+"validation."
+msgstr "Dnevnik poruka pokazat će jesu li se tijekom validacije dogodila ikakva upozorenja ili pogreške."
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:90
+msgid "Log out"
+msgstr "Odjavi se"
+
+msgid "Logo URI"
+msgstr "URI logotipa"
+
+msgid "Logout Failed"
+msgstr "Odjava nije uspjela"
+
+msgid "Logout Info"
+msgstr "Informacije o odjavi"
+
+msgid "Logout Successful"
+msgstr "Odjava uspješna"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Codebooks/RegistrationTypeEnum.php:17
+msgid "Manual"
+msgstr "Ručno"
+
+msgid "Maximum Cache Duration For Fetched Artifacts"
+msgstr "Maksimalno trajanje predmemorije za dohvaćene artefakte"
+
+msgid "N/A"
+msgstr "N/A"
+
+msgid "Name"
+msgstr "Ime"
+
+msgid "Name and description"
+msgstr "Ime i opis"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Forms/ClientForm.php:357
+msgid "Name is required."
+msgstr "Ime je obavezno."
+
+msgid "never"
+msgstr "nikad"
+
+msgid "No"
+msgstr "Ne"
+
+msgid "No clients registered."
+msgstr "Nema registriranih klijenata"
+
+msgid "No entries."
+msgstr "Nema unosa."
+
+msgid ""
+"Note that this will first resolve Trust Chain between given entity and Trust "
+"Anchor, and only then do the Trust Mark validation."
+msgstr ""
+"Imajte na umu da će ovo prvo razriješiti lanac povjerenja između danog entiteta i sidra povjerenja, "
+"a tek onda izvršiti provjeru oznaku povjerenja."
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/hooks/hook_adminmenu.php:24
+msgid "OIDC"
+msgstr "OIDC"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/hooks/hook_federationpage.php:34
+msgid "OIDC Client Registry"
+msgstr "OIDC registar klijenata"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/hooks/hook_federationpage.php:38
+msgid "OIDC Installation"
+msgstr "OIDC instalacija"
+
+msgid ""
+"One or more values from the list. If not selected, falls back to 'automatic'"
+msgstr "Jedna ili više vrijednosti s popisa. Ako nije odabrano, postavlja se na 'automatski'"
+
+msgid "OpenID Federation Related Properties"
+msgstr "Svojstva povezane s OpenID federacijom"
+
+msgid "Organization Name"
+msgstr "Ime organizacije"
+
+msgid "Owner"
+msgstr "Vlasnik"
+
+msgid "PKI"
+msgstr "PKI"
+
+msgid "Path"
+msgstr "Putanja"
+
+msgid "Policy URI"
+msgstr "URI na pravila"
+
+msgid "Post-logout Redirect URIs"
+msgstr "URIji za preusmjeravanje nakon odjave"
+
+msgid "Private Key"
+msgstr "Privatni ključ"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:120
+msgid "Protocol Settings"
+msgstr "Postavke protokola"
+
+msgid "Public"
+msgstr "Javan"
+
+msgid "Public Key"
+msgstr "Javni ključ"
+
+msgid "Redirect URI"
+msgstr "URI za preusmjeravanje"
+
+msgid "Redirect URIs"
+msgstr "URIji za preusmjeravanje"
+
+msgid "Refresh Token"
+msgstr "Token za osvježavanje"
+
+msgid "Registration Types"
+msgstr "Tipovi registracije"
+
+msgid "Registration"
+msgstr "Registracija"
+
+msgid "Requested session was not found or it is expired."
+msgstr "Tražena sesija nije pronađena ili je istekla."
+
+msgid "Reset"
+msgstr "Resetiraj"
+
+msgid "Resolved chains"
+msgstr "Razriješeni lanci povjerenja"
+
+msgid "Run migrations"
+msgstr "Pokreni migracije"
+
+msgid "Scopes"
+msgstr "Opsezi"
+
+msgid "Secret"
+msgstr "Tajna"
+
+msgid "Signed JWKS URI"
+msgstr "Potpisani JWKS URI"
+
+msgid "Signing Algorithm"
+msgstr "Algoritam potpisivanja"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Admin/Authorization.php:44
+msgid "SimpleSAMLphp admin access required."
+msgstr "Potreban SimpleSAMLphp administratorski pristup."
+
+msgid "Status"
+msgstr "Status"
+
+msgid "Supported ACRs"
+msgstr "Podržani ACRovi"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:134
+msgid "Test Trust Chain Resolution"
+msgstr "Testiraj razrješenje lanca povjerenja"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:141
+msgid "Test Trust Mark Validation"
+msgstr "Provjera valjanosti oznake povjerenja"
+
+msgid ""
+"There are database migrations that have not been implemented.\n"
+"                Use the button below to run them now."
+msgstr "Postoje migracije baze podataka koje još nisu implementirane.\n"
+"                Upotrijebite gumb u nastavku da ih sada pokrenete."
+
+msgid "Tokens Time-To-Live (TTL)"
+msgstr "Vrijeme trajanja tokena (TTL)"
+
+msgid "Total chains"
+msgstr "Ukupno lanaca"
+
+msgid "Trust Anchor ID"
+msgstr "ID sidra povjerenja"
+
+msgid "Trust Anchor IDs"
+msgstr "IDevi sidra povjerenja"
+
+msgid "Trust Anchors"
+msgstr "Sidra povjerenja"
+
+msgid "Trust Mark ID"
+msgstr "ID oznake povjerenja"
+
+msgid ""
+"Trust Mark validation passed (there were no warnings or errors during "
+"validation)."
+msgstr ""
+"Provjera oznake povjerenja je prošla (nije bilo upozorenja ili pogrešaka tijekom "
+"provjere valjanosti)."
+
+msgid "Trust Marks"
+msgstr "Oznake povjerenja"
+
+msgid "Type"
+msgstr "Tip"
+
+msgid ""
+"URL to a JWKS document containing protocol public keys. Will be used if "
+"Signed JWKS URI is not set. Example: https://example.org/jwks"
+msgstr ""
+"URL do JWKS dokumenta koji sadrži javne ključeve protokola. Koristit će se ako "
+"potpisani JWKS URI nije postavljen. Primjer: https://example.org/jwks"
+
+msgid ""
+"URL to a JWS document containing protocol public keys in JWKS format (claim "
+"'keys'). Example: https://example.org/signed-jwks"
+msgstr ""
+"URL do JWS dokumenta koji sadrži javne ključeve protokola u JWKS formatu (tvrdnja "
+"'keys'). Primjer: https://example.org/signed-jwks"
+
+msgid ""
+"URLs as allowed origins for CORS requests, for public clients running in "
+"browser. Must have http:// or https:// scheme, and at least one 'domain.top-"
+"level-domain' pair, or more subdomains. Top-level-domain may end with '.'. "
+"No userinfo, path, query or fragment components allowed. May end with port "
+"number. One per line. Example: https://example.org"
+msgstr ""
+"URL-ovi kao dopušteni izvori za CORS zahtjeve, za javne klijente koji se izvršavaju u "
+"web-pregledniku. Mora imati http:// ili https:// shemu i barem jednu razinu 'pod-domena.top-domena'"
+"ili više poddomena. Domena najviše razine može završavati s '.'."
+"Nisu dopuštene korisničke informacije, putanja, 'query' ili fragment fragmenta. Može završiti s oznakom "
+"porta. Jedan po retku. Primjer: https://example.org"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Admin/Authorization.php:36
+msgid "Unable to initiate SimpleSAMLphp admin authentication."
+msgstr "Nije moguće inicirati SimpleSAMLphp administratorsku autentikaciju"
+
+msgid "Updated at"
+msgstr "Ažurirano u"
+
+msgid "User Entity Cache Duration"
+msgstr "Trajanje predmemorije korisničkog entiteta"
+
+msgid "User Identifier Attribute"
+msgstr "Atribut identifikator korisnika"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Admin/Authorization.php:61
+msgid "User not authorized."
+msgstr "Korisnik nije autoriziran."
+
+msgid "Yes"
+msgstr "Da"
+
+msgid "You can now close this window or navigate to another page."
+msgstr "Sada možete zatvoriti ovaj prozor ili otići na drugu stranicu."
+
+msgid ""
+"You can use the form below to test Trust Chain resolution from a leaf entity "
+"ID to Trust Anchors."
+msgstr ""
+"Možete upotrijebiti obrazac u nastavku za testiranje razrješenja lanca povjerenja od entiteta lista do"
+"sidra povjerenja."
+
+msgid ""
+"You can use the form below to test Trust Mark validation for particular "
+"entity under given Trust Anchor."
+msgstr ""
+"Možete upotrijebiti obrazac u nastavku za testiranje validacije za određeni entitet pod sidrom povjerenja."
+
+msgid "Your session has expired. Please return to the home page and try again."
+msgstr "Vaša je sjednica istekla. Vratite se na početnu stranicu i pokušajte ponovno."
+
+msgid "disabled"
+msgstr "onemogućeno"
+
+msgid "enabled"
+msgstr "omogućeno"
diff --git a/locales/it/LC_MESSAGES/oidc.po b/locales/it/LC_MESSAGES/oidc.po
index 7f9101ec..68b0da58 100644
--- a/locales/it/LC_MESSAGES/oidc.po
+++ b/locales/it/LC_MESSAGES/oidc.po
@@ -1,122 +1,566 @@
-msgid "{oidc:add_client}"
-msgstr "Aggiungi client"
+msgid ""
+msgstr ""
+"Project-Id-Version: \n"
+"POT-Creation-Date: \n"
+"PO-Revision-Date: \n"
+"Last-Translator: \n"
+"Language-Team: \n"
+"Language: it\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Domain: oidc\n"
 
-msgid "{oidc:search}"
-msgstr "Cerca"
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Forms/ClientForm.php:372
+msgid "-"
+msgstr "-"
 
-msgid "{oidc:no_clients}"
-msgstr "No clients"
+msgid ""
+"A globally unique URI that is bound to the entity. URI must have https or "
+"http scheme and host / domain. It can contain path, but no query, or "
+"fragment component."
+msgstr ""
 
-msgid "{oidc:client_list}"
-msgstr "Lista client"
+msgid "Access Token"
+msgstr ""
 
-msgid "{oidc:client:name}"
-msgstr "Nome"
+msgid "Activated"
+msgstr ""
 
-msgid "{oidc:client:description}"
-msgstr "Descrizione"
+msgid "Add Client"
+msgstr ""
 
-msgid "{oidc:client:identifier}"
-msgstr "Client id."
+msgid "Administrator"
+msgstr ""
 
-msgid "{oidc:client:secret}"
-msgstr "Client secret"
+msgid "All database migrations are implemented."
+msgstr ""
 
-msgid "{oidc:client:auth_source}"
-msgstr "Auth. source"
+msgid "Allowed Origins"
+msgstr ""
 
-msgid "{oidc:client:redirect_uri}"
-msgstr "Redirect URI"
+msgid "Allowed Origins (for public client)"
+msgstr ""
 
-msgid "{oidc:client:scopes}"
-msgstr "Scopes"
+msgid "Allowed origins for public clients"
+msgstr ""
 
-msgid "{oidc:submit}"
-msgstr "Invia"
+msgid ""
+"Allowed redirect URIs to use after client initiated logout. Must be a valid "
+"URI, one per line. Example: https://example.org/foo?bar=1"
+msgstr ""
 
-msgid "{oidc:create}"
-msgstr "Crea"
+msgid ""
+"Allowed redirect URIs to which the authorization response will be sent. Must "
+"be a valid URI, one per line. Example: https://example.org/foo?bar=1"
+msgstr ""
 
-msgid "{oidc:save}"
-msgstr "Salva"
+msgid "Are you sure you want to delete this client?"
+msgstr ""
 
-msgid "{oidc:return}"
-msgstr "Indietro"
+msgid "Are you sure you want to reset client secret?"
+msgstr ""
 
-msgid "{oidc:install}"
-msgstr "Installa"
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Forms/ClientForm.php:363
+msgid "At least one redirect URI is required."
+msgstr ""
 
-msgid "{oidc:copy}"
-msgstr "Copia codice"
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Forms/ClientForm.php:378
+msgid "At least one scope is required."
+msgstr ""
 
-msgid "{oidc:copied}"
-msgstr "Copiato!"
+msgid "Authentication"
+msgstr ""
 
-msgid "{oidc:confirm}"
-msgstr "Conferma"
+msgid "Authentication Context Class References (ACRs)"
+msgstr ""
 
-msgid "{oidc:client:delete}"
-msgstr "Cancella Client OpenID Connect"
+msgid "Authentication Processing Filters"
+msgstr ""
 
-msgid "{oidc:client:confirm_delete}"
-msgstr "Gentilmente, conferma che vuoi cancellare questo client. Questa cancellazione non può essere ripristinata."
+msgid "Authentication Source"
+msgstr ""
 
-msgid "{oidc:edit}"
-msgstr "Modifica"
+msgid "Authentication Sources to ACRs Map"
+msgstr ""
 
-msgid "{oidc:delete}"
-msgstr "Cancella"
+msgid ""
+"Authentication source for this particular client. If no authentication "
+"source is selected, the default one from configuration file will be used."
+msgstr ""
 
-msgid "{oidc:client:added}"
-msgstr "Il client è stato aggiunto con successo."
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Forms/ClientForm.php:369
+msgid "Authentication source"
+msgstr ""
 
-msgid "{oidc:client:removed}"
-msgstr "Il client è stato rimosso con successo."
+msgid "Authority Hints"
+msgstr ""
 
-msgid "{oidc:client:updated}"
-msgstr "Il client è stato aggiornato con successo."
+msgid "Authorization Code"
+msgstr ""
 
-msgid "{oidc:client:redirect_uri_help}"
-msgstr "Aggiungi una URI valida"
+msgid "Back"
+msgstr ""
 
-msgid "{oidc:client:auth_source_help}"
-msgstr "If no auth. source is selected, the default one from configuration file will be used."
+msgid "Back-channel Logout URI"
+msgstr ""
 
-msgid "{oidc:client:name_not_empty}"
-msgstr "Per favore aggiungi un nome."
+msgid "Before running the migrations, make sure that the database user has proper privileges to change the scheme (for example alter, create, drop, index). After running the migrations, it is a good practice to remove those privileges."
+msgstr ""
 
-msgid "{oidc:client:redirect_uri_not_empty}"
-msgstr "Per favore, aggiungi almeno una URI."
+msgid ""
+"By default, form is populated with current OP issuer and configured Trust "
+"Anchors, but you are free to adjust entries as needed."
+msgstr ""
 
-msgid "{oidc:client:redirect_uri_not_valid}"
-msgstr "Qualche indirizzo di redirezione non è valido."
+msgid "Cache"
+msgstr ""
 
-msgid "{oidc:client:auth_source_not_empty}"
-msgstr "Per favore seleziona una Auth Source."
+msgid "Cache Adapter"
+msgstr ""
 
-msgid "{oidc:client:scopes_not_empty}"
-msgstr "Per favore, seleziona almeno uno scope."
+msgid "Cache Duration For Produced Artifacts"
+msgstr ""
 
-msgid "{oidc:client:reset_secret}"
-msgstr "Ripristina secret"
+msgid ""
+"Choose if client is confidential or public. Confidential clients are capable "
+"of maintaining the confidentiality of their credentials (e.g., client "
+"implemented on a secure server with restricted access to the client "
+"credentials), or capable of secure client authentication using other means. "
+"Public clients are incapable of maintaining the confidentiality of their "
+"credentials (e.g., clients executing on the device used by the resource "
+"owner, such as an installed native application or a web browser-based "
+"application), and incapable of secure client authentication via any other "
+"means."
+msgstr ""
 
-msgid "{oidc:client:reset_secret_warning}"
-msgstr "Questa operazione cambierà il tuo client secret è non potrà essere ripristinata."
+msgid ""
+"Choose if the client is allowed to participate in federation context or not."
+msgstr ""
 
-msgid "{oidc:client:secret_updated}"
-msgstr "Il client secret è stato aggiornato con successo."
+msgid "Client"
+msgstr ""
 
-msgid "{oidc:install:oauth2}"
-msgstr "Controlla se vuoi migrare dati dal vecchio modulo oauth2"
+msgid "Client Registration Types"
+msgstr ""
 
-msgid "{oidc:install:description}"
-msgstr "This wizard will help you create the database and migrate information if necessary."
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:113
+msgid "Client Registry"
+msgstr ""
 
-msgid "{oidc:install:finished}"
-msgstr "Database creato con successo."
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:201
+msgid "Client has been added."
+msgstr ""
 
-msgid "{oidc:import:finished}"
-msgstr "I clients del vecchio modulo oauth2 sono stati importati con successo."
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:147
+msgid "Client has been deleted."
+msgstr ""
 
-msgid "{oidc:client:is_enabled}"
-msgstr "Attivato"
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:277
+msgid "Client has been updated."
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:120
+msgid "Client secret has been reset."
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:183
+msgid "Client with generated ID already exists."
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:190
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:265
+msgid "Client with given entity identifier already exists."
+msgstr ""
+
+msgid "Confidential"
+msgstr ""
+
+msgid "Configuration URL"
+msgstr ""
+
+msgid "Contacts"
+msgstr ""
+
+msgid "Created at"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:106
+msgid "Database Migrations"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ConfigController.php:46
+msgid "Database is already migrated."
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ConfigController.php:52
+msgid "Database migrated successfully."
+msgstr ""
+
+msgid "Default Authentication Source"
+msgstr ""
+
+msgid "Delete"
+msgstr ""
+
+msgid "Description"
+msgstr ""
+
+msgid "Disabled"
+msgstr ""
+
+msgid "Discovery URL"
+msgstr ""
+
+msgid "Edit"
+msgstr ""
+
+msgid "Edit Client"
+msgstr ""
+
+msgid "Enabled"
+msgstr ""
+
+msgid ""
+"Enter if client supports Back-Channel Logout specification. When logout is "
+"initiated at the OpenID Provider, it will send a Logout Token to this URI in "
+"order to notify the client about that event. Must be a valid URI. Example: "
+"https://example.org/foo?bar=1"
+msgstr ""
+
+msgid "Enter one Trust Anchor ID per line."
+msgstr ""
+
+msgid "Entity"
+msgstr ""
+
+msgid "Entity Identifier"
+msgstr ""
+
+msgid "Entity Statement Duration"
+msgstr ""
+
+msgid "Expires at"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Codebooks/RegistrationTypeEnum.php:18
+msgid "Federated Automatic"
+msgstr ""
+
+msgid "Federation Enabled"
+msgstr ""
+
+msgid "Federation JWKS"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:127
+msgid "Federation Settings"
+msgstr ""
+
+msgid "Forced ACR For Cookie Authentication"
+msgstr ""
+
+msgid "Homepage URI"
+msgstr ""
+
+msgid "Identifier"
+msgstr ""
+
+msgid "Info"
+msgstr ""
+
+msgid "Is Federated"
+msgstr ""
+
+msgid "Issuer"
+msgstr ""
+
+msgid ""
+"JSON object (string) representing JWKS document containing protocol public "
+"keys. Note that this should be different from Federation JWKS. Will be used "
+"if JWKS URI is not set. Example: {\"keys\":[{\"kty\": \"RSA\",\"n\": \"...\","
+"\"e\": \"AQAB\",\"kid\": \"pro123\",\"use\": \"sig\",\"alg\": \"RS256\"}]}"
+msgstr ""
+
+msgid ""
+"JSON object (string) representing federation JWKS. This can be used, for "
+"example, in entity statements. Note that this should be different from "
+"Protocol JWKS. Example: {\"keys\":[{\"kty\": \"RSA\",\"n\": \"...\",\"e\": "
+"\"AQAB\",\"kid\": \"fed123\",\"use\": \"sig\",\"alg\": \"RS256\"}]}"
+msgstr ""
+
+msgid "JWKS"
+msgstr ""
+
+msgid "JWKS URI"
+msgstr ""
+
+msgid "Leaf Entity ID"
+msgstr ""
+
+msgid "Log messages"
+msgstr ""
+
+msgid ""
+"Log messages will show if any warnings or errors were raised during chain "
+"resolution."
+msgstr ""
+
+msgid ""
+"Log messages will show if any warnings or errors were raised during "
+"validation."
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:90
+msgid "Log out"
+msgstr ""
+
+msgid "Logo URI"
+msgstr ""
+
+msgid "Logout Failed"
+msgstr ""
+
+msgid "Logout Info"
+msgstr ""
+
+msgid "Logout Successful"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Codebooks/RegistrationTypeEnum.php:17
+msgid "Manual"
+msgstr ""
+
+msgid "Maximum Cache Duration For Fetched Artifacts"
+msgstr ""
+
+msgid "N/A"
+msgstr ""
+
+msgid "Name"
+msgstr ""
+
+msgid "Name and description"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Forms/ClientForm.php:357
+msgid "Name is required."
+msgstr ""
+
+msgid "never"
+msgstr ""
+
+msgid "No"
+msgstr ""
+
+msgid "No clients registered."
+msgstr ""
+
+msgid "No entries."
+msgstr ""
+
+msgid ""
+"Note that this will first resolve Trust Chain between given entity and Trust "
+"Anchor, and only then do the Trust Mark validation."
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/hooks/hook_adminmenu.php:24
+msgid "OIDC"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/hooks/hook_federationpage.php:34
+msgid "OIDC Client Registry"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/hooks/hook_federationpage.php:38
+msgid "OIDC Installation"
+msgstr ""
+
+msgid ""
+"One or more values from the list. If not selected, falls back to 'automatic'"
+msgstr ""
+
+msgid "OpenID Federation Related Properties"
+msgstr ""
+
+msgid "Organization Name"
+msgstr ""
+
+msgid "Owner"
+msgstr ""
+
+msgid "PKI"
+msgstr ""
+
+msgid "Path"
+msgstr ""
+
+msgid "Policy URI"
+msgstr ""
+
+msgid "Post-logout Redirect URIs"
+msgstr ""
+
+msgid "Private Key"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:120
+msgid "Protocol Settings"
+msgstr ""
+
+msgid "Public"
+msgstr ""
+
+msgid "Public Key"
+msgstr ""
+
+msgid "Redirect URI"
+msgstr ""
+
+msgid "Redirect URIs"
+msgstr ""
+
+msgid "Refresh Token"
+msgstr ""
+
+msgid "Registration Types"
+msgstr ""
+
+msgid "Registration"
+msgstr ""
+
+msgid "Requested session was not found or it is expired."
+msgstr ""
+
+msgid "Reset"
+msgstr ""
+
+msgid "Resolved chains"
+msgstr ""
+
+msgid "Run migrations"
+msgstr ""
+
+msgid "Scopes"
+msgstr ""
+
+msgid "Secret"
+msgstr ""
+
+msgid "Signed JWKS URI"
+msgstr ""
+
+msgid "Signing Algorithm"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Admin/Authorization.php:44
+msgid "SimpleSAMLphp admin access required."
+msgstr ""
+
+msgid "Status"
+msgstr ""
+
+msgid "Supported ACRs"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:134
+msgid "Test Trust Chain Resolution"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:141
+msgid "Test Trust Mark Validation"
+msgstr ""
+
+msgid ""
+"There are database migrations that have not been implemented.\n"
+"                Use the button below to run them now."
+msgstr ""
+
+msgid "Tokens Time-To-Live (TTL)"
+msgstr ""
+
+msgid "Total chains"
+msgstr ""
+
+msgid "Trust Anchor ID"
+msgstr ""
+
+msgid "Trust Anchor IDs"
+msgstr ""
+
+msgid "Trust Anchors"
+msgstr ""
+
+msgid "Trust Mark ID"
+msgstr ""
+
+msgid ""
+"Trust Mark validation passed (there were no warnings or errors during "
+"validation)."
+msgstr ""
+
+msgid "Trust Marks"
+msgstr ""
+
+msgid "Type"
+msgstr "Type"
+
+msgid ""
+"URL to a JWKS document containing protocol public keys. Will be used if "
+"Signed JWKS URI is not set. Example: https://example.org/jwks"
+msgstr ""
+
+msgid ""
+"URL to a JWS document containing protocol public keys in JWKS format (claim "
+"'keys'). Example: https://example.org/signed-jwks"
+msgstr ""
+
+msgid ""
+"URLs as allowed origins for CORS requests, for public clients running in "
+"browser. Must have http:// or https:// scheme, and at least one 'domain.top-"
+"level-domain' pair, or more subdomains. Top-level-domain may end with '.'. "
+"No userinfo, path, query or fragment components allowed. May end with port "
+"number. One per line. Example: https://example.org"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Admin/Authorization.php:36
+msgid "Unable to initiate SimpleSAMLphp admin authentication."
+msgstr ""
+
+msgid "Updated at"
+msgstr ""
+
+msgid "User Entity Cache Duration"
+msgstr ""
+
+msgid "User Identifier Attribute"
+msgstr ""
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Admin/Authorization.php:61
+msgid "User not authorized."
+msgstr ""
+
+msgid "Yes"
+msgstr ""
+
+msgid "You can now close this window or navigate to another page."
+msgstr ""
+
+msgid ""
+"You can use the form below to test Trust Chain resolution from a leaf entity "
+"ID to Trust Anchors."
+msgstr ""
+
+msgid ""
+"You can use the form below to test Trust Mark validation for particular "
+"entity under given Trust Anchor."
+msgstr ""
+
+msgid "Your session has expired. Please return to the home page and try again."
+msgstr ""
+
+msgid "disabled"
+msgstr ""
+
+msgid "enabled"
+msgstr ""
diff --git a/locales/nl/LC_MESSAGES/oidc.po b/locales/nl/LC_MESSAGES/oidc.po
index c3eebb8c..b4d5964a 100644
--- a/locales/nl/LC_MESSAGES/oidc.po
+++ b/locales/nl/LC_MESSAGES/oidc.po
@@ -1,122 +1,520 @@
-msgid "{oidc:add_client}"
+msgid ""
+msgstr ""
+"Project-Id-Version: \n"
+"POT-Creation-Date: \n"
+"PO-Revision-Date: \n"
+"Last-Translator: \n"
+"Language-Team: \n"
+"Language: nl\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Domain: oidc\n"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Forms/ClientForm.php:372
+msgid "-"
+msgstr "-"
+
+msgid "A globally unique URI that is bound to the entity. URI must have https or http scheme and host / domain. It can contain path, but no query, or fragment component."
+msgstr "Een wereldwijd unieke URI die aan de entiteit is gebonden. URI moet een https- of http-schema en host/domein hebben. Het kan een pad bevatten, maar geen query of fragmentcomponent."
+
+msgid "Access Token"
+msgstr "Toegangstoken"
+
+msgid "Activated"
+msgstr "Geactiveerd"
+
+msgid "Add Client"
 msgstr "Client toevoegen"
 
-msgid "{oidc:search}"
-msgstr "Zoeken"
+msgid "Administrator"
+msgstr "Beheerder"
 
-msgid "{oidc:no_clients}"
-msgstr "Geen clients"
+msgid "All database migrations are implemented."
+msgstr "Alle databasemigraties worden uitgevoerd."
 
-msgid "{oidc:client_list}"
-msgstr "Client-overzicht"
+msgid "Allowed Origins"
+msgstr "Toegestane bronnen"
 
-msgid "{oidc:client:name}"
-msgstr "Naam"
+msgid "Allowed Origins (for public client)"
+msgstr "Toegestane beonnen (voor openbare client)"
 
-msgid "{oidc:client:description}"
-msgstr "Omschrijving"
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Forms/ClientForm.php:384
+msgid "Allowed origins for public clients"
+msgstr "Toegestane bronnen voor openbare clients"
+
+msgid "Allowed redirect URIs to use after client initiated logout. Must be a valid URI, one per line. Example: https://example.org/foo?bar=1"
+msgstr "Toegestane redirect-URI's om te gebruiken na client-geïnitieerde uitlog. Moet een geldige URI zijn, één per regel. Voorbeeld: https://example.org/foo?bar=1"
+
+msgid "Allowed redirect URIs to which the authorization response will be sent. Must be a valid URI, one per line. Example: https://example.org/foo?bar=1"
+msgstr "Toegestane redirect-URI's waarnaar de autorisatierespons wordt verzonden. Moet een geldige URI zijn, één per regel. Voorbeeld: https://example.org/foo?bar=1"
+
+msgid "Are you sure you want to delete this client?"
+msgstr "Weet u zeker dat u deze client wilt verwijderen?"
+
+msgid "Are you sure you want to reset client secret?"
+msgstr "Weet u zeker dat u het clientgeheim wilt resetten?"
 
-msgid "{oidc:client:identifier}"
-msgstr "Client ID"
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Forms/ClientForm.php:363
+msgid "At least one redirect URI is required."
+msgstr "Er is minimaal één redirect-URI vereist."
 
-msgid "{oidc:client:secret}"
-msgstr "Client secret"
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Forms/ClientForm.php:378
+msgid "At least one scope is required."
+msgstr "Er is minimaal één scope vereist."
 
-msgid "{oidc:client:auth_source}"
+msgid "Authentication"
+msgstr "Authenticatie"
+
+msgid "Authentication Context Class References (ACRs)"
+msgstr "Authentication Context Class References (ACRs)"
+
+msgid "Authentication Processing Filters"
+msgstr "Authentication Processing Filters"
+
+msgid "Authentication Source"
+msgstr "Authenticatiebron"
+
+msgid "Authentication Sources to ACRs Map"
+msgstr "Authenticatiebronnen naar ACR's mapping"
+
+msgid "Authentication source for this particular client. If no authentication source is selected, the default one from configuration file will be used."
+msgstr "Authenticatiebron voor deze specifieke client. Als er geen authenticatiebron is geselecteerd, wordt de standaardauthenticatiebron uit het configuratiebestand gebruikt."
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Forms/ClientForm.php:369
+msgid "Authentication source"
 msgstr "Authenticatiebron"
 
-msgid "{oidc:client:redirect_uri}"
-msgstr "Redirect URI"
+msgid "Authority Hints"
+msgstr "Authority Hints"
 
-msgid "{oidc:client:scopes}"
-msgstr "Scopes"
+msgid "Authorization Code"
+msgstr "Autorisatiecode"
 
-msgid "{oidc:submit}"
-msgstr "Verzenden"
+msgid "Back"
+msgstr "Terug"
 
-msgid "{oidc:create}"
-msgstr "Nieuw"
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Forms/ClientForm.php:387
+msgid "Back-channel Logout URI"
+msgstr "Back-channel Logout-URI"
 
-msgid "{oidc:save}"
-msgstr "Opslaan"
+msgid "Before running the migrations, make sure that the database user has proper privileges to change the scheme (for example alter, create, drop, index). After running the migrations, it is a good practice to remove those privileges."
+msgstr "Controleer voordat u de migraties uitvoert of de databasegebruiker de juiste rechten heeft om het schema te wijzigen (bijvoorbeeld alter, create, drop, index). Nadat u de migraties hebt uitgevoerd, is het een goede gewoonte om deze rechten te verwijderen."
 
-msgid "{oidc:return}"
-msgstr "Vorige"
+msgid "By default, form is populated with current OP issuer and configured Trust Anchors, but you are free to adjust entries as needed."
+msgstr "Standaard wordt het formulier ingevuld met de huidige OP-issuer en geconfigureerde Trust Anchors, maar u kunt de invoer indien nodig aanpassen."
 
-msgid "{oidc:install}"
-msgstr "Installeren"
+msgid "Cache"
+msgstr "Cache"
 
-msgid "{oidc:copy}"
-msgstr "Code kopiëren"
+msgid "Cache Adapter"
+msgstr "Cache-adapter"
 
-msgid "{oidc:copied}"
-msgstr "Gekopieerd!"
+msgid "Cache Duration For Produced Artifacts"
+msgstr "Cacheduur voor geproduceerde artefacten"
 
-msgid "{oidc:confirm}"
-msgstr "Bevestigen"
+msgid "Choose if client is confidential or public. Confidential clients are capable of maintaining the confidentiality of their credentials (e.g., client implemented on a secure server with restricted access to the client credentials), or capable of secure client authentication using other means. Public clients are incapable of maintaining the confidentiality of their credentials (e.g., clients executing on the device used by the resource owner, such as an installed native application or a web browser-based application), and incapable of secure client authentication via any other means."
+msgstr "Kies of de client vertrouwelijk of openbaar is. Vertrouwelijke clients zijn in staat om de vertrouwelijkheid van hun referenties te handhaven (bijv. client geïmplementeerd op een beveiligde server met beperkte toegang tot de clientreferenties), of in staat tot veilige clientauthenticatie met behulp van andere middelen. Openbare clients zijn niet in staat om de vertrouwelijkheid van hun referenties te handhaven (bijv. clients die worden uitgevoerd op het apparaat dat wordt gebruikt door de resource-eigenaar, zoals een geïnstalleerde native applicatie of een op een webbrowser gebaseerde applicatie), en niet in staat tot veilige clientauthenticatie via andere middelen."
 
-msgid "{oidc:client:delete}"
-msgstr "OpenID Connect Client verwijderen"
+msgid "Choose if the client is allowed to participate in federation context or not."
+msgstr "Selecteer of de cliënt mag deelnemen aan de federatiecontext of niet."
 
-msgid "{oidc:client:confirm_delete}"
-msgstr "Deze actie kan niet ongedaan gemaakt worden! Weet je zeker dat u deze client wilt verwijderen?"
+msgid "Client"
+msgstr "Cliënt"
 
-msgid "{oidc:edit}"
-msgstr "Bewerken"
+msgid "Client Registration Types"
+msgstr "Typen clientregistratie"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:113
+msgid "Client Registry"
+msgstr "Client-register"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:201
+msgid "Client has been added."
+msgstr "Client is toegevoegd."
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:147
+msgid "Client has been deleted."
+msgstr "Client is verwijderd."
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:277
+msgid "Client has been updated."
+msgstr "Client is bijgewerkt."
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:120
+msgid "Client secret has been reset."
+msgstr "Clientgeheim is gereset."
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:183
+msgid "Client with generated ID already exists."
+msgstr "Client met gegenereerde ID bestaat al."
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:190
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ClientController.php:265
+msgid "Client with given entity identifier already exists."
+msgstr "Client met opgegeven entiteits-ID bestaat al."
+
+msgid "Confidential"
+msgstr "Vertrouwelijk"
+
+msgid "Configuration URL"
+msgstr "Configuratie-URL"
+
+msgid "Contacts"
+msgstr "Contacten"
+
+msgid "Created at"
+msgstr "Gemaakt op"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:106
+msgid "Database Migrations"
+msgstr "Database migraties"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ConfigController.php:46
+msgid "Database is already migrated."
+msgstr "Database is al gemigreerd."
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Controllers/Admin/ConfigController.php:52
+msgid "Database migrated successfully."
+msgstr "Database succesvol gemigreerd."
+
+msgid "Default Authentication Source"
+msgstr "Standaard authenticatiebron"
 
-msgid "{oidc:delete}"
+msgid "Delete"
 msgstr "Verwijderen"
 
-msgid "{oidc:client:added}"
-msgstr "Client is succesvol aangemaakt."
+msgid "Description"
+msgstr "Omschrijving"
+
+msgid "Disabled"
+msgstr "Gehandicapt"
 
-msgid "{oidc:client:removed}"
-msgstr "Client is succesvol verwijderd."
+msgid "Discovery URL"
+msgstr "Ontdekkings-URL"
 
-msgid "{oidc:client:updated}"
-msgstr "Client is succesvol bijgewerkt."
+msgid "Edit"
+msgstr "Bewerken"
 
-msgid "{oidc:client:redirect_uri_help}"
-msgstr "Voer een geldige URI in"
+msgid "Edit Client"
+msgstr "Client bewerken"
 
-msgid "{oidc:client:auth_source_help}"
-msgstr "If no auth. source is selected, the default one from configuration file will be used."
+msgid "Enabled"
+msgstr "Ingeschakeld"
 
-msgid "{oidc:client:name_not_empty}"
-msgstr "Voer een naam in."
+msgid "Enter if client supports Back-Channel Logout specification. When logout is initiated at the OpenID Provider, it will send a Logout Token to this URI in order to notify the client about that event. Must be a valid URI. Example: https://example.org/foo?bar=1"
+msgstr "Voer in of de client Back-Channel Logout-specificatie ondersteunt. Wanneer logout wordt gestart bij de OpenID Provider, wordt een Logout Token naar deze URI verzonden om de client op de hoogte te stellen van die gebeurtenis. Moet een geldige URI zijn. Voorbeeld: https://example.org/foo?bar=1"
 
-msgid "{oidc:client:redirect_uri_not_empty}"
-msgstr "Voer minimaal een URI in"
+msgid "Enter one Trust Anchor ID per line."
+msgstr "Voer één Trust Anchor ID per regel in."
 
-msgid "{oidc:client:redirect_uri_not_valid}"
-msgstr "Sommige redirect adressen zijn ongeldig."
+msgid "Entity"
+msgstr "Entiteit"
 
-msgid "{oidc:client:auth_source_not_empty}"
-msgstr "Selecteer een authenticatiebron."
+msgid "Entity Identifier"
+msgstr "Entiteits-ID"
 
-msgid "{oidc:client:scopes_not_empty}"
-msgstr "Selecteer minimaal één scope."
+msgid "Entity Statement Duration"
+msgstr "Entiteitsverklaring Duur"
 
-msgid "{oidc:client:reset_secret}"
-msgstr "Secret vernieuwen"
+msgid "Expires at"
+msgstr "Verloopt op"
 
-msgid "{oidc:client:reset_secret_warning}"
-msgstr "Deze actie kan niet ongedaan gemaakt worden! Wil je het client secret vernieuwen?"
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Codebooks/RegistrationTypeEnum.php:18
+msgid "Federated Automatic"
+msgstr "Gefedereerde automatische"
 
-msgid "{oidc:client:secret_updated}"
-msgstr "Het client secret is succesvol gewijzigd."
+msgid "Federation Enabled"
+msgstr "Federatie ingeschakeld"
 
-msgid "{oidc:install:oauth2}"
-msgstr "Vink aan om gegevens vanuit de legacy oauth2 module te migreren"
+msgid "Federation JWKS"
+msgstr "Federatie JWKS"
 
-msgid "{oidc:install:description}"
-msgstr "Deze wizard zal de database aanmaken en indien nodig een migratie uitvoeren."
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:127
+msgid "Federation Settings"
+msgstr "Federatie-instellingen"
 
-msgid "{oidc:install:finished}"
-msgstr "De database is aangemaakt."
+msgid "Forced ACR For Cookie Authentication"
+msgstr "Geforceerde ACR voor cookie-authenticatie"
 
-msgid "{oidc:import:finished}"
-msgstr "Clients van de oude oauth2 module zijn geïmporteerd."
+msgid "Homepage URI"
+msgstr "Startpagina-URI"
 
-msgid "{oidc:client:is_enabled}"
-msgstr "Geactiveerd"
+msgid "Identifier"
+msgstr "Identificatie"
+
+msgid "Info"
+msgstr "Informatie"
+
+msgid "Is Federated"
+msgstr "Is gefedereerd"
+
+msgid "Issuer"
+msgstr "Uitgever"
+
+msgid "JSON object (string) representing JWKS document containing protocol public keys. Note that this should be different from Federation JWKS. Will be used if JWKS URI is not set. Example: {\"keys\":[{\"kty\": \"RSA\",\"n\": \"...\",\"e\": \"AQAB\",\"kid\": \"pro123\",\"use\": \"sig\",\"alg\": \"RS256\"}]}"
+msgstr "JSON-object (tekenreeks) dat een JWKS-document vertegenwoordigt met openbare protocolsleutels. Let op: dit moet anders zijn dan Federation JWKS. Wordt gebruikt als de JWKS-URI niet is ingesteld. Voorbeeld: {\"keys\":[{\"kty\": \"RSA\",\"n\": \"...\",\"e\": \"AQAB\",\"kid\": \"pro123\",\"use\": \"sig\",\"alg\": \"RS256\"}]}"
+
+msgid "JSON object (string) representing federation JWKS. This can be used, for example, in entity statements. Note that this should be different from Protocol JWKS. Example: {\"keys\":[{\"kty\": \"RSA\",\"n\": \"...\",\"e\": \"AQAB\",\"kid\": \"fed123\",\"use\": \"sig\",\"alg\": \"RS256\"}]}"
+msgstr "JSON-object (tekenreeks) dat federatie-JWKS vertegenwoordigt. Dit kan bijvoorbeeld worden gebruikt in entiteitsverklaringen. Let op dat dit anders moet zijn dan Protocol JWKS. Voorbeeld: {\"keys\":[{\"kty\": \"RSA\",\"n\": \"...\",\"e\": \"AQAB\",\"kid\": \"fed123\",\"use\": \"sig\",\"alg\": \"RS256\"}]}"
+
+msgid "JWKS"
+msgstr "JWKS"
+
+msgid "JWKS URI"
+msgstr "JWKS URI"
+
+msgid "Leaf Entity ID"
+msgstr "Leaf Entity ID"
+
+msgid "Log messages"
+msgstr "Logberichten"
+
+msgid "Log messages will show if any warnings or errors were raised during chain resolution."
+msgstr "In logberichten wordt aangegeven of er waarschuwingen of fouten zijn opgetreden tijdens het oplossen van de keten."
+
+msgid "Log messages will show if any warnings or errors were raised during validation."
+msgstr "In logberichten wordt aangegeven of er tijdens de validatie waarschuwingen of fouten zijn opgetreden."
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:90
+msgid "Log out"
+msgstr "Uitloggen"
+
+msgid "Logo URI"
+msgstr "Logo-URI"
+
+msgid "Logout Failed"
+msgstr "Uitloggen mislukt"
+
+msgid "Logout Info"
+msgstr "Uitloggen Info"
+
+msgid "Logout Successful"
+msgstr "Uitloggen succesvol"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Codebooks/RegistrationTypeEnum.php:17
+msgid "Manual"
+msgstr "Handmatig"
+
+msgid "Maximum Cache Duration For Fetched Artifacts"
+msgstr "Maximale cacheduur voor opgehaalde artefacten"
+
+msgid "N/A"
+msgstr "N/A"
+
+msgid "Name"
+msgstr "Naam"
+
+msgid "Name and description"
+msgstr "Naam en beschrijving"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Forms/ClientForm.php:357
+msgid "Name is required."
+msgstr "Naam is verplicht."
+
+msgid "never"
+msgstr "nooit"
+
+msgid "No"
+msgstr "Nee"
+
+msgid "No clients registered."
+msgstr "Er zijn geen klanten geregistreerd."
+
+msgid "No entries."
+msgstr "Geen invoer."
+
+msgid "Note that this will first resolve Trust Chain between given entity and Trust Anchor, and only then do the Trust Mark validation."
+msgstr "Houd er rekening mee dat hiermee eerst de Trust Chain tussen de gegeven entiteit en het Trust Anchor wordt opgelost en pas daarna de Trust Mark-validatie wordt uitgevoerd."
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/hooks/hook_adminmenu.php:24
+msgid "OIDC"
+msgstr "OIDC"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/hooks/hook_federationpage.php:34
+msgid "OIDC Client Registry"
+msgstr "OIDC-clientregister"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/hooks/hook_federationpage.php:38
+msgid "OIDC Installation"
+msgstr "OIDC-installatie"
+
+msgid "One or more values from the list. If not selected, falls back to 'automatic'"
+msgstr "Een of meer waarden uit de lijst. Indien niet geselecteerd, terugvallen op 'automatisch'"
+
+msgid "OpenID Federation Related Properties"
+msgstr "OpenID Federation-gerelateerde eigenschappen"
+
+msgid "Organization Name"
+msgstr "Organisatienaam"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Forms/ClientForm.php:380
+msgid "Owner"
+msgstr "Eigenaar"
+
+msgid "PKI"
+msgstr "PKI"
+
+msgid "Path"
+msgstr "Pad"
+
+msgid "Policy URI"
+msgstr "Beleids-URI"
+
+msgid "Post-logout Redirect URIs"
+msgstr "Post-logout Redirect-URI's"
+
+msgid "Private Key"
+msgstr "Privésleutel"
+
+msgid "Private Key Password Set"
+msgstr "Wachtwoord voor privésleutel instellen"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:120
+msgid "Protocol Settings"
+msgstr "Protocolinstellingen"
+
+msgid "Public"
+msgstr "Openbaar"
+
+msgid "Public Key"
+msgstr "Publieke sleutel"
+
+msgid "Redirect URI"
+msgstr "Omleidings-URI"
+
+msgid "Redirect URIs"
+msgstr "URI's omleiden"
+
+msgid "Refresh Token"
+msgstr "Token vernieuwen"
+
+msgid "Registration Types"
+msgstr "Registratietypen"
+
+msgid "Registration"
+msgstr "Registratie"
+
+msgid "Requested session was not found or it is expired."
+msgstr "De gevraagde sessie is niet gevonden of is verlopen."
+
+msgid "Reset"
+msgstr "Opnieuw instellen"
+
+msgid "Resolved chains"
+msgstr "Opgeloste ketens"
+
+msgid "Run migrations"
+msgstr "Migraties uitvoeren"
+
+msgid "Scopes"
+msgstr "Scopen"
+
+msgid "Secret"
+msgstr "Geheim"
+
+msgid "Signed JWKS URI"
+msgstr "Ondertekende JWKS URI"
+
+msgid "Signing Algorithm"
+msgstr "Ondertekeningsalgoritme"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Admin/Authorization.php:44
+msgid "SimpleSAMLphp admin access required."
+msgstr "SimpleSAMLphp-beheerdersrechten vereist."
+
+msgid "Status"
+msgstr "Status"
+
+msgid "Supported ACRs"
+msgstr "Ondersteunde ACR's"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:134
+msgid "Test Trust Chain Resolution"
+msgstr "Test Vertrouwensketen Resolutie"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Factories/TemplateFactory.php:141
+msgid "Test Trust Mark Validation"
+msgstr "Test Trust Mark-validatie"
+
+msgid ""
+"There are database migrations that have not been implemented.\n"
+"                Use the button below to run them now."
+msgstr ""
+"Er zijn databasemigraties die nog niet zijn geïmplementeerd.\n"
+"                Gebruik de onderstaande knop om ze nu uit te voeren."
+
+msgid "Tokens Time-To-Live (TTL)"
+msgstr "Tokens Time-To-Live (TTL)"
+
+msgid "Total chains"
+msgstr "Totaal aantal vertrouwensketens"
+
+msgid "Trust Anchor ID"
+msgstr "Vertrouw op anker-ID"
+
+msgid "Trust Anchor IDs"
+msgstr "Vertrouwde anker-ID's"
+
+msgid "Trust Anchors"
+msgstr "Vertrouw op ankers"
+
+msgid "Trust Mark ID"
+msgstr "Vertrouwensmerk-ID"
+
+msgid "Trust Mark validation passed (there were no warnings or errors during validation)."
+msgstr "Validatie van het Trust Mark is geslaagd (er zijn geen waarschuwingen of fouten opgetreden tijdens de validatie)."
+
+msgid "Trust Marks"
+msgstr "Vertrouwensmerken"
+
+msgid "Type"
+msgstr "Type"
+
+msgid "URL to a JWKS document containing protocol public keys. Will be used if Signed JWKS URI is not set. Example: https://example.org/jwks"
+msgstr "URL naar een JWKS-document met openbare protocolsleutels. Wordt gebruikt als Signed JWKS URI niet is ingesteld. Voorbeeld: https://example.org/jwks"
+
+msgid "URL to a JWS document containing protocol public keys in JWKS format (claim 'keys'). Example: https://example.org/signed-jwks"
+msgstr "URL naar een JWS-document met openbare protocolsleutels in JWKS-formaat (claim 'keys'). Voorbeeld: https://example.org/signed-jwks"
+
+msgid "URLs as allowed origins for CORS requests, for public clients running in browser. Must have http:// or https:// scheme, and at least one 'domain.top-level-domain' pair, or more subdomains. Top-level-domain may end with '.'. No userinfo, path, query or fragment components allowed. May end with port number. One per line. Example: https://example.org"
+msgstr "URL's als toegestane bronnen voor CORS-verzoeken, voor openbare clients die in de browser worden uitgevoerd. Moet een http://- of https://-schema hebben en ten minste één 'domein.top-level-domein'-paar, of meer subdomeinen. Top-level-domein mag eindigen op '.'. Geen gebruikersinfo-, pad-, query- of fragmentcomponenten toegestaan. Mag eindigen op poortnummer. Eén per regel. Voorbeeld: https://example.org"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Admin/Authorization.php:36
+msgid "Unable to initiate SimpleSAMLphp admin authentication."
+msgstr "Kan SimpleSAMLphp-beheerdersauthenticatie niet starten."
+
+msgid "Updated at"
+msgstr "Bijgewerkt op"
+
+msgid "User Entity Cache Duration"
+msgstr "Duur cache gebruikersentiteit"
+
+msgid "User Identifier Attribute"
+msgstr "Gebruikers-ID-kenmerk"
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Admin/Authorization.php:61
+msgid "User not authorized."
+msgstr "Gebruiker niet geautoriseerd."
+
+msgid "Yes"
+msgstr "Ja"
+
+msgid "You can now close this window or navigate to another page."
+msgstr "U kunt nu dit venster sluiten of naar een andere pagina navigeren."
+
+msgid "You can use the form below to test Trust Chain resolution from a leaf entity ID to Trust Anchors."
+msgstr "U kunt het onderstaande formulier gebruiken om de Trust Chain-resolutie van een leaf-entiteits-ID naar Trust Anchors te testen."
+
+msgid "You can use the form below to test Trust Mark validation for particular entity under given Trust Anchor."
+msgstr "U kunt het onderstaande formulier gebruiken om de Trust Mark-validatie voor een specifieke entiteit onder het opgegeven Trust Anchor te testen."
+
+#: /var/www/projects/simplesamlphp/simplesamlphp-2.3/modules/oidc/src/Services/Container.php:143
+msgid "Your session has expired. Please return to the home page and try again."
+msgstr "Uw sessie is verlopen. Ga terug naar de startpagina en probeer het opnieuw."
+
+msgid "disabled"
+msgstr "uitgeschakeld"
+
+msgid "enabled"
+msgstr "ingeschakeld"
diff --git a/src/Forms/ClientForm.php b/src/Forms/ClientForm.php
index 05f54d3b..71844403 100644
--- a/src/Forms/ClientForm.php
+++ b/src/Forms/ClientForm.php
@@ -353,40 +353,40 @@ protected function buildForm(): void
         $this->setMethod('POST');
         $this->addComponent($this->csrfProtection, Form::ProtectorId);
 
-        $this->addText('name', '{oidc:client:name}')
+        $this->addText('name', Translate::noop('Name'))
             ->setHtmlAttribute('class', 'full-width')
             ->setMaxLength(255)
             ->setRequired(Translate::noop('Name is required.'));
 
-        $this->addTextArea('description', '{oidc:client:description}', null, 3)
+        $this->addTextArea('description', Translate::noop('Description'), null, 3)
             ->setHtmlAttribute('class', 'full-width');
-        $this->addTextArea('redirect_uri', '{oidc:client:redirect_uri}', null, 5)
+        $this->addTextArea('redirect_uri', Translate::noop('Redirect URI'), null, 5)
             ->setHtmlAttribute('class', 'full-width')
             ->setRequired(Translate::noop('At least one redirect URI is required.'));
 
-        $this->addCheckbox('is_enabled', '{oidc:client:is_enabled}');
+        $this->addCheckbox('is_enabled', Translate::noop('Activated'));
 
         $this->addCheckbox('is_confidential', '{oidc:client:is_confidential}');
 
-        $this->addSelect('auth_source', '{oidc:client:auth_source}:')
+        $this->addSelect('auth_source', Translate::noop('Authentication source'))
             ->setHtmlAttribute('class', 'full-width')
             ->setItems($this->sspBridge->auth()->source()->getSources(), false)
             ->setPrompt(Translate::noop('-'));
 
         $scopes = $this->getScopes();
 
-        $this->addMultiSelect('scopes', '{oidc:client:scopes}', $scopes, 10)
+        $this->addMultiSelect('scopes', Translate::noop('Scopes'), $scopes, 10)
             ->setHtmlAttribute('class', 'full-width')
             ->setRequired(Translate::noop('At least one scope is required.'));
 
-        $this->addText('owner', '{oidc:client:owner}')
+        $this->addText('owner', Translate::noop('Owner'))
             ->setMaxLength(190);
-        $this->addTextArea('post_logout_redirect_uri', '{oidc:client:post_logout_redirect_uri}', null, 5)
+        $this->addTextArea('post_logout_redirect_uri', Translate::noop('Post-logout Redirect URIs'), null, 5)
             ->setHtmlAttribute('class', 'full-width');
-        $this->addTextArea('allowed_origin', '{oidc:client:allowed_origin}', null, 5)
+        $this->addTextArea('allowed_origin', Translate::noop('Allowed origins for public clients'), null, 5)
             ->setHtmlAttribute('class', 'full-width');
 
-        $this->addText('backchannel_logout_uri', '{oidc:client:backchannel_logout_uri}')
+        $this->addText('backchannel_logout_uri', Translate::noop('Back-Channel Logout URI'))
             ->setHtmlAttribute('class', 'full-width');
 
         $this->addText('entity_identifier', 'Entity Identifier')
diff --git a/src/Services/Container.php b/src/Services/Container.php
index d08a82cb..c1d5bf4b 100644
--- a/src/Services/Container.php
+++ b/src/Services/Container.php
@@ -30,6 +30,7 @@
 use SimpleSAML\Configuration;
 use SimpleSAML\Database;
 use SimpleSAML\Error\Exception;
+use SimpleSAML\Locale\Translate;
 use SimpleSAML\Metadata\MetaDataStorageHandler;
 use SimpleSAML\Module\oidc\Admin\Menu;
 use SimpleSAML\Module\oidc\Bridges\PsrHttpBridge;
@@ -147,7 +148,11 @@ public function __construct()
         $helpers = new Helpers();
         $this->services[Helpers::class] = $helpers;
 
-        $csrfProtection = new CsrfProtection('{oidc:client:csrf_error}', $session);
+        $csrfProtection = new CsrfProtection(
+            Translate::noop('Your session has expired. Please return to the home page and try again.'),
+            $session,
+        );
+
         $formFactory = new FormFactory(
             $moduleConfig,
             $csrfProtection,
diff --git a/templates/clients.twig b/templates/clients.twig
index 2de33798..84cdcb7e 100644
--- a/templates/clients.twig
+++ b/templates/clients.twig
@@ -53,10 +53,10 @@
                     <small>{{ client.description }}</small>
                     <br>
                     <small>
-                        {{ 'Registration:'|trans }} {{ client.registrationType.description }} |
-                        {{ 'Created at:'|trans }} {{ client.createdAt ? client.createdAt|date() : 'n/a' }} |
-                        {{ 'Updated at:'|trans }} {{ client.updatedAt ? client.updatedAt|date() : 'n/a' }} |
-                        {{ 'Expires at:'|trans }} {{ client.expiresAt ? client.expiresAt|date() : 'never' }}
+                        {{ 'Registration'|trans }}: {{ client.registrationType.description }} |
+                        {{ 'Created at'|trans }}: {{ client.createdAt ? client.createdAt|date() : 'n/a' }} |
+                        {{ 'Updated at'|trans }}: {{ client.updatedAt ? client.updatedAt|date() : 'n/a' }} |
+                        {{ 'Expires at'|trans }}: {{ client.expiresAt ? client.expiresAt|date() : 'never'|trans }}
                     </small>
                 </td>
                 <td>
diff --git a/templates/clients/includes/form.twig b/templates/clients/includes/form.twig
index 1eb8fc97..c5049b3d 100644
--- a/templates/clients/includes/form.twig
+++ b/templates/clients/includes/form.twig
@@ -87,7 +87,7 @@
             <span class="pure-form-message red-text">{{ form.scopes.getError }}</span>
         {% endif %}
 
-        <label for="frm-backchannel_logout_uri">{{ 'Back-Channel Logout URI'|trans }}</label>
+        <label for="frm-backchannel_logout_uri">{{ 'Back-channel Logout URI'|trans }}</label>
         {{ form.backchannel_logout_uri.control | raw }}
         <span class="pure-form-message">
             {% trans %}Enter if client supports Back-Channel Logout specification. When logout is initiated at the OpenID Provider, it will send a Logout Token to this URI in order to notify the client about that event. Must be a valid URI. Example: https://example.org/foo?bar=1{% endtrans %}
@@ -96,7 +96,7 @@
             <span class="pure-form-message red-text">{{ form.backchannel_logout_uri.getError }}</span>
         {% endif %}
 
-        <label for="frm-post_logout_redirect_uri">{{ 'Post-Logout Redirect URIs'|trans }}</label>
+        <label for="frm-post_logout_redirect_uri">{{ 'Post-logout Redirect URIs'|trans }}</label>
         {{ form.post_logout_redirect_uri.control | raw }}
         <span class="pure-form-message">
             {% trans %}Allowed redirect URIs to use after client initiated logout. Must be a valid URI, one per line. Example: https://example.org/foo?bar=1{% endtrans %}
diff --git a/templates/clients/show.twig b/templates/clients/show.twig
index 525c8c1c..f9b2d5ff 100644
--- a/templates/clients/show.twig
+++ b/templates/clients/show.twig
@@ -40,10 +40,10 @@
     </div>
 
     <div class="">
-        {{ 'Registration:'|trans }} {{ client.registrationType.description }} |
-        {{ 'Created at:'|trans }} {{ client.createdAt ? client.createdAt|date() : 'n/a' }} |
-        {{ 'Updated at:'|trans }} {{ client.updatedAt ? client.updatedAt|date() : 'n/a' }} |
-        {{ 'Expires at:'|trans }} {{ client.expiresAt ? client.expiresAt|date() : 'never' }}
+        {{ 'Registration'|trans }}: {{ client.registrationType.description }} |
+        {{ 'Created at'|trans }}: {{ client.createdAt ? client.createdAt|date() : 'n/a' }} |
+        {{ 'Updated at'|trans }}: {{ client.updatedAt ? client.updatedAt|date() : 'n/a' }} |
+        {{ 'Expires at'|trans }}: {{ client.expiresAt ? client.expiresAt|date() : 'never'|trans }}
     </div>
 
     <br>
diff --git a/templates/config/migrations.twig b/templates/config/migrations.twig
index 007495b5..127b11bc 100644
--- a/templates/config/migrations.twig
+++ b/templates/config/migrations.twig
@@ -22,9 +22,7 @@
     {% endif %}
 
     <div class="message-box">
-        Before running the migrations, make sure that the database user has proper privileges to change the scheme
-        (for example, <kbd>alter, create, drop, index</kbd>). After running the migrations, it is a good practice to remove
-        those privileges.
+        {{ 'Before running the migrations, make sure that the database user has proper privileges to change the scheme (for example, <kbd>alter, create, drop, index</kbd>). After running the migrations, it is a good practice to remove those privileges.'|trans }}
     </div>
 
 {% endblock oidcContent -%}
diff --git a/templates/includes/menu.twig b/templates/includes/menu.twig
index 014fd0a0..a1d1b25c 100644
--- a/templates/includes/menu.twig
+++ b/templates/includes/menu.twig
@@ -5,7 +5,7 @@
             <li>
                 <a href="{{ item.hrefPath }}"
                    class="{{ item.hrefPath == oidcMenu.activeHrefPath ? 'active' : '' }}"
-                > {{ item.label }} </a>
+                > {{ item.label|trans }} </a>
             </li>
             {% endfor %}
         </ul>
diff --git a/templates/logout.twig b/templates/logout.twig
index db712fb4..6e13ef29 100644
--- a/templates/logout.twig
+++ b/templates/logout.twig
@@ -5,22 +5,22 @@
 {% block oidcContent %}
     <h2>
         {% if wasLogoutActionCalled %}
-            {{ '{oidc:logout:page_title_success}'|trans }}
+            {{ 'Logout Successful'|trans }}
         {% else %}
-            {{ '{oidc:logout:page_title_fail}'|trans }}
+            {{ 'Logout Failed'|trans }}
         {% endif %}
     </h2>
 
 
     <div>
         <h3>
-            {{ '{oidc:logout:info_title}'|trans }}
+            {{ 'Info'|trans }}
         </h3>
         <p>
             {% if wasLogoutActionCalled %}
-                {{ '{oidc:logout:info_message_success}'|trans }}
+                {{ 'You can now close this window or navigate to another page.'|trans }}
             {% else %}
-                {{ '{oidc:logout:info_message_fail}'|trans }}
+                {{ 'Requested session was not found or it is expired.'|trans }}
             {% endif %}
         </p>
     </div>
diff --git a/templates/tests/trust-chain-resolution.twig b/templates/tests/trust-chain-resolution.twig
index 972aa720..fde0f21d 100644
--- a/templates/tests/trust-chain-resolution.twig
+++ b/templates/tests/trust-chain-resolution.twig
@@ -54,13 +54,13 @@
         <h4>{{ 'Resolved chains'|trans }}</h4>
         {% if trustChainBag|default %}
             <p>
-                {{ 'Total chains:'|trans }} {{ trustChainBag.getCount }}
+                {{ 'Total chains'|trans }}: {{ trustChainBag.getCount }}
             </p>
             {% for index, trustChain in trustChainBag.getAll %}
                 <p>
-                {{ loop.index }}. {{ 'Trust Anchor ID:'|trans }} {{ trustChain.getResolvedTrustAnchor.getIssuer }}
+                {{ loop.index }}. {{ 'Trust Anchor ID'|trans }}: {{ trustChain.getResolvedTrustAnchor.getIssuer }}
                 <br><br>
-                {{ 'Path:'|trans }}
+                {{ 'Path'|trans }}:
                 <br>
                 {% for entity in trustChain.getEntities %}
                     {% if loop.index > 1 %}
@@ -69,7 +69,7 @@
                 {% endfor %}
 
                 <br>
-                {{ 'Resolved metadata:' }}<br>
+                {{ 'Resolved metadata' }}:<br>
                 {% if resolvedMetadata[index]|default is not empty %}
                     <code class="code-box code-box-content">
                         {{- resolvedMetadata[index]|json_encode(constant('JSON_PRETTY_PRINT') b-or constant('JSON_UNESCAPED_SLASHES')) -}}
diff --git a/tests/unit/src/Factories/FormFactoryTest.php b/tests/unit/src/Factories/FormFactoryTest.php
new file mode 100644
index 00000000..dbeb5623
--- /dev/null
+++ b/tests/unit/src/Factories/FormFactoryTest.php
@@ -0,0 +1,66 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\Module\oidc\unit\Factories;
+
+use PHPUnit\Framework\Attributes\CoversClass;
+use PHPUnit\Framework\Attributes\UsesClass;
+use PHPUnit\Framework\MockObject\MockObject;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Module\oidc\Bridges\SspBridge;
+use SimpleSAML\Module\oidc\Factories\FormFactory;
+use SimpleSAML\Module\oidc\Forms\ClientForm;
+use SimpleSAML\Module\oidc\Forms\Controls\CsrfProtection;
+use SimpleSAML\Module\oidc\Helpers;
+use SimpleSAML\Module\oidc\ModuleConfig;
+
+#[CoversClass(FormFactory::class)]
+#[UsesClass(ClientForm::class)]
+class FormFactoryTest extends TestCase
+{
+    protected MockObject $moduleConfigMock;
+    protected MockObject $csrfProtectionMock;
+    protected MockObject $sspBridgeMock;
+    protected MockObject $helpersMock;
+
+    protected function setUp(): void
+    {
+        $this->moduleConfigMock = $this->createMock(ModuleConfig::class);
+        $this->csrfProtectionMock = $this->createMock(CsrfProtection::class);
+        $this->sspBridgeMock = $this->createMock(SspBridge::class);
+        $this->helpersMock = $this->createMock(Helpers::class);
+    }
+
+    protected function sut(
+        ?ModuleConfig $moduleConfig = null,
+        ?CsrfProtection $csrfProtection = null,
+        ?SspBridge $sspBridge = null,
+        ?Helpers $helpers = null,
+    ): FormFactory {
+        $moduleConfig ??= $this->moduleConfigMock;
+        $csrfProtection ??= $this->csrfProtectionMock;
+        $sspBridge ??= $this->sspBridgeMock;
+        $helpers ??= $this->helpersMock;
+
+        return new FormFactory(
+            $moduleConfig,
+            $csrfProtection,
+            $sspBridge,
+            $helpers,
+        );
+    }
+
+    public function testCanConstruct(): void
+    {
+        $this->assertInstanceOf(FormFactory::class, $this->sut());
+    }
+
+    public function testCanBuildClientForm(): void
+    {
+        $this->assertInstanceOf(
+            ClientForm::class,
+            $this->sut()->build(ClientForm::class),
+        );
+    }
+}