diff --git a/CONTRIBUTING.rst b/CONTRIBUTING.rst
index 668bcd06..ac77b84b 100644
--- a/CONTRIBUTING.rst
+++ b/CONTRIBUTING.rst
@@ -157,11 +157,6 @@ The dynamical parts of the interface use `htmx `_.
not depend on jQuery at all.
See the `related issue `_.
-Translations
-------------
-
-.. include:: ../../canaille/translations/README.rst
-
Documentation
-------------
@@ -179,6 +174,17 @@ You can also run sphinx by hand, that should be faster since it avoids the tox e
The generated documentation is located at ``build/sphinx/html``.
+Code translation
+----------------
+
+.. include:: ../../canaille/translations/README.rst
+
+
+Documentation translation
+-------------------------
+
+.. include:: ../locales/readme.rst
+
Publish a new release
---------------------
diff --git a/doc/conf.py b/doc/conf.py
index 6bc50b49..56eccd50 100644
--- a/doc/conf.py
+++ b/doc/conf.py
@@ -163,3 +163,8 @@ autodoc_pydantic_settings_show_field_summary = False
autodoc_pydantic_settings_signature_prefix = ""
autodoc_pydantic_field_signature_prefix = ""
autodoc_pydantic_field_list_validators = False
+
+# -- Translation options ------------------------------------------------------
+# Advised by https://docs.readthedocs.io/en/latest/guides/manage-translations-sphinx.html#create-translatable-files
+gettext_uuid = True
+gettext_compact = False
diff --git a/doc/features.rst b/doc/features.rst
index 884e02d7..42120f2c 100644
--- a/doc/features.rst
+++ b/doc/features.rst
@@ -184,7 +184,7 @@ Internationalization
:align: right
:width: 600px
-Canaile will display in your :attr:`preferred language ` if available, or your browser language if available (and if it is not you can :ref:`help us with the translation `).
+Canaile will display in your :attr:`preferred language ` if available, or your browser language if available (and if it is not you can :ref:`help us with the translation `).
If you prefer, you can also :attr:`force a language ` for every users.
.. _feature_ui:
diff --git a/doc/gettext/.gitignore b/doc/gettext/.gitignore
new file mode 100644
index 00000000..45b334b8
--- /dev/null
+++ b/doc/gettext/.gitignore
@@ -0,0 +1,3 @@
+*
+!.gitignore
+!.pot
diff --git a/doc/gettext/development/changelog.pot b/doc/gettext/development/changelog.pot
new file mode 100644
index 00000000..906673e4
--- /dev/null
+++ b/doc/gettext/development/changelog.pot
@@ -0,0 +1,1712 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) 2024, Yaal Coop
+# This file is distributed under the same license as the canaille package.
+# FIRST AUTHOR , YEAR.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: canaille 0.0.56\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2024-11-22 16:20+0100\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME \n"
+"Language-Team: LANGUAGE \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: ../development/changelog.rst:2
+#: cee2d74ca8664599915e60ddd280d3a1
+msgid "Release notes"
+msgstr ""
+
+#: ../development/changelog.rst:4
+#: 9f61eac5446e43c086346be946d55874
+msgid "All notable changes to this project will be documented in there."
+msgstr ""
+
+#: ../development/changelog.rst:6
+#: fc16b680bffd404ba87f713b1872f7d7
+msgid "The format is based on `Keep a Changelog `_, and this project adheres to `Semantic Versioning `_."
+msgstr ""
+
+#: ../../CHANGES.rst:2
+#: 176caee18a1649b58f7f78780e367f55
+msgid "[0.0.57] - Unreleased"
+msgstr ""
+
+#: ../../CHANGES.rst:5
+#: ../../CHANGES.rst:20
+#: ../../CHANGES.rst:48
+#: ../../CHANGES.rst:67
+#: ../../CHANGES.rst:74
+#: ../../CHANGES.rst:93
+#: ../../CHANGES.rst:151
+#: ../../CHANGES.rst:177
+#: ../../CHANGES.rst:192
+#: ../../CHANGES.rst:241
+#: ../../CHANGES.rst:267
+#: ../../CHANGES.rst:286
+#: ../../CHANGES.rst:294
+#: ../../CHANGES.rst:303
+#: ../../CHANGES.rst:327
+#: ../../CHANGES.rst:360
+#: ../../CHANGES.rst:386
+#: ../../CHANGES.rst:433
+#: ../../CHANGES.rst:461
+#: ../../CHANGES.rst:491
+#: ../../CHANGES.rst:547
+#: ../../CHANGES.rst:580
+#: ../../CHANGES.rst:601
+#: ../../CHANGES.rst:611
+#: ../../CHANGES.rst:634
+#: ../../CHANGES.rst:701
+#: ../../CHANGES.rst:739
+#: ../../CHANGES.rst:756
+#: ../../CHANGES.rst:792
+#: 4c25fff981724a85a7e32a726386f4b6
+#: 750629c62e4044538acf33d77d334edd
+#: c9231a93d74b407eac3965cdeaceb6e5
+#: 73409ee3658b4695a0f4c9173079e294
+#: 7e3b6d660f23487dbc3705b845d1909e
+#: 212eeb8eb18e407087a15d8a49fc4676
+#: 8d0f993945da42398fc1814e59dc6aac
+#: 83216da7c765416aaabc94d33b383825
+#: fd843d87ba63404a86ee089c82c2bc72
+#: b91280ce221b4489b8647fee434ca467
+#: f1299bdd6d094f40946b22afdc148141
+#: 659ee00d0fae4dde90f067bb24393b77
+#: 03d02379aebf4dd1b051d6e2833c5042
+#: ca581a37be43466fb99262481fd0150e
+#: 5a3f2e290d2f4d069f5545fba8dbf4ca
+#: fe3ed04c591b4d848d8d5798f3f6e5cb
+#: 40cdcf26cedb42d2bbafe6b4f99ffdfb
+#: 1b4f0a77d075474682a8eba4d3ed73c6
+#: 46cebcf957bb44b2896e2c0eab3df957
+#: 17a12737fbb2472db3676476ed9a5ae4
+#: 1c1901efbdd54a83b5071316076f221c
+#: 5e6e17e6f9cf491787a3b80ca2270305
+#: ba81b7b42a8b4f13a73572776cdb3225
+#: 581cc9d3d0e54b22aec75b75fae07933
+#: 6cf0b9cb098e4e55be4037c0d650dfef
+#: d6d408475e7f4ab3b896cd847632077c
+#: 42b2c8dc18b044598ef2c49db8b33424
+#: af4301e13bd34845b697f5947d95a050
+#: e25b4340ff4c4feab62077c20fc13c52
+msgid "Added"
+msgstr ""
+
+#: ../../CHANGES.rst:6
+#: 04a58cf7e7834c2481a71edcaf3b5329
+msgid "Password compromission check :issue:`179`"
+msgstr ""
+
+#: ../../CHANGES.rst:7
+#: c975d3b0332f49b6b6ebebd4a25fe8de
+msgid ":attr:`~canaille.core.configuration.CoreSettings.ADMIN_EMAIL` and :attr:`~canaille.core.configuration.CoreSettings.ENABLE_PASSWORD_COMPROMISSION_CHECK` and :attr:`~canaille.core.configuration.CoreSettings.API_URL_HIBP` :issue:`179`"
+msgstr ""
+
+#: ../../CHANGES.rst:13
+#: 51c0be75aeb44c16aede6138e5ea5278
+msgid "[0.0.56] - 2024-11-07"
+msgstr ""
+
+#: ../../CHANGES.rst:16
+#: ../../CHANGES.rst:58
+#: ../../CHANGES.rst:97
+#: ../../CHANGES.rst:105
+#: ../../CHANGES.rst:113
+#: ../../CHANGES.rst:120
+#: ../../CHANGES.rst:127
+#: ../../CHANGES.rst:141
+#: ../../CHANGES.rst:169
+#: ../../CHANGES.rst:182
+#: ../../CHANGES.rst:200
+#: ../../CHANGES.rst:219
+#: ../../CHANGES.rst:227
+#: ../../CHANGES.rst:253
+#: ../../CHANGES.rst:261
+#: ../../CHANGES.rst:281
+#: ../../CHANGES.rst:311
+#: ../../CHANGES.rst:341
+#: ../../CHANGES.rst:349
+#: ../../CHANGES.rst:373
+#: ../../CHANGES.rst:393
+#: ../../CHANGES.rst:415
+#: ../../CHANGES.rst:425
+#: ../../CHANGES.rst:446
+#: ../../CHANGES.rst:454
+#: ../../CHANGES.rst:477
+#: ../../CHANGES.rst:500
+#: ../../CHANGES.rst:512
+#: ../../CHANGES.rst:521
+#: ../../CHANGES.rst:530
+#: ../../CHANGES.rst:539
+#: ../../CHANGES.rst:559
+#: ../../CHANGES.rst:566
+#: ../../CHANGES.rst:616
+#: ../../CHANGES.rst:624
+#: ../../CHANGES.rst:649
+#: ../../CHANGES.rst:657
+#: ../../CHANGES.rst:665
+#: ../../CHANGES.rst:678
+#: ../../CHANGES.rst:692
+#: ../../CHANGES.rst:724
+#: ../../CHANGES.rst:747
+#: ../../CHANGES.rst:778
+#: 42738488d0cf4f66a77e005a55e290e8
+#: b98fb6a8cacf415ca3c53c7ddc4e22e9
+#: 11394506a65245eb97de436c93823315
+#: ee6a0099b2904cfda658ff66ca10e4f3
+#: 1639c0698abc45459c1cfb17c37b0514
+#: e8843468135d4c548d4b79c3759af294
+#: a23b09b89a12445ebffef8538aab76d3
+#: ffd91459cc9c4de897baf2756c187e45
+#: 1ca5e47e97f645beb4bba6567010345c
+#: aefb210d9c6f41ea854143c1cb9bbc9a
+#: 312d03c8b38a48b78dd1a415eeffabbf
+#: 5dfc75e88c184131b09bf8568175e3db
+#: ac580f4561174a13bd23aed4b74d2491
+#: 9221c65cb0cc4e389cc9aa8ec32ccdbe
+#: 5b37d7b0b8334ddb98029ddd2bc14051
+#: bec6e1a3b5d14ae8b81603e179242d4d
+#: 879816a68817405b816e7f0f1c8129b5
+#: a88d99f7ac2640d3bd85449fcb0d0365
+#: 52f77ff506d14db887cf146ba9a5f0fe
+#: 9cf9c3eb08b24833a4af419f21e9cac4
+#: c680781f6a504047a9812ca83bfbe448
+#: 015dc130ebe4415f925c3e5cef4e6f1a
+#: 361d92de2b444933989df8b096385138
+#: 5d8e85bfe38746259487a7ba76550510
+#: e1a9daee27e84471844d288df2446f0d
+#: 3d5f2ec255df4289955102489c73cd41
+#: a06dc1405adb4035ace012fe8c083cac
+#: 79e504d7c9cd41ffa2dca1fade130fd1
+#: f7bb9867e46848fa83edf25a2b97d294
+#: 960fa0f802aa49dd861e683a7d531356
+#: 515e67e14bce4621a1cd7a57363b951e
+#: 2a3b48836b164e11801bed7f1a89da8a
+#: 8c7249cc4a60479ab49ae1bac2ac3bc0
+#: 2ec760c8683a4f8eb3e3127dc355e753
+#: 3e0c977c3e794ac8b3ed9fc517248885
+#: ad188fa7b22d46a69ba5da4f563e2d3c
+#: e7252cb4bb4a4d99a231ac6d834a5b42
+#: dd4eb2fd4ffe4069aa4badd648d2cb2b
+#: d3e5d400c9ac45d987f243139c369eac
+#: 8d2427f6b4594c5294f673864dd1fbea
+#: 73c3b57276a246179cf93c7e7d211ada
+#: dbcd039df2c84c4f976ef11e9c158290
+#: 424c3e3794c6400fb5c4b9af550532ad
+msgid "Fixed"
+msgstr ""
+
+#: ../../CHANGES.rst:17
+#: f9e9801f2c7b4bc09a3c14abc1314428
+msgid "With LDAP backend, updating another user groups could result in a permission lost for the editor. :issue:`202`"
+msgstr ""
+
+#: ../../CHANGES.rst:21
+#: 60e50e5541d045969fedda4d3329f4fc
+msgid ":attr:`~canaille.core.configuration.CoreSettings.MAX_PASSWORD_LENGHT` and :attr:`~canaille.core.configuration.CoreSettings.MIN_PASSWORD_LENGHT` configuration options :issue:`174`"
+msgstr ""
+
+#: ../../CHANGES.rst:23
+#: 39d0ccccd7904439b96d09fc13aaeac8
+msgid "Password strength visual indicator :issue:`174`"
+msgstr ""
+
+#: ../../CHANGES.rst:24
+#: 2239db87571047189bfe06a8b7079f1f
+msgid "Security events logs :issue:`177`"
+msgstr ""
+
+#: ../../CHANGES.rst:25
+#: 26fd943ceadf4ae8aa8f44c05a11fb1c
+msgid "Support for Python 3.13 :pr:`186`"
+msgstr ""
+
+#: ../../CHANGES.rst:28
+#: ../../CHANGES.rst:41
+#: ../../CHANGES.rst:53
+#: ../../CHANGES.rst:78
+#: ../../CHANGES.rst:86
+#: ../../CHANGES.rst:134
+#: ../../CHANGES.rst:158
+#: ../../CHANGES.rst:210
+#: ../../CHANGES.rst:247
+#: ../../CHANGES.rst:316
+#: ../../CHANGES.rst:332
+#: ../../CHANGES.rst:368
+#: ../../CHANGES.rst:405
+#: ../../CHANGES.rst:440
+#: ../../CHANGES.rst:483
+#: ../../CHANGES.rst:587
+#: ../../CHANGES.rst:641
+#: ../../CHANGES.rst:673
+#: ../../CHANGES.rst:687
+#: 293d64938a87465893ec3ad67a871af6
+#: 203bb49fb100486cb6299e880c588a8a
+#: 6ac31bd58d3049a1b0dae9b383b006e2
+#: 4d64a7797e2647bf8fe305b53436f22d
+#: ab636c0449144e8babb00b421b86dd03
+#: 3215a53d28a043c58a40ddf79f9a4b89
+#: 0cef5559da744d89b0194a2e974f042d
+#: defad26fb8394b8daeb45f1814b3f6fb
+#: 1a662595a4f34eaa8035ca70517d7043
+#: 62ffcbd328624249b11c7b1dc024ce3e
+#: ce0dc070b8b148b2914c149c2f27353f
+#: 58cfff3b2e0346a794a2b0f690e63a74
+#: a47093f14bae462a8c49b347168ab715
+#: d3151b392aca4a24aa454404e9d2e1e8
+#: ab28665de6cc4e31b26d5a5fbd635fbd
+#: 92095c34f5ea49d3bf16bdfe2eae3346
+#: 445d7f52f3bb4c33a9ef38e966ecec6d
+#: ec24d18d38614325a599040215dbd79b
+#: 79ce14e63e194ee0b2f03e4a80ef6f3a
+msgid "Changed"
+msgstr ""
+
+#: ../../CHANGES.rst:29
+#: eff0de924f894a60942f4d7c677b991d
+msgid "Update to HTMX 2.0.3 :pr:`184`"
+msgstr ""
+
+#: ../../CHANGES.rst:30
+#: d2eeb1968c15463bb81ce2e800d3bdcf
+msgid "Migrate from poetry to uv :pr:`187`"
+msgstr ""
+
+#: ../../CHANGES.rst:31
+#: 90ff671ba1fe480b9dc2e2e48f79f330
+msgid "The ``sql`` package extra is now split between ``sqlite``, ``postgresql`` and ``mysql``."
+msgstr ""
+
+#: ../../CHANGES.rst:34
+#: ../../CHANGES.rst:378
+#: ../../CHANGES.rst:784
+#: 5c55c689df4e4773ae65886d3b3b899b
+#: bc2d074a59a146f4bfaafdba8554dc7e
+#: 6a052788dc6940d7aaf1548ebea6fe72
+msgid "Removed"
+msgstr ""
+
+#: ../../CHANGES.rst:35
+#: 0fd4f6e2e83d4afa878a11a279e1d307
+msgid "End support for python 3.9. :pr:`179`"
+msgstr ""
+
+#: ../../CHANGES.rst:38
+#: db996d00b2704efc9e9f346d593c4ae7
+msgid "[0.0.55] - 2024-08-30"
+msgstr ""
+
+#: ../../CHANGES.rst:42
+#: 830d274ba5c84c0f88801a277ab0931d
+msgid "Use poetry-core build backend. :pr:`178`"
+msgstr ""
+
+#: ../../CHANGES.rst:45
+#: fbc43e0a98b94a009841053e6dbfac86
+msgid "[0.0.54] - 2024-07-25"
+msgstr ""
+
+#: ../../CHANGES.rst:49
+#: fe9b748d30204293ab190fa40bc4991e
+msgid "Group member removal can be achieved from the group edition page :issue:`192`"
+msgstr ""
+
+#: ../../CHANGES.rst:50
+#: b10b2b51af1a4fd9b141096755ef707e
+msgid "Model management commands :issue:`117` :issue:`54`"
+msgstr ""
+
+#: ../../CHANGES.rst:54
+#: 58102a281bb64238bee8dc4d65ffc58d
+msgid "Model `identifier_attributes` are fixed."
+msgstr ""
+
+#: ../../CHANGES.rst:55
+#: 6bebedf8624b4d39a0b87e495697c16a
+msgid "Bump to htmx 1.9.12 :pr:`172`"
+msgstr ""
+
+#: ../../CHANGES.rst:60
+#: 1565775ca2364457a0c1b0d3316d99a0
+msgid "Dark theme colors for better readability"
+msgstr ""
+
+#: ../../CHANGES.rst:61
+#: 8133e538453f4bc68497fb402c3e262b
+msgid "Crash for passwordless users at login when no SMTP server was configured."
+msgstr ""
+
+#: ../../CHANGES.rst:64
+#: 7e4da3e8640247f799cad54f03a8bd86
+msgid "[0.0.53] - 2024-04-22"
+msgstr ""
+
+#: ../../CHANGES.rst:68
+#: 07f0ada2380e4aab9f58e9fd69ae9f45
+msgid "`env_prefix` create_app variable can select the environment var prefix."
+msgstr ""
+
+#: ../../CHANGES.rst:71
+#: f0cdd7e4fd4446cc8b5ae04d8d40d4e3
+msgid "[0.0.52] - 2024-04-22"
+msgstr ""
+
+#: ../../CHANGES.rst:75
+#: d44dc6539edd4469ace50d952b38fde6
+msgid "`env_file` create_app variable can customize/disable the .env file"
+msgstr ""
+
+#: ../../CHANGES.rst:79
+#: 597da17368934d44b19bc56af588d612
+msgid "Locked users cannot be impersonated anymore."
+msgstr ""
+
+#: ../../CHANGES.rst:80
+#: 6933111b07624644bb9554186b9a9f6b
+msgid "Minimum python requirement is 3.9."
+msgstr ""
+
+#: ../../CHANGES.rst:83
+#: bed0a654b0da4d23a54beb3b57a320bc
+msgid "[0.0.51] - 2024-04-09"
+msgstr ""
+
+#: ../../CHANGES.rst:87
+#: aa16f0469d0f4509a054018dec17ec13
+msgid "Display the menu bar on error pages."
+msgstr ""
+
+#: ../../CHANGES.rst:90
+#: e276a890988547d89123f63d2c5d9fa7
+msgid "[0.0.50] - 2024-04-09"
+msgstr ""
+
+#: ../../CHANGES.rst:94
+#: 6806fb1403984e8ea220310b79c83023
+msgid "Sign in/out events are logged in :issue:`177`"
+msgstr ""
+
+#: ../../CHANGES.rst:98
+#: 8a88d1b3a4214a94b1c5d7b85749ac53
+msgid "HTMX and JAVASCRIPT configuration settings."
+msgstr ""
+
+#: ../../CHANGES.rst:99
+#: 87d7c745b0fe4b09b0c95ade6ab3bd88
+msgid "Compatibility with old sessions IDs."
+msgstr ""
+
+#: ../../CHANGES.rst:102
+#: 8291ad8603504d89bf3615e3ec1258df
+msgid "[0.0.49] - 2024-04-08"
+msgstr ""
+
+#: ../../CHANGES.rst:106
+#: cac88357700a4f86a6ee604a9d4d92be
+msgid "LDAP user group removal."
+msgstr ""
+
+#: ../../CHANGES.rst:107
+#: 62fc42174a3042e7bde72c8b6771292b
+msgid "Display an error message when trying to remove the last user from a group."
+msgstr ""
+
+#: ../../CHANGES.rst:110
+#: 48275075792a404ab792306e4427c94c
+msgid "[0.0.48] - 2024-04-08"
+msgstr ""
+
+#: ../../CHANGES.rst:114
+#: 283bc25944e94d7d8c0c62f0de5d8ab3
+msgid "LDAP objectClass guessing exception."
+msgstr ""
+
+#: ../../CHANGES.rst:117
+#: 0f0a72a7e1e249ff8bb95709bb102119
+msgid "[0.0.47] - 2024-04-08"
+msgstr ""
+
+#: ../../CHANGES.rst:121
+#: f2f86bb8b91b46a3ad35baacd3877164
+msgid "Lazy permission loading exception."
+msgstr ""
+
+#: ../../CHANGES.rst:124
+#: 4dfbf13cd2084fcea2c843c0e4b390f4
+msgid "[0.0.46] - 2024-04-08"
+msgstr ""
+
+#: ../../CHANGES.rst:128
+#: 0c761c1280744e35bd8fde5bd0d54100
+msgid "Saving an object with the LDAP backend keeps the objectClass un-managed by Canaille. :pr:`171`"
+msgstr ""
+
+#: ../../CHANGES.rst:131
+#: e4a82b1365294aeaa39cd175f28a8ff6
+msgid "[0.0.45] - 2024-04-04"
+msgstr ""
+
+#: ../../CHANGES.rst:135
+#: b86b1daec3f044bca22238704340a4f1
+msgid "Internal indexation mechanism of :class:`~canaille.backends.memory.model.MemoryModel`"
+msgstr ""
+
+#: ../../CHANGES.rst:138
+#: ec1d0b19eac54d588e4429bc318cf690
+msgid "[0.0.44] - 2024-03-29"
+msgstr ""
+
+#: ../../CHANGES.rst:142
+#: ed17aa45b3954a43ba5baa6f37b95061
+msgid "Fix the default LDAP USER_FILTER value"
+msgstr ""
+
+#: ../../CHANGES.rst:143
+#: 322b1d5d705d4662ac3e781469785038
+msgid "Fix the OIDC feature detection"
+msgstr ""
+
+#: ../../CHANGES.rst:146
+#: 5eeb5d32f4674d6fbd5ec1d8003a160d
+msgid "[0.0.43] - 2024-03-29"
+msgstr ""
+
+#: ../../CHANGES.rst:148
+#: 71c80e5e86924435b6926d820ab27a98
+msgid "🚨Configuration files must be updated.🚨"
+msgstr ""
+
+#: ../../CHANGES.rst:153
+#: f835cb7058fc48da8651e3ec1decd644
+msgid "Add `created` and `last_modified` datetime for all models"
+msgstr ""
+
+#: ../../CHANGES.rst:154
+#: 3684841a407543f5910cd9e62ac628e5
+msgid "Sitemap to the documentation :pr:`169`"
+msgstr ""
+
+#: ../../CHANGES.rst:155
+#: f91d1039d2184260ae741c1786f7e91e
+msgid "Configuration management with pydantic-settings :issue:`138` :pr:`170`"
+msgstr ""
+
+#: ../../CHANGES.rst:160
+#: 6fd58b27e3bd4441bd641c7b8ed35819
+msgid "Use default python logging configuration format. :issue:`188` :pr:`165`"
+msgstr ""
+
+#: ../../CHANGES.rst:161
+#: ba09a3914d6d4f1d80ff26cbbbabd038
+msgid "Bump to htmx 1.99.11 :pr:`166`"
+msgstr ""
+
+#: ../../CHANGES.rst:162
+#: 1f2266f5a92d49f6ac39679a50950332
+msgid "Use the standard tomllib python module instead of `toml` starting from python 3.11 :pr:`167`"
+msgstr ""
+
+#: ../../CHANGES.rst:163
+#: 36180e325ed54fc1bd9a4ee6359e333d
+msgid "Use shibuya as the documentation theme :pr:`168`"
+msgstr ""
+
+#: ../../CHANGES.rst:166
+#: bb7dd713ed9b4420a3897db6e75ff2ef
+msgid "[0.0.42] - 2023-12-29"
+msgstr ""
+
+#: ../../CHANGES.rst:171
+#: 868c4ec0eac4435f8102e36c9bba1dff
+msgid "Avoid to fail on imports if ``cryptography`` is missing."
+msgstr ""
+
+#: ../../CHANGES.rst:174
+#: f0a9863bc23b49a8ae7263f4c8a14477
+msgid "[0.0.41] - 2023-12-25"
+msgstr ""
+
+#: ../../CHANGES.rst:179
+#: a149ffc2dfad4ec6a64c2db96260cb07
+msgid "OIDC `prompt=create` support. :issue:`185` :pr:`164`"
+msgstr ""
+
+#: ../../CHANGES.rst:184
+#: c902e37b42074304933765961c68a3ae
+msgid "Correctly set up Client audience during OIDC dynamic registration."
+msgstr ""
+
+#: ../../CHANGES.rst:185
+#: 9cb9375cc36f4f4fae9476912d4800ac
+msgid "``post_logout_redirect_uris`` was ignored during OIDC dynamic registration."
+msgstr ""
+
+#: ../../CHANGES.rst:186
+#: 5405895c215848af91ce0dd48777c01a
+msgid "Group field error prevented the registration form validation."
+msgstr ""
+
+#: ../../CHANGES.rst:189
+#: ac33874c2c8d439f96aa2a7933ea085f
+msgid "[0.0.40] - 2023-12-22"
+msgstr ""
+
+#: ../../CHANGES.rst:194
+#: 05e47bb7a2534a24bf378f3d4f00a9e4
+msgid "``THEME`` can be a relative path"
+msgstr ""
+
+#: ../../CHANGES.rst:197
+#: d1d35df6b2694dee92f698ea559e44a2
+msgid "[0.0.39] - 2023-12-15"
+msgstr ""
+
+#: ../../CHANGES.rst:202
+#: f76dc01f7b534f9b89c98d6f7948d429
+msgid "Crash when no ACL were defined"
+msgstr ""
+
+#: ../../CHANGES.rst:203
+#: af96e8429cd0402cb5ef9fb5e5b8d064
+msgid "OIDC Userinfo endpoint is also available in POST"
+msgstr ""
+
+#: ../../CHANGES.rst:204
+#: 593f8977a7d24bbfad5e209eca80945f
+msgid "Fix redirection after password reset :issue:`159`"
+msgstr ""
+
+#: ../../CHANGES.rst:207
+#: c86917c9a8f94bab857d2c9b8bd929b8
+msgid "[0.0.38] - 2023-12-15"
+msgstr ""
+
+#: ../../CHANGES.rst:212
+#: 1d56690072294eee992bfbf2e50c9e68
+msgid "Convert all the png in webp. :pr:`162`"
+msgstr ""
+
+#: ../../CHANGES.rst:213
+#: 1e7c48fa76b64ed39e2eeccff373fb46
+msgid "Update to flask 3 :issue:`161` :pr:`163`"
+msgstr ""
+
+#: ../../CHANGES.rst:216
+#: b79e56a4475b48939678ff054e36847c
+msgid "[0.0.37] - 2023-12-01"
+msgstr ""
+
+#: ../../CHANGES.rst:221
+#: 6b1bfb29474c4e32b2b46544b456f58e
+msgid "Handle 4xx and 5xx error codes with htmx. :issue:`171` :pr:`161`"
+msgstr ""
+
+#: ../../CHANGES.rst:224
+#: 891096d144e149c38fbcdcb26e77c4df
+msgid "[0.0.36] - 2023-12-01"
+msgstr ""
+
+#: ../../CHANGES.rst:229
+#: 5ceae559b10143038f09be3106465b64
+msgid "Avoid crashing when LDAP groups references unexisting users."
+msgstr ""
+
+#: ../../CHANGES.rst:230
+#: 14db477de18e443fa3c50495b2b4184f
+msgid "Password reset and initialization mails were only sent to the preferred user email address."
+msgstr ""
+
+#: ../../CHANGES.rst:232
+#: 898acaa2046c4cb298078be47c6554ed
+msgid "Password reset and initialization mails were not sent at all the user addresses if one email address could not be reached."
+msgstr ""
+
+#: ../../CHANGES.rst:234
+#: bf40c98f87a04c9cbf91405c836bdfc2
+msgid "Password comparison was too permissive on login."
+msgstr ""
+
+#: ../../CHANGES.rst:235
+#: 9e6bf386e00b490990f961285fe9825f
+msgid "Encrypt passwords in the SQL backend."
+msgstr ""
+
+#: ../../CHANGES.rst:238
+#: 4dbc596e05b5419aa79409d14180980e
+msgid "[0.0.35] - 2023-11-25"
+msgstr ""
+
+#: ../../CHANGES.rst:243
+#: 6a0006d7840c4157928cd585c8afb4e5
+msgid "Refresh token grant supports other client authentication methods. :pr:`157`"
+msgstr ""
+
+#: ../../CHANGES.rst:244
+#: 831d61d9484149408de2434693bcb0b9
+msgid "Implement a SQLAlchemy backend. :issue:`30` :pr:`158`"
+msgstr ""
+
+#: ../../CHANGES.rst:249
+#: 2729a67bff05435d8c91a4a0abde4116
+msgid "Model attributes cardinality is closer to SCIM model. :pr:`155`"
+msgstr ""
+
+#: ../../CHANGES.rst:250
+#: 0d3123b92e3d47418e07a25a2a8216c7
+msgid "Bump to htmx 1.9.9 :pr:`159`"
+msgstr ""
+
+#: ../../CHANGES.rst:255
+#: dc8607bee43e45cbb573c9bd6341b848
+msgid "Disable HTMX boosting during the OIDC dance. :pr:`160`"
+msgstr ""
+
+#: ../../CHANGES.rst:258
+#: 5106051f0a564dda88568fd53eaf7f5b
+msgid "[0.0.34] - 2023-10-02"
+msgstr ""
+
+#: ../../CHANGES.rst:263
+#: b4728ea61f644f369848b72ad597e9d6
+msgid "Canaille installations without account lockabilty could not delete users. :pr:`153`"
+msgstr ""
+
+#: ../../CHANGES.rst:269
+#: 87f7e185f75549dcbe1080a5011e4aa5
+msgid "If users register or authenticate during a OAuth Authorization phase, they get redirected back to that page afterwards. :issue:`168` :pr:`151`"
+msgstr ""
+
+#: ../../CHANGES.rst:272
+#: 41a0ba3028784b3fbbce3ab146b9b3b9
+msgid "flask-babel and pytz are now part of the `front` extras"
+msgstr ""
+
+#: ../../CHANGES.rst:273
+#: 5664df37b34745abaa60e8e5d14bc363
+msgid "Bump to fomantic-ui 2.9.3 :pr:`152`"
+msgstr ""
+
+#: ../../CHANGES.rst:274
+#: 33ee4360641b45ee9c22d6fe1471a4f6
+msgid "Bump to htmx 1.9.6 :pr:`154`"
+msgstr ""
+
+#: ../../CHANGES.rst:275
+#: 90c5d5daa1084ea7a136b4dceb3e132d
+msgid "Add support for python 3.12 :pr:`155`"
+msgstr ""
+
+#: ../../CHANGES.rst:278
+#: 49553f6bf0f74896b15c3ccded528cfe
+msgid "[0.0.33] - 2023-08-26"
+msgstr ""
+
+#: ../../CHANGES.rst:283
+#: 4254d8c7fc00407baa12f44e43ff40f8
+msgid "OIDC jwks endpoint do not return empty kid claim"
+msgstr ""
+
+#: ../../CHANGES.rst:288
+#: d0309f2d1692411eaa9b7f7babd48d19
+msgid "Documentation details on the canaille models."
+msgstr ""
+
+#: ../../CHANGES.rst:291
+#: 690fcdab65944260afb6fcbe9e8a2544
+msgid "[0.0.32] - 2023-08-17"
+msgstr ""
+
+#: ../../CHANGES.rst:296
+#: ac9ff17b36854a04b0eff8fdd9f0b12d
+msgid "Additional inmemory backend :issue:`30` :pr:`149`"
+msgstr ""
+
+#: ../../CHANGES.rst:297
+#: 2c37b0e733db469d9579d223cd85aa8e
+msgid "Installation extras :issue:`167` :pr:`150`"
+msgstr ""
+
+#: ../../CHANGES.rst:300
+#: 01aa77d8df464a5e951020cd837b3255
+msgid "[0.0.31] - 2023-08-15"
+msgstr ""
+
+#: ../../CHANGES.rst:305
+#: cc2bfadcf8ff422d9873e6781c9ac353
+msgid "Configuration option to disable the forced usage of OIDC nonce :pr:`143`"
+msgstr ""
+
+#: ../../CHANGES.rst:306
+#: 6945dec9474d48ce88db6978c3d7a954
+msgid "Validate phone numbers with a regex :pr:`146`"
+msgstr ""
+
+#: ../../CHANGES.rst:307
+#: 10b93b8760444d6182f704d6b2c7c7ea
+msgid "Email verification :issue:`41` :pr:`147`"
+msgstr ""
+
+#: ../../CHANGES.rst:308
+#: 12d0980c01294ad4b095b756b991a2bc
+msgid "Account registration :issue:`55` :pr:`133` :pr:`148`"
+msgstr ""
+
+#: ../../CHANGES.rst:313
+#: 67036a27c2ff4cdcb905cb4c4e86ff55
+msgid "The `check` command uses the default configuration values."
+msgstr ""
+
+#: ../../CHANGES.rst:318
+#: 9d1aae00e2f14e7881f93f4282f9d4f8
+msgid "Modals do not need use javascript at the moment. :issue:`158` :pr:`144`"
+msgstr ""
+
+#: ../../CHANGES.rst:321
+#: 46bef1073cc249c4b5a60fc639445486
+msgid "[0.0.30] - 2023-07-06"
+msgstr ""
+
+#: ../../CHANGES.rst:323
+#: 961455ecf0a14c5491eb06390a1cb324
+msgid "🚨Configuration files must be updated.🚨 Check the new format with ``git diff 0.0.29 0.0.30 canaille/conf/config.sample.toml``"
+msgstr ""
+
+#: ../../CHANGES.rst:329
+#: 0961a5675019487d86d12c28a8c03738
+msgid "Configuration option to disable javascript :pr:`141`"
+msgstr ""
+
+#: ../../CHANGES.rst:334
+#: 60c44ee6ebaa4458ac03cb4058a609ec
+msgid "Configuration ``USER_FILTER`` is parsed with jinja."
+msgstr ""
+
+#: ../../CHANGES.rst:335
+#: 46352c2c399c46a6898a9555e50adb95
+msgid "Configuration use ``PRIVATE_KEY_FILE`` instead of ``PRIVATE_KEY`` and ``PUBLIC_KEY_FILE`` instead of ``PUBLIC_KEY``"
+msgstr ""
+
+#: ../../CHANGES.rst:338
+#: 7e2e8f3a99214572a9d5a3bd76230e75
+msgid "[0.0.29] - 2023-06-30"
+msgstr ""
+
+#: ../../CHANGES.rst:343
+#: 89b4af9fda364e7d83bb6996c6e69bd2
+msgid "Disabled HTMX boosting on OIDC forms to avoid errors."
+msgstr ""
+
+#: ../../CHANGES.rst:346
+#: a7070ee845df4ff7bfe13b5d41244aa0
+msgid "[0.0.28] - 2023-06-30"
+msgstr ""
+
+#: ../../CHANGES.rst:351
+#: 4cd4e4868bfb41b78e8b644422f22145
+msgid "A template variable was misnamed."
+msgstr ""
+
+#: ../../CHANGES.rst:354
+#: 55a8faa31ce54cf88afc5a3c13cf4790
+msgid "[0.0.27] - 2023-06-29"
+msgstr ""
+
+#: ../../CHANGES.rst:356
+#: eb6b9fcd0119445b84b482b96ba17e59
+msgid "🚨Configuration files must be updated.🚨 Check the new format with ``git diff 0.0.26 0.0.27 canaille/conf/config.sample.toml``"
+msgstr ""
+
+#: ../../CHANGES.rst:362
+#: 2be5c386632147ea9a72003d8fcbab12
+msgid "Configuration entries can be loaded from files if the entry key has a *_FILE* suffix and the entry value is the path to the file. :issue:`134` :pr:`134`"
+msgstr ""
+
+#: ../../CHANGES.rst:364
+#: eb633d6c5427443082671f0b402d0471
+msgid "Field list support. :issue:`115` :pr:`136`"
+msgstr ""
+
+#: ../../CHANGES.rst:365
+#: 2ca34588a2434f94bc28e2220b7128dd
+msgid "Pages are boosted with HTMX :issue:`144` :issue:`145` :pr:`137`"
+msgstr ""
+
+#: ../../CHANGES.rst:370
+#: 75e20a614ff2492180c27a84aac43cc5
+msgid "Bump to jquery 3.7.0 :pr:`138`"
+msgstr ""
+
+#: ../../CHANGES.rst:375
+#: e9b015b11a6848f48a31e925a25a685f
+msgid "Profile edition when the user RDN was not ``uid`` :issue:`148` :pr:`139`"
+msgstr ""
+
+#: ../../CHANGES.rst:380
+#: 37ff77d4af6c45b8ae036879097aae67
+msgid "Stop support for python 3.7 :pr:`131`"
+msgstr ""
+
+#: ../../CHANGES.rst:383
+#: b49886fdd9b54bd69c6f396dbcf33549
+msgid "[0.0.26] - 2023-06-03"
+msgstr ""
+
+#: ../../CHANGES.rst:388
+#: f34ff922c98e49479c9a6a95ff9d5e20
+msgid "Implemented account expiration based on OpenLDAP ppolicy overlay. Needs OpenLDAP 2.5+ :issue:`13` :pr:`118`"
+msgstr ""
+
+#: ../../CHANGES.rst:390
+#: 8955f6014e7840179fef39c2f7def856
+msgid "Timezone configuration entry. :issue:`137` :pr:`130`"
+msgstr ""
+
+#: ../../CHANGES.rst:395
+#: 7b4ac22c1e8a43faabff7b1cc379a486
+msgid "Avoid setting ``None`` in JWT claims when they have no value."
+msgstr ""
+
+#: ../../CHANGES.rst:396
+#: a5fa1b0aa295403481047ed68e5b5337
+msgid "Display password recovery button on OIDC login page. :pr:`129`"
+msgstr ""
+
+#: ../../CHANGES.rst:399
+#: da6a4bd82a8d449db7a184158fbcc848
+msgid "[0.0.25] - 2023-05-05"
+msgstr ""
+
+#: ../../CHANGES.rst:401
+#: 50fa73eb8ba946cb9a709170992e10a1
+msgid "🚨Configuration files must be updated.🚨 Check the new format with ``git diff 0.0.25 0.0.24 canaille/conf/config.sample.toml``"
+msgstr ""
+
+#: ../../CHANGES.rst:407
+#: ee48d59dd2224b48b9cbc2bbbe3df593
+msgid "Renamed user model attributes to match SCIM naming convention. :pr:`123`"
+msgstr ""
+
+#: ../../CHANGES.rst:408
+#: 09bf43cbf3414274a32fd7b98e4b367d
+msgid "Moved OIDC related configuration entries in ``OIDC``"
+msgstr ""
+
+#: ../../CHANGES.rst:409
+#: 5a25176b68c44ae2ab4e8be3a9979c78
+msgid "Moved ``LDAP`` configuration entry to ``BACKENDS.LDAP``"
+msgstr ""
+
+#: ../../CHANGES.rst:410
+#: 85a5997b2d73484c8e0e277edb6c0728
+msgid "Bumped to htmx 1.9.0 :pr:`124`"
+msgstr ""
+
+#: ../../CHANGES.rst:411
+#: a1786f8a6218461698ebd65c64fc35d9
+msgid "ACL filters are no more LDAP filters but user attribute mappings. :pr:`125`"
+msgstr ""
+
+#: ../../CHANGES.rst:412
+#: 79d1bf32067e45a28160200f271a6e75
+msgid "Bumped to htmx 1.9.2 :pr:`127`"
+msgstr ""
+
+#: ../../CHANGES.rst:417
+#: 0fa79474d2e643008784ad7d0266cf0d
+msgid "``OIDC.JWT.MAPPING`` configuration entry is really optional now."
+msgstr ""
+
+#: ../../CHANGES.rst:418
+#: cc43ca5d7ab8431e9d44b944a52bad42
+msgid "Fixed empty model attributes registration :pr:`125`"
+msgstr ""
+
+#: ../../CHANGES.rst:419
+#: ccf443a48367489998b39bf74fd22650
+msgid "Password initialization mails were not correctly sent. :pr:`128`"
+msgstr ""
+
+#: ../../CHANGES.rst:422
+#: 68d7811967674328a93413a45283d055
+msgid "[0.0.24] - 2023-04-07"
+msgstr ""
+
+#: ../../CHANGES.rst:427
+#: e01036fb364e4be1b271e0d132376c7c
+msgid "Fixed avatar update. :pr:`122`"
+msgstr ""
+
+#: ../../CHANGES.rst:430
+#: 0b3c187070af4c7291e1345c15d5a3c2
+msgid "[0.0.23] - 2023-04-05"
+msgstr ""
+
+#: ../../CHANGES.rst:435
+#: 851f9b7d13cb4e449a918856666a9d6f
+msgid "Organization field. :pr:`116`"
+msgstr ""
+
+#: ../../CHANGES.rst:436
+#: 7d50bba48f3d49f597f42cf2fa97a2bf
+msgid "ETag and Last-Modified headers on user photos. :pr:`116`"
+msgstr ""
+
+#: ../../CHANGES.rst:437
+#: 949afdb847bb402c869ab86922204bfb
+msgid "Dynamic form validation :pr:`120`"
+msgstr ""
+
+#: ../../CHANGES.rst:442
+#: bcb30b1dd4ae498b92a0fa822f0820cc
+msgid "UX rework. Submenu addition. :pr:`114`"
+msgstr ""
+
+#: ../../CHANGES.rst:443
+#: caa28fb3cde441eb86816d9f27bc8575
+msgid "Properly handle LDAP date timezones. :pr:`117`"
+msgstr ""
+
+#: ../../CHANGES.rst:448
+#: 37bb10b5178b4aa6a5776539548a4d71
+msgid "CSRF protection on every forms. :pr:`119`"
+msgstr ""
+
+#: ../../CHANGES.rst:451
+#: fc35d806925f4b378563b9782da74e6e
+msgid "[0.0.22] - 2023-03-13"
+msgstr ""
+
+#: ../../CHANGES.rst:455
+#: 65f29c39842a4d83b60056094bd25e94
+msgid "faker is not imported anymore when the `clean` command is called."
+msgstr ""
+
+#: ../../CHANGES.rst:458
+#: 5c164b4bb5a846428e3cc04495d3c49f
+msgid "[0.0.21] - 2023-03-12"
+msgstr ""
+
+#: ../../CHANGES.rst:463
+#: b784646f61e04c208a30565dd7ce091f
+msgid "Display TOS and policy URI on the consent list page. :pr:`102`"
+msgstr ""
+
+#: ../../CHANGES.rst:464
+#: 7194eac1f0234642a0981995cfe5149e
+msgid "Admin token deletion :pr:`100` :pr:`101`"
+msgstr ""
+
+#: ../../CHANGES.rst:465
+#: a803710142024ea3a243712728118900
+msgid "Revoked consents can be restored. :pr:`103`"
+msgstr ""
+
+#: ../../CHANGES.rst:466
+#: e890de6af18b4a3d87095f7fdc65db9b
+msgid "Pre-consented clients are displayed in the user consent list, and their consents can be revoked. :issue:`69` :pr:`103`"
+msgstr ""
+
+#: ../../CHANGES.rst:468
+#: c44acead10bf4fd89a53552876455a25
+msgid "A ``populate`` command can be used to fill the database with random users generated with faker. :pr:`105`"
+msgstr ""
+
+#: ../../CHANGES.rst:470
+#: 6834451857514b189bf302d31c1f8493
+msgid "SMTP SSL support. :pr:`108`"
+msgstr ""
+
+#: ../../CHANGES.rst:471
+#: fee6c7c71ed04dfe953531a40acdf8ea
+msgid "Server side pagination. :issue:`114` :pr:`111`"
+msgstr ""
+
+#: ../../CHANGES.rst:472
+#: 21d0c593818c488db23694f3081f2ca2
+msgid "Department number support. :issue:`129`"
+msgstr ""
+
+#: ../../CHANGES.rst:473
+#: 371d75ed6f54488aaeddcc99fe6c4290
+msgid "Address edition support (but not in the OIDC claims yet) :pr:`112`"
+msgstr ""
+
+#: ../../CHANGES.rst:474
+#: 0771c1b7b7a84323b5d912b7f8647d41
+msgid "Title edition support :pr:`113`"
+msgstr ""
+
+#: ../../CHANGES.rst:479
+#: 57e0cd74e810435791d6a97214e12aed
+msgid "Client deletion also deletes related Consent, Token and AuthorizationCode objects. :issue:`126` :pr:`98`"
+msgstr ""
+
+#: ../../CHANGES.rst:485
+#: fb4c36e5440449b898999be40ae9e0c5
+msgid "Removed datatables."
+msgstr ""
+
+#: ../../CHANGES.rst:488
+#: 5a7c51ebbb11449b9892980d50bc2f3c
+msgid "[0.0.20] - 2023-01-28"
+msgstr ""
+
+#: ../../CHANGES.rst:493
+#: 194afc81a9784649b6961ba3d153d1df
+msgid "Spanish translation. :pr:`85` :pr:`88`"
+msgstr ""
+
+#: ../../CHANGES.rst:494
+#: f91f3536f72d4dfebe399707149009f7
+msgid "Dedicated connectivity test email :pr:`89`"
+msgstr ""
+
+#: ../../CHANGES.rst:495
+#: 1adab56d29b8477bae5e727054e73c9a
+msgid "Update to jquery 3.6.3 :pr:`90`"
+msgstr ""
+
+#: ../../CHANGES.rst:496
+#: ada246491b7442c3a0f1c586a3f8d013
+msgid "Update to fomantic-ui 2.9.1 :pr:`90`"
+msgstr ""
+
+#: ../../CHANGES.rst:497
+#: a4e66dd5e706464687d1715587f27fb3
+msgid "Update to datatables 1.13.1 :pr:`90`"
+msgstr ""
+
+#: ../../CHANGES.rst:502
+#: 626448d95038452d8eaaa7970defcc17
+msgid "Fix typos and grammar errors. :pr:`84`"
+msgstr ""
+
+#: ../../CHANGES.rst:503
+#: 507e0d82553143a0a60b5db8c8f78220
+msgid "Fix wording and punctuations. :pr:`86`"
+msgstr ""
+
+#: ../../CHANGES.rst:504
+#: cc22dca2873b4eb4b3acc767f3c15153
+msgid "Fix HTML lang tag :issue:`122` :pr:`87`"
+msgstr ""
+
+#: ../../CHANGES.rst:505
+#: 3fcbd3fe2225413da18d7da66cf518e3
+msgid "Automatically trims the HTML translated strings. :pr:`91`"
+msgstr ""
+
+#: ../../CHANGES.rst:506
+#: d768714fde834381a64da0f30d0156a8
+msgid "Fixed dynamic registration scope management. :issue:`123` :pr:`93`"
+msgstr ""
+
+#: ../../CHANGES.rst:509
+#: 081cf10919eb45e1a74ed6cb2b0b80d2
+msgid "[0.0.19] - 2023-01-14"
+msgstr ""
+
+#: ../../CHANGES.rst:514
+#: b15a19a914bf4f5b814516e4fa392ff5
+msgid "Ensures the token `expires_in` claim and the `access_token` `exp` claim have the same value. :pr:`83`"
+msgstr ""
+
+#: ../../CHANGES.rst:518
+#: 910abd66d7514fa2a52397691b581306
+msgid "[0.0.18] - 2022-12-28"
+msgstr ""
+
+#: ../../CHANGES.rst:523
+#: fb4e49552924463993ec42a37f29c9a0
+msgid "OIDC end_session was not returning the ``state`` parameter in the ``post_logout_redirect_uri`` :pr:`82`"
+msgstr ""
+
+#: ../../CHANGES.rst:527
+#: 3792b0bfa9a14b768282d0d35f894913
+msgid "[0.0.17] - 2022-12-26"
+msgstr ""
+
+#: ../../CHANGES.rst:532
+#: 723d56770f9c43d98620e5873a6ccb9c
+msgid "Fixed group deletion button. :pr:`80`"
+msgstr ""
+
+#: ../../CHANGES.rst:533
+#: e5697b7a57ae454ea52711580b8b7146
+msgid "Fixed post requests in oidc clients views. :pr:`81`"
+msgstr ""
+
+#: ../../CHANGES.rst:536
+#: ff6e164e9c7e43cf86e1fdceca7253bb
+msgid "[0.0.16] - 2022-12-15"
+msgstr ""
+
+#: ../../CHANGES.rst:541
+#: 32f25a8f77a04718a014459a4084d146
+msgid "Fixed LDAP operational attributes handling."
+msgstr ""
+
+#: ../../CHANGES.rst:544
+#: 8ed77f0ddc9349d49248f88230f091c6
+msgid "[0.0.15] - 2022-12-15"
+msgstr ""
+
+#: ../../CHANGES.rst:549
+#: 84305bbe71ad46e2ae714e806de6d5bf
+msgid "User can chose their favourite display name. :pr:`77`"
+msgstr ""
+
+#: ../../CHANGES.rst:550
+#: 6681b34a0be144cdbb21c8f66ddd92d3
+msgid "Bumped to authlib 1.2. :pr:`78`"
+msgstr ""
+
+#: ../../CHANGES.rst:551
+#: 3510559cfa1646e2929ce3b663cdb88a
+msgid "Implemented RFC7592 OAuth 2.0 Dynamic Client Registration Management Protocol :pr:`79`"
+msgstr ""
+
+#: ../../CHANGES.rst:553
+#: 5d02af72ff704b38bf8a3ad1a672edbc
+msgid "Added ``nonce`` to the ``claims_supported`` server metadata list."
+msgstr ""
+
+#: ../../CHANGES.rst:556
+#: c9e1519b4cfb4a39b7a1bbbae2b04210
+msgid "[0.0.14] - 2022-11-29"
+msgstr ""
+
+#: ../../CHANGES.rst:560
+#: f0a39e5073ec4c24aeea5a89ddbbaf5a
+msgid "Fixed translation mo files packaging."
+msgstr ""
+
+#: ../../CHANGES.rst:563
+#: d227a6e046ec4cdea9410d3e66618604
+msgid "[0.0.13] - 2022-11-21"
+msgstr ""
+
+#: ../../CHANGES.rst:568
+#: d7842fe9d753466797b38435da64ddac
+msgid "Fixed a bug on the contacts field in the admin client form following the LDAP schema update of 0.0.12"
+msgstr ""
+
+#: ../../CHANGES.rst:570
+#: 06b6d0eb8bba4bc190f42a86b15e92aa
+msgid "Fixed a bug happening during RP initiated logout on clients without `post_logout_redirect_uri` defined."
+msgstr ""
+
+#: ../../CHANGES.rst:572
+#: 4a0ff8ddda694f608e8e30f045f2e997
+msgid "Gitlab CI fix. :pr:`64`"
+msgstr ""
+
+#: ../../CHANGES.rst:573
+#: f7ab68d7857f4e5ca07d14fc3b955866
+msgid "Fixed `client_secret` display on the client administration page. :pr:`65`"
+msgstr ""
+
+#: ../../CHANGES.rst:574
+#: c2e57ecf35b24a169345d069aa03fa08
+msgid "Fixed non-square logo CSS. :pr:`67`"
+msgstr ""
+
+#: ../../CHANGES.rst:575
+#: 788674f9c70c4e0799bde8d5185255b8
+msgid "Fixed schema path on installation. :pr:`68`"
+msgstr ""
+
+#: ../../CHANGES.rst:576
+#: cf27bc6a7bf244bcbd8ecde012c0bdac
+msgid "Fixed RFC7591 ``software_statement`` claim support. :pr:`70`"
+msgstr ""
+
+#: ../../CHANGES.rst:577
+#: 5b4214de704a45afb69294ff6fa6765b
+msgid "Fixed client preconsent disabling. :pr:`72`"
+msgstr ""
+
+#: ../../CHANGES.rst:582
+#: 4797bbc283b14a6098b60c8eadb444c3
+msgid "Python 3.11 support. :pr:`61`"
+msgstr ""
+
+#: ../../CHANGES.rst:583
+#: cf4773b6f22e45ed871ab4b5fb69f6a2
+msgid "apparmor slapd configuration instructions in CONTRIBUTING.rst :pr:`66`"
+msgstr ""
+
+#: ../../CHANGES.rst:584
+#: fc0c9e3a757649cbbbd2d119fb403c2b
+msgid "``preferredLanguage`` attribute support. :pr:`75`"
+msgstr ""
+
+#: ../../CHANGES.rst:589
+#: 48b4ab627fcd4a4aae6ebde31b60e138
+msgid "Replaced the use of the deprecated `FLASK_ENV` environment variable by `FLASK_DEBUG`."
+msgstr ""
+
+#: ../../CHANGES.rst:591
+#: 41f360c270e94109ac7ff049f4c210f8
+msgid "Dynamically generate the server metadata. Users won't have to copy and manually edit ``oauth-authorizationserver.json`` and ``openid-configuration.json``. :pr:`71`"
+msgstr ""
+
+#: ../../CHANGES.rst:594
+#: 5265fe5bc7214a9dbc130de0a63835c9
+msgid "The `FROM_ADDR` configuration option is not mandatory anymore. :pr:`73`"
+msgstr ""
+
+#: ../../CHANGES.rst:595
+#: e688f046fa5b44cbaef655e4bfa92d59
+msgid "The `JWT.ISS` configuration option is not mandatory anymore. :pr:`74`"
+msgstr ""
+
+#: ../../CHANGES.rst:598
+#: 3105e8936a2b4ae28b64c27edcf53cd8
+msgid "[0.0.12] - 2022-10-24"
+msgstr ""
+
+#: ../../CHANGES.rst:603
+#: 45609a4f9a2b4685931477795746c28f
+msgid "Basic WebFinger endpoint. :pr:`59`"
+msgstr ""
+
+#: ../../CHANGES.rst:604
+#: 99065af0fe7e46ee86cba8e1a071aa4f
+msgid "Bumped to FomanticUI 2.9.0 00ffffee"
+msgstr ""
+
+#: ../../CHANGES.rst:605
+#: 222619e4a78c4420849f3210e16f4439
+msgid "Implemented Dynamic Client Registration :pr:`60`"
+msgstr ""
+
+#: ../../CHANGES.rst:608
+#: e38006ffaa99459896eb21e4d2be3c87
+msgid "[0.0.11] - 2022-08-11"
+msgstr ""
+
+#: ../../CHANGES.rst:613
+#: 24dcf9e5b5fd4cc9a7bbc3946cdffba9
+msgid "Default theme has a dark variant. :pr:`57`"
+msgstr ""
+
+#: ../../CHANGES.rst:618
+#: 779421f30fbe49058b54aadf25f7dcae
+msgid "Fixed missing ``canaille`` binary. :pr:`58`"
+msgstr ""
+
+#: ../../CHANGES.rst:621
+#: 84432b1e63b0450f9f5db1558713dd16
+msgid "[0.0.10] - 2022-07-07"
+msgstr ""
+
+#: ../../CHANGES.rst:626
+#: 487099cc8b9140ae9688140be96d4dec
+msgid "Online demo. :pr:`55`"
+msgstr ""
+
+#: ../../CHANGES.rst:627
+#: 9bd981961fa74d909f5edba9b0783ffd
+msgid "The consent page was displaying scopes not supported by clients. :pr:`56`"
+msgstr ""
+
+#: ../../CHANGES.rst:628
+#: 8f54777acf6843738ecce5d485e7637b
+msgid "Fixed end session when user are already disconnected."
+msgstr ""
+
+#: ../../CHANGES.rst:631
+#: 64b24a6fcf804c83abea97fdc944a350
+msgid "[0.0.9] - 2022-06-05"
+msgstr ""
+
+#: ../../CHANGES.rst:636
+#: 7f06e3d2a8c147a4ae148ad7ae8effad
+msgid "``DISABLE_PASSWORD_RESET`` configuration option to disable password recovery. :pr:`46`"
+msgstr ""
+
+#: ../../CHANGES.rst:637
+#: 61c9a5a6284a4bb8985ee75220d16003
+msgid "``edit_self`` ACL permission to control user self edition. :pr:`47`"
+msgstr ""
+
+#: ../../CHANGES.rst:638
+#: ebf2e18962984007b0d7f0d26ba50dad
+msgid "Implemented RP-initiated logout :pr:`54`"
+msgstr ""
+
+#: ../../CHANGES.rst:643
+#: e73c108089ab4333918f173e1197dab5
+msgid "Bumped to authlib 1 :pr:`48`"
+msgstr ""
+
+#: ../../CHANGES.rst:644
+#: cc1798e0e0244816bb97e3e1f5cdb332
+msgid "documentation improvements :pr:`50`"
+msgstr ""
+
+#: ../../CHANGES.rst:645
+#: 59e82c4121b44885b645bc920db2ebcd
+msgid "use poetry instead of setuptools :pr:`51`"
+msgstr ""
+
+#: ../../CHANGES.rst:646
+#: 382ba5ccee7d4f909cd6e2fa6c5ceb16
+msgid "additional nonce tests :pr:`52`"
+msgstr ""
+
+#: ../../CHANGES.rst:650
+#: 0f2f4e263be44b9db73bf88f97c1c07b
+msgid "``HIDE_INVALID_LOGIN`` behavior and default value."
+msgstr ""
+
+#: ../../CHANGES.rst:651
+#: 3c2c34f32ae143fda1a56259e979b6d1
+msgid "mo files are not versioned anymore :pr:`49` :pr:`53`"
+msgstr ""
+
+#: ../../CHANGES.rst:654
+#: 33489cb5ccfd400b9aeeb57e8ad39bc2
+msgid "[0.0.8] - 2022-03-15"
+msgstr ""
+
+#: ../../CHANGES.rst:659
+#: b574181e55454661adf4c9460413f7c3
+msgid "Fixed dependencies"
+msgstr ""
+
+#: ../../CHANGES.rst:662
+#: 6603f8d36b4c4b8699c5828e1f7524ae
+msgid "[0.0.7] - 2022-03-15"
+msgstr ""
+
+#: ../../CHANGES.rst:667
+#: eee009d2c8ce461c81c9f41d7d9d3184
+msgid "Fixed spaces and escaped special char in ldap cn/dn :pr:`43`"
+msgstr ""
+
+#: ../../CHANGES.rst:670
+#: 28b8544a1cc4490bbbc20b7e3b559ad9
+msgid "[0.0.6] - 2022-03-08"
+msgstr ""
+
+#: ../../CHANGES.rst:675
+#: c8eac8e7da0c4d7e982c70f2bab67f11
+msgid "Access token are JWT. :pr:`38`"
+msgstr ""
+
+#: ../../CHANGES.rst:680
+#: bdaa41ff05a44a8882b8f779649ee1ef
+msgid "Default groups on invitations :pr:`41`"
+msgstr ""
+
+#: ../../CHANGES.rst:681
+#: cc1d6c9dcd1c4acb85b2e3647164dfd5
+msgid "Schemas are shipped within the canaille package :pr:`42`"
+msgstr ""
+
+#: ../../CHANGES.rst:684
+#: 745b368228b740648ba0e391fc1441b7
+msgid "[0.0.5] - 2022-02-17"
+msgstr ""
+
+#: ../../CHANGES.rst:689
+#: 573f89edace24eb4a4b71421ec453147
+msgid "LDAP model objects have new identifiers :pr:`37`"
+msgstr ""
+
+#: ../../CHANGES.rst:694
+#: 92f35a2770954f8e8f038e9b40a13dc1
+msgid "Admin menu dropdown display :pr:`39`"
+msgstr ""
+
+#: ../../CHANGES.rst:695
+#: 49bf14ec0da344aeabe2c7335edc983f
+msgid "`GROUP_ID_ATTRIBUTE` configuration typo :pr:`40`"
+msgstr ""
+
+#: ../../CHANGES.rst:698
+#: f5f990fc3774435b9c06c60a46fedd33
+msgid "[0.0.4] - 2022-02-16"
+msgstr ""
+
+#: ../../CHANGES.rst:703
+#: efbf9f9cf24c4fdbb6afbf7d77da18eb
+msgid "Client preauthorization :pr:`11`"
+msgstr ""
+
+#: ../../CHANGES.rst:704
+#: 8477e87e07dd4aceaa9c66da2164df60
+msgid "LDAP permissions check with the check command :pr:`12`"
+msgstr ""
+
+#: ../../CHANGES.rst:705
+#: 2c06792b06d2478384bc158adad6da07
+msgid "Update consents when a scope required is larger than the scope of an already given consent :pr:`13`"
+msgstr ""
+
+#: ../../CHANGES.rst:707
+#: b44da1ce5cc84620a2b7b831eccc3aa4
+msgid "Theme customization :pr:`15`"
+msgstr ""
+
+#: ../../CHANGES.rst:708
+#: 533547bc10ff40eeada4fd5611bb9650
+msgid "Logging configuration :pr:`16`"
+msgstr ""
+
+#: ../../CHANGES.rst:709
+#: f592e20d3c5145d3b4a190b334e8846b
+msgid "Installation command :pr:`17`"
+msgstr ""
+
+#: ../../CHANGES.rst:710
+#: bb8ed1c9f9eb454b88937794a358c977
+msgid "Invitation links :pr:`18`"
+msgstr ""
+
+#: ../../CHANGES.rst:711
+#: 66c1305c81534b86abc646619437316b
+msgid "Advanced permissions :pr:`20`"
+msgstr ""
+
+#: ../../CHANGES.rst:712
+#: 2817bc7cf9c541caa5e8eb65c688b877
+msgid "An option to not use OIDC :pr:`23`"
+msgstr ""
+
+#: ../../CHANGES.rst:713
+#: f43abfe74a5149f2998a425f6647a7c8
+msgid "Disable some features when no SMTP server is configured :pr:`24`"
+msgstr ""
+
+#: ../../CHANGES.rst:714
+#: 08f9c5f4eef04268a1e6a21fdf385d08
+msgid "Login placeholder dynamically generated according to the configuration :pr:`25`"
+msgstr ""
+
+#: ../../CHANGES.rst:715
+#: 12ef2669180948fd830de832f9feda80
+msgid "Added an option to tune object IDs :pr:`26`"
+msgstr ""
+
+#: ../../CHANGES.rst:716
+#: 699fbda5c0794dcab9a1b3b4f1fde65d
+msgid "Avatar support :pr:`27`"
+msgstr ""
+
+#: ../../CHANGES.rst:717
+#: e444e0140588439bb6a806c8fce27d5c
+msgid "Dynamical and configurable JWT claims :pr:`28`"
+msgstr ""
+
+#: ../../CHANGES.rst:718
+#: d632e8693e4a4720b308f8ad0208f345
+msgid "UI improvements :pr:`29`"
+msgstr ""
+
+#: ../../CHANGES.rst:719
+#: 307da1f635884d7cb8d1dea337e2b3f6
+msgid "Invitation links expiration :pr:`30`"
+msgstr ""
+
+#: ../../CHANGES.rst:720
+#: 42079e74f80542f99830fef5b7fd5fe3
+msgid "Invitees can choose their IDs :pr:`31`"
+msgstr ""
+
+#: ../../CHANGES.rst:721
+#: 850c64f4681d4dbbae1dcacb72c410a3
+msgid "LDAP backend refactoring :pr:`35`"
+msgstr ""
+
+#: ../../CHANGES.rst:726
+#: 76b95256223a470ca90fc284fa46da42
+msgid "Fixed ghost members in a group :pr:`14`"
+msgstr ""
+
+#: ../../CHANGES.rst:727
+#: fa82e4620f004858aa77626aa4238a0d
+msgid "Fixed email sender names :pr:`19`"
+msgstr ""
+
+#: ../../CHANGES.rst:728
+#: c2b45cdee4f7492ca9f5121b0af5619f
+msgid "Fixed filter being not escaped :pr:`21`"
+msgstr ""
+
+#: ../../CHANGES.rst:729
+#: ed40598795c845c7b14be6811a96e89b
+msgid "Demo script good practices :pr:`32`"
+msgstr ""
+
+#: ../../CHANGES.rst:730
+#: c3228caa9f0548c7b4325b25114e9419
+msgid "Binary path for Debian :pr:`33`"
+msgstr ""
+
+#: ../../CHANGES.rst:731
+#: 89f68149d50141f5b622e2089e630f30
+msgid "Last name was not mandatory in the forms while this was mandatory in the LDAP server :pr:`34`"
+msgstr ""
+
+#: ../../CHANGES.rst:733
+#: 0b4cf695ca7b4c558eaab0829753a442
+msgid "Spelling typos :pr:`36`"
+msgstr ""
+
+#: ../../CHANGES.rst:736
+#: 01c32a472ee5423287d8f425a230caca
+msgid "[0.0.3] - 2021-10-13"
+msgstr ""
+
+#: ../../CHANGES.rst:741
+#: de308c6cd42342e097599d3a88a8788a
+msgid "Two-steps sign-in :issue:`49`"
+msgstr ""
+
+#: ../../CHANGES.rst:742
+#: 4fd5f3591aa94013895409024ae1513b
+msgid "Tokens can have several audiences. :issue:`62` :pr:`9`"
+msgstr ""
+
+#: ../../CHANGES.rst:743
+#: 6a6692094843450c95e0217da4dcb1f4
+msgid "Configuration check command. :issue:`66` :pr:`8`"
+msgstr ""
+
+#: ../../CHANGES.rst:744
+#: d89ebd0a6ac24ba694e1da7fde89b2c8
+msgid "Groups management. :issue:`12` :pr:`6`"
+msgstr ""
+
+#: ../../CHANGES.rst:749
+#: e5811ab616314ba980c96625a0d8e3de
+msgid "Introspection access bugfix. :issue:`63` :pr:`10`"
+msgstr ""
+
+#: ../../CHANGES.rst:750
+#: 72d2513a4bde4c8f8e2cc090ee858361
+msgid "Introspection sub claim. :issue:`64` :pr:`7`"
+msgstr ""
+
+#: ../../CHANGES.rst:753
+#: 9943793b44ad4af68d26aa84db0e677e
+msgid "[0.0.2] - 2021-01-06"
+msgstr ""
+
+#: ../../CHANGES.rst:758
+#: 6e5030c6abe3490195e46a3efdd039a5
+msgid "Login page is responsive. :issue:`1`"
+msgstr ""
+
+#: ../../CHANGES.rst:759
+#: 54d90a7b7e6945ee83d9a14e22106a79
+msgid "Adapt mobile keyboards to login page fields. :issue:`2`"
+msgstr ""
+
+#: ../../CHANGES.rst:760
+#: 3b2f0e0278154f22912d155b915a7b1c
+msgid "Password recovery interface. :issue:`3`"
+msgstr ""
+
+#: ../../CHANGES.rst:761
+#: cf77b7a0a5da48479129f41af2a2ddc9
+msgid "User profile interface. :issue:`4`"
+msgstr ""
+
+#: ../../CHANGES.rst:762
+#: 88038f23c054446586a62c891a6f7276
+msgid "Renamed the project *canaille*. :issue:`5`"
+msgstr ""
+
+#: ../../CHANGES.rst:763
+#: 1f7eff73094e43c6bc4a0bb47b45127a
+msgid "Command to remove old tokens. :issue:`17`"
+msgstr ""
+
+#: ../../CHANGES.rst:764
+#: 2ea5867f8a1144ccaec5eac99cef7c52
+msgid "Improved password recovery email. :issue:`14` :issue:`26`"
+msgstr ""
+
+#: ../../CHANGES.rst:765
+#: 25bb44affbd54997ae01bd4388921a7c
+msgid "Use flask `SERVER_NAME` configuration variable instead of `URL`. :issue:`24`"
+msgstr ""
+
+#: ../../CHANGES.rst:766
+#: 54313fc70dce4fca83afd0c5dfaddc9d
+msgid "Improved consents page. :issue:`27`"
+msgstr ""
+
+#: ../../CHANGES.rst:767
+#: 689505ac996b48afb47ed5ddaef9d47f
+msgid "Admin user page. :issue:`8`"
+msgstr ""
+
+#: ../../CHANGES.rst:768
+#: a9e2d29c36914ca19e15d6ad861176e9
+msgid "Project logo. :pr:`29`"
+msgstr ""
+
+#: ../../CHANGES.rst:769
+#: f3b5202b2b7740568531fe3906855f03
+msgid "User account self-deletion can be enabled in the configuration with `SELF_DELETION`. :issue:`35`"
+msgstr ""
+
+#: ../../CHANGES.rst:770
+#: 80701ace447a43f284734c67a9b1ca2d
+msgid "Admins can impersonate users. :issue:`39`"
+msgstr ""
+
+#: ../../CHANGES.rst:771
+#: 7796de620b5a4ccdb23ce384341e1758
+msgid "Forgotten page UX improvement. :pr:`43`"
+msgstr ""
+
+#: ../../CHANGES.rst:772
+#: 56800b25a229466399dcbe3a3528ab60
+msgid "Admins can remove clients. :pr:`45`"
+msgstr ""
+
+#: ../../CHANGES.rst:773
+#: 0076a0c3a47b436b9e2fb6963a729ee1
+msgid "Option `HIDE_INVALID_LOGIN` that can be unactivated to let the user know if the login he attempt to sign in with exists or not. :pr:`48`"
+msgstr ""
+
+#: ../../CHANGES.rst:775
+#: 7a7d9b00fb734cf4ba9c543bba0b3091
+msgid "Password initialization mail. :pr:`51`"
+msgstr ""
+
+#: ../../CHANGES.rst:780
+#: f4fb3818258f4780a29a24659210cdfb
+msgid "Form translations. :issue:`19` :issue:`23`"
+msgstr ""
+
+#: ../../CHANGES.rst:781
+#: dbcc4f751dea41c681efc2ee75ff82e0
+msgid "Avoid to use Google Fonts. :issue:`21`"
+msgstr ""
+
+#: ../../CHANGES.rst:786
+#: 739c22fd4b9f4b6bbec8c2978f861dfb
+msgid "'My tokens' page. :issue:`22`"
+msgstr ""
+
+#: ../../CHANGES.rst:789
+#: e97780e06f514cecb78f5fe71cc24468
+msgid "[0.0.1] - 2020-10-21"
+msgstr ""
+
+#: ../../CHANGES.rst:794
+#: e92a4a0a93924e5db178e1add9a98a07
+msgid "Initial release."
+msgstr ""
diff --git a/doc/gettext/development/contributing.pot b/doc/gettext/development/contributing.pot
new file mode 100644
index 00000000..3d43b791
--- /dev/null
+++ b/doc/gettext/development/contributing.pot
@@ -0,0 +1,400 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) 2024, Yaal Coop
+# This file is distributed under the same license as the canaille package.
+# FIRST AUTHOR , YEAR.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: canaille 0.0.56\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2024-11-22 16:20+0100\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME \n"
+"Language-Team: LANGUAGE \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: ../../CONTRIBUTING.rst:2
+#: 002b7b86e67341a3abe1dc69ec1e6a70
+msgid "Contributions"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:4
+#: dd19b789311b44ddbfebef856907661f
+msgid "Contributions are welcome!"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:6
+#: 5a0c060f5510420485f21f180a8d16c8
+msgid "The repository is hosted at `gitlab.com/yaal/canaille `_."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:9
+#: ba0d490fa2454469b836749c6f260ba3
+msgid "Discuss"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:11
+#: 5e6f9e2ce04d441c834bd51320b99525
+msgid "If you want to implement a feature or a bugfix, please start by discussing it with us on the `bugtracker `_ or the `matrix room `_."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:16
+#: 0140e772bf834f889e84ec0e993fdb45
+msgid "Development environment"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:18
+#: fa5a69a308724bcf98d79d3d2e3f28f2
+msgid "You can either run the demo locally or with Docker."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:20
+#: 0a41b0d076254191ad0614c09d718c96
+msgid "The only tool required for local development is `uv`. Make sure to have uv `installed on your computer `_ to be able to hack Canaille."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:24
+#: b0c122affe964f63a9d237b87ae8043f
+msgid "Initialize your development environment with: - ``uv sync --extra front --extra oidc`` to have a minimal working development environment. This will allow you to run the tests with ``uv pytest --backend memory``. - ``uv sync --extra front --extra oidc --extra sqlite`` to have a minimal working development environment with SQLite backend support. This will allow you to run the tests with ``uv pytest --backend sql``. - ``uv sync --extra front --extra oidc --extra ldap`` to have a minimal working development environment with LDAP backend support. This will allow you to run the tests with ``uv pytest --backend ldap``. - ``uv sync --all-extras`` if you want to have everything at your fingertips. Note that it may compile some Python dependencies that would expect things to be installed on your system; Some dependencies of Canaille might need to be compiled, so you probably want to check that `GCC` and `cargo` are available on your computer."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:31
+#: 06d722cef5bf4514bbb820a4d1e43cf3
+msgid "After having launched the demo you have access to several services:"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:33
+#: ea39f2cd97274d7eb688562b3b05444c
+msgid "A canaille server at `localhost:5000 `_"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:34
+#: 880dcaf1bf8e4753bead6e6f5051c8bb
+msgid "A dummy client at `localhost:5001 `_"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:35
+#: f0ab0940d9b04b9f91cbb3dcf7953e56
+msgid "Another dummy client at `localhost:5002 `_"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:37
+#: 347d5b12d2054eed8ede671233b3ce85
+msgid "The canaille server has some default users:"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:39
+#: 6323897e96df481db1bdd48ec861915e
+msgid "A regular user which login and password are **user**;"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:40
+#: b10c66fe4dae4efca925aebcc307439a
+msgid "A moderator user which login and password are **moderator**;"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:41
+#: 379aa4fc7d7a427ead3a6802bd843c79
+msgid "An admin user which admin and password are **admin**;"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:42
+#: 17002848baf846bead5f780f81d8f555
+msgid "A new user which login is **james**. This user has no password yet, and his first attempt to log-in would result in sending a password initialization email (if a smtp server is configured)."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:47
+#: 0fb9b013289d432280da24a3c0b3bd7f
+msgid "Backends"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:49
+#: 958b994659a74b6d92def6f9eded872f
+msgid "Canaille comes with several backends:"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:51
+#: 1f1357d0032747dab9f508a4e0a42b8c
+msgid "a lightweight test purpose `memory` backend"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:52
+#: 1891b9a2fc514712b4adbf69c3ce1c65
+msgid "a `sql` backend, based on sqlalchemy"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:53
+#: dfe5ba8564c34dd5a5059defdbd7265d
+msgid "a production-ready `LDAP` backend"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:56
+#: e61ba8769c274e26b93a9379b2318c66
+msgid "Docker environment"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:58
+#: 789cfcce161041aab0a9ec38e60d1ce3
+msgid "If you want to develop with docker, your browser needs to be able to reach the `canaille` container. The docker-compose file exposes the right ports, but front requests are from outside the docker network: the `canaille` url that makes sense for docker, points nowhere from your browser. As exposed ports are on `localhost`, you need to tell your computer that `canaille` url means `localhost`."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:63
+#: 243bc254bb984976a9b7a1ebdfb164e9
+msgid "To do that, you can add the following line to your `/etc/hosts`:"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:69
+#: 4c97cc128cde4bde9a615540fac34a37
+msgid "To launch containers, use:"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:84
+#: 37903a2ee9264932bfda81ccfc8c2f23
+msgid "Local environment"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:98
+#: 9fd679598df14c87983d9a3db07c1b14
+msgid "If you want to run the demo locally with the LDAP backend, you need to have `OpenLDAP `_ installed on your system. It is generally shipped under the ``slapd`` or ``openldap`` package name."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:103
+#: cabb1f62e5ab4f649333fb4bdea44bb7
+msgid "On Debian or Ubuntu systems, the OpenLDAP `slapd` binary usage might be restricted by apparmor, and thus makes the tests and the demo fail. This can be mitigated by removing apparmor restrictions on `slapd`."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:113
+#: a968344527c248d28ee118a01deac886
+msgid "Populate the database"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:115
+#: f86dab9375c843329fda042e45a18fad
+msgid "The demo database comes populated with some random users and groups. If you need more, you can generate users and groups with the ``populate`` command:"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:126
+#: e1c8a2e4f1154d4da564a52eed57bf70
+msgid "Adapt to use either the `ldap` or the `sql` configuration file. Note that this will not work with the memory backend."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:129
+#: 3f7cb689b8c04892bacc9a1e69369f5a
+msgid "Unit tests"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:131
+#: 5a55d7ab327844ecb7e5cdfba5692648
+msgid "To run the tests, you just can run `uv run pytest` and/or `uv run tox` to test all the supported python environments. Everything must be green before patches get merged."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:134
+#: b59e6cc3d02e43cb809a4e917bdc9c9b
+msgid "To test a specific backend you can pass ``--backend memory``, ``--backend sql`` or ``--backend ldap`` to pytest and tox."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:136
+#: 31a0a090499441cab7c275bced31a11e
+msgid "The test coverage is 100%, patches won't be accepted if not entirely covered. You can check the test coverage with ``uv run pytest --cov --cov-report=html`` or ``uv run tox -e coverage -- --cov-report=html``. You can check the HTML coverage report in the newly created `htmlcov` directory."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:141
+#: 4cd3c9737c4244de8817eb59ca927124
+msgid "Code style"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:143
+#: 0f2b878130954759a11524c208e26a5d
+msgid "We use `ruff `_ along with other tools to format our code. Please run ``uv run tox -e style`` on your patches before submitting them. In order to perform a style check and correction at each commit you can use our `pre-commit `_ configuration with ``uv run pre-commit install``."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:149
+#: cba1248331964d159b2b1253ae50634d
+msgid "Front"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:151
+#: 1bc0bb39fb2b47c2aac56db867fa0d93
+msgid "The interface is built upon the `Fomantic UI `_ CSS framework. The dynamical parts of the interface use `htmx `_."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:154
+#: b4a85f39680449cf9f911d541d794c6d
+msgid "Using Javascript in the interface is tolerated, but the whole website MUST be accessible for browsers without Javascript support, and without any feature loss."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:156
+#: cb749cb0196846578e5e04df1df97062
+msgid "Because of Fomantic UI we have a dependency to jQuery, however new contributions should not depend on jQuery at all. See the `related issue `_."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:161
+#: deea2dbf6acb42e99b95f661d4a540a5
+msgid "Documentation"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:163
+#: bde97657892b41d3a44e9c29919882a8
+msgid "The documentation is generated when the tests run:"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:169
+#: 91d5753457ef4fe08d82c1c03c30a4c6
+msgid "You can also run sphinx by hand, that should be faster since it avoids the tox environment initialization:"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:175
+#: 84a7965f74c342f4a767d918ec7e7fc8
+msgid "The generated documentation is located at ``build/sphinx/html``."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:178
+#: 3523b0c7c50544a7ae680fd16c821a28
+msgid "Code translation"
+msgstr ""
+
+#: ../../canaille/translations/README.rst:1
+#: a8f1fb9815754963a29bcfa65855ef88
+msgid "Translations are done with `Weblate `_."
+msgstr ""
+
+#: ../../canaille/translations/README.rst:3
+#: 3d5f471d16f5427dbad3a203cdd90503
+msgid "The following commands are there as documentation, only the message extraction is needed for contributors. All the other steps are automatically done with Weblate."
+msgstr ""
+
+#: ../../canaille/translations/README.rst:8
+#: ../locales/readme.rst:7
+#: f11c4c84df6d443190d1b60d4f858fce
+#: 7a6d3aff28fe4cf7a4e975ff7935d31e
+msgid "Message extraction"
+msgstr ""
+
+#: ../../canaille/translations/README.rst:10
+#: ../locales/readme.rst:9
+#: c7318169ac354feeae24e67436dd1c6b
+#: 5830609426e04e7ba3aeea18c413ee2e
+msgid "After you have edited translatable strings, you should extract the messages with:"
+msgstr ""
+
+#: ../../canaille/translations/README.rst:17
+#: ../locales/readme.rst:16
+#: 764623358ada4e1684d1b572d61b712e
+#: e3af01ce677943feaa7ade5343c8e90a
+msgid "Language addition"
+msgstr ""
+
+#: ../../canaille/translations/README.rst:19
+#: ../locales/readme.rst:18
+#: a2b5aff4084044d78c59e0fabc992490
+#: 546fd984ffa64b31972b1670b09ca6b3
+msgid "You can add a new language manually with the following command, however this should not be needed as Weblate takes car of this:"
+msgstr ""
+
+#: ../../canaille/translations/README.rst:26
+#: a61a44e0a1914d6c95e4ce4a2fb7ca42
+msgid "Catalog update"
+msgstr ""
+
+#: ../../canaille/translations/README.rst:28
+#: 1c475d88301b4d3aa56d82f20a24cc27
+msgid "You can update the catalogs with the following command, however this should not be needed as Weblate automatically update language catalogs when it detects new strings or when someone translate some existing strings. Weblate pushes happen every 24h."
+msgstr ""
+
+#: ../../canaille/translations/README.rst:36
+#: 4200924e358f45499f460769cc67c6a9
+msgid "Catalog compilation"
+msgstr ""
+
+#: ../../canaille/translations/README.rst:38
+#: 40de58e8a420485eb689e4abb8a4fa5e
+msgid "You can compile the catalogs with the following command, however this should not be needed as catalogs are automatically compiled before running the unit tests, before launching the demo and before compiling the Canaille python package:"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:184
+#: a168ea61caf74157be0b82d1d9952af6
+msgid "Documentation translation"
+msgstr ""
+
+#: ../locales/readme.rst:1
+#: b466e2381f024d40a12476d4846059f6
+msgid "Documentation translation Translations are done with `Weblate `_."
+msgstr ""
+
+#: ../locales/readme.rst:4
+#: 1294588ccb444efda7d1edc0ac45c573
+msgid "The following commands are there as documentation, only the message extraction and the language addition is needed for contributors."
+msgstr ""
+
+#: ../locales/readme.rst:25
+#: 5574bcc510534444bf74cc4471725689
+msgid "Build the documentation in another language"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:189
+#: 6215d4058c6b45c9ab9c57244986b560
+msgid "Publish a new release"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:191
+#: 5c63146cdc484f34a4ac23b3b60f7364
+msgid "Check that dependencies are up to date with ``uv sync --all-extras --upgrade`` and update dependencies accordingly in separated commits;"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:192
+#: 4d516e6db43048a99f1112b743916559
+msgid "Check that tests are still green for every supported python version, and that coverage is still at 100%, by running ``uv run tox``;"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:193
+#: 785c12428a4943288820c40c5d0ac261
+msgid "Check that the demo environments are still working, both the local and the Docker one;"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:194
+#: 0700ba761ff7459b8a1aa7e48afb8da8
+msgid "Check that the :ref:`development/changelog:Release notes` section is correctly filled up;"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:195
+#: 19f01831d3c04d36b74e4355021cf704
+msgid "Increase the version number in ``pyproject.toml``;"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:196
+#: 3cc39e4b68bf400292e544a33e9dcda3
+msgid "Commit with ``git commit``;"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:197
+#: b2f863f911f24805a109793d6806f83d
+msgid "Build with ``uv build``;"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:198
+#: fc01b4e40b58444391e922a6e8ea9e95
+msgid "Publish on test PyPI with ``uv publish --publish-url https://test.pypi.org/legacy/``;"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:199
+#: 0c7fbbb63e1e49ea871ca01165cb3b8a
+msgid "Install the test package somewhere with ``pip install --extra-index-url https://test.pypi.org/simple --upgrade canaille``. Check that everything looks fine;"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:200
+#: e1a8cc289c9040c198eb0f8f8ba502d8
+msgid "Publish on production PyPI ``uv publish``;"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:201
+#: 572996fb9dae4a3cad4a53104b812f70
+msgid "Tag the commit with ``git tag XX.YY.ZZ``;"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:202
+#: 91cf66e174e845fbad4201c90209fdad
+msgid "Push the release commit and the new tag on the repository with ``git push --tags``."
+msgstr ""
diff --git a/doc/gettext/development/index.pot b/doc/gettext/development/index.pot
new file mode 100644
index 00000000..57db7c7c
--- /dev/null
+++ b/doc/gettext/development/index.pot
@@ -0,0 +1,22 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) 2024, Yaal Coop
+# This file is distributed under the same license as the canaille package.
+# FIRST AUTHOR , YEAR.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: canaille 0.0.56\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2024-11-22 16:20+0100\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME \n"
+"Language-Team: LANGUAGE \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: ../development/index.rst:2
+#: f8ef9113aa3f42238460597ae3d0bc4d
+msgid "Development"
+msgstr ""
diff --git a/doc/gettext/development/specifications.pot b/doc/gettext/development/specifications.pot
new file mode 100644
index 00000000..8fcdc5a1
--- /dev/null
+++ b/doc/gettext/development/specifications.pot
@@ -0,0 +1,542 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) 2024, Yaal Coop
+# This file is distributed under the same license as the canaille package.
+# FIRST AUTHOR , YEAR.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: canaille 0.0.56\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2024-11-22 16:20+0100\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME \n"
+"Language-Team: LANGUAGE \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: ../development/specifications.rst:2
+#: a97a6bb1c237424994246e8e65391683
+msgid "Specifications"
+msgstr ""
+
+#: ../development/specifications.rst:4
+#: 75d7d4c9e1d943c0917c652bdaee5b8e
+msgid "This page details which specifications are implemented in Canaille, and compares Canaille with other well-known identity providers."
+msgstr ""
+
+#: ../development/specifications.rst:7
+#: 11062c45350643188f89a05c46b15be6
+msgid "State of the specs in Canaille"
+msgstr ""
+
+#: ../development/specifications.rst:10
+#: 339273b06e0b4c60ad30a7dedec78d6f
+msgid "OAuth2"
+msgstr ""
+
+#: ../development/specifications.rst:12
+#: f19a30db556b4c489e1cfd34a22d714a
+msgid "✅ `RFC6749: OAuth 2.0 Framework `_"
+msgstr ""
+
+#: ../development/specifications.rst:13
+#: 5214108a1c8f4e47ad186ff7715bd304
+msgid "✅ `RFC6750: OAuth 2.0 Bearer Tokens `_"
+msgstr ""
+
+#: ../development/specifications.rst:14
+#: 8296b65720114476bd1db0807519889c
+msgid "✅ `RFC7009: OAuth 2.0 Token Revocation `_"
+msgstr ""
+
+#: ../development/specifications.rst:15
+#: a7af32f3d44d44af8a37aa6f68b415c4
+msgid "❌ `RFC7523: JWT Profile for OAuth 2.0 Client Authentication and Authorization Grants `_"
+msgstr ""
+
+#: ../development/specifications.rst:16
+#: e5f4e81f5a7b4ddb873655612903f3ec
+msgid "✅ `RFC7591: OAuth 2.0 Dynamic Client Registration Protocol `_"
+msgstr ""
+
+#: ../development/specifications.rst:17
+#: ea20c5a67bbe4de2a5fd5127e41b0283
+msgid "✅ `RFC7592: OAuth 2.0 Dynamic Client Registration Management Protocol `_"
+msgstr ""
+
+#: ../development/specifications.rst:18
+#: 14f2599367a94c59abae6c6b67c5fadc
+msgid "✅ `RFC7636: Proof Key for Code Exchange by OAuth Public Clients `_"
+msgstr ""
+
+#: ../development/specifications.rst:19
+#: 1121950e20e04c90be2dccaacdd2ecee
+msgid "✅ `RFC7662: OAuth 2.0 Token Introspection `_"
+msgstr ""
+
+#: ../development/specifications.rst:20
+#: 0ea4a16217344ff7b5ee6c06927e6556
+msgid "✅ `RFC8414: OAuth 2.0 Authorization Server Metadata `_"
+msgstr ""
+
+#: ../development/specifications.rst:21
+#: 949318440bb345acbe0654a797bd07f2
+msgid "❌ `RFC8428: OAuth 2.0 Device Authorization Grant `_"
+msgstr ""
+
+#: ../development/specifications.rst:22
+#: ca5d9effb5f04710823144e6425d650b
+msgid "❌ `RFC8693: OAuth 2.0 Token Exchange `_"
+msgstr ""
+
+#: ../development/specifications.rst:23
+#: 253eda4c940a4e89a03d4ffd68e9da44
+msgid "❌ `RFC8705: OAuth 2.0 Mutual-TLS Client Authentication and Certificate-Bound Access Tokens `_"
+msgstr ""
+
+#: ../development/specifications.rst:24
+#: 09b81d39ca2f410abf48cb370ecce899
+msgid "❌ `RFC8707: Resource Indicators for OAuth 2.0 `_"
+msgstr ""
+
+#: ../development/specifications.rst:25
+#: 9bd8b400a3b14a83915295f5a66cbcbd
+msgid "❌ `RFC9068: JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens `_"
+msgstr ""
+
+#: ../development/specifications.rst:26
+#: 46421682784443ea9da95d898c6c3b19
+msgid "❌ `RFC9101: OAuth 2.0 JWT-Secured Authorization Request (JAR) `_"
+msgstr ""
+
+#: ../development/specifications.rst:27
+#: 9794b722db5940ec96442e71c3f736ec
+msgid "❌ `RFC9126: OAuth 2.0 Pushed Authorization Requests `_"
+msgstr ""
+
+#: ../development/specifications.rst:28
+#: 35e4b73e84dd46ff9748778d150977ef
+msgid "❌ `RFC9207: OAuth 2.0 Authorization Server Issuer Identification `_"
+msgstr ""
+
+#: ../development/specifications.rst:29
+#: 390c1264e09543b999c7c6c526ef9506
+msgid "❌ `RFC9394: OAuth 2.0 Rich Authorization Requests `_"
+msgstr ""
+
+#: ../development/specifications.rst:30
+#: 9d394579d199448d92824fc5b1615ddb
+msgid "❌ `OAuth2 Multiple Response Types `_"
+msgstr ""
+
+#: ../development/specifications.rst:31
+#: ec3047a0028240a9a426ed49cd9fbd72
+msgid "❌ `OAuth2 Form Post Response Mode `_"
+msgstr ""
+
+#: ../development/specifications.rst:34
+#: ef134aa15cc04f8aa1f66d29af6444db
+msgid "OpenID Connect"
+msgstr ""
+
+#: ../development/specifications.rst:36
+#: 1a4fed4ff22743ac8a6994bb06b64d07
+msgid "✅ `OpenID Connect Core `_"
+msgstr ""
+
+#: ../development/specifications.rst:37
+#: d61d7bd64b024945817c8fb8ff146aa7
+msgid "✅ `OpenID Connect Discovery `_"
+msgstr ""
+
+#: ../development/specifications.rst:38
+#: 390181b65f6247988cd1492e1c556053
+msgid "✅ `OpenID Connect Dynamic Client Registration `_"
+msgstr ""
+
+#: ../development/specifications.rst:39
+#: 714ed86b678e42e9808ef358702430f1
+msgid "✅ `OpenID Connect RP Initiated Logout `_"
+msgstr ""
+
+#: ../development/specifications.rst:40
+#: c2152b277d7144bd94ae19ad511f544c
+msgid "❌ `OpenID Connect Session Management `_"
+msgstr ""
+
+#: ../development/specifications.rst:41
+#: 013f8fdab4cd4c8fa7327f9b2a57c1ea
+msgid "❌ `OpenID Connect Front Channel Logout `_"
+msgstr ""
+
+#: ../development/specifications.rst:42
+#: 6e40e88f49d44d56804247f11335b56a
+msgid "❌ `OpenID Connect Back Channel Logout `_"
+msgstr ""
+
+#: ../development/specifications.rst:43
+#: 3d9b66f66adc4db2bc322fbd831dc655
+msgid "❌ `OpenID Connect Back Channel Authentication Flow `_"
+msgstr ""
+
+#: ../development/specifications.rst:44
+#: edf569cf85144687ab8b11d290278122
+msgid "❌ `OpenID Connect Core Error Code unmet_authentication_requirements `_"
+msgstr ""
+
+#: ../development/specifications.rst:45
+#: 5eed00445d4b41adaeddd84a90e3125b
+msgid "✅ `Initiating User Registration via OpenID Connect 1.0 `_"
+msgstr ""
+
+#: ../development/specifications.rst:48
+#: ../development/specifications.rst:64
+#: 8366892620b9425b9681dee3d90902f6
+#: 534b14ea707f47d883031ce0c2ad422d
+msgid "SCIM"
+msgstr ""
+
+#: ../development/specifications.rst:50
+#: 7874e3563b874bdea0eddbfd185ebc6e
+msgid "❌ `RFC7642: System for Cross-domain Identity Management: Definitions, Overview, Concepts, and Requirements `_"
+msgstr ""
+
+#: ../development/specifications.rst:51
+#: dc1d0faa287b404e8a9a77b40b8a0217
+msgid "❌ `RFC7643: System for Cross-domain Identity Management: Core Schema `_"
+msgstr ""
+
+#: ../development/specifications.rst:52
+#: 1f08e6eea6024ea0b5c58667c7dbf48a
+msgid "❌ `RFC7644: System for Cross-domain Identity Management: Protocol `_"
+msgstr ""
+
+#: ../development/specifications.rst:55
+#: b0d76f694f054508b87fc7daba711f30
+msgid "Comparison with other providers"
+msgstr ""
+
+#: ../development/specifications.rst:57
+#: 5b284471edaf4fb0a91ee8b75d265d74
+msgid "Here is a feature comparison with other OpenID Connect server software."
+msgstr ""
+
+#: ../development/specifications.rst:59
+#: 1e727634ba574bef9fab355484f4994b
+msgid "Canaille voluntarily only implements the OpenID Connect protocol to keep its codebase simple."
+msgstr ""
+
+#: ../development/specifications.rst:62
+#: 9c600e2a483240c8a166d2465e746dc4
+msgid "Software"
+msgstr ""
+
+#: ../development/specifications.rst:62
+#: 8cdd9df00b754a7ab51faa08ce09b8e2
+msgid "Project"
+msgstr ""
+
+#: ../development/specifications.rst:62
+#: 8d2892100b0f42549279e64ff7a69c13
+msgid "Protocols implementations"
+msgstr ""
+
+#: ../development/specifications.rst:62
+#: 96807e04038b49a2b211721a1e8c1d0d
+msgid "Backends"
+msgstr ""
+
+#: ../development/specifications.rst:64
+#: 7e230f36d1d44b3dbfc66acfea5625ef
+msgid "FLOSS"
+msgstr ""
+
+#: ../development/specifications.rst:64
+#: 0efe70a1d9354b1e96b2679d712419a3
+msgid "Language"
+msgstr ""
+
+#: ../development/specifications.rst:64
+#: f792dfb7f933494088f88be1703218c1
+msgid "LOC"
+msgstr ""
+
+#: ../development/specifications.rst:64
+#: 0abe79cb5e464cb7b8b7bcea5271fed5
+msgid "OIDC"
+msgstr ""
+
+#: ../development/specifications.rst:64
+#: 983adf22c3654f21895cc7ff72d92dc5
+msgid "SAML"
+msgstr ""
+
+#: ../development/specifications.rst:64
+#: 6985f4286f8f4fb7b843ee73e03e8731
+msgid "CAS"
+msgstr ""
+
+#: ../development/specifications.rst:64
+#: fa51f3013aa54f16a2ca358197c08479
+msgid "LDAP"
+msgstr ""
+
+#: ../development/specifications.rst:64
+#: c339c0f461194b9e940042576fda7446
+msgid "SQL"
+msgstr ""
+
+#: ../development/specifications.rst:66
+#: e1646674415744f88024dcbf7cf671ef
+msgid "Canaille"
+msgstr ""
+
+#: ../development/specifications.rst:66
+#: ../development/specifications.rst:68
+#: ../development/specifications.rst:70
+#: ../development/specifications.rst:72
+#: ../development/specifications.rst:74
+#: ../development/specifications.rst:76
+#: ../development/specifications.rst:78
+#: ../development/specifications.rst:80
+#: ../development/specifications.rst:82
+#: ../development/specifications.rst:84
+#: ../development/specifications.rst:86
+#: ../development/specifications.rst:88
+#: 61fd556cb20d492eb3d00a3f25119922
+#: 21b316fd400144b1baf2a84b43b1e91b
+#: 081fa6b4e8bc4a2a84c5065be6fc86b2
+#: 39da93a684b84957a285d01ff9fc429d
+#: 738e75094fd047d8a4c3ededeffd82a5
+#: 75f85206ad4a4cf1a2be4eb97392b7f1
+#: b4b7dbbf0d18428cab9909f751156c3e
+#: e8601f2f08e8478b8e806af474867681
+#: 625c279a263645edbd90483e39906b61
+#: 3a71fe452de5468e84d63e5e5863df5d
+#: 22d33a862ab2488cbd51962fd7f76efb
+#: c202d381f1854b949df07f8a6c53fc51
+#: 3c29fd50290242c39afabcd83b39be14
+#: 8f029b73bc134579ba7aef85b2258bb1
+#: 18970336aa81458f83ce8efe2e1cb388
+#: 0ff561dcb5a74ea6bc8daa6912eedbf7
+#: 512b4f6b8da44ce691b08dd17fccac1c
+#: 0353d5d6952e454d92d2714158a3fff7
+#: 12ea772de9ed468d820b5cd8b779c63d
+#: 9667afb42f474d7890846205b5f12aaf
+#: 1c8f030a0ddc425c99b7854c6446152e
+#: ceb819004a5949d7a54bb3ae0811fdc3
+#: f35d58e2b267437fb658cbd453deb92b
+#: 0eb2098ed2ed44fc9e63c65651de75c6
+#: 39683a7608824577a002940e9b3caae1
+#: 7772e40b9f574ffab4146d1c8181bcae
+#: 78f98cf3d58f446b905d6576cdf03dc9
+#: fbf1aa18e2e941408b568cc17c93f991
+#: a1198553c8cc4e6da83b4721719ba046
+#: 98777ff169804c9b8bddae6231196cc1
+#: 203d011b336a4eb9be05bba9a11ed653
+#: 77d8a7117ad74c24a2a7cd5edf2660f5
+#: f01d6c19c10249e7b2ee838617aaa991
+#: 2750a5cba5c7462b90f0c0c2c0c641ef
+#: 97fed39b6da643aeaea1a3376a6abab7
+#: a1bf1f291f7d4825962693679b4d0dda
+#: f5c658e8843d4d3fa545b84a59ce5a1b
+#: f7aa39787f5041b0982c9b6f8fd7fc21
+#: 4ed876d863db4330a3892334c172355d
+#: cc0096f4698940d08b82d53cc8152ed5
+#: 5547268b704a4692a6123aec3baedf4a
+#: 805d4d7d81724af3a7915e29a7a43873
+#: 59a184ce7f854fe69d5b0e0f05ac7ac7
+#: b1e2d928968147429a235debf80c75b9
+#: 9f3b574c47f741dcb447476db7adfa23
+#: d15375d26e4d4482baa98ad71d98d56b
+#: 5a5847cc16c64f52b0dba5b39082ceb0
+#: 6d2ea3bbef584893b186b6eba817d27a
+#: c3d89ead25df491da9676ca4ef4efdb2
+#: 573b3e570b59475482b3bc67d3b76ece
+#: f9ffa865465e46e89841dead35408ad4
+#: 1d0b3f93d7624e2995fdd8571d8520a4
+#: 1127c63012824b6b9bf9d0671e37f1e4
+#: c79b6ee5249e464087b2e98b600d3167
+#: bb1245ee01ef49089f893aeca7d1cca5
+#: 099c80fc74334fccacdb0f95821ea043
+#: 0b1ec06cc91140e2bfd9649af05aca99
+#: 44f1951905794391a0239cbc55a73b49
+#: 08e5a3acc0a6475ea717b19e33a78de5
+#: 1e6802c43e8742a8aba6967c7b58a0ae
+#: 4c8d38384fd0454598ce7f55a53c8b90
+#: a72be67fc5014d63829596f87977a2c8
+#: 072cba535c7d4b07bed0be8adfcb5cec
+msgid "✅"
+msgstr ""
+
+#: ../development/specifications.rst:66
+#: ../development/specifications.rst:72
+#: ../development/specifications.rst:74
+#: a80c37859bd44e319edadf183220a78f
+#: 24b3e50fd6b1448eb430a1d191b5270b
+#: 7036e1a28c2145a68d3fc01d990a8dfa
+msgid "Python"
+msgstr ""
+
+#: ../development/specifications.rst:66
+#: 0a7351b6a6b94bb8b27a0bf5551bb52a
+msgid "10k"
+msgstr ""
+
+#: ../development/specifications.rst:66
+#: ../development/specifications.rst:68
+#: ../development/specifications.rst:70
+#: ../development/specifications.rst:72
+#: ../development/specifications.rst:74
+#: ../development/specifications.rst:76
+#: ../development/specifications.rst:78
+#: ../development/specifications.rst:82
+#: ../development/specifications.rst:86
+#: ../development/specifications.rst:88
+#: 6c9a76b2c5de48ecb8f0d21b6852fbe9
+#: 010027f0edd9497595f7d90006d01b43
+#: 65026d1d5f1b4e44987f53b9dba9003a
+#: 91ad0a0db8ec4ea8a621c78384a0b299
+#: f0de2f44ad6940ae9cfb9ab991ddf4ac
+#: 5cffb63471b8475d88a9f3146629bcf6
+#: fd51bae4f61d49a3b58bf37ceffdb9fe
+#: c2aa72806e8a46b190a5c995bfe73cb4
+#: 5b255e3aecb04129ad44edf63e1db2b9
+#: c9f12585f8974aeda0d0da84c3eba2e2
+#: 30dc6b38e0214208ae8b8c5bbd581ce7
+#: 298aeeb5f2f542a19d340eecf701ac36
+#: 764b4774f15b4fa69ebf933067aee70c
+#: e7833e50200c42c4a2bb825f333b126f
+#: a8d152df986e4418995aac2db1fabe22
+#: 3fbd31c8e87845e081a6fd930fcea34a
+#: ba29ae1d68e647249a876c7c466140cd
+#: eff68ea6bf914e6d9460a75a7b95df1d
+#: ee6547c1037c4daa8c7e47d8b293acfe
+msgid "❌"
+msgstr ""
+
+#: ../development/specifications.rst:68
+#: 53518997880f4f07b39da682993af4b6
+msgid "`Auth0`_"
+msgstr ""
+
+#: ../development/specifications.rst:68
+#: ../development/specifications.rst:78
+#: ../development/specifications.rst:80
+#: ../development/specifications.rst:88
+#: 4bb7beffd5744597b06495041c0e9a13
+#: 8dc3389193d94a8aac0dd2409f8e3201
+#: 36a2e73ac5924e40bd2647085e050940
+#: b02e82ee66624ae79ee49a62b551c186
+#: 2bcd9ba2cf8e46fc81f6c5dd24c4a9ee
+#: 4d3a8010d2334d8096d81a88597449d3
+#: df26d18da1524cf49f5f33a2cecb5bf6
+#: ec53c642971f4347a16eb6530e5f819e
+#: 7a90b30c977242f7aa46a5c08bf9d4b7
+msgid "❔"
+msgstr ""
+
+#: ../development/specifications.rst:70
+#: 9b22b3deecfa4382aaca36cb28817c8e
+msgid "`Authelia`_"
+msgstr ""
+
+#: ../development/specifications.rst:70
+#: ../development/specifications.rst:82
+#: da7968f0492b43f4a6665d1b129b2fd5
+#: 2d2b51ee61c74a9a90438d276e38c453
+msgid "Go"
+msgstr ""
+
+#: ../development/specifications.rst:70
+#: ../development/specifications.rst:82
+#: 8f3b5c500b2544248e05887895e067c9
+#: 8dcce8b1981249dab552acdfc8585636
+msgid "50k"
+msgstr ""
+
+#: ../development/specifications.rst:72
+#: c6e613a5ed0b4f649a3a03e43277d21a
+msgid "`Authentic2`_"
+msgstr ""
+
+#: ../development/specifications.rst:72
+#: f614cf3f446640fdb5569df25eab8e77
+msgid "65k"
+msgstr ""
+
+#: ../development/specifications.rst:74
+#: 6c51f85a594948dcbaeb0aad65c1280f
+msgid "`Authentik`_"
+msgstr ""
+
+#: ../development/specifications.rst:74
+#: 9f0ff320b7f84eba92f2ae5ca9f40178
+msgid "55k"
+msgstr ""
+
+#: ../development/specifications.rst:76
+#: 550458f7722d41d79719749d4a064c6e
+msgid "`CAS`_"
+msgstr ""
+
+#: ../development/specifications.rst:76
+#: ../development/specifications.rst:80
+#: ../development/specifications.rst:84
+#: 0e6eacfcc45b442cbb6565dc427e14ea
+#: 5a2c7ddf83984e1091f6da3e4c965269
+#: 16b8475565f5425caf749a61ba848778
+msgid "Java"
+msgstr ""
+
+#: ../development/specifications.rst:76
+#: 2226d6eecd7b4afbbc94909f72bbf30a
+msgid "360k"
+msgstr ""
+
+#: ../development/specifications.rst:78
+#: a90c6f2eb82c459baf20398845e55e07
+msgid "`Connect2id`_"
+msgstr ""
+
+#: ../development/specifications.rst:80
+#: d56e5f1e581a4aaa8cbc4ab09c75be81
+msgid "`Gluu`_"
+msgstr ""
+
+#: ../development/specifications.rst:82
+#: b9d37670e26d4e37afba75b9c8c2b870
+msgid "`Hydra`_"
+msgstr ""
+
+#: ../development/specifications.rst:84
+#: e14ff3876fb64d58a512790f856dc7d5
+msgid "`Keycloak`_"
+msgstr ""
+
+#: ../development/specifications.rst:84
+#: d7c0c274ec184995b9b92a268036e7a6
+msgid "600k"
+msgstr ""
+
+#: ../development/specifications.rst:86
+#: f36f2c4254104ba88bfd0b161b743716
+msgid "`LemonLDAP`_"
+msgstr ""
+
+#: ../development/specifications.rst:86
+#: 3cc4eb9ce6ab437aa60d1fe99a9b2c18
+msgid "Perl"
+msgstr ""
+
+#: ../development/specifications.rst:86
+#: 93b87c2ff8884d75b50d71df6807d844
+msgid "130k"
+msgstr ""
+
+#: ../development/specifications.rst:88
+#: e04aea3bf9ec4e5fb14d6b2da908f685
+msgid "`Okta`_"
+msgstr ""
diff --git a/doc/gettext/features.pot b/doc/gettext/features.pot
new file mode 100644
index 00000000..40279cde
--- /dev/null
+++ b/doc/gettext/features.pot
@@ -0,0 +1,597 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) 2024, Yaal Coop
+# This file is distributed under the same license as the canaille package.
+# FIRST AUTHOR , YEAR.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: canaille 0.0.56\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2024-11-22 16:20+0100\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME \n"
+"Language-Team: LANGUAGE \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: ../features.rst:9
+#: e1788d199fc64e57a43d7ebb153e05c9
+msgid "Features"
+msgstr ""
+
+#: ../features.rst:11
+#: 1e7418cec66f4b2db1f86d4a377f538f
+msgid "Here are the different features that Canaille provides. You can enable any of those features with the :doc:`configuration ` to fit any :doc:`use cases ` you may meet. Check our :ref:`roadmap ` to see what is coming next."
+msgstr ""
+
+#: ../features.rst:15
+#: 4c66277e518f41539dbb0744ba1bfd12
+msgid "Users can interact with Canaille through its :ref:`web interface ` and administrators can also use its :ref:`command line interface `. Canaille can handle data stored in different :ref:`database backends `."
+msgstr ""
+
+#: ../features.rst:19
+#: 305bf7e16c4d44c6a18aaa120bb0c8cd
+msgid "Web interface"
+msgstr ""
+
+#: ../features.rst:21
+#: 4089798492e546d1a7bf4606f554bdff
+msgid "Canaille web interface can be used either in :doc:`production environments ` or locally for development purposes."
+msgstr ""
+
+#: ../features.rst:26
+#: 20ae09b8bd004ff68f64f36928c9fc98
+msgid "Profile management"
+msgstr ""
+
+#: ../features.rst:28
+#: ../features.rst:217
+#: e24a042cb118431a95add4f478a08262
+#: ebcbf54330ab47abb34d392667e229a7
+msgid "Profile"
+msgstr ""
+
+#: ../features.rst:33
+#: 7f9db47436344fe78b21670afaf77a83
+msgid "Canaille provides an interface to manage user profiles."
+msgstr ""
+
+#: ../features.rst:35
+#: 1341d4b0d2e0465cb8e2d0240a5b0f5e
+msgid "The exact list of displayed fields, and whether they are :attr:`writable ` or :attr:`read-only ` depends on the user :class:`Access Control List settings (ACL) `."
+msgstr ""
+
+#: ../features.rst:37
+#: 373496bfb0b64f4d89f22ccb1941f998
+msgid "Depending on their ACL :class:`permissions `, users can either be allowed to edit their own profile, edit any user profile, or do nothing at all."
+msgstr ""
+
+#: ../features.rst:42
+#: afa6f6a849a142eca8e02e231505a43a
+msgid "Email confirmation"
+msgstr ""
+
+#: ../features.rst:44
+#: ba3009e49eb64aa483d430202bad3789
+msgid "If the :attr:`email confirmation feature ` is enabled, any modification or addition of a profile email will send a confirmation mail to the new address. The mail will contain a link that users will need to click on to confirm their email address."
+msgstr ""
+
+#: ../features.rst:46
+#: d58ee1760b684818925e094714dc23cc
+msgid "Users with :attr:`user management permission ` can set user emails without confirmation though."
+msgstr ""
+
+#: ../features.rst:51
+#: c2709b4b2fd24ca1bdf7e7ec2955beb1
+msgid "Group management"
+msgstr ""
+
+#: ../features.rst:53
+#: ../features.rst:140
+#: 6c2de058bb824823910158983258f354
+#: dccd011cfef14d3eb8980324288a4f62
+msgid "Group edition"
+msgstr ""
+
+#: ../features.rst:58
+#: a44da450bd454e9a99d52eab2a2561c8
+msgid "In a similar fashion than :ref:`profile management ` Canaille provides an interface to manage user groups."
+msgstr ""
+
+#: ../features.rst:60
+#: 84ff6fdd31e24c28ba5550a469342c5d
+msgid "The group management is quite simple at the moment and consists in a group name and description, and the list of its members. Group membership can be use as :attr:`ACL Filter ` to define user permissions."
+msgstr ""
+
+#: ../features.rst:63
+#: ../features.rst:83
+#: ../features.rst:149
+#: d95e01dbde7c46d597a37d02a4d8b949
+#: b14ee30b70144c37981fae3cfd113080
+#: 1260c7fd68074c2ebb723a49254df6d0
+msgid "Todo"
+msgstr ""
+
+#: ../features.rst:64
+#: 837aee8e92cf42c08e9f351b89e9995b
+msgid "At the moment adding an user to a group can only be achieved by the user settings page, but we are :issue:`working to improve this <192>`."
+msgstr ""
+
+#: ../features.rst:66
+#: f55808a8891c42e3ba8b16c77b785abf
+msgid "Group management can be enable with a :attr:`dedicated user permission `."
+msgstr ""
+
+#: ../features.rst:69
+#: 16bab4e755fc47c28190b148b60fbd2e
+msgid "Due to limitations in the :ref:`LDAP backend `, groups must have at least one member. Thus it is not possible to remove the last user of a group without removing the group."
+msgstr ""
+
+#: ../features.rst:75
+#: fe65b8aafe6b49d0b7ac7564746c8b3a
+msgid "User authentication"
+msgstr ""
+
+#: ../features.rst:77
+#: c9f38668647c46c1a6eddbffc8bf55df
+msgid "Unless their account is :ref:`locked `, users can authenticate with a login and a password."
+msgstr ""
+
+#: ../features.rst:81
+#: 68e57e4ac74a455c96f886ceee02b79e
+msgid "For security reasons, it won't be told to users if they try to sign in with an unexisting logging, unless explicitly :attr:`set in the configuration `."
+msgstr ""
+
+#: ../features.rst:83
+#: 5ac48ef797dd43c28e2e49f8eb23b5b2
+msgid ":ref:`LDAP backend ` users can define which :class:`user field ` should be used as the login (such as :attr:`~canaille.core.models.User.user_name` or :attr:`~canaille.core.models.User.emails`) using a :attr:`configuration parameter `, but other backends can only login using :attr:`~canaille.core.models.User.user_name`. We are :issue:`working to improve this <196>`."
+msgstr ""
+
+#: ../features.rst:88
+#: 87ee6d88dc484fa7b2622e3ebe1445f5
+msgid "User registration"
+msgstr ""
+
+#: ../features.rst:90
+#: 2cd96a46a4df479499728c1bfdd2aba9
+msgid "Users can create accounts on Canaille if the feature :attr:`registration feature ` is enabled. They will be able to fill a registration form with the fields detailed in the default :class:`ACL settings `."
+msgstr ""
+
+#: ../features.rst:92
+#: 457cfe757e81479bab21c3fa83e24be3
+msgid "If :attr:`email confirmation ` is also enabled, users will be sent a confirmation link to their email address, on which they will need to click in order to finalize their registration."
+msgstr ""
+
+#: ../features.rst:97
+#: ../features.rst:99
+#: 745d2713bf794b819c4265b90f54a7fb
+#: 3664d4ee087b416692a40457afedb6d7
+msgid "User invitation"
+msgstr ""
+
+#: ../features.rst:104
+#: a1c0482d19ea428e9ace61f8a234f084
+msgid "If a :class:`mail server ` is configured, users with :attr:`user management permission ` can create an invitation link for one user."
+msgstr ""
+
+#: ../features.rst:106
+#: 7ed7614611b24977b4ae04a799244bf6
+msgid "The link goes to a registration form, even if regular :ref:`user registration ` is disabled."
+msgstr ""
+
+#: ../features.rst:108
+#: 976b62801cd549748f032bec04f9e261
+msgid "It can be automatically sent by email to the new user."
+msgstr ""
+
+#: ../features.rst:113
+#: f7ea42c01191494185d9f191469aeef9
+msgid "Account locking"
+msgstr ""
+
+#: ../features.rst:115
+#: e2dcd91ac31548fc988012f47e58a595
+msgid "If Canaille is plugged to a :ref:`backend ` that supports it, user accounts can be locked by users with :attr:`user management permission `. The lock date can be set instantly or at a given date in the future."
+msgstr ""
+
+#: ../features.rst:118
+#: cf42d819d5a547b88f371785e5165f90
+msgid "At the moment a user account is locked:"
+msgstr ""
+
+#: ../features.rst:120
+#: 9b640a69ba9a4c51b60e0f8c286697a4
+msgid "their open sessions will be closed;"
+msgstr ""
+
+#: ../features.rst:121
+#: 3189f0a7d03740a4b4f85cedd2347950
+msgid "they won't be able to sign in again;"
+msgstr ""
+
+#: ../features.rst:122
+#: 7da9546466a94f8a8978716a6d4d208f
+msgid "no new OIDC token will be issued;"
+msgstr ""
+
+#: ../features.rst:124
+#: 024942a1dbc74ab89c267e6caa47ed77
+msgid "User accounts must be manually unlocked by an administrator for the users to regain access to those actions."
+msgstr ""
+
+#: ../features.rst:129
+#: 4a9634c3b1f14180a3c3d7c9b40cb66d
+msgid "Account deletion"
+msgstr ""
+
+#: ../features.rst:131
+#: 8a6acf700c194e67b754ac900d4426b0
+msgid "Users with the :attr:`account deletion permission ` are allowed to delete their own account."
+msgstr ""
+
+#: ../features.rst:133
+#: 8c30253b0d7d4fefa55c6f23ba5dd958
+msgid "Users that also have the :attr:`user management permission ` are also allowed to delete other users accounts."
+msgstr ""
+
+#: ../features.rst:138
+#: 2157cc891ec24dfab2496f60249f124c
+msgid "Password recovery"
+msgstr ""
+
+#: ../features.rst:145
+#: 7b467943f0d74722bcf4dcfc1c2f2631
+msgid "If a :class:`mail server ` is configured and the :attr:`password recovery feature ` is enabled, then users can ask for a password reset email if they cannot remember their password."
+msgstr ""
+
+#: ../features.rst:147
+#: 5c12793163f64d8fafc24e284e955865
+msgid "The email will be sent to the email addresses filled in their profile, and will contain a link that will allow them to choose a new password. ."
+msgstr ""
+
+#: ../features.rst:151
+#: 467318f9369c4ecabf00c16ee551a46f
+msgid "Check that password recovery is disabled on locked accounts."
+msgstr ""
+
+#: ../features.rst:156
+#: 1880cb31e0894b5cb0ac81c5a8a60ffd
+msgid "Password reset"
+msgstr ""
+
+#: ../features.rst:158
+#: 6f845e2ecc974c26b00126f015f86825
+msgid "If a :class:`mail server ` is configured, :attr:`user management permission ` can send password reset mails to users. The mails contains a link that allow users to choose a new password without having to retrieve the old one."
+msgstr ""
+
+#: ../features.rst:164
+#: fb069d5c78f54166b31db5c9adb512dc
+msgid "Password initialization"
+msgstr ""
+
+#: ../features.rst:166
+#: ea105163dbbd485ea023aae10de2a712
+msgid "User :attr:`passwords ` are optional. If a :class:`mail server ` is configured, when users with no password attempt to sign in, they are invited to click a button that will send them a password initialization mail. The mail contains a link that leads to a form that allows users to choose a password."
+msgstr ""
+
+#: ../features.rst:173
+#: f257819892334c3f81eb1f6ae42f8e60
+msgid "Password compromission check"
+msgstr ""
+
+#: ../features.rst:175
+#: 61d91ab9494a4c0d914e459319a0282c
+msgid "If :attr:`password compromission check feature ` is enabled, Canaille will check for password compromise on HIBP (https://haveibeenpwned.com/) every time a new password is register. You will need to set an :attr:`admin email `."
+msgstr ""
+
+#: ../features.rst:180
+#: 29552f6a6ac647cda927893982632593
+msgid "Internationalization"
+msgstr ""
+
+#: ../features.rst:182
+#: 87f1270c1d654364a64698e9ba85f9c8
+msgid "Translation state"
+msgstr ""
+
+#: ../features.rst:187
+#: db80a74dd2374b5ab82acd1395466acb
+msgid "Canaile will display in your :attr:`preferred language ` if available, or your browser language if available (and if it is not you can :ref:`help us with the translation `). If you prefer, you can also :attr:`force a language ` for every users."
+msgstr ""
+
+#: ../features.rst:193
+#: 272a97d52dd94e849318a88f5d291bd3
+msgid "Lightweight"
+msgstr ""
+
+#: ../features.rst:195
+#: cb18163171c94d75a86e3aa050270386
+msgid "The web interface is lightweight, so everything should load quickly. There is a few Javascript here and there to smooth the experience, but no Javascript at all is needed to use Canaille."
+msgstr ""
+
+#: ../features.rst:199
+#: 3e23d82d021240908b93d8411ed1ece3
+msgid "Customizable"
+msgstr ""
+
+#: ../features.rst:201
+#: fd82c1315d864619b45e2be1c39e4ce0
+msgid "The default theme should be good enough for most usages. It has a dark theme, display well on mobile, and let you choose a :attr:`logo ` and a :attr:`favicon `."
+msgstr ""
+
+#: ../features.rst:204
+#: 7e18858db0a1427985a8846bd9b6c692
+msgid "If you need more you can also use a :attr:`custom theme `."
+msgstr ""
+
+#: ../features.rst:209
+#: 50efea7d1e594de1bc1d59fadc67fc3a
+msgid "OpenID Connect"
+msgstr ""
+
+#: ../features.rst:211
+#: 34e2ceb8a70d42de83f1a3719ff10df5
+msgid "Canaille implements a :ref:`subset` of the OAuth2/OpenID Connect specifications . This allows to provide :abbr:`SSO (Single Sign-On)` and :abbr:`SLO (Single Log-On)` to applications plugged to Canaille."
+msgstr ""
+
+#: ../features.rst:215
+#: 91e1188aadaf45159560f74f9da4654b
+msgid "Consent management"
+msgstr ""
+
+#: ../features.rst:223
+#: ce4ab8d14f3d44328c3d6738ef4b72b4
+msgid "Users can give their consent to application requesting access to their personal information, and then revoke those consent at their will."
+msgstr ""
+
+#: ../features.rst:227
+#: b743768476604fe29330ceedb3aa147a
+msgid "Application management"
+msgstr ""
+
+#: ../features.rst:229
+#: 3fcb303af84041ab9d762a6a14590fac
+msgid "Users with the right :attr:`permission ` can manager OIDC clients through the web interface."
+msgstr ""
+
+#: ../features.rst:231
+#: c5352dd05bb5432292db0ce2d16855dd
+msgid "In some cases, it might be useful to avoid the consent page for some trusted applications, so clients can be pre-consented."
+msgstr ""
+
+#: ../features.rst:234
+#: 1fa4e2a5218a42cfbe8d497af109ddd3
+msgid "Discovery"
+msgstr ""
+
+#: ../features.rst:236
+#: 319e92a6c8854c8681f7a0e53828bff5
+msgid "Canaille implements the :doc:`Discovery specifications ` so most of the applications plugged to Canaille can auto-configure themselves."
+msgstr ""
+
+#: ../features.rst:239
+#: 4dac1f51d4404a0ebf8ad2d4dfd0f664
+msgid "Dynamic Client Registration"
+msgstr ""
+
+#: ../features.rst:241
+#: 2e3491e375a4467f871e0de3120711ce
+msgid "Canaille implements the :doc:`Dynamic Client Registration specifications `, so when the :attr:`feature is enabled `, clients can register themselves on Canaille without an administrator intervention."
+msgstr ""
+
+#: ../features.rst:246
+#: 588c18f0f44d4eb5a4c999c5a3db635e
+msgid "Command Line Interface"
+msgstr ""
+
+#: ../features.rst:248
+#: f0fd8f52fb4f477680527412562a2ba6
+msgid "Canaille comes with a :abbr:`CLI (Command Line Interface)` to help administrators in hosting and management."
+msgstr ""
+
+#: ../features.rst:250
+#: 73ac4592e1fe4a51803b75c969304bc9
+msgid "There are tools to :ref:`check your configuration ` or to :ref:`install missing parts `. You can use the CLI to :ref:`create `, :ref:`read `, :ref:`update ` and :ref:`delete ` models such as :class:`users `, :class:`groups ` or :class:`OIDC clients `."
+msgstr ""
+
+#: ../features.rst:253
+#: 3091d85977eb49449c76e0ae370745e4
+msgid "There are also tools to :ref:`fill your database ` with random objects, for tests purpose for instance."
+msgstr ""
+
+#: ../features.rst:258
+#: 926c15a2beb84a3b9e2030c4bc1a4908
+msgid "Backends"
+msgstr ""
+
+#: ../features.rst:260
+#: 1d759a49a5644275acce4f8db74f9a5e
+msgid "Canaille can handle data from the most :ref:`common SQL databases ` such as PostgreSQL, MariaDB or SQLite, as well as :ref:`OpenLDAP `. It also comes with a no-dependency :ref:`in-memory database ` that can be used in unit tests suites."
+msgstr ""
+
+#: ../features.rst:264
+#: 85b359d50f3b45159f1d7176d7014e51
+msgid "Miscellaneous"
+msgstr ""
+
+#: ../features.rst:269
+#: 0d0372c98187494ba9babc558530836c
+msgid "Logging"
+msgstr ""
+
+#: ../features.rst:271
+#: 775c89c8b1c548bdaec973472e999fa4
+msgid "Canaille writes :attr:`logs ` for every important event happening, to help administrators understand what is going on and debug funky situations."
+msgstr ""
+
+#: ../features.rst:273
+#: 450c5e7c7d7749e99d9fc3fe74e0ee6e
+msgid "The following security events are logged with the tag [SECURITY] for easy retrieval :"
+msgstr ""
+
+#: ../features.rst:275
+#: 1408c454db794023be5e18cde821cde2
+msgid "Authentication attempt"
+msgstr ""
+
+#: ../features.rst:276
+#: 2a1ab369f4a243e2b2e3463e3326c008
+msgid "Password update"
+msgstr ""
+
+#: ../features.rst:277
+#: b1875faad85842ac9fcc11d2c5c03f4a
+msgid "Email update"
+msgstr ""
+
+#: ../features.rst:278
+#: 0389b72f9c6a4854ab50ba113554be9b
+msgid "Forgotten password mail sent to user"
+msgstr ""
+
+#: ../features.rst:279
+#: 0c919d1f72b04296ac420b405b921b93
+msgid "Token emission"
+msgstr ""
+
+#: ../features.rst:280
+#: 164105d22820445186f8086c1e1ac7c1
+msgid "Token refresh"
+msgstr ""
+
+#: ../features.rst:281
+#: fc590a8611554c04948cc44bbf5b05d4
+msgid "Token revokation"
+msgstr ""
+
+#: ../features.rst:282
+#: f7aa2b3de26a4f63a4c35495a6ee4e6e
+msgid "New consent given for client application"
+msgstr ""
+
+#: ../features.rst:283
+#: 63403d81399c469792d50f1c9790d44e
+msgid "Consent revokation"
+msgstr ""
+
+#: ../features.rst:288
+#: 56e96a06cfbf456fb59d3556217b5e8e
+msgid "A tool for your development and tests"
+msgstr ""
+
+#: ../features.rst:290
+#: 0c7e31abb1c14302a691f26ef8cab38c
+msgid "Thanks to its lightweight :ref:`in-memory database ` and its curated :ref:`dependency list `, Canaille can be used in the unit test suite of your application, so you can check how it behaves against a real world OpenID Connect server. If you work with python you might want to check :doc:`pytest-iam:index`."
+msgstr ""
+
+#: ../features.rst:292
+#: 963770fd6ca14be884153c0568d614d4
+msgid "It can also being launched in your development environment, if you find that launching a Keycloak in a Docker container is too heavy for your little web application."
+msgstr ""
+
+#: ../features.rst:294
+#: 9d9dafd256e94acaad9ea1108cb891a0
+msgid "It also fits well in continuous integration scenarios. Thanks to its :ref:`CLI `, you can prepare data in Canaille, let your application interact with it, and then check the side effects."
+msgstr ""
+
+#: ../features.rst:297
+#: 067e9134dbcf4d698f5cc98da46f6b1c
+msgid "Roadmap"
+msgstr ""
+
+#: ../features.rst:300
+#: 765ec40933cd4b418974dd5660825afd
+msgid "Bêta version"
+msgstr ""
+
+#: ../features.rst:302
+#: 44f40979b69f4a0591f095ea5e9ffc60
+msgid "To go out of the current Alpha version we want to achieve the following tasks:"
+msgstr ""
+
+#: ../features.rst:304
+#: 306d82fcd6e34e7e903a3c33b18fa496
+msgid ":issue:`Configuration validation using pydantic <138>`"
+msgstr ""
+
+#: ../features.rst:307
+#: 348486c826e54c7394312f9b65c91ca7
+msgid "Stable version"
+msgstr ""
+
+#: ../features.rst:309
+#: dc50e5b244a54791b0ce5013500f2bdd
+msgid "Before we push Canaille in stable version we want to achieve the following tasks:"
+msgstr ""
+
+#: ../features.rst:312
+#: e88bf894b0e04926a03542e927a1b9ad
+msgid "Security"
+msgstr ""
+
+#: ../features.rst:314
+#: e28ca32444eb44ae9b0a6e59b5d0ac31
+msgid ":issue:`Password hashing configuration <175>`"
+msgstr ""
+
+#: ../features.rst:315
+#: 37dc1f0a3869424ab0d6da0c039f123f
+msgid ":issue:`Authentication logging policy <177>`"
+msgstr ""
+
+#: ../features.rst:316
+#: 28792af06fb34fd5ab534d2d065c2883
+msgid ":issue:`Intruder lockout <173>`"
+msgstr ""
+
+#: ../features.rst:317
+#: 2eb8507407104b29ae8bb00ca646b829
+msgid ":issue:`Password expiry policy <176>`"
+msgstr ""
+
+#: ../features.rst:318
+#: 8999fd2b2d08417aa28414f115d5fda5
+msgid ":issue:`Multi-factor authentication: Email <47>`"
+msgstr ""
+
+#: ../features.rst:319
+#: 76998f3ace9c4c588e795331365c99f2
+msgid ":issue:`Multi-factor authentication: SMS <47>`"
+msgstr ""
+
+#: ../features.rst:320
+#: 8a26920b728649d0a8b9ba9c8f98427f
+msgid ":issue:`Multi-factor authentication: OTP <47>`"
+msgstr ""
+
+#: ../features.rst:323
+#: 1f172cb3b12d4d9ebed5abf0099dcb34
+msgid "Packaging"
+msgstr ""
+
+#: ../features.rst:325
+#: 532f4871f18f4189bc19d70d6729aceb
+msgid ":issue:`Nix package <190>`"
+msgstr ""
+
+#: ../features.rst:326
+#: e8a280bfd47e47baace28606f80d51ba
+msgid ":issue:`Docker / OCI package <59>`"
+msgstr ""
+
+#: ../features.rst:329
+#: 16dd9a8f89b94812b315074f2122bd0d
+msgid "And beyond"
+msgstr ""
+
+#: ../features.rst:331
+#: a25457408aae440384cea5ac85dbf68f
+msgid ":issue:`OpenID Connect certification <182>`"
+msgstr ""
+
+#: ../features.rst:332
+#: c251e6812fbe41daa724a3e41de2795f
+msgid ":issue:`SCIM support <116>`"
+msgstr ""
diff --git a/doc/gettext/index.pot b/doc/gettext/index.pot
new file mode 100644
index 00000000..5191ff1d
--- /dev/null
+++ b/doc/gettext/index.pot
@@ -0,0 +1,97 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) 2024, Yaal Coop
+# This file is distributed under the same license as the canaille package.
+# FIRST AUTHOR , YEAR.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: canaille 0.0.56\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2024-11-22 16:20+0100\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME \n"
+"Language-Team: LANGUAGE \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: ../index.rst:15
+#: 73ace75ab0614252bcdf4b38427a6bbe
+msgid "Lightweight Identity and Authorization Management"
+msgstr ""
+
+#: ../index.rst:19
+#: 51406a546f1944abb1f60d21591b8da6
+msgid "**Canaille** is a French word meaning *rascal*. It is roughly pronounced **Can I?**, as in *Can I access your data?* Canaille is a lightweight identity and authorization management software. It aims to be very light, simple to install and simple to maintain. Its main features are :"
+msgstr ""
+
+#: ../index.rst:27
+#: 8ce19e6702f74a9d846822da4e95cd05
+msgid "Profile management"
+msgstr ""
+
+#: ../index.rst:31
+#: 69855370f33846c6beb1d9f8141c9da5
+msgid "User profile and groups management, Basic permissions"
+msgstr ""
+
+#: ../index.rst:34
+#: 76c5bf395a1c4e5d84450804af9408fc
+msgid "User authentication"
+msgstr ""
+
+#: ../index.rst:38
+#: 8482faeb12174d9186e34291c5d03ac9
+msgid "Authentication, registration, email confirmation, \"I forgot my password\" emails"
+msgstr ""
+
+#: ../index.rst:40
+#: 0e50a42ab7744344a33d3dcfac6d8e09
+msgid "SSO"
+msgstr ""
+
+#: ../index.rst:44
+#: 8de8aed898404726ad012faf46986847
+msgid "OpenID Connect identity provider"
+msgstr ""
+
+#: ../index.rst:46
+#: af19bc8e23374e43b47b764ead0e7718
+msgid "Multi-database support"
+msgstr ""
+
+#: ../index.rst:50
+#: 71baa0d1d0fc4c9d9d748133495b0141
+msgid "PostgreSQL, Mariadb and OpenLDAP first-class citizenship"
+msgstr ""
+
+#: ../index.rst:52
+#: 8e0020b8e0324b6fa5728ceac3acad78
+msgid "Customization"
+msgstr ""
+
+#: ../index.rst:56
+#: f324ccfc4a7e4e4dbe6cd7d2fa2dca24
+msgid "Put Canaille at yours colors by choosing a logo or use a custom theme!"
+msgstr ""
+
+#: ../index.rst:58
+#: 9a6d1f33fa9641d7b71944454c84d819
+msgid "Developers friendliness"
+msgstr ""
+
+#: ../index.rst:62
+#: b474739321e84bc684d5fe1cd536d5b8
+msgid "Canaille can easily fit in your unit tests suite or in your Continuous Integration."
+msgstr ""
+
+#: ../index.rst:66
+#: be4a6a405d2b40dc86b55103e99277ba
+msgid ":doc:`Full feature list `"
+msgstr ""
+
+#: ../index.rst:70
+#: 2f91d5ac3db248bd9905419c6ebfee68
+msgid "Documentation"
+msgstr ""
diff --git a/doc/gettext/locales/readme.pot b/doc/gettext/locales/readme.pot
new file mode 100644
index 00000000..ca523b42
--- /dev/null
+++ b/doc/gettext/locales/readme.pot
@@ -0,0 +1,52 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) 2024, Yaal Coop
+# This file is distributed under the same license as the canaille package.
+# FIRST AUTHOR , YEAR.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: canaille 0.0.56\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2024-11-22 16:20+0100\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME \n"
+"Language-Team: LANGUAGE \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: ../locales/readme.rst:1
+#: 81c6815493714f6a873d6e86dc1a9c63
+msgid "Documentation translation Translations are done with `Weblate `_."
+msgstr ""
+
+#: ../locales/readme.rst:4
+#: 87be09ce203040c2ade86291e682ff90
+msgid "The following commands are there as documentation, only the message extraction and the language addition is needed for contributors."
+msgstr ""
+
+#: ../locales/readme.rst:7
+#: 3bdfd8ba97e8414aa5c6cc81b43178a5
+msgid "Message extraction"
+msgstr ""
+
+#: ../locales/readme.rst:9
+#: 3b8b9e1408da403e9cdd7a3fb0cf90d8
+msgid "After you have edited translatable strings, you should extract the messages with:"
+msgstr ""
+
+#: ../locales/readme.rst:16
+#: b581058879de400ca67dde307da1912a
+msgid "Language addition"
+msgstr ""
+
+#: ../locales/readme.rst:18
+#: dab59f2e8ae44091a03cd2c554501487
+msgid "You can add a new language manually with the following command, however this should not be needed as Weblate takes car of this:"
+msgstr ""
+
+#: ../locales/readme.rst:25
+#: 348dad0adb834ca0a1cf2e7ffea89f8a
+msgid "Build the documentation in another language"
+msgstr ""
diff --git a/doc/gettext/references/commands.pot b/doc/gettext/references/commands.pot
new file mode 100644
index 00000000..e79d6d36
--- /dev/null
+++ b/doc/gettext/references/commands.pot
@@ -0,0 +1,366 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) 2024, Yaal Coop
+# This file is distributed under the same license as the canaille package.
+# FIRST AUTHOR , YEAR.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: canaille 0.0.56\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2024-11-22 16:20+0100\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME \n"
+"Language-Team: LANGUAGE \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: ../references/commands.rst:2
+#: 578e5808cb99489e9808bf26f84831ea
+msgid "Command Line Interface"
+msgstr ""
+
+#: ../references/commands.rst:4
+#: 5a95d4c76b7b4692af568a958071ab9d
+msgid "Canaille provide several commands to help administrator manage their data."
+msgstr ""
+
+#: ../references/commands.rst:6
+#: 8f0f875b47a54e6e8911c751fb6872e8
+msgid "Generally, some configuration has to be loaded by `Canaille`. This can be achieved by :ref:`configuration loading method` available, but most of the time a ``CONFIG`` environment variable is used. For the sake of readability, it is omitted in the following examples."
+msgstr ""
+
+#: ../../canaille check:1
+#: dd0149729dc94239aed0af8d269dd418
+msgid "Test the configuration file."
+msgstr ""
+
+#: ../../canaille check:1
+#: 64fdd2232e6d405c9adbe11ddda10166
+msgid "Attempt to reach the database and the SMTP server with the provided credentials."
+msgstr ""
+
+#: ../../canaille clean:1
+#: 403b7781c30c4da58642667b26f9da55
+msgid "Remove expired tokens and authorization codes."
+msgstr ""
+
+#: ../../canaille install:1
+#: 9a6a207fe3ed4c7caffaaa4e5842fe02
+msgid "Installs canaille elements from the configuration."
+msgstr ""
+
+#: ../../canaille install:1
+#: 28c0bafefd7a42b7b247fa53ac641d4a
+msgid "For instance, depending on the configuration, this can generate OIDC keys or install LDAP schemas."
+msgstr ""
+
+#: ../../canaille populate:1
+#: 17d8b25dd51b42d5b32e343d1b4b44a9
+msgid "Populate the database with generated random data."
+msgstr ""
+
+#: ../references/commands.rst:0
+#: df7a3b4065244eb985f167583bf79d2c
+#: 10cb918ea05043929ba9cd9564ed5f3d
+#: aa7d87d3e6f647fa890560fd9096598b
+#: 9a2406777231461887cb7e76f3c0d470
+#: 84db04b30f9147e19f984bdaa49fe0fd
+#: f28f03fb7525446da298d805a01522d1
+#: 8506da751b21413fadc94d7bae19e387
+#: 1914dd13a47d4a778fb3f7c6d27e9aac
+#: d8c57a57c6c34d32a014fa466d8ee489
+#: 3059756528734dffb3d53c627edb9437
+#: cab60c25e07542a6908f059f31c77482
+#: ff6f04fe5ee944febc001fbffb1e5a30
+#: f8fe3d8b27884fe0a5b8c68cb3195b97
+#: 9b1086b74f9f4f15aae8f7174cc82fc4
+#: 00701bc7173f421aafe574606d46691e
+#: 5e7e4cdd8d664830a6d158e240b545c2
+#: 08bf63ad7771452cb070d2c2c7b8b568
+#: d71b61d168d443ac94f30e1aaf07e55f
+#: 93f79c7403074b0aac095f59df49b451
+#: bd21ceb952184931b1e198854fe9b031
+msgid "Options"
+msgstr ""
+
+#: ../../canaille populate:1
+#: a5bbf04166c049b3b9c315b02e311d6c
+msgid "Number of items to create"
+msgstr ""
+
+#: ../../canaille populate groups:1
+#: fa0ab4817a63487b929828c2e97373c1
+msgid "Populate the database with generated random groups."
+msgstr ""
+
+#: ../../canaille populate groups:1
+#: 5e6f489028a4446a8b507e422646fee8
+msgid "The maximum number of users that will randomly be affected in the group"
+msgstr ""
+
+#: ../../canaille populate users:1
+#: b0ccb196ccc549c7a57e03466d184b1b
+msgid "Populate the database with generated random users."
+msgstr ""
+
+#: ../../canaille get:1
+#: 37a97a0a6d98414e930446cfce3fefd0
+msgid "Read information about models."
+msgstr ""
+
+#: ../../canaille get:1
+#: 2fdd2c44ff8342c5b9dc3a122fc56d32
+msgid "Options can be used to filter models::"
+msgstr ""
+
+#: ../../canaille get:1
+#: 3466ddbfd1264c01a53a83d711a66146
+msgid "Displays the matching models in JSON format in the standard output."
+msgstr ""
+
+#: ../../canaille get authorizationcode:1
+#: 9475ba0522be4715ba147caf0e0debd8
+msgid "Search for authorizationcodes and display the matching models as JSON."
+msgstr ""
+
+#: ../../canaille get client:1
+#: 31b8bbe27ff64f0da9e1684d3f048472
+msgid "Search for clients and display the matching models as JSON."
+msgstr ""
+
+#: ../../canaille get consent:1
+#: 0be75cef5f6448ee81cfa44b378517ce
+msgid "Search for consents and display the matching models as JSON."
+msgstr ""
+
+#: ../../canaille get group:1
+#: 9544c3af476441398e9a7dcbfd0d9c7a
+msgid "Search for groups and display the matching models as JSON."
+msgstr ""
+
+#: ../../canaille get token:1
+#: 030ae9dcd3a143e9b1b19397c35d8b2f
+msgid "Search for tokens and display the matching models as JSON."
+msgstr ""
+
+#: ../../canaille get user:1
+#: 44dbe3502761468e8d2e29fa7f10f0d6
+msgid "Search for users and display the matching models as JSON."
+msgstr ""
+
+#: ../../canaille set:1
+#: 0af6277cc0874cefbd5fb0182d80d396
+msgid "Update models."
+msgstr ""
+
+#: ../../canaille set:1
+#: 72e13923d1454286b7367854fbec4e35
+msgid "The command takes an model ID and edit one or several attributes::"
+msgstr ""
+
+#: ../../canaille set:1
+#: d4f17ca6c53b40afb034134ffc118361
+msgid "Displays the edited model in JSON format in the standard output."
+msgstr ""
+
+#: ../../canaille set authorizationcode:1
+#: 4a23a7b2d8be45658f2eed6017194fba
+msgid "Update a authorizationcode and display the edited model in JSON format in the standard output."
+msgstr ""
+
+#: ../../canaille delete authorizationcode:1
+#: ../../canaille set authorizationcode:1
+#: 1bbb5cada3624f8aa2922939002323ae
+#: 5609a4557fff4e54a9fccabfddf5826e
+msgid "IDENTIFIER should be a authorizationcode id or authorization_code_id"
+msgstr ""
+
+#: ../references/commands.rst:0
+#: de8b06da947f4e23ba6727914cad6bb1
+#: fd47034cde92425f9f8bdb2393bf5460
+#: f8406bb87a054f629fd7cf5b07e9c3b6
+#: fdcf900e6c864eb4820f880f881a8b4f
+#: f524d61a7560403fa67d84b521b5420c
+#: 18b42ed5ae9b4a1b898866ba3cd7c098
+#: 7cbe82d6bd5b46919644b6d71984dc97
+#: 60e9504afe9e4c78b4181fd5481122c6
+#: 0dceb5df88e34fbc8332c8d8f641ab21
+#: d8105a54c6bf4353b614c9fd73859d45
+#: b6820eac28db47ab99be5b1ba431fa33
+#: d5fbab6b8b134648bcfa3ef1ac71ecc5
+msgid "Arguments"
+msgstr ""
+
+#: ../../canaille delete authorizationcode:1
+#: ../../canaille delete client:1
+#: ../../canaille delete consent:1
+#: ../../canaille delete group:1
+#: ../../canaille delete token:1
+#: ../../canaille delete user:1
+#: ../../canaille set authorizationcode:1
+#: ../../canaille set client:1
+#: ../../canaille set consent:1
+#: ../../canaille set group:1
+#: ../../canaille set token:1
+#: ../../canaille set user:1
+#: 6fa9d671478f4b0cb6a4335319aff6bc
+#: a4d8ffc45b5d455baa74d311e77cb0cc
+#: 06fdebc0ceaf42158ac034ba2f1fd5d5
+#: 821e6c57ca8a4c4b9543e569188ea90b
+#: ab251b3b601749e5ba8b449fa1f14e63
+#: e55c02eadb204bb9a9c03a8a1e37c0e0
+#: f3944ed8e87b432ca151e011c9eb2220
+#: 8aa832eba5aa4098ade467d1ffd2ea6d
+#: 91880f396bf64569ac8c1f4f3f2aca0f
+#: a2797259ebe548ee9f8d4528edfcef44
+#: 9cdac19055ca44318c473fa3bc620a43
+#: 217ddbe62c8c48a49ec792c9581b548d
+msgid "Required argument"
+msgstr ""
+
+#: ../../canaille set client:1
+#: c6fb20a6a9b04bb9ae7fa6930bd0e428
+msgid "Update a client and display the edited model in JSON format in the standard output."
+msgstr ""
+
+#: ../../canaille delete client:1
+#: ../../canaille set client:1
+#: a80bc63347194218987d36e8f7d79e40
+#: d219305e46a444f0b731ad5b73e79f2d
+msgid "IDENTIFIER should be a client id or client_id"
+msgstr ""
+
+#: ../../canaille set consent:1
+#: a651d44dec284d32b9e11bca8c0082be
+msgid "Update a consent and display the edited model in JSON format in the standard output."
+msgstr ""
+
+#: ../../canaille delete consent:1
+#: ../../canaille set consent:1
+#: 69e2a6ee623f45c1a39b0fbdf948e15f
+#: 6ba4152a82744f9b808e9947a943103f
+msgid "IDENTIFIER should be a consent id or consent_id"
+msgstr ""
+
+#: ../../canaille set group:1
+#: 7c9d22883354416a85d50f7410327d4f
+msgid "Update a group and display the edited model in JSON format in the standard output."
+msgstr ""
+
+#: ../../canaille delete group:1
+#: ../../canaille set group:1
+#: 9003e3f7ae3249ecb5084845becb33f2
+#: 31af71d5aaf74cb7b660614b3e1682ef
+msgid "IDENTIFIER should be a group id or display_name"
+msgstr ""
+
+#: ../../canaille set token:1
+#: deae6ee4325d4a99809f77fc2436562a
+msgid "Update a token and display the edited model in JSON format in the standard output."
+msgstr ""
+
+#: ../../canaille delete token:1
+#: ../../canaille set token:1
+#: 990488adf77741cbadcbea5c85e6741c
+#: 42483c1821a14a178b105f181946e188
+msgid "IDENTIFIER should be a token id or token_id"
+msgstr ""
+
+#: ../../canaille set user:1
+#: 5a2cf62efa9747429cfa9bf1cdf25b58
+msgid "Update a user and display the edited model in JSON format in the standard output."
+msgstr ""
+
+#: ../../canaille delete user:1
+#: ../../canaille set user:1
+#: c8550e9dc18646d294c8d797cb5d166d
+#: 9d649644572049378cd901b26b4b42f3
+msgid "IDENTIFIER should be a user id or user_name"
+msgstr ""
+
+#: ../../canaille create:1
+#: 876b9c46071040a083e7720fd1030ab9
+msgid "Create models."
+msgstr ""
+
+#: ../../canaille create:1
+#: 3b4c98b2ff45430f916dcaf1bd54da4c
+msgid "The model attributes can be passed as command options::"
+msgstr ""
+
+#: ../../canaille create:1
+#: 2ff64e0da89645b1820fba732d6098c9
+msgid "Displays the created model in JSON format in the standard output."
+msgstr ""
+
+#: ../../canaille create authorizationcode:1
+#: a4a59533bbb141cb9c8cebd78f71ab9d
+msgid "Create a new authorizationcode and display the created model in JSON format in the standard output."
+msgstr ""
+
+#: ../../canaille create client:1
+#: c2df315512ed4bc994164ce5283e17a0
+msgid "Create a new client and display the created model in JSON format in the standard output."
+msgstr ""
+
+#: ../../canaille create consent:1
+#: 4d1193abf1814ba48fdb0c6ab1a7ed32
+msgid "Create a new consent and display the created model in JSON format in the standard output."
+msgstr ""
+
+#: ../../canaille create group:1
+#: 2e32891340704090850f8f169b142aae
+msgid "Create a new group and display the created model in JSON format in the standard output."
+msgstr ""
+
+#: ../../canaille create token:1
+#: 3a965857a34e4c89b46f554d42e0ce5b
+msgid "Create a new token and display the created model in JSON format in the standard output."
+msgstr ""
+
+#: ../../canaille create user:1
+#: 9e30ed9353764ad986f7009e352a4e23
+msgid "Create a new user and display the created model in JSON format in the standard output."
+msgstr ""
+
+#: ../../canaille delete:1
+#: 73aa4dc76f2d4b558bef94fb74c89926
+msgid "Delete models."
+msgstr ""
+
+#: ../../canaille delete:1
+#: 4e8dfe57593e4037a3af361c27a3fe2c
+msgid "The command takes a model ID and deletes it::"
+msgstr ""
+
+#: ../../canaille delete authorizationcode:1
+#: e252f5665c1d4beeadbc8e02a5616c52
+msgid "Delete a authorizationcode."
+msgstr ""
+
+#: ../../canaille delete client:1
+#: 9289cd0e6ea7448ea6d79efd656f4c93
+msgid "Delete a client."
+msgstr ""
+
+#: ../../canaille delete consent:1
+#: d2daf152e4a24521bbbd75a6cc2377ca
+msgid "Delete a consent."
+msgstr ""
+
+#: ../../canaille delete group:1
+#: 2e8bfb99cf0c48beb2da339112cef4c4
+msgid "Delete a group."
+msgstr ""
+
+#: ../../canaille delete token:1
+#: 0752e5025f47410bbd89191f2acb59c8
+msgid "Delete a token."
+msgstr ""
+
+#: ../../canaille delete user:1
+#: 7f1e103d1a9947949c4e310bbec9d067
+msgid "Delete a user."
+msgstr ""
diff --git a/doc/gettext/references/configuration.pot b/doc/gettext/references/configuration.pot
new file mode 100644
index 00000000..9b90b4db
--- /dev/null
+++ b/doc/gettext/references/configuration.pot
@@ -0,0 +1,743 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) 2024, Yaal Coop
+# This file is distributed under the same license as the canaille package.
+# FIRST AUTHOR , YEAR.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: canaille 0.0.56\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2024-11-22 16:20+0100\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME \n"
+"Language-Team: LANGUAGE \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: ../references/configuration.rst:2
+#: 07e02385c0d6432ab9c14b6e4f337af8
+msgid "Configuration"
+msgstr ""
+
+#: ../references/configuration.rst:5
+#: a1053f4eb992434b84a915715996fa05
+msgid "Load the configuration"
+msgstr ""
+
+#: ../references/configuration.rst:7
+#: afb6641a9aa244af864832fe5e28377a
+msgid "Canaille can be configured either by a environment variables, environment file, or by a configuration file."
+msgstr ""
+
+#: ../references/configuration.rst:10
+#: 64f630215963443eb439fc9555170837
+msgid "Configuration file"
+msgstr ""
+
+#: ../references/configuration.rst:12
+#: 4dec0a2c267d431d983bff67a10565eb
+msgid "The configuration can be written in `toml` configuration file which path is passed in the :envvar:`CONFIG` environment variable."
+msgstr ""
+
+#: ../../canaille/app/configuration.py:docstring of canaille.app.configuration.RootSettings:11
+#: ../references/configuration.rst:14
+#: ../references/configuration.rst:85
+#: a2f425a7d72f45cfbd6a46b4dd8a9f9f
+#: 1af4b0570ada4659b6cef8e0fde5913b
+#: 262461d38ee1406cabdcb7c057b886ab
+msgid "config.toml"
+msgstr ""
+
+#: ../references/configuration.rst:26
+#: d3f0be05e30a46249a2a9b6e35010ab7
+msgid "You can have a look at the :ref:`example file ` for inspiration."
+msgstr ""
+
+#: ../references/configuration.rst:29
+#: 167c6ee110d3498dbcff07e2fb461fa1
+msgid "Environment variables"
+msgstr ""
+
+#: ../references/configuration.rst:31
+#: 96c443e1ad6d4387afb03fbc61cd40cf
+msgid "In addition, parameters that have not been set in the configuration file can be read from environment variables. The way environment variables are parsed can be read from the `pydantic-settings documentation `_."
+msgstr ""
+
+#: ../references/configuration.rst:36
+#: 22ef6ff87d78491e815bb3549e2cac1b
+msgid "For environment vars, the separator between sections and variables is a double underscore: ``__``. For instance, the ``NAME`` var in the ``CANAILLE`` section shown above is ``CANAILLE__NAME``."
+msgstr ""
+
+#: ../references/configuration.rst:40
+#: 01f42d420c644add8307d0eef66d0930
+msgid "Environment file"
+msgstr ""
+
+#: ../references/configuration.rst:42
+#: 3b0b1ca1d349437c8652af2378bf18d4
+msgid "Any environment variable can also be written in a ``.env``, and will be read if present."
+msgstr ""
+
+#: ../references/configuration.rst:44
+#: 8e6ba368bac9448a9a26b32cbc2b98d3
+msgid ".env"
+msgstr ""
+
+#: ../references/configuration.rst:62
+#: e8919384d11b4689b474121852d7691f
+msgid "Parameters"
+msgstr ""
+
+#: ../../canaille/app/configuration.py:docstring of canaille.app.configuration.RootSettings:1
+#: 486ab8655b5948d38adcda288a2ccc35
+msgid "The top-level namespace contains holds the configuration settings unrelated to Canaille."
+msgstr ""
+
+#: ../../canaille/app/configuration.py:docstring of canaille.app.configuration.RootSettings:4
+#: c2e98629ddfc4697971e8726fced5051
+msgid "The configuration paramateres from the following libraries can be used:"
+msgstr ""
+
+#: ../../canaille/app/configuration.py:docstring of canaille.app.configuration.RootSettings:6
+#: 926489c26ef44fc1a362cf34b981ff23
+msgid ":doc:`Flask `"
+msgstr ""
+
+#: ../../canaille/app/configuration.py:docstring of canaille.app.configuration.RootSettings:7
+#: 3d608d07342849cd91a9314c0e91ee06
+msgid ":doc:`Flask-WTF `"
+msgstr ""
+
+#: ../../canaille/app/configuration.py:docstring of canaille.app.configuration.RootSettings:8
+#: e3a176d61a77455898beeb2176f6e4bf
+msgid ":doc:`Flask-Babel `"
+msgstr ""
+
+#: ../../canaille/app/configuration.py:docstring of canaille.app.configuration.RootSettings:9
+#: 2722a53bf45f40e68c55ce195bd2a92c
+msgid ":doc:`Authlib `"
+msgstr ""
+
+#: ../../docstring of canaille.app.configuration.RootSettings.DEBUG:1
+#: 71da9dadc99c484ca0930e47d422852f
+msgid "The Flask :external:py:data:`DEBUG` configuration setting."
+msgstr ""
+
+#: ../../docstring of canaille.app.configuration.RootSettings.DEBUG:3
+#: 8e020bed08534b899eeb1976a43677d8
+msgid "This enables debug options."
+msgstr ""
+
+#: ../../docstring of canaille.app.configuration.RootSettings.DEBUG:7
+#: b1e842b72e524591b8d841a758be14a3
+msgid "This is useful for development but should be absolutely avoided in production environments."
+msgstr ""
+
+#: ../../docstring of canaille.app.configuration.RootSettings.PREFERRED_URL_SCHEME:1
+#: a7a884840e804de2934fc1794b5f9916
+msgid "The Flask :external:py:data:`PREFERRED_URL_SCHEME` configuration setting."
+msgstr ""
+
+#: ../../docstring of canaille.app.configuration.RootSettings.PREFERRED_URL_SCHEME:4
+#: a75e96a48e0e41fb975f903ea3dbaf93
+msgid "This sets the url scheme by which canaille will be served."
+msgstr ""
+
+#: ../../docstring of canaille.app.configuration.RootSettings.SECRET_KEY:1
+#: a51da4634d924fcc8edb45332152d161
+msgid "The Flask :external:py:data:`SECRET_KEY` configuration setting."
+msgstr ""
+
+#: ../../docstring of canaille.app.configuration.RootSettings.SECRET_KEY:3
+#: c3b465a2b6d440298f71736437ad5ef5
+msgid "You MUST change this."
+msgstr ""
+
+#: ../../docstring of canaille.app.configuration.RootSettings.SERVER_NAME:1
+#: d5faf5b872ed40a794d5046c51fcfbd0
+msgid "The Flask :external:py:data:`SERVER_NAME` configuration setting."
+msgstr ""
+
+#: ../../docstring of canaille.app.configuration.RootSettings.SERVER_NAME:3
+#: ebffd9c94a524950abb6b711884ed64d
+msgid "This sets domain name on which canaille will be served."
+msgstr ""
+
+#: ../../canaille/core/configuration.py:docstring of canaille.core.configuration.CoreSettings:1
+#: cb519bb5488c429888c104503c3ad3e4
+msgid "The settings from the ``CANAILLE`` namespace."
+msgstr ""
+
+#: ../../canaille/core/configuration.py:docstring of canaille.core.configuration.CoreSettings:3
+#: 2739711892104e328cad1e98ae48d4b8
+msgid "Those are all the configuration parameters that controls the behavior of Canaille."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.ACL:1
+#: 29bfd1d0d0284b4287b9e7b5f9c36b74
+msgid "Mapping of permission groups. See :class:`ACLSettings` for more details."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.ACL:3
+#: 578bb4e7e6674f7e88646e839112a01e
+msgid "The ACL name can be freely chosen. For example::"
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.ADMIN_EMAIL:1
+#: 8ee064e1a1194fa8982d08ef227da8dc
+msgid "Administration email contact."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.ADMIN_EMAIL:3
+#: 9820352fe91c4aae840232df61d25857
+msgid "In certain special cases (example : questioning about password corruption), it is necessary to provide an administration contact email."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.EMAIL_CONFIRMATION:1
+#: 2fceb1c9ec9842158c9b9b7f1fa09168
+msgid "If :py:data:`True`, users will need to click on a confirmation link sent by email when they want to add a new email."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.EMAIL_CONFIRMATION:4
+#: 4b471ce1ba674ea8b77f29cdf45f4b2c
+msgid "By default, this is true if ``SMTP`` is configured, else this is false. If explicitly set to true and ``SMTP`` is disabled, the email field will be read-only."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.ENABLE_PASSWORD_COMPROMISSION_CHECK:1
+#: bc1661ce2f9e4fe2b493c625841fece8
+msgid "If :py:data:`True`, Canaille will check if passwords appears in compromission databases such as `HIBP `_ when users choose a new one."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.ENABLE_PASSWORD_RECOVERY:1
+#: e5b04d013a764712abc3a03e249e70ad
+msgid "If :py:data:`False`, then users cannot ask for a password recovery link by email."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.ENABLE_REGISTRATION:1
+#: 1a86268c22bd4e6fa5d5d01d9333c389
+msgid "If :py:data:`True`, then users can freely create an account at this instance."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.ENABLE_REGISTRATION:4
+#: 9ec23021f8bb46b1a76163da8353864a
+msgid "If email verification is available, users must confirm their email before the account is created."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.FAVICON:1
+#: 050e680da1dd409ba5611b49d388c236
+msgid "You favicon."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.FAVICON:3
+#: 44351f8a0aad4103877a89b3d773da1e
+msgid "If unset and :attr:`LOGO` is set, then the logo will be used."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.HIDE_INVALID_LOGINS:1
+#: e5d3da93787741b498df2c84a4708195
+msgid "If :py:data:`True`, when users try to sign in with an invalid login, a message is shown indicating that the password is wrong, but does not give a clue whether the login exists or not."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.HIDE_INVALID_LOGINS:5
+#: f1c78673ee1745279f8ec42cdff93cac
+msgid "If :py:data:`False`, when a user tries to sign in with an invalid login, a message is shown indicating that the login does not exist."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.HTMX:1
+#: 404e51ae5209412c97dc6fa6dea57e3c
+msgid "Accelerates webpages loading with asynchronous requests."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.INVITATION_EXPIRATION:1
+#: 6dba3015fe70429d9ba1bbda15533973
+msgid "The validity duration of registration invitations, in seconds."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.INVITATION_EXPIRATION:3
+#: b0c02fcd815f422f9c9acd2612c97346
+msgid "Defaults to 2 days."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.JAVASCRIPT:1
+#: 5802b46432cd48f6a66f5b1512d7b6e8
+msgid "Enables Javascript to smooth the user experience."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.LANGUAGE:1
+#: 142e35437b3748f8b3ac8f6b8e7240a6
+msgid "If a language code is set, it will be used for every user."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.LANGUAGE:3
+#: e338715fd61143e2a1b537adf9947e7f
+msgid "If unset, the language is guessed according to the users browser."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.LOGGING:1
+#: f1b6ffe918904a7e8f12478e9777189e
+msgid "Configures the logging output using the python logging configuration format:"
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.LOGGING:3
+#: adf30d64e31649c993f97ee0f0526e50
+msgid "if :py:data:`None`, everything is logged in the standard error output the log level is :py:data:`~logging.DEBUG` if the :attr:`~canaille.app.configuration.RootSettings.DEBUG` setting is :py:data:`True`, else this is :py:data:`~logging.INFO`"
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.LOGGING:6
+#: 947c4f81681a421ab19405abe2bcd041
+msgid "if this is a :class:`dict`, it is passed to :func:`logging.config.dictConfig`:"
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.LOGGING:7
+#: 6cd1d5c423754618965278773dea5dff
+msgid "if this is a :class:`str`, it is expected to be a file path that will be passed to :func:`logging.config.fileConfig`"
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.LOGGING:10
+#: 6bf518e7d17d40c885ae66018ba85818
+msgid "For example::"
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.LOGO:1
+#: 1ad6c44c92f6404fa900222ae71404fd
+msgid "The logo of your organization, this is useful to make your organization recognizable on login screens."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.MAX_PASSWORD_LENGTH:1
+#: 3915ce88d08d469a8797d9ac7b9e76bb
+msgid "Maximum length for user password."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.MAX_PASSWORD_LENGTH:3
+#: e56397580fdc4ef9856be66e9afcd944
+msgid "There is a technical limit with passlib used by sql database of 4096 characters. If the value entered is 0 or None, or greater than 4096, then 4096 will be retained."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.MIN_PASSWORD_LENGTH:1
+#: 382c57f189834a5dafe4e6a7dafac059
+msgid "Minimum length for user password."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.MIN_PASSWORD_LENGTH:3
+#: 242b94d8ebc74169838056a41b468bb0
+msgid "It is possible not to set a minimum, by entering None or 0."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.NAME:1
+#: d685099921b749dabfa7766ab83cd899
+msgid "Your organization name."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.NAME:3
+#: c0b11619f38147c38e45c33bb95130cd
+msgid "Used for display purpose."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.PASSWORD_COMPROMISSION_CHECK_API_URL:1
+#: 13d7b717443d4d7f8072c052e77fb9a1
+msgid "Have i been pwned api url for compromission checks."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.SENTRY_DSN:1
+#: 5ace1a77e6844217a9a525ba89fca4ac
+msgid "A `Sentry `_ DSN to collect the exceptions."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.SENTRY_DSN:3
+#: eb2487e49bcb4c06b4b072c1bffd1b35
+msgid "This is useful for tracking errors in test and production environments."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.SMTP:1
+#: a380618f79db467497998c14d0479bb5
+msgid "The settings related to SMTP and mail configuration."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.SMTP:3
+#: 4e7cc4129a664eab896700ae2a531a85
+msgid "If unset, mail-related features like password recovery won't be enabled."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.THEME:1
+#: 8e154507bca34a2da6fd956bb5a4be7a
+msgid "The name of a theme in the 'theme' directory, or a path to a theme."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.THEME:3
+#: 1c6f63e8169d4d39b90cd03d21240d57
+msgid "Defaults to ``default``. Theming is done with `flask-themer `_."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.TIMEZONE:1
+#: 64d6f680335c4994a06052b1e8926707
+msgid "The timezone in which datetimes will be displayed to the users (e.g. ``CEST``)."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.CoreSettings.TIMEZONE:4
+#: 7fb3171a6fbd4688b6a1d5fec23ecdd6
+msgid "If unset, the server timezone will be used."
+msgstr ""
+
+#: ../../canaille/core/configuration.py:docstring of canaille.core.configuration.SMTPSettings:1
+#: b4724fa923b043ad93559be1154655e7
+msgid "The SMTP configuration. Belong in the ``CANAILLE.SMTP`` namespace. If unset, mail related features will be disabled, such as mail verification or password recovery emails."
+msgstr ""
+
+#: ../../canaille/core/configuration.py:docstring of canaille.core.configuration.SMTPSettings:5
+#: 347fd2955c774b188997a442e55f5c7c
+msgid "By default, Canaille will try to send mails from localhost without authentication."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.SMTPSettings.FROM_ADDR:1
+#: 9423c5190b184836a8e0562f59e17cb0
+msgid "The sender for Canaille mails."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.SMTPSettings.FROM_ADDR:3
+#: 5f9fe89512184352bf83dd9dc13cb400
+msgid "Some mail provider might require a valid sender address."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.SMTPSettings.HOST:1
+#: a71c5983a93846dea4f2af605ceb2964
+msgid "The SMTP host."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.SMTPSettings.LOGIN:1
+#: 09dcbcac25bd4ae4903e446424664181
+msgid "The SMTP login."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.SMTPSettings.PASSWORD:1
+#: 8ca2a76f50d94448abf6fd29360b224b
+msgid "The SMTP password."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.SMTPSettings.PORT:1
+#: bb71e9c748e54024891e1120144ecd60
+msgid "The SMTP port."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.SMTPSettings.SSL:1
+#: a1979063c4674a2d8a2c8d552096949f
+msgid "Whether to use SSL to connect to the SMTP server."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.SMTPSettings.TLS:1
+#: 1c5218d536e04654a21231a7f66ca17f
+msgid "Whether to use TLS to connect to the SMTP server."
+msgstr ""
+
+#: ../../canaille/core/configuration.py:docstring of canaille.core.configuration.ACLSettings:1
+#: 71a851e0084748b7866328b368c1e71a
+msgid "Access Control List settings. Belong in the ``CANAILLE.ACL`` namespace."
+msgstr ""
+
+#: ../../canaille/core/configuration.py:docstring of canaille.core.configuration.ACLSettings:3
+#: 02255fc1a04d4b8192d5a3b1b43d1908
+msgid "You can define access controls that define what users can do on canaille An access control consists in a :attr:`FILTER` to match users, a list of :attr:`PERMISSIONS` matched users will be able to perform, and fields users will be able to :attr:`READ` and :attr:`WRITE`. Users matching several filters will cumulate permissions."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.ACLSettings.FILTER:1
+#: 8da16abfa50940b999a4d5f409e58d74
+msgid ":attr:`FILTER` can be:"
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.ACLSettings.FILTER:3
+#: d4138506b0e4483abd40a4e95406094c
+msgid ":py:data:`None`, in which case all the users will match this access control"
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.ACLSettings.FILTER:4
+#: 1abd6284f39f45a492767464191f5187
+msgid "a mapping where keys are user attributes name and the values those user attribute values. All the values must be matched for the user to be part of the access control."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.ACLSettings.FILTER:7
+#: 6ba9c1bc84f04f8882ed58940ad15b0e
+msgid "a list of those mappings. If a user values match at least one mapping, then the user will be part of the access control"
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.ACLSettings.FILTER:10
+#: 23744c24632a4d168f8ec678e1a3bf5d
+msgid "Here are some examples::"
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.ACLSettings.PERMISSIONS:1
+#: 4078af0ed93b47c49ca31792ac5b97c5
+msgid "A list of :class:`Permission` users in the access control will be able to manage. For example::"
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.ACLSettings.READ:1
+#: 73365747e42042caa220e123de8845d4
+msgid "A list of :class:`~canaille.core.models.User` attributes that users in the ACL will be able to read."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.ACLSettings.WRITE:1
+#: bd69e48c329248e69a6852bbd6a73d08
+msgid "A list of :class:`~canaille.core.models.User` attributes that users in the ACL will be able to edit."
+msgstr ""
+
+#: ../../canaille/core/configuration.py:docstring of canaille.core.configuration.Permission:1
+#: 66b3d6aa06174799a1e83949b252b22b
+msgid "The permissions that can be assigned to users."
+msgstr ""
+
+#: ../../canaille/core/configuration.py:docstring of canaille.core.configuration.Permission:3
+#: d2e7535abbbc43d2ad09d62291a30297
+msgid "The permissions are intended to be used in :attr:`ACLSettings `."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.Permission.DELETE_ACCOUNT:1
+#: bf8bae1371be4200b76be25da42673fa
+msgid "Allows users to delete their account."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.Permission.DELETE_ACCOUNT:3
+#: 8da238231ec845cc82ed303bc585edc0
+msgid "If used with :attr:`~canaille.core.configuration.Permission.MANAGE_USERS`, users can delete any account."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.Permission.EDIT_SELF:1
+#: 39bc9c236e2d43568deca0a4d8863c0e
+msgid "Allows users to edit their own profile."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.Permission.IMPERSONATE_USERS:1
+#: eb90e06ddce8426a87f4a877427b7411
+msgid "Allows users to take the identity of another user."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.Permission.MANAGE_GROUPS:1
+#: 4ce3c4ee68704259b6bfc08335c381a6
+msgid "Allows group edition and creation."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.Permission.MANAGE_OIDC:1
+#: ec06504cced4488d8ffd138e5119a370
+msgid "Allows OpenID Connect client managements."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.Permission.MANAGE_USERS:1
+#: a15d00d9eb474b1491db47819306715c
+msgid "Allows other users management."
+msgstr ""
+
+#: ../../docstring of canaille.core.configuration.Permission.USE_OIDC:1
+#: f48a8f942231472ea57ad0634ef23ab4
+msgid "Allows OpenID Connect authentication."
+msgstr ""
+
+#: ../../canaille/oidc/configuration.py:docstring of canaille.oidc.configuration.OIDCSettings:1
+#: 1cf02f0bdf124960b8cb0d8741b19077
+msgid "OpenID Connect settings."
+msgstr ""
+
+#: ../../canaille/oidc/configuration.py:docstring of canaille.oidc.configuration.OIDCSettings:3
+#: f81414e07e2b40379d4a869caa971765
+msgid "Belong in the ``CANAILLE_OIDC`` namespace."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.configuration.OIDCSettings.DYNAMIC_CLIENT_REGISTRATION_OPEN:1
+#: b385519bdeb94fc1b0c241a26ffa10b4
+msgid "Whether a token is needed for the RFC7591 dynamical client registration."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.configuration.OIDCSettings.DYNAMIC_CLIENT_REGISTRATION_OPEN:3
+#: 1394e8b1482d48eb83e3b83d0c9fedd6
+msgid "If :py:data:`True`, no token is needed to register a client. If :py:data:`False`, dynamical client registration needs a token defined in :attr:`DYNAMIC_CLIENT_REGISTRATION_TOKENS`."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.configuration.OIDCSettings.DYNAMIC_CLIENT_REGISTRATION_TOKENS:1
+#: 7066265898154e20a5b50d8fba161b04
+msgid "A list of tokens that can be used for dynamic client registration."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.configuration.OIDCSettings.JWT:1
+#: d629635ccc9c4e0099fe8cbec07df497
+msgid "JSON Web Token settings."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.configuration.OIDCSettings.REQUIRE_NONCE:1
+#: 44bed0d7fc604d6bb0797836f3a28d63
+msgid "Force the nonce exchange during the authentication flows."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.configuration.OIDCSettings.REQUIRE_NONCE:3
+#: 894924bff0764b1e9aed9f5399d32fd9
+msgid "This adds security but may not be supported by all clients."
+msgstr ""
+
+#: ../../canaille/oidc/configuration.py:docstring of canaille.oidc.configuration.JWTSettings:1
+#: 923a6ec2411143d08c5502134f1622de
+msgid "JSON Web Token settings. Belong in the ``CANAILLE_OIDC.JWT`` namespace."
+msgstr ""
+
+#: ../../canaille/oidc/configuration.py:docstring of canaille.oidc.configuration.JWTSettings:3
+#: 2c22c86a44084df0889ccb862da2c593
+msgid "You can generate a RSA keypair with::"
+msgstr ""
+
+#: ../../docstring of canaille.oidc.configuration.JWTSettings.ALG:1
+#: a39536bb26fc47d688e2a8f58b2b9b34
+msgid "The key algorithm."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.configuration.JWTSettings.EXP:1
+#: c2101e05e83740f58d59dbadb3190147
+msgid "The time the JWT will be valid, in seconds."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.configuration.JWTSettings.ISS:1
+#: d05b86845777404cac5d7e25f6b4fd7a
+msgid "The URI of the identity provider."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.configuration.JWTSettings.KTY:1
+#: 978dc3cd74ed41d380ef579824b768d3
+msgid "The key type."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.configuration.JWTSettings.PRIVATE_KEY:1
+#: b07fad4012c04549b9014376e8973080
+msgid "The private key."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.configuration.JWTSettings.PRIVATE_KEY:3
+#: ../../docstring of canaille.oidc.configuration.JWTSettings.PUBLIC_KEY:3
+#: 11bc180445ad4c9e83ad18ee61b19b5b
+#: f647de58457043d6bf1254041b232459
+msgid "If :py:data:`None` and debug mode is enabled, then an in-memory key will be used."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.configuration.JWTSettings.PUBLIC_KEY:1
+#: ea693f1143e346b5a1707e501b4612c1
+msgid "The public key."
+msgstr ""
+
+#: ../../canaille/oidc/configuration.py:docstring of canaille.oidc.configuration.JWTMappingSettings:1
+#: 3f37afeb4ba944f1893abd9a4bf24c82
+msgid "Mapping between the user model and the JWT fields."
+msgstr ""
+
+#: ../../canaille/oidc/configuration.py:docstring of canaille.oidc.configuration.JWTMappingSettings:3
+#: d6d5e13e76374c7c91fad5594b994abe
+msgid "Fields are evaluated with jinja. A ``user`` var is available."
+msgstr ""
+
+#: ../../canaille/backends/sql/configuration.py:docstring of canaille.backends.sql.configuration.SQLSettings:1
+#: 18dbb46c974e490da7044bb55c57a8b4
+msgid "Settings related to the SQL backend."
+msgstr ""
+
+#: ../../canaille/backends/sql/configuration.py:docstring of canaille.backends.sql.configuration.SQLSettings:3
+#: ac8f095c73d94a9eb610a6a877f56323
+msgid "Belong in the ``CANAILLE_SQL`` namespace."
+msgstr ""
+
+#: ../../docstring of canaille.backends.sql.configuration.SQLSettings.DATABASE_URI:1
+#: 657ca5834898413aada92c21e870127b
+msgid "The SQL server URI. For example::"
+msgstr ""
+
+#: ../../canaille/backends/ldap/configuration.py:docstring of canaille.backends.ldap.configuration.LDAPSettings:1
+#: eb2efa5097154602b3712c16331eb618
+msgid "Settings related to the LDAP backend."
+msgstr ""
+
+#: ../../canaille/backends/ldap/configuration.py:docstring of canaille.backends.ldap.configuration.LDAPSettings:3
+#: b9b407b8429e4c6db8ff909834398889
+msgid "Belong in the ``CANAILLE_LDAP`` namespace."
+msgstr ""
+
+#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.BIND_DN:1
+#: 73e722b3fe3740e2bb04a67dd1396814
+msgid "The LDAP bind DN."
+msgstr ""
+
+#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.BIND_PW:1
+#: 06730a32df8d44f2a1708565fd514032
+msgid "The LDAP bind password."
+msgstr ""
+
+#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.GROUP_BASE:1
+#: ccd8fe02e0da48349bc7c22960ab400a
+msgid "The LDAP node under which groups will be looked for and saved."
+msgstr ""
+
+#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.GROUP_BASE:3
+#: f5e60ac6241b4d988e17fb66c5ed8fa8
+msgid "For instance `\"ou=groups,dc=mydomain,dc=tld\"`."
+msgstr ""
+
+#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.GROUP_CLASS:1
+#: df9cbdb25acd4c6cb9b940028c470f70
+msgid "The object class to use for creating new groups."
+msgstr ""
+
+#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.GROUP_NAME_ATTRIBUTE:1
+#: cd8d5769aea049e9a097a71d8e78705b
+msgid "The attribute to use to identify a group."
+msgstr ""
+
+#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.GROUP_RDN:1
+#: bbdd9122975a422d97bbb1124775f483
+msgid "The attribute to identify an object in the Group DN."
+msgstr ""
+
+#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.ROOT_DN:1
+#: 9ec0421dc6d146aa9deb878b8b74c310
+msgid "The LDAP root DN."
+msgstr ""
+
+#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.TIMEOUT:1
+#: 18aa1e3fda9044ffb3ec7c5b66eb927f
+msgid "The LDAP connection timeout."
+msgstr ""
+
+#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.URI:1
+#: 5e5f46a65b914960bee9cab8c1ed8295
+msgid "The LDAP server URI."
+msgstr ""
+
+#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.USER_BASE:1
+#: 37e84f4b6c9a4f2aac524b211eec92a2
+msgid "The LDAP node under which users will be looked for and saved."
+msgstr ""
+
+#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.USER_BASE:3
+#: 865d8a39af0c4081a0e5efbdb093e64d
+msgid "For instance `ou=users,dc=mydomain,dc=tld`."
+msgstr ""
+
+#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.USER_CLASS:1
+#: f2a1aa79a096443b82bf75ffed902328
+msgid "The object class to use for creating new users."
+msgstr ""
+
+#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.USER_FILTER:1
+#: d2867ad1a2cf42b6834d173c1596fb11
+msgid "Filter to match users on sign in."
+msgstr ""
+
+#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.USER_FILTER:3
+#: 7eb49bc6bd41495cb8703166a9142961
+msgid "For instance ``(|(uid={{ login }})(mail={{ login }}))``. Jinja syntax is supported and a ``login`` variable is available, containing the value passed in the login field."
+msgstr ""
+
+#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.USER_RDN:1
+#: 1b1a300a828f46248b0c26e37cc00c26
+msgid "The attribute to identify an object in the User DN."
+msgstr ""
+
+#: ../references/configuration.rst:81
+#: 6a9df3aff9164276819573e73de3cf28
+msgid "Example file"
+msgstr ""
+
+#: ../references/configuration.rst:83
+#: 9f661407953e4eceaf59f39040594f94
+msgid "Here is a configuration file example:"
+msgstr ""
diff --git a/doc/gettext/references/index.pot b/doc/gettext/references/index.pot
new file mode 100644
index 00000000..dcb0ddcb
--- /dev/null
+++ b/doc/gettext/references/index.pot
@@ -0,0 +1,22 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) 2024, Yaal Coop
+# This file is distributed under the same license as the canaille package.
+# FIRST AUTHOR , YEAR.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: canaille 0.0.56\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2024-11-22 16:20+0100\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME \n"
+"Language-Team: LANGUAGE \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: ../references/index.rst:2
+#: 7e0a9ca5df284cb4aefaaa69849afa67
+msgid "References"
+msgstr ""
diff --git a/doc/gettext/references/models.pot b/doc/gettext/references/models.pot
new file mode 100644
index 00000000..4e82529f
--- /dev/null
+++ b/doc/gettext/references/models.pot
@@ -0,0 +1,632 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) 2024, Yaal Coop
+# This file is distributed under the same license as the canaille package.
+# FIRST AUTHOR , YEAR.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: canaille 0.0.56\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2024-11-22 16:20+0100\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME \n"
+"Language-Team: LANGUAGE \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: ../references/models.rst:2
+#: 41a7dc7b250e480db46d41e3aee22ad1
+msgid "Data models"
+msgstr ""
+
+#: ../references/models.rst:4
+#: 1b1a39298a8748d695327d8c3205861e
+msgid "This reference details the data models used by Canaille. This is mostly useful for developers."
+msgstr ""
+
+#: ../../canaille/backends/models.py:docstring of canaille.backends.models.BackendModel:1
+#: ../../canaille/backends/models.py:docstring of canaille.backends.models.Model:1
+#: 5dfedb2673a34cffab2636c959e69517
+#: 180db8c2a5484efcaaedab0d0259893c
+msgid "Bases: :py:class:`object`"
+msgstr ""
+
+#: ../../canaille/backends/models.py:docstring of canaille.backends.models.BackendModel:1
+#: 054dc8cb64204518901c6f741d0a78db
+msgid "The backend model abstract class."
+msgstr ""
+
+#: ../../canaille/backends/models.py:docstring of canaille.backends.models.BackendModel:3
+#: d5425365fe8544d99d250bc36f79a9b9
+msgid "It details all the methods and attributes that are expected to be implemented for every model and for every backend."
+msgstr ""
+
+#: ../../canaille/backends/models.py:docstring of canaille.backends.models.Model:1
+#: eed98eef84344fa8a1dfa96630a2308d
+msgid "The model abstract class."
+msgstr ""
+
+#: ../../canaille/backends/models.py:docstring of canaille.backends.models.Model:3
+#: e45bdfd99f954f4c8fc3dc213443ff33
+msgid "It details all the common attributes shared by every models."
+msgstr ""
+
+#: ../../docstring of canaille.backends.models.Model.created:1
+#: 499d3761712a4423ada0b6c9e7336b9d
+msgid "The :class:`~datetime.datetime` that the resource was added to the service provider."
+msgstr ""
+
+#: ../../docstring of canaille.backends.models.Model.id:1
+#: eb26542ddccf459bbd8179d12e546226
+msgid "A unique identifier for a SCIM resource as defined by the service provider. Id will be :py:data:`None` until the :meth:`~canaille.backends.models.BackendModel.save` method is called."
+msgstr ""
+
+#: ../../docstring of canaille.backends.models.Model.id:5
+#: 99a3ebf8e2f0425f8f6b2cb0fd43b1aa
+msgid "Each representation of the resource MUST include a non-empty \"id\" value. This identifier MUST be unique across the SCIM service provider's entire set of resources. It MUST be a stable, non- reassignable identifier that does not change when the same resource is returned in subsequent requests. The value of the \"id\" attribute is always issued by the service provider and MUST NOT be specified by the client. The string \"bulkId\" is a reserved keyword and MUST NOT be used within any unique identifier value. The attribute characteristics are \"caseExact\" as \"true\", a mutability of \"readOnly\", and a \"returned\" characteristic of \"always\". See Section 9 for additional considerations regarding privacy."
+msgstr ""
+
+#: ../../canaille/backends/models.py:docstring of canaille.backends.models.Model.identifier:1
+#: d3ab1a41021449649f7fc65d7faa4b5a
+msgid "Returns a unique value that will be used to identify the model instance."
+msgstr ""
+
+#: ../../canaille/backends/models.py:docstring of canaille.backends.models.Model.identifier:4
+#: 730b5beedf3345e7a1f3c9152b471d76
+msgid "This value will be used in URLs in canaille, so it should be unique and short."
+msgstr ""
+
+#: ../../docstring of canaille.backends.models.Model.last_modified:1
+#: 6654492d947545cf99532d0bc78c607d
+msgid "The most recent :class:`~datetime.datetime` that the details of this resource were updated at the service provider."
+msgstr ""
+
+#: ../../docstring of canaille.backends.models.Model.last_modified:4
+#: a06610bf90c745bf97d7332606ee3e14
+msgid "If this resource has never been modified since its initial creation, the value MUST be the same as the value of :attr:`~canaille.backends.models.Model.created`."
+msgstr ""
+
+#: ../../canaille/core/models.py:docstring of canaille.core.models.Group:1
+#: ../../canaille/core/models.py:docstring of canaille.core.models.User:1
+#: ../../canaille/oidc/basemodels.py:docstring of canaille.oidc.basemodels.AuthorizationCode:1
+#: ../../canaille/oidc/basemodels.py:docstring of canaille.oidc.basemodels.Client:1
+#: ../../canaille/oidc/basemodels.py:docstring of canaille.oidc.basemodels.Consent:1
+#: ../../canaille/oidc/basemodels.py:docstring of canaille.oidc.basemodels.Token:1
+#: 25aac7c6a4de47149abecdba2643cf16
+#: 2fcb719579614323832335e883920d06
+#: 9fcbd7a341574bb0a12735c80577678c
+#: e686b323e13d49108d090d0ccec91b95
+#: a2f9ebd1047445d68a4211e9f7e7939d
+#: 474767a737ea4abeb51431231c5eeecd
+msgid "Bases: :py:class:`~canaille.backends.models.Model`"
+msgstr ""
+
+#: ../../canaille/core/models.py:docstring of canaille.core.models.Group:1
+#: 75d84fdf9b3e4d40a7388fde78daf7d4
+msgid "User model, based on the `SCIM Group schema `_."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.Group.display_name:1
+#: b34781220a204e858e24409b1a1059c7
+msgid "A human-readable name for the Group."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.Group.display_name:3
+#: ../../docstring of canaille.oidc.basemodels.Client.client_id:1
+#: 08b43e57fa894ae3b6317cc37297342c
+#: 48449512919d4b3ab2aa12fe6c48a3f4
+msgid "REQUIRED."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.Group.members:1
+#: 6028207848c745e381bd6946ce2d276d
+msgid "A list of members of the Group."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.Group.members:3
+#: f75ea88690b0435a917de111ae26b22b
+msgid "While values MAY be added or removed, sub-attributes of members are \"immutable\". The \"value\" sub-attribute contains the value of an \"id\" attribute of a SCIM resource, and the \"$ref\" sub-attribute must be the URI of a SCIM resource such as a \"User\", or a \"Group\". The intention of the \"Group\" type is to allow the service provider to support nested groups. Service providers MAY require clients to provide a non-empty value by setting the \"required\" attribute characteristic of a sub-attribute of the \"members\" attribute in the \"Group\" resource schema."
+msgstr ""
+
+#: ../../canaille/core/models.py:docstring of canaille.core.models.User:1
+#: 539d0e7b4b0143c39c76c5e9ef16bd86
+msgid "User model, based on the `SCIM User schema `_, `Entreprise User Schema Extension `_ and `SCIM Password Management Extension `_ draft. Attribute description is based on SCIM and put there for information purpose. The description may not fit the current implementation in Canaille."
+msgstr ""
+
+#: ../../canaille/core/models.py:docstring of canaille.core.models.User.can:1
+#: 87eda29a61a745199883fc289a13c314
+msgid "Whether or not the user has the :class:`~canaille.core.configuration.Permission` according to the :class:`configuration `."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.department:1
+#: c2e676f9335f408ab8318ffd79b0aa8a
+msgid "Identifies the name of a department."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.display_name:1
+#: 5881ae5858d447058eca54d075e1799a
+msgid "The name of the user, suitable for display to end-users."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.display_name:3
+#: 270a39dc6d7f49b49f5e21b2048c6c9a
+msgid "Each user returned MAY include a non-empty displayName value. The name SHOULD be the full name of the User being described, if known (e.g., \"Babs Jensen\" or \"Ms. Barbara J Jensen, III\") but MAY be a username or handle, if that is all that is available (e.g., \"bjensen\"). The value provided SHOULD be the primary textual label by which this User is normally displayed by the service provider when presenting it to end-users."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.emails:1
+#: 8cb604df1a19481284ee1359685e6af0
+msgid "Email addresses for the User."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.emails:3
+#: cf1562e8f9334a6f9f9d1d8ed7fad99f
+msgid "The value SHOULD be specified according to [RFC5321]. Service providers SHOULD canonicalize the value according to [RFC5321], e.g., \"bjensen@example.com\" instead of \"bjensen@EXAMPLE.COM\". The \"display\" sub-attribute MAY be used to return the canonicalized representation of the email value. The \"type\" sub-attribute is used to provide a classification meaningful to the (human) user. The user interface should encourage the use of basic values of \"work\", \"home\", and \"other\" and MAY allow additional type values to be used at the discretion of SCIM clients."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.employee_number:1
+#: 636ed55260c74feeacbf312e64f05846
+msgid "A string identifier, typically numeric or alphanumeric, assigned to a person, typically based on order of hire or association with an organization."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.family_name:1
+#: 64675e899765403b9e7f5f7e20b6a4d4
+msgid "The family name of the User, or last name in most Western languages (e.g., \"Jensen\" given the full name \"Ms. Barbara Jane Jensen, III\")."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.formatted_address:1
+#: d7bc625574aa4a92922b80a678dd2603
+msgid "The full mailing address, formatted for display or use with a mailing label."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.formatted_address:4
+#: 7b5cfe72fe824e41acc01e5b12836c38
+msgid "This attribute MAY contain newlines."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.formatted_name:1
+#: 3a0ffada2e8445b28acbba22cc25b66c
+msgid "The full name, including all middle names, titles, and suffixes as appropriate, formatted for display (e.g., \"Ms. Barbara Jane Jensen, III\")."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.given_name:1
+#: 61ce490296b54da7ae1b542c1f705d86
+msgid "The given name of the User, or first name in most Western languages (e.g., \"Barbara\" given the full name \"Ms. Barbara Jane Jensen, III\")."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.groups:1
+#: 690f1b154c004cd4b73b9f3942abe467
+msgid "A list of groups to which the user belongs, either through direct membership, through nested groups, or dynamically calculated."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.groups:4
+#: 2eb7b172e9b244b784e9be7ae251f62c
+msgid "The values are meant to enable expression of common group-based or role-based access control models, although no explicit authorization model is defined. It is intended that the semantics of group membership and any behavior or authorization granted as a result of membership are defined by the service provider. The canonical types \"direct\" and \"indirect\" are defined to describe how the group membership was derived. Direct group membership indicates that the user is directly associated with the group and SHOULD indicate that clients may modify membership through the \"Group\" resource. Indirect membership indicates that user membership is transitive or dynamic and implies that clients cannot modify indirect group membership through the \"Group\" resource but MAY modify direct group membership through the \"Group\" resource, which may influence indirect memberships. If the SCIM service provider exposes a \"Group\" resource, the \"value\" sub-attribute MUST be the \"id\", and the \"$ref\" sub-attribute must be the URI of the corresponding \"Group\" resources to which the user belongs. Since this attribute has a mutability of \"readOnly\", group membership changes MUST be applied via the \"Group\" Resource (Section 4.2). This attribute has a mutability of \"readOnly\"."
+msgstr ""
+
+#: ../../canaille/core/models.py:docstring of canaille.core.models.User.has_password:1
+#: 40ee4db8c45f4003bb48204deb440d98
+msgid "Check whether a password has been set for the user."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.locality:1
+#: 3512695046244d34b61291df0b2982f7
+msgid "The city or locality component."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.lock_date:1
+#: 31216009e3274f90bb09e07a3c667ccd
+msgid "A DateTime indicating when the resource was locked."
+msgstr ""
+
+#: ../../canaille/core/models.py:docstring of canaille.core.models.User.locked:1
+#: 1c62d35ba0c44d53870acd58383ae845
+msgid "Whether the user account has been locked or has expired."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.organization:1
+#: 9e66d1ff732c4c9498199b3cd30133c2
+msgid "Identifies the name of an organization."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.password:1
+#: dc7683784aaf49ad82908015dddc3327
+msgid "This attribute is intended to be used as a means to set, replace, or compare (i.e., filter for equality) a password. The cleartext value or the hashed value of a password SHALL NOT be returnable by a service provider. If a service provider holds the value locally, the value SHOULD be hashed. When a password is set or changed by the client, the cleartext password SHOULD be processed by the service provider as follows:"
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.password:9
+#: 75d933d5170e459d871c082acdc18867
+msgid "Prepare the cleartext value for international language comparison. See Section 7.8 of [RFC7644]."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.password:12
+#: 8448f08bb8d94e489d01759c44573b27
+msgid "Validate the value against server password policy. Note: The definition and enforcement of password policy are beyond the scope of this document."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.password:16
+#: c21e45acd3eb4c948f20fad79c2589fb
+msgid "Ensure that the value is encrypted (e.g., hashed). See Section 9.2 for acceptable hashing and encryption handling when storing or persisting for provisioning workflow reasons."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.password:20
+#: 71a63d1b1da4473aab7849d83bae865d
+msgid "A service provider that immediately passes the cleartext value on to another system or programming interface MUST pass the value directly over a secured connection (e.g., Transport Layer Security (TLS)). If the value needs to be temporarily persisted for a period of time (e.g., because of a workflow) before provisioning, then the value MUST be protected by some method, such as encryption."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.password:28
+#: 6e667adf52f041cd91027ad22ec29e79
+msgid "Testing for an equality match MAY be supported if there is an existing stored hashed value. When testing for equality, the service provider:"
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.password:32
+#: c5b24096ff7b4a70982efaf2b4a590a0
+msgid "Prepares the filter value for international language comparison. See Section 7.8 of [RFC7644]."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.password:35
+#: a01917d7f406402aae04d9fab29cce1f
+msgid "Generates the salted hash of the filter value and tests for a match with the locally held value."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.password:38
+#: d014072927a8489c959cf01f30a02e52
+msgid "The mutability of the password attribute is \"writeOnly\", indicating that the value MUST NOT be returned by a service provider in any form (the attribute characteristic \"returned\" is \"never\")."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.phone_numbers:1
+#: 22dabe92b12f42999acc57125936d9a4
+msgid "Phone numbers for the user."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.phone_numbers:3
+#: 4e9f962969504e419f1ee1e42018b7e3
+msgid "The value SHOULD be specified according to the format defined in [RFC3966], e.g., 'tel:+1-201-555-0123'. Service providers SHOULD canonicalize the value according to [RFC3966] format, when appropriate. The \"display\" sub-attribute MAY be used to return the canonicalized representation of the phone number value. The sub- attribute \"type\" often has typical values of \"work\", \"home\", \"mobile\", \"fax\", \"pager\", and \"other\" and MAY allow more types to be defined by the SCIM clients."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.photo:1
+#: 8a1be24639d748fbb92e9026057c6108
+msgid "A URI that is a uniform resource locator (as defined in Section 1.1.3 of [RFC3986]) that points to a resource location representing the user's image."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.photo:5
+#: 3c9a2c89c2e144e4a8e3a549099a0afc
+msgid "The resource MUST be a file (e.g., a GIF, JPEG, or PNG image file) rather than a web page containing an image. Service providers MAY return the same image in different sizes, although it is recognized that no standard for describing images of various sizes currently exists. Note that this attribute SHOULD NOT be used to send down arbitrary photos taken by this user; instead, profile photos of the user that are suitable for display when describing the user should be sent. Instead of the standard canonical values for type, this attribute defines the following canonical values to represent popular photo sizes: \"photo\" and \"thumbnail\"."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.postal_code:1
+#: b8fd039fd49448fb8a1f2602864cdb31
+msgid "The zip code or postal code component."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.preferred_language:1
+#: 78cc188b2ee94614ab5e68931c93b5e4
+msgid "Indicates the user's preferred written or spoken languages and is generally used for selecting a localized user interface."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.preferred_language:4
+#: e957b1c5b5a0404d887870c7cb30361e
+msgid "The value indicates the set of natural languages that are preferred. The format of the value is the same as the HTTP Accept-Language header field (not including \"Accept-Language:\") and is specified in Section 5.3.5 of [RFC7231]. The intent of this value is to enable cloud applications to perform matching of language tags [RFC4647] to the user's language preferences, regardless of what may be indicated by a user agent (which might be shared), or in an interaction that does not involve a user (such as in a delegated OAuth 2.0 [RFC6749] style interaction) where normal HTTP Accept-Language header negotiation cannot take place."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.profile_url:1
+#: 076f48982818474ca185bbb7ecc083bf
+msgid "A URI that is a uniform resource locator (as defined in Section 1.1.3 of [RFC3986]) and that points to a location representing the user's online profile (e.g., a web page)."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.profile_url:5
+#: 850461e9fb3b4d709fcf76dd09c142b0
+msgid "URIs are canonicalized per Section 6.2 of [RFC3986]."
+msgstr ""
+
+#: ../../canaille/core/models.py:docstring of canaille.core.models.User.readable_fields:1
+#: b97df5cf09a748e79ea9971b8dba39d1
+msgid "The fields the user can read according to the :class:`configuration ` configuration."
+msgstr ""
+
+#: ../../canaille/core/models.py:docstring of canaille.core.models.User.readable_fields:4
+#: b76c15b84378406fbc1249573072e5ca
+msgid "This does not include the :attr:`writable ` fields."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.region:1
+#: 082b19222f8f4e25a4aa0aa0ecba0929
+msgid "The state or region component."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.street:1
+#: 2c8f12c4f115443998f8cd1e22299be9
+msgid "The full street address component, which may include house number, street name, P.O."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.street:4
+#: aba448bfd8da42758924353149dadc87
+msgid "box, and multi-line extended street address information. This attribute MAY contain newlines."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.title:1
+#: 62e0f8e9c68a4ecfac80add78ccd7142
+msgid "The user's title, such as \"Vice President\"."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.user_name:1
+#: 293d739a09e94a099259ed4650bae8ac
+msgid "A service provider's unique identifier for the user, typically used by the user to directly authenticate to the service provider."
+msgstr ""
+
+#: ../../docstring of canaille.core.models.User.user_name:4
+#: c13edd0588bc4f9d991306cdfd54d80a
+msgid "Often displayed to the user as their unique identifier within the system (as opposed to \"id\" or \"externalId\", which are generally opaque and not user-friendly identifiers). Each User MUST include a non-empty userName value. This identifier MUST be unique across the service provider's entire set of Users. This attribute is REQUIRED and is case insensitive."
+msgstr ""
+
+#: ../../canaille/core/models.py:docstring of canaille.core.models.User.writable_fields:1
+#: bce25550d966456fb325f488d3989446
+msgid "The fields the user can write according to the :class:`configuration `."
+msgstr ""
+
+#: ../../canaille/oidc/basemodels.py:docstring of canaille.oidc.basemodels.AuthorizationCode:1
+#: edd3de5bfc4d4ae881494d6ba9e94342
+msgid "OpenID Connect temporary authorization code definition."
+msgstr ""
+
+#: ../../canaille/oidc/basemodels.py:docstring of canaille.oidc.basemodels.Client:1
+#: 8e9b301343f149de94a1d40e8b591125
+msgid "OpenID Connect client definition, based on the `OAuth 2.0 Dynamic Client Registration protocols `_ and the `OpenID Connect RP-Initiated Logout `_ specifications."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.client_id:3
+#: e45f4fee2fdb46e7bb31460fddf3400a
+msgid "OAuth 2.0 client identifier string. It SHOULD NOT be currently valid for any other registered client, though an authorization server MAY issue the same client identifier to multiple instances of a registered client at its discretion."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.client_id_issued_at:1
+#: ../../docstring of canaille.oidc.basemodels.Client.client_secret:1
+#: ../../docstring of canaille.oidc.basemodels.Client.post_logout_redirect_uris:1
+#: c9328ff136fb490cb6810fd738cd32c3
+#: 7e4168f5eef24ce7a0fdfcd1a34ac0b1
+#: 1ea64fb459e343a58a8c09ffb8fb046c
+msgid "OPTIONAL."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.client_id_issued_at:3
+#: 673ada2798054ac5aaceccb2e11fa62c
+msgid "Time at which the client identifier was issued. The time is represented as the number of seconds from 1970-01-01T00:00:00Z as measured in UTC until the date/time of issuance."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.client_name:1
+#: 884645dd183e4deaacd7b26efbeae4b0
+msgid "Human-readable string name of the client to be presented to the end-user during authorization."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.client_name:4
+#: e71d8bfba20a4451bf78c67859250e85
+msgid "If omitted, the authorization server MAY display the raw \"client_id\" value to the end-user instead. It is RECOMMENDED that clients always send this field. The value of this field MAY be internationalized, as described in Section 2.2."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.client_secret:3
+#: 317b9d7d12754d8e81ccdbdbb69027a3
+msgid "OAuth 2.0 client secret string. If issued, this MUST be unique for each \"client_id\" and SHOULD be unique for multiple instances of a client using the same \"client_id\". This value is used by confidential clients to authenticate to the token endpoint, as described in OAuth 2.0 [RFC6749], Section 2.3.1."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.client_secret_expires_at:1
+#: 4e7d6ee56b7d4f3ba2bdda60e9a8428c
+msgid "REQUIRED if \"client_secret\" is issued."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.client_secret_expires_at:3
+#: 7eff790c6fed4a40b4afbf0c48e8f9b7
+msgid "Time at which the client secret will expire or 0 if it will not expire. The time is represented as the number of seconds from 1970-01-01T00:00:00Z as measured in UTC until the date/time of expiration."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.client_uri:1
+#: c808c4be36474628b978c4f87622d9bb
+msgid "URL string of a web page providing information about the client."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.client_uri:3
+#: eadc2f25087d476fb020f699c9f630c0
+msgid "If present, the server SHOULD display this URL to the end-user in a clickable fashion. It is RECOMMENDED that clients always send this field. The value of this field MUST point to a valid web page. The value of this field MAY be internationalized, as described in Section 2.2."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.contacts:1
+#: b2ba960845ec4d37955854ef04ff3439
+msgid "Array of strings representing ways to contact people responsible for this client, typically email addresses."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.contacts:4
+#: f16aba83e47541b9a0a1b9fb36d5ebbd
+msgid "The authorization server MAY make these contact addresses available to end-users for support requests for the client. See Section 6 for information on Privacy Considerations."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:1
+#: 9279cc2620e247239620ce27cc3f25be
+msgid "Array of OAuth 2.0 grant type strings that the client can use at the token endpoint. These grant types are defined as follows:"
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:4
+#: 3531d80222174772b72c7d0365ae585b
+msgid "\"authorization_code\": The authorization code grant type defined in OAuth 2.0, Section 4.1."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:7
+#: 700823977a854c0ab4b31683d3537526
+msgid "\"implicit\": The implicit grant type defined in OAuth 2.0, Section 4.2."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:10
+#: 9edafc4daf7d495d91ad5c3e3945373f
+msgid "\"password\": The resource owner password credentials grant type defined in OAuth 2.0, Section 4.3."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:13
+#: 606dd7b652ee432db4df96731cb74c83
+msgid "\"client_credentials\": The client credentials grant type defined in OAuth 2.0, Section 4.4."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:16
+#: e89ed9beba1c4bad87c8debcb3a6f7ea
+msgid "\"refresh_token\": The refresh token grant type defined in OAuth 2.0, Section 6."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:19
+#: 278f7b5438fc4abba32e99a2cfd051e0
+msgid "\"urn:ietf:params:oauth:grant-type:jwt-bearer\": The JWT Bearer Token Grant Type defined in OAuth JWT Bearer Token Profiles [RFC7523]."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:23
+#: f6d6e6c6e6fd4d059f4414322c5b2816
+msgid "\"urn:ietf:params:oauth:grant-type:saml2-bearer\": The SAML 2.0 Bearer Assertion Grant defined in OAuth SAML 2 Bearer Token Profiles [RFC7522]."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:27
+#: df3a20a122e44a0f85ff153097c75299
+msgid "If the token endpoint is used in the grant type, the value of this parameter MUST be the same as the value of the \"grant_type\" parameter passed to the token endpoint defined in the grant type definition. Authorization servers MAY allow for other values as defined in the grant type extension process described in OAuth 2.0, Section 4.5. If omitted, the default behavior is that the client will use only the \"authorization_code\" Grant Type."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.jwk:1
+#: b28be1904349499bbb8a81a044e4d67d
+msgid "Client's JSON Web Key Set [RFC7517] document value, which contains the client's public keys."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.jwk:4
+#: f70ddda717154155a67fd9257f4e2a29
+msgid "The value of this field MUST be a JSON object containing a valid JWK Set. These keys can be used by higher-level protocols that use signing or encryption. This parameter is intended to be used by clients that cannot use the \"jwks_uri\" parameter, such as native clients that cannot host public URLs. The \"jwks_uri\" and \"jwks\" parameters MUST NOT both be present in the same request or response."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.jwks_uri:1
+#: e77c6d704ba34b1a8ae9191a549fc105
+msgid "URL string referencing the client's JSON Web Key (JWK) Set [RFC7517] document, which contains the client's public keys."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.jwks_uri:4
+#: 07c3977b5cc6478582c40bfda3818dca
+msgid "The value of this field MUST point to a valid JWK Set document. These keys can be used by higher-level protocols that use signing or encryption. For instance, these keys might be used by some applications for validating signed requests made to the token endpoint when using JWTs for client authentication [RFC7523]. Use of this parameter is preferred over the \"jwks\" parameter, as it allows for easier key rotation. The \"jwks_uri\" and \"jwks\" parameters MUST NOT both be present in the same request or response."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.logo_uri:1
+#: 1e78b0b24ba74fce9796a178d03f9a68
+msgid "URL string that references a logo for the client."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.logo_uri:3
+#: 8047900a37a946c5819126e4d5b1a6f2
+msgid "If present, the server SHOULD display this image to the end-user during approval. The value of this field MUST point to a valid image file. The value of this field MAY be internationalized, as described in Section 2.2."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.policy_uri:1
+#: 196ad277ca0d48e39e3b050fbd6c7420
+msgid "URL string that points to a human-readable privacy policy document that describes how the deployment organization collects, uses, retains, and discloses personal data."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.policy_uri:5
+#: ../../docstring of canaille.oidc.basemodels.Client.tos_uri:5
+#: 44ffb5b8755147ffa444c857bb4cb9d7
+#: ccc2d89b967b4e17a53b8ac2c26b263f
+msgid "The authorization server SHOULD display this URL to the end-user if it is provided. The value of this field MUST point to a valid web page. The value of this field MAY be internationalized, as described in Section 2.2."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.post_logout_redirect_uris:3
+#: 40a2fe5d5daf49c184873ddddffa1893
+msgid "Array of URLs supplied by the RP to which it MAY request that the End-User's User Agent be redirected using the post_logout_redirect_uri parameter after a logout has been performed. These URLs SHOULD use the https scheme and MAY contain port, path, and query parameter components; however, they MAY use the http scheme, provided that the Client Type is confidential, as defined in Section 2.1 of OAuth 2.0 [RFC6749], and provided the OP allows the use of http RP URIs."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.redirect_uris:1
+#: 9a28211e567845cbba7ac1bee6666f4a
+msgid "Array of redirection URI strings for use in redirect-based flows such as the authorization code and implicit flows."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.redirect_uris:4
+#: 2afba64218f040f1989433931c19d5e1
+msgid "As required by Section 2 of OAuth 2.0 [RFC6749], clients using flows with redirection MUST register their redirection URI values. Authorization servers that support dynamic registration for redirect-based flows MUST implement support for this metadata value."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.response_types:1
+#: 89ed3097a94f43dc83b564e94b3179f7
+msgid "Array of the OAuth 2.0 response type strings that the client can use at the authorization endpoint. These response types are defined as follows:"
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.response_types:5
+#: f58fbc4e912f4a07910f7dde4deb4886
+msgid "\"code\": The authorization code response type defined in OAuth 2.0, Section 4.1."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.response_types:8
+#: ea813f0274b44fe2a03e1215606dcca0
+msgid "\"token\": The implicit response type defined in OAuth 2.0, Section 4.2."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.response_types:11
+#: e855edc4d7984aa68dd8bd2609bd4925
+msgid "If the authorization endpoint is used by the grant type, the value of this parameter MUST be the same as the value of the \"response_type\" parameter passed to the authorization endpoint defined in the grant type definition. Authorization servers MAY allow for other values as defined in the grant type extension process is described in OAuth 2.0, Section 4.5. If omitted, the default is that the client will use only the \"code\" response type."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.scope:1
+#: 203b6265a65f43678bd3525158d35ed5
+msgid "String containing a space-separated list of scope values (as described in Section 3.3 of OAuth 2.0 [RFC6749]) that the client can use when requesting access tokens."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.scope:5
+#: ccb3e8902413435da8ef2b347ee6f524
+msgid "The semantics of values in this list are service specific. If omitted, an authorization server MAY register a client with a default set of scopes."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.software_id:1
+#: 1c3a6b1855e6484286e2a7ead64545ca
+msgid "A unique identifier string (e.g., a Universally Unique Identifier (UUID)) assigned by the client developer or software publisher used by registration endpoints to identify the client software to be dynamically registered."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.software_id:6
+#: 92bca122a33f4ad2aa156a357d7abbc9
+msgid "Unlike \"client_id\", which is issued by the authorization server and SHOULD vary between instances, the \"software_id\" SHOULD remain the same for all instances of the client software. The \"software_id\" SHOULD remain the same across multiple updates or versions of the same piece of software. The value of this field is not intended to be human readable and is usually opaque to the client and authorization server."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.software_version:1
+#: 7b41f56df51642a99f7bdbaf40269981
+msgid "A version identifier string for the client software identified by \"software_id\"."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.software_version:4
+#: 02558244f5a141e193400a177f45b84e
+msgid "The value of the \"software_version\" SHOULD change on any update to the client software identified by the same \"software_id\". The value of this field is intended to be compared using string equality matching and no other comparison semantics are defined by this specification. The value of this field is outside the scope of this specification, but it is not intended to be human readable and is usually opaque to the client and authorization server. The definition of what constitutes an update to client software that would trigger a change to this value is specific to the software itself and is outside the scope of this specification."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.token_endpoint_auth_method:1
+#: e508c45da1ae48f19b7ee8441976c669
+msgid "String indicator of the requested authentication method for the token endpoint. Values defined by this specification are:"
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.token_endpoint_auth_method:4
+#: 8a3f3b84f62b4438a5ed5fbb9e98bef5
+msgid "\"none\": The client is a public client as defined in OAuth 2.0, Section 2.1, and does not have a client secret."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.token_endpoint_auth_method:7
+#: 0a2a945397264911947f1eb4e8591bbf
+msgid "\"client_secret_post\": The client uses the HTTP POST parameters as defined in OAuth 2.0, Section 2.3.1."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.token_endpoint_auth_method:10
+#: 3852640761c84dbfb1e94502c59cd753
+msgid "\"client_secret_basic\": The client uses HTTP Basic as defined in OAuth 2.0, Section 2.3.1."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.token_endpoint_auth_method:13
+#: e1a40f43702c4916bcfa4584c26611ea
+msgid "Additional values can be defined via the IANA \"OAuth Token Endpoint Authentication Methods\" registry established in Section 4.2. Absolute URIs can also be used as values for this parameter without being registered. If unspecified or omitted, the default is \"client_secret_basic\", denoting the HTTP Basic authentication scheme as specified in Section 2.3.1 of OAuth 2.0."
+msgstr ""
+
+#: ../../docstring of canaille.oidc.basemodels.Client.tos_uri:1
+#: a6cd2971183b42bcbb8e50649d19fc7e
+msgid "URL string that points to a human-readable terms of service document for the client that describes a contractual relationship between the end-user and the client that the end-user accepts when authorizing the client."
+msgstr ""
+
+#: ../../canaille/oidc/basemodels.py:docstring of canaille.oidc.basemodels.Consent:1
+#: 5b6f0884f0fa40aa8a74cc3a3553d88f
+msgid "Long-term user consent to an application."
+msgstr ""
+
+#: ../../canaille/oidc/basemodels.py:docstring of canaille.oidc.basemodels.Token:1
+#: 0536543f92654e49b7a69b057d076a38
+msgid "OpenID Connect token definition."
+msgstr ""
diff --git a/doc/gettext/tutorial/databases.pot b/doc/gettext/tutorial/databases.pot
new file mode 100644
index 00000000..c00b9e12
--- /dev/null
+++ b/doc/gettext/tutorial/databases.pot
@@ -0,0 +1,153 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) 2024, Yaal Coop
+# This file is distributed under the same license as the canaille package.
+# FIRST AUTHOR , YEAR.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: canaille 0.0.56\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2024-11-22 16:20+0100\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME \n"
+"Language-Team: LANGUAGE \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: ../tutorial/databases.rst:2
+#: 527d8f3cbe0a441abe4e66c3c3a8e45b
+msgid "Databases"
+msgstr ""
+
+#: ../tutorial/databases.rst:4
+#: 7ba0b9a14fce436595c5ebde78aae946
+msgid "Canaille can read and save data in different databases. This page presents the different database backends and their specificities:"
+msgstr ""
+
+#: ../tutorial/databases.rst:8
+#: 79cee50c147545ce9bdac814bcfe8609
+msgid "Memory"
+msgstr ""
+
+#: ../tutorial/databases.rst:10
+#: e3f9746afd40417e9b6324eb9feed900
+msgid "Canaille comes with a lightweight inmemory backend by default. It is used when no other backend has been configured."
+msgstr ""
+
+#: ../tutorial/databases.rst:13
+#: c99976af30a84dd88144af1f94fa4f1f
+msgid "This backend is only for test purpose and should not be used in production environments."
+msgstr ""
+
+#: ../tutorial/databases.rst:16
+#: 2cc56bb5b80e44acbf72f33c06b160ac
+msgid "SQL"
+msgstr ""
+
+#: ../tutorial/databases.rst:18
+#: 810f5fc5e5c44da2aeed71b98964cdb5
+msgid "Canaille can use any database supported by `SQLAlchemy `_, such as sqlite, postgresql or mariadb."
+msgstr ""
+
+#: ../tutorial/databases.rst:21
+#: 2bc43b31141a40ee931dd4dccb78072b
+msgid "It is used when the ``CANAILLE_SQL`` configuration parameter is defined. For instance:"
+msgstr ""
+
+#: ../tutorial/databases.rst:23
+#: ../tutorial/databases.rst:37
+#: 4c8504504a3647198afac5c8d87813f7
+#: 196b09a796c04d4b9066bd463f5e239b
+msgid "config.toml"
+msgstr ""
+
+#: ../tutorial/databases.rst:29
+#: 05c9a85af5f04ad08741ff83efa7a3a0
+msgid "You can find more details on the SQL configuration in the :class:`dedicated section `."
+msgstr ""
+
+#: ../tutorial/databases.rst:32
+#: 91a683cbbdc745549e37499598c1aa4a
+msgid "LDAP"
+msgstr ""
+
+#: ../tutorial/databases.rst:34
+#: 0dcba883340c4f67b21d69b9f9078c48
+msgid "Canaille can use OpenLDAP as its main database. It is used when the ``CANAILLE_LDAP`` configuration parameter is defined. For instance:"
+msgstr ""
+
+#: ../tutorial/databases.rst:52
+#: 90ed3908de454594b1e76e5725056c81
+msgid "You can find more details on the LDAP configuration in the :class:`dedicated section `."
+msgstr ""
+
+#: ../tutorial/databases.rst:55
+#: 2c43e9f79276492c84248e35508188a9
+msgid "Currently, only the ``inetOrgPerson`` and ``groupOfNames`` schemas have been tested. If you want to use different schemas or LDAP servers, adaptations may be needed. Patches are welcome."
+msgstr ""
+
+#: ../tutorial/databases.rst:60
+#: ad13059a843e41ceb3d105e609722063
+msgid "OpenLDAP overlays integration"
+msgstr ""
+
+#: ../tutorial/databases.rst:62
+#: 4574a3d570f04d96a49722ff77c2695a
+msgid "Canaille can integrate with several OpenLDAP overlays:"
+msgstr ""
+
+#: ../tutorial/databases.rst:65
+#: 4dd1354faaac48559deae338b4f090b5
+msgid "memberof / refint"
+msgstr ""
+
+#: ../tutorial/databases.rst:67
+#: 0439ad64ecb844fdaa1737a3c9e473cc
+msgid "`memberof `_ and `refint `_ overlays are needed for the Canaille group membership to work correctly."
+msgstr ""
+
+#: ../tutorial/databases.rst:71
+#: ../tutorial/databases.rst:94
+#: faa33ea8871f4e34ac2c64cc72fdf812
+#: 06709ee4d5f844568221f14c64b5c30b
+msgid "Here is a configuration example compatible with canaille:"
+msgstr ""
+
+#: ../tutorial/databases.rst:73
+#: ebbf217acbd74c889aa84489628bae35
+msgid "memberof-config.ldif"
+msgstr ""
+
+#: ../tutorial/databases.rst:77
+#: 6b433a46ef87490bbaba6472563969c4
+msgid "refint-config.ldif"
+msgstr ""
+
+#: ../tutorial/databases.rst:81
+#: ../tutorial/databases.rst:104
+#: 861e354e7cfb47049661986cb4e35787
+#: b8ccf6ef78aa471ead32733e0381b055
+msgid "You can adapt and load those configuration files with:"
+msgstr ""
+
+#: ../tutorial/databases.rst:90
+#: 3a182ba0d6784956b95eaf634a6fc06f
+msgid "ppolicy"
+msgstr ""
+
+#: ../tutorial/databases.rst:92
+#: 83a2d62977b045ad8abe86ccc98759cb
+msgid "If the `ppolicy `_ overlay is configured and the ``pwdEndTime`` attribute is available (since OpenLDAP 2.6), then account locking support will be enabled in canaille. To allow users to manage account expiration, they need to have a *write* permission on the :attr:`~canaille.core.models.User.lock_date` attribute."
+msgstr ""
+
+#: ../tutorial/databases.rst:96
+#: 791a6d05f787498487e083e108ce34de
+msgid "ppolicy-config.ldif"
+msgstr ""
+
+#: ../tutorial/databases.rst:100
+#: 0f9d8b20ec7f4043b83d6312b1058939
+msgid "ppolicy.ldif"
+msgstr ""
diff --git a/doc/gettext/tutorial/deployment.pot b/doc/gettext/tutorial/deployment.pot
new file mode 100644
index 00000000..d78172f3
--- /dev/null
+++ b/doc/gettext/tutorial/deployment.pot
@@ -0,0 +1,122 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) 2024, Yaal Coop
+# This file is distributed under the same license as the canaille package.
+# FIRST AUTHOR , YEAR.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: canaille 0.0.56\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2024-11-22 16:20+0100\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME \n"
+"Language-Team: LANGUAGE \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: ../tutorial/deployment.rst:2
+#: eeee7ba0fc3d44e7ad224ef2b2aad5d0
+msgid "Deployment"
+msgstr ""
+
+#: ../tutorial/deployment.rst:5
+#: e9ce862abbc94cd280400ab2e3b54839
+msgid "Application service"
+msgstr ""
+
+#: ../tutorial/deployment.rst:7
+#: 433485ad5c09467dafdf34069fca8cf7
+msgid "After having finished Canaille installation you have to run it in a WSGI application server. Here are some WSGI server configuration examples you can pick. Do not forget to update the paths."
+msgstr ""
+
+#: ../tutorial/deployment.rst:11
+#: b95ad5bdf60a4fa38668de444a350143
+msgid "gunicorn"
+msgstr ""
+
+#: ../tutorial/deployment.rst:13
+#: 71031d675d424a039075b7010b6aecaa
+msgid "Todo"
+msgstr ""
+
+#: ../tutorial/deployment.rst:15
+#: b4cd24e95f8649feb0bccc4077c530cc
+msgid "Write a gunicorn configuration sample file."
+msgstr ""
+
+#: ../tutorial/deployment.rst:18
+#: 1035487ff04444699065497aa5c27428
+msgid "uwsgi"
+msgstr ""
+
+#: ../tutorial/deployment.rst:42
+#: 99cd8ef482f84cbb9a924a9a3fef3f8f
+msgid "Webserver"
+msgstr ""
+
+#: ../tutorial/deployment.rst:44
+#: 123b2a6d36ba426cb333611e82f4b49f
+msgid "Now you have to plug your WSGI application server to your webserver so it is accessible on the internet. Here are some webserver configuration examples you can pick:"
+msgstr ""
+
+#: ../tutorial/deployment.rst:48
+#: a4206d1009c949e1aa406adc1e6f37a0
+msgid "Nginx"
+msgstr ""
+
+#: ../tutorial/deployment.rst:114
+#: 15b5ad9ca9d3428f889b223b0ffb58c7
+msgid "Apache"
+msgstr ""
+
+#: ../tutorial/deployment.rst:153
+#: fb75b2d60ce34f30a23ebcb46860c0b4
+msgid "Recurrent jobs"
+msgstr ""
+
+#: ../tutorial/deployment.rst:155
+#: 7f2c34b8393547c3ae17c156d98e0080
+msgid "You might want to clean up your database to avoid it growing too much. You can regularly delete expired tokens and authorization codes with:"
+msgstr ""
+
+#: ../tutorial/deployment.rst:164
+#: 0189b125934b4accb96c2ac6431dda33
+msgid "Webfinger"
+msgstr ""
+
+#: ../tutorial/deployment.rst:166
+#: 2fb122255bb94ea38ac3fe43bc6ee696
+msgid "You may want to configure a `WebFinger`_ endpoint on your main website to allow the automatic discovery of your Canaille installation based on the account name of one of your users. For instance, suppose your domain is ``mydomain.example`` and your Canaille domain is ``auth.mydomain.example`` and there is a user ``john.doe``. A third-party application could require to authenticate the user and ask them for a user account. The user would give their account ``john.doe@mydomain.example``, then the application would perform a WebFinger request at ``https://mydomain.example/.well-known/webfinger`` and the response would contain the address of the authentication server ``https://auth.mydomain.example``. With this information the third party application can redirect the user to the Canaille authentication page."
+msgstr ""
+
+#: ../tutorial/deployment.rst:168
+#: 2d0d75109fc0461282d6917878208cea
+msgid "The difficulty here is that the WebFinger endpoint must be hosted at the top-level domain (i.e. ``mydomain.example``) while the authentication server might be hosted on a sublevel (i.e. ``auth.mydomain.example``). Canaille provides a WebFinger endpoint, but if it is not hosted at the top-level domain, a web redirection is required on the ``/.well-known/webfinger`` path."
+msgstr ""
+
+#: ../tutorial/deployment.rst:170
+#: 82732f3561f44bba97416ecd74352d0e
+msgid "Here are configuration examples for Nginx or Apache:"
+msgstr ""
+
+#: ../tutorial/deployment.rst:172
+#: b9f6e24c2e3b4b3c8ba3e8a7c225d03c
+msgid "Nginx webfinger configuration for a top level domain"
+msgstr ""
+
+#: ../tutorial/deployment.rst:181
+#: 6613fc5b59614b38b1a967034e5ba97e
+msgid "Apache webfinger configuration for a top level domain"
+msgstr ""
+
+#: ../tutorial/deployment.rst:191
+#: c8e3fbc8941d4a40861b215a2e7fb645
+msgid "Create the first user"
+msgstr ""
+
+#: ../tutorial/deployment.rst:193
+#: c96af5c60d2b4472ac220cde78341607
+msgid "Once canaille is installed, soon enough you will need to add users. To create your first user you can use the :ref:`canaille create ` CLI."
+msgstr ""
diff --git a/doc/gettext/tutorial/index.pot b/doc/gettext/tutorial/index.pot
new file mode 100644
index 00000000..666a6f38
--- /dev/null
+++ b/doc/gettext/tutorial/index.pot
@@ -0,0 +1,22 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) 2024, Yaal Coop
+# This file is distributed under the same license as the canaille package.
+# FIRST AUTHOR , YEAR.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: canaille 0.0.56\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2024-11-22 16:20+0100\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME \n"
+"Language-Team: LANGUAGE \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: ../tutorial/index.rst:2
+#: c7edcdeccf6f40c388fc80d827c09096
+msgid "Tutorial"
+msgstr ""
diff --git a/doc/gettext/tutorial/install.pot b/doc/gettext/tutorial/install.pot
new file mode 100644
index 00000000..bc2b8e27
--- /dev/null
+++ b/doc/gettext/tutorial/install.pot
@@ -0,0 +1,132 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) 2024, Yaal Coop
+# This file is distributed under the same license as the canaille package.
+# FIRST AUTHOR , YEAR.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: canaille 0.0.56\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2024-11-22 16:20+0100\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME \n"
+"Language-Team: LANGUAGE \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: ../tutorial/install.rst:2
+#: 3461075d4b16480d9daabb8d1d789005
+msgid "Installation"
+msgstr ""
+
+#: ../tutorial/install.rst:6
+#: 8def0eb60a6747fe917c611b88e4671b
+msgid "Canaille is under heavy development and may not fit a production environment yet."
+msgstr ""
+
+#: ../tutorial/install.rst:8
+#: 1d89fce4c8e741b28fea91ad93806d31
+msgid "The installation of canaille consist in several steps, some of which you can do manually or with command line tool:"
+msgstr ""
+
+#: ../tutorial/install.rst:11
+#: f36a9eed165f438199b75da27df7c168
+msgid "Get the code"
+msgstr ""
+
+#: ../tutorial/install.rst:13
+#: ccb1d89539184e6ea49b201aeadd4ca0
+msgid "As the moment there is no distribution package for canaille. However, it can be installed with the ``pip`` package manager. Let us choose a place for the canaille environment, like ``/opt/canaille/env``."
+msgstr ""
+
+#: ../tutorial/install.rst:24
+#: bbce9cea800b4f43b5438ad52438b744
+msgid "Extras"
+msgstr ""
+
+#: ../tutorial/install.rst:26
+#: 99d5dad5e3db42e188605845597aade5
+msgid "Canaille provides different package options:"
+msgstr ""
+
+#: ../tutorial/install.rst:28
+#: 9f420ef948f842f580648d92b8df7905
+msgid "`front` provides all the things needed to produce the user interface;"
+msgstr ""
+
+#: ../tutorial/install.rst:29
+#: d8e6f9d5f7f44b66b1e8cba275ad5ee3
+msgid "`oidc` provides the dependencies to perform OAuth2/OIDC authentication;"
+msgstr ""
+
+#: ../tutorial/install.rst:30
+#: 5c3be3c28af94a87bdbc7a45f64533a2
+msgid "`ldap` provides the dependencies to enable the LDAP backend;"
+msgstr ""
+
+#: ../tutorial/install.rst:31
+#: e33c8883f49846b1b821424dbf8f07e1
+msgid "`sqlite` provides the dependencies to enable the SQLite backend;"
+msgstr ""
+
+#: ../tutorial/install.rst:32
+#: 38f9ec9aa2f842f5b1b7bdf330080037
+msgid "`postgresql` provides the dependencies to enable the PostgreSQL backend;"
+msgstr ""
+
+#: ../tutorial/install.rst:33
+#: 9ca2ef4d86c54b3badef060b2973b9e4
+msgid "`mysql` provides the dependencies to enable the MySQL backend;"
+msgstr ""
+
+#: ../tutorial/install.rst:34
+#: f814e1792e0241558307dbccf11edbce
+msgid "`sentry` provides sentry integration to watch Canaille exceptions;"
+msgstr ""
+
+#: ../tutorial/install.rst:35
+#: 116fca1cb69748238bc82a0f37310059
+msgid "`all` provides all the extras above."
+msgstr ""
+
+#: ../tutorial/install.rst:37
+#: 48e42538a8604a87be1b3c65e21efd82
+msgid "They can be installed with:"
+msgstr ""
+
+#: ../tutorial/install.rst:44
+#: 992c7266ab8a417bb15541cf159b1402
+msgid "Configure"
+msgstr ""
+
+#: ../tutorial/install.rst:46
+#: 245524dcf0c84750b2e48712ce6f03e7
+msgid "Choose a path where to store your configuration file. You can pass any configuration path with the ``CONFIG`` environment variable."
+msgstr ""
+
+#: ../tutorial/install.rst:54
+#: bdf30558d57c43c5a47552341bb537e1
+msgid "You should then edit your configuration file to adapt the values to your needs. Look at the configuration details in the :doc:`configuration <../references/configuration>` page."
+msgstr ""
+
+#: ../tutorial/install.rst:57
+#: de2f194462264504aa4590443184e4c7
+msgid "Install"
+msgstr ""
+
+#: ../tutorial/install.rst:59
+#: fe3a5ed380e14ea0bbc9d43035e4157a
+msgid "The :ref:`install command ` will apply most of the things needed to get Canaille working. Depending on the configured :doc:`database ` it will create the SQL tables, or install the LDAP schemas for instance."
+msgstr ""
+
+#: ../tutorial/install.rst:68
+#: ca9856eb1ee74dc7830a408ed12fd806
+msgid "Check"
+msgstr ""
+
+#: ../tutorial/install.rst:70
+#: 976deff22c0c4ddb871dbe4b8c3f2fa4
+msgid "After a manual installation, you can check your configuration file using the :ref:`check command `:"
+msgstr ""
diff --git a/doc/gettext/tutorial/troubleshooting.pot b/doc/gettext/tutorial/troubleshooting.pot
new file mode 100644
index 00000000..be4168e1
--- /dev/null
+++ b/doc/gettext/tutorial/troubleshooting.pot
@@ -0,0 +1,92 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) 2024, Yaal Coop
+# This file is distributed under the same license as the canaille package.
+# FIRST AUTHOR , YEAR.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: canaille 0.0.56\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2024-11-22 16:20+0100\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME \n"
+"Language-Team: LANGUAGE \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: ../tutorial/troubleshooting.rst:2
+#: a7d8552e4975449789812d67b23b345f
+msgid "Troubleshooting"
+msgstr ""
+
+#: ../tutorial/troubleshooting.rst:5
+#: 00bfa2fa35ff434fae80081ae567520b
+msgid "The web interface throws useless error messages"
+msgstr ""
+
+#: ../tutorial/troubleshooting.rst:7
+#: ec56d81e02e049808b5aa5d51d4b0c40
+msgid "Unless the current user has admin :class:`permissions `, or the installation is in :attr:`~canaille.app.configuration.RootSettings.DEBUG` mode, error messages won't be too technical. For instance, you can see *The request you made is invalid*. To enable detailed error messages, you can **temporarily** enable the :attr:`~canaille.app.configuration.RootSettings.DEBUG` configuration parameter."
+msgstr ""
+
+#: ../tutorial/troubleshooting.rst:12
+#: 6cd00bba302b4ac7a814318fff5f1d98
+msgid "How to manually install LDAP schemas?"
+msgstr ""
+
+#: ../tutorial/troubleshooting.rst:16
+#: 383bf19fef474ad0bfcd432537867b7d
+msgid "Schema installation can be automatically done using the :ref:`install command `."
+msgstr ""
+
+#: ../tutorial/troubleshooting.rst:18
+#: cfce89f0ed5141699a0b428579e47d58
+msgid "As of OpenLDAP 2.4, two configuration methods are available:"
+msgstr ""
+
+#: ../tutorial/troubleshooting.rst:20
+#: f025a0ef2a9042cc82640e1686ca12ff
+msgid "The `deprecated `_ one, based on a configuration file (generally ``/etc/ldap/slapd.conf``);"
+msgstr ""
+
+#: ../tutorial/troubleshooting.rst:21
+#: a096f639d51d4f6fb17bb854d6afd1d7
+msgid "The new one, based on a configuration directory (generally ``/etc/ldap/slapd.d``)."
+msgstr ""
+
+#: ../tutorial/troubleshooting.rst:23
+#: 87e24d478fbd4509bf4651ad0be9726f
+msgid "Depending on the configuration method you use with your OpenLDAP installation, you need to chose how to add the canaille schemas:"
+msgstr ""
+
+#: ../tutorial/troubleshooting.rst:26
+#: e0948dcef218449b91b5908a0c030dc5
+msgid "Old fashion: Copy the schemas in your filesystem"
+msgstr ""
+
+#: ../tutorial/troubleshooting.rst:35
+#: ff09602b1964432ca92439fcaab6c199
+msgid "New fashion: Use slapadd to add the schemas"
+msgstr ""
+
+#: ../tutorial/troubleshooting.rst:37
+#: 6b3246d97f7744b19c937e63c4e0c223
+msgid "Be careful to stop your ldap server before running ``slapadd``"
+msgstr ""
+
+#: ../tutorial/troubleshooting.rst:46
+#: c5be7d8dd34e4f36a0a4fb76f00bea5f
+msgid "How to manually generate the OIDC keypair?"
+msgstr ""
+
+#: ../tutorial/troubleshooting.rst:50
+#: d73bed635d4748789de6ede7f53cc73d
+msgid "The keypair generation can be automatically done using the :ref:`install command `."
+msgstr ""
+
+#: ../tutorial/troubleshooting.rst:52
+#: 0b9b5fcf3a594f0baaddf334e7880455
+msgid "Canaille needs a key pair to sign OIDC tokens. You can customize those commands, as long as they match the ``JWT`` section of your configuration file."
+msgstr ""
diff --git a/doc/locales/fr_FR/LC_MESSAGES/development.po b/doc/locales/fr_FR/LC_MESSAGES/development.po
new file mode 100644
index 00000000..39f55dd2
--- /dev/null
+++ b/doc/locales/fr_FR/LC_MESSAGES/development.po
@@ -0,0 +1,2152 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) 2024, Yaal Coop
+# This file is distributed under the same license as the canaille package.
+# FIRST AUTHOR , 2024.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: canaille 0.0.56\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2024-11-22 15:35+0100\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME \n"
+"Language: fr_FR\n"
+"Language-Team: fr_FR \n"
+"Plural-Forms: nplurals=2; plural=(n > 1);\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=utf-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Generated-By: Babel 2.16.0\n"
+
+#: ../../doc/development/changelog.rst:2
+msgid "Release notes"
+msgstr ""
+
+#: ../../doc/development/changelog.rst:4
+msgid "All notable changes to this project will be documented in there."
+msgstr ""
+
+#: ../../doc/development/changelog.rst:6
+msgid ""
+"The format is based on `Keep a Changelog "
+"`_, and this project adheres to "
+"`Semantic Versioning `_."
+msgstr ""
+
+#: ../../CHANGES.rst:2
+msgid "[0.0.57] - Unreleased"
+msgstr ""
+
+#: ../../CHANGES.rst:5 ../../CHANGES.rst:20 ../../CHANGES.rst:48
+#: ../../CHANGES.rst:67 ../../CHANGES.rst:74 ../../CHANGES.rst:93
+#: ../../CHANGES.rst:151 ../../CHANGES.rst:177 ../../CHANGES.rst:192
+#: ../../CHANGES.rst:241 ../../CHANGES.rst:267 ../../CHANGES.rst:286
+#: ../../CHANGES.rst:294 ../../CHANGES.rst:303 ../../CHANGES.rst:327
+#: ../../CHANGES.rst:360 ../../CHANGES.rst:386 ../../CHANGES.rst:433
+#: ../../CHANGES.rst:461 ../../CHANGES.rst:491 ../../CHANGES.rst:547
+#: ../../CHANGES.rst:580 ../../CHANGES.rst:601 ../../CHANGES.rst:611
+#: ../../CHANGES.rst:634 ../../CHANGES.rst:701 ../../CHANGES.rst:739
+#: ../../CHANGES.rst:756 ../../CHANGES.rst:792
+msgid "Added"
+msgstr ""
+
+#: ../../CHANGES.rst:6
+msgid "Password compromission check :issue:`179`"
+msgstr ""
+
+#: ../../CHANGES.rst:7
+msgid ""
+":attr:`~canaille.core.configuration.CoreSettings.ADMIN_EMAIL` and "
+":attr:`~canaille.core.configuration.CoreSettings.ENABLE_PASSWORD_COMPROMISSION_CHECK`"
+" and :attr:`~canaille.core.configuration.CoreSettings.API_URL_HIBP` "
+":issue:`179`"
+msgstr ""
+
+#: ../../CHANGES.rst:13
+msgid "[0.0.56] - 2024-11-07"
+msgstr ""
+
+#: ../../CHANGES.rst:16 ../../CHANGES.rst:58 ../../CHANGES.rst:97
+#: ../../CHANGES.rst:105 ../../CHANGES.rst:113 ../../CHANGES.rst:120
+#: ../../CHANGES.rst:127 ../../CHANGES.rst:141 ../../CHANGES.rst:169
+#: ../../CHANGES.rst:182 ../../CHANGES.rst:200 ../../CHANGES.rst:219
+#: ../../CHANGES.rst:227 ../../CHANGES.rst:253 ../../CHANGES.rst:261
+#: ../../CHANGES.rst:281 ../../CHANGES.rst:311 ../../CHANGES.rst:341
+#: ../../CHANGES.rst:349 ../../CHANGES.rst:373 ../../CHANGES.rst:393
+#: ../../CHANGES.rst:415 ../../CHANGES.rst:425 ../../CHANGES.rst:446
+#: ../../CHANGES.rst:454 ../../CHANGES.rst:477 ../../CHANGES.rst:500
+#: ../../CHANGES.rst:512 ../../CHANGES.rst:521 ../../CHANGES.rst:530
+#: ../../CHANGES.rst:539 ../../CHANGES.rst:559 ../../CHANGES.rst:566
+#: ../../CHANGES.rst:616 ../../CHANGES.rst:624 ../../CHANGES.rst:649
+#: ../../CHANGES.rst:657 ../../CHANGES.rst:665 ../../CHANGES.rst:678
+#: ../../CHANGES.rst:692 ../../CHANGES.rst:724 ../../CHANGES.rst:747
+#: ../../CHANGES.rst:778
+msgid "Fixed"
+msgstr ""
+
+#: ../../CHANGES.rst:17
+msgid ""
+"With LDAP backend, updating another user groups could result in a "
+"permission lost for the editor. :issue:`202`"
+msgstr ""
+
+#: ../../CHANGES.rst:21
+msgid ""
+":attr:`~canaille.core.configuration.CoreSettings.MAX_PASSWORD_LENGHT` and"
+" :attr:`~canaille.core.configuration.CoreSettings.MIN_PASSWORD_LENGHT` "
+"configuration options :issue:`174`"
+msgstr ""
+
+#: ../../CHANGES.rst:23
+msgid "Password strength visual indicator :issue:`174`"
+msgstr ""
+
+#: ../../CHANGES.rst:24
+msgid "Security events logs :issue:`177`"
+msgstr ""
+
+#: ../../CHANGES.rst:25
+msgid "Support for Python 3.13 :pr:`186`"
+msgstr ""
+
+#: ../../CHANGES.rst:28 ../../CHANGES.rst:41 ../../CHANGES.rst:53
+#: ../../CHANGES.rst:78 ../../CHANGES.rst:86 ../../CHANGES.rst:134
+#: ../../CHANGES.rst:158 ../../CHANGES.rst:210 ../../CHANGES.rst:247
+#: ../../CHANGES.rst:316 ../../CHANGES.rst:332 ../../CHANGES.rst:368
+#: ../../CHANGES.rst:405 ../../CHANGES.rst:440 ../../CHANGES.rst:483
+#: ../../CHANGES.rst:587 ../../CHANGES.rst:641 ../../CHANGES.rst:673
+#: ../../CHANGES.rst:687
+msgid "Changed"
+msgstr ""
+
+#: ../../CHANGES.rst:29
+msgid "Update to HTMX 2.0.3 :pr:`184`"
+msgstr ""
+
+#: ../../CHANGES.rst:30
+msgid "Migrate from poetry to uv :pr:`187`"
+msgstr ""
+
+#: ../../CHANGES.rst:31
+msgid ""
+"The ``sql`` package extra is now split between ``sqlite``, ``postgresql``"
+" and ``mysql``."
+msgstr ""
+
+#: ../../CHANGES.rst:34 ../../CHANGES.rst:378 ../../CHANGES.rst:784
+msgid "Removed"
+msgstr ""
+
+#: ../../CHANGES.rst:35
+msgid "End support for python 3.9. :pr:`179`"
+msgstr ""
+
+#: ../../CHANGES.rst:38
+msgid "[0.0.55] - 2024-08-30"
+msgstr ""
+
+#: ../../CHANGES.rst:42
+msgid "Use poetry-core build backend. :pr:`178`"
+msgstr ""
+
+#: ../../CHANGES.rst:45
+msgid "[0.0.54] - 2024-07-25"
+msgstr ""
+
+#: ../../CHANGES.rst:49
+msgid ""
+"Group member removal can be achieved from the group edition page "
+":issue:`192`"
+msgstr ""
+
+#: ../../CHANGES.rst:50
+msgid "Model management commands :issue:`117` :issue:`54`"
+msgstr ""
+
+#: ../../CHANGES.rst:54
+msgid "Model `identifier_attributes` are fixed."
+msgstr ""
+
+#: ../../CHANGES.rst:55
+msgid "Bump to htmx 1.9.12 :pr:`172`"
+msgstr ""
+
+#: ../../CHANGES.rst:60
+msgid "Dark theme colors for better readability"
+msgstr ""
+
+#: ../../CHANGES.rst:61
+msgid "Crash for passwordless users at login when no SMTP server was configured."
+msgstr ""
+
+#: ../../CHANGES.rst:64
+msgid "[0.0.53] - 2024-04-22"
+msgstr ""
+
+#: ../../CHANGES.rst:68
+msgid "`env_prefix` create_app variable can select the environment var prefix."
+msgstr ""
+
+#: ../../CHANGES.rst:71
+msgid "[0.0.52] - 2024-04-22"
+msgstr ""
+
+#: ../../CHANGES.rst:75
+msgid "`env_file` create_app variable can customize/disable the .env file"
+msgstr ""
+
+#: ../../CHANGES.rst:79
+msgid "Locked users cannot be impersonated anymore."
+msgstr ""
+
+#: ../../CHANGES.rst:80
+msgid "Minimum python requirement is 3.9."
+msgstr ""
+
+#: ../../CHANGES.rst:83
+msgid "[0.0.51] - 2024-04-09"
+msgstr ""
+
+#: ../../CHANGES.rst:87
+msgid "Display the menu bar on error pages."
+msgstr ""
+
+#: ../../CHANGES.rst:90
+msgid "[0.0.50] - 2024-04-09"
+msgstr ""
+
+#: ../../CHANGES.rst:94
+msgid "Sign in/out events are logged in :issue:`177`"
+msgstr ""
+
+#: ../../CHANGES.rst:98
+msgid "HTMX and JAVASCRIPT configuration settings."
+msgstr ""
+
+#: ../../CHANGES.rst:99
+msgid "Compatibility with old sessions IDs."
+msgstr ""
+
+#: ../../CHANGES.rst:102
+msgid "[0.0.49] - 2024-04-08"
+msgstr ""
+
+#: ../../CHANGES.rst:106
+msgid "LDAP user group removal."
+msgstr ""
+
+#: ../../CHANGES.rst:107
+msgid "Display an error message when trying to remove the last user from a group."
+msgstr ""
+
+#: ../../CHANGES.rst:110
+msgid "[0.0.48] - 2024-04-08"
+msgstr ""
+
+#: ../../CHANGES.rst:114
+msgid "LDAP objectClass guessing exception."
+msgstr ""
+
+#: ../../CHANGES.rst:117
+msgid "[0.0.47] - 2024-04-08"
+msgstr ""
+
+#: ../../CHANGES.rst:121
+msgid "Lazy permission loading exception."
+msgstr ""
+
+#: ../../CHANGES.rst:124
+msgid "[0.0.46] - 2024-04-08"
+msgstr ""
+
+#: ../../CHANGES.rst:128
+msgid ""
+"Saving an object with the LDAP backend keeps the objectClass un-managed "
+"by Canaille. :pr:`171`"
+msgstr ""
+
+#: ../../CHANGES.rst:131
+msgid "[0.0.45] - 2024-04-04"
+msgstr ""
+
+#: ../../CHANGES.rst:135
+msgid ""
+"Internal indexation mechanism of "
+":class:`~canaille.backends.memory.model.MemoryModel`"
+msgstr ""
+
+#: ../../CHANGES.rst:138
+msgid "[0.0.44] - 2024-03-29"
+msgstr ""
+
+#: ../../CHANGES.rst:142
+msgid "Fix the default LDAP USER_FILTER value"
+msgstr ""
+
+#: ../../CHANGES.rst:143
+msgid "Fix the OIDC feature detection"
+msgstr ""
+
+#: ../../CHANGES.rst:146
+msgid "[0.0.43] - 2024-03-29"
+msgstr ""
+
+#: ../../CHANGES.rst:148
+msgid "🚨Configuration files must be updated.🚨"
+msgstr ""
+
+#: ../../CHANGES.rst:153
+msgid "Add `created` and `last_modified` datetime for all models"
+msgstr ""
+
+#: ../../CHANGES.rst:154
+msgid "Sitemap to the documentation :pr:`169`"
+msgstr ""
+
+#: ../../CHANGES.rst:155
+msgid "Configuration management with pydantic-settings :issue:`138` :pr:`170`"
+msgstr ""
+
+#: ../../CHANGES.rst:160
+msgid "Use default python logging configuration format. :issue:`188` :pr:`165`"
+msgstr ""
+
+#: ../../CHANGES.rst:161
+msgid "Bump to htmx 1.99.11 :pr:`166`"
+msgstr ""
+
+#: ../../CHANGES.rst:162
+msgid ""
+"Use the standard tomllib python module instead of `toml` starting from "
+"python 3.11 :pr:`167`"
+msgstr ""
+
+#: ../../CHANGES.rst:163
+msgid "Use shibuya as the documentation theme :pr:`168`"
+msgstr ""
+
+#: ../../CHANGES.rst:166
+msgid "[0.0.42] - 2023-12-29"
+msgstr ""
+
+#: ../../CHANGES.rst:171
+msgid "Avoid to fail on imports if ``cryptography`` is missing."
+msgstr ""
+
+#: ../../CHANGES.rst:174
+msgid "[0.0.41] - 2023-12-25"
+msgstr ""
+
+#: ../../CHANGES.rst:179
+msgid "OIDC `prompt=create` support. :issue:`185` :pr:`164`"
+msgstr ""
+
+#: ../../CHANGES.rst:184
+msgid "Correctly set up Client audience during OIDC dynamic registration."
+msgstr ""
+
+#: ../../CHANGES.rst:185
+msgid ""
+"``post_logout_redirect_uris`` was ignored during OIDC dynamic "
+"registration."
+msgstr ""
+
+#: ../../CHANGES.rst:186
+msgid "Group field error prevented the registration form validation."
+msgstr ""
+
+#: ../../CHANGES.rst:189
+msgid "[0.0.40] - 2023-12-22"
+msgstr ""
+
+#: ../../CHANGES.rst:194
+msgid "``THEME`` can be a relative path"
+msgstr ""
+
+#: ../../CHANGES.rst:197
+msgid "[0.0.39] - 2023-12-15"
+msgstr ""
+
+#: ../../CHANGES.rst:202
+msgid "Crash when no ACL were defined"
+msgstr ""
+
+#: ../../CHANGES.rst:203
+msgid "OIDC Userinfo endpoint is also available in POST"
+msgstr ""
+
+#: ../../CHANGES.rst:204
+msgid "Fix redirection after password reset :issue:`159`"
+msgstr ""
+
+#: ../../CHANGES.rst:207
+msgid "[0.0.38] - 2023-12-15"
+msgstr ""
+
+#: ../../CHANGES.rst:212
+msgid "Convert all the png in webp. :pr:`162`"
+msgstr ""
+
+#: ../../CHANGES.rst:213
+msgid "Update to flask 3 :issue:`161` :pr:`163`"
+msgstr ""
+
+#: ../../CHANGES.rst:216
+msgid "[0.0.37] - 2023-12-01"
+msgstr ""
+
+#: ../../CHANGES.rst:221
+msgid "Handle 4xx and 5xx error codes with htmx. :issue:`171` :pr:`161`"
+msgstr ""
+
+#: ../../CHANGES.rst:224
+msgid "[0.0.36] - 2023-12-01"
+msgstr ""
+
+#: ../../CHANGES.rst:229
+msgid "Avoid crashing when LDAP groups references unexisting users."
+msgstr ""
+
+#: ../../CHANGES.rst:230
+msgid ""
+"Password reset and initialization mails were only sent to the preferred "
+"user email address."
+msgstr ""
+
+#: ../../CHANGES.rst:232
+msgid ""
+"Password reset and initialization mails were not sent at all the user "
+"addresses if one email address could not be reached."
+msgstr ""
+
+#: ../../CHANGES.rst:234
+msgid "Password comparison was too permissive on login."
+msgstr ""
+
+#: ../../CHANGES.rst:235
+msgid "Encrypt passwords in the SQL backend."
+msgstr ""
+
+#: ../../CHANGES.rst:238
+msgid "[0.0.35] - 2023-11-25"
+msgstr ""
+
+#: ../../CHANGES.rst:243
+msgid ""
+"Refresh token grant supports other client authentication methods. "
+":pr:`157`"
+msgstr ""
+
+#: ../../CHANGES.rst:244
+msgid "Implement a SQLAlchemy backend. :issue:`30` :pr:`158`"
+msgstr ""
+
+#: ../../CHANGES.rst:249
+msgid "Model attributes cardinality is closer to SCIM model. :pr:`155`"
+msgstr ""
+
+#: ../../CHANGES.rst:250
+msgid "Bump to htmx 1.9.9 :pr:`159`"
+msgstr ""
+
+#: ../../CHANGES.rst:255
+msgid "Disable HTMX boosting during the OIDC dance. :pr:`160`"
+msgstr ""
+
+#: ../../CHANGES.rst:258
+msgid "[0.0.34] - 2023-10-02"
+msgstr ""
+
+#: ../../CHANGES.rst:263
+msgid ""
+"Canaille installations without account lockabilty could not delete users."
+" :pr:`153`"
+msgstr ""
+
+#: ../../CHANGES.rst:269
+msgid ""
+"If users register or authenticate during a OAuth Authorization phase, "
+"they get redirected back to that page afterwards. :issue:`168` :pr:`151`"
+msgstr ""
+
+#: ../../CHANGES.rst:272
+msgid "flask-babel and pytz are now part of the `front` extras"
+msgstr ""
+
+#: ../../CHANGES.rst:273
+msgid "Bump to fomantic-ui 2.9.3 :pr:`152`"
+msgstr ""
+
+#: ../../CHANGES.rst:274
+msgid "Bump to htmx 1.9.6 :pr:`154`"
+msgstr ""
+
+#: ../../CHANGES.rst:275
+msgid "Add support for python 3.12 :pr:`155`"
+msgstr ""
+
+#: ../../CHANGES.rst:278
+msgid "[0.0.33] - 2023-08-26"
+msgstr ""
+
+#: ../../CHANGES.rst:283
+msgid "OIDC jwks endpoint do not return empty kid claim"
+msgstr ""
+
+#: ../../CHANGES.rst:288
+msgid "Documentation details on the canaille models."
+msgstr ""
+
+#: ../../CHANGES.rst:291
+msgid "[0.0.32] - 2023-08-17"
+msgstr ""
+
+#: ../../CHANGES.rst:296
+msgid "Additional inmemory backend :issue:`30` :pr:`149`"
+msgstr ""
+
+#: ../../CHANGES.rst:297
+msgid "Installation extras :issue:`167` :pr:`150`"
+msgstr ""
+
+#: ../../CHANGES.rst:300
+msgid "[0.0.31] - 2023-08-15"
+msgstr ""
+
+#: ../../CHANGES.rst:305
+msgid "Configuration option to disable the forced usage of OIDC nonce :pr:`143`"
+msgstr ""
+
+#: ../../CHANGES.rst:306
+msgid "Validate phone numbers with a regex :pr:`146`"
+msgstr ""
+
+#: ../../CHANGES.rst:307
+msgid "Email verification :issue:`41` :pr:`147`"
+msgstr ""
+
+#: ../../CHANGES.rst:308
+msgid "Account registration :issue:`55` :pr:`133` :pr:`148`"
+msgstr ""
+
+#: ../../CHANGES.rst:313
+msgid "The `check` command uses the default configuration values."
+msgstr ""
+
+#: ../../CHANGES.rst:318
+msgid "Modals do not need use javascript at the moment. :issue:`158` :pr:`144`"
+msgstr ""
+
+#: ../../CHANGES.rst:321
+msgid "[0.0.30] - 2023-07-06"
+msgstr ""
+
+#: ../../CHANGES.rst:323
+msgid ""
+"🚨Configuration files must be updated.🚨 Check the new format with ``git "
+"diff 0.0.29 0.0.30 canaille/conf/config.sample.toml``"
+msgstr ""
+
+#: ../../CHANGES.rst:329
+msgid "Configuration option to disable javascript :pr:`141`"
+msgstr ""
+
+#: ../../CHANGES.rst:334
+msgid "Configuration ``USER_FILTER`` is parsed with jinja."
+msgstr ""
+
+#: ../../CHANGES.rst:335
+msgid ""
+"Configuration use ``PRIVATE_KEY_FILE`` instead of ``PRIVATE_KEY`` and "
+"``PUBLIC_KEY_FILE`` instead of ``PUBLIC_KEY``"
+msgstr ""
+
+#: ../../CHANGES.rst:338
+msgid "[0.0.29] - 2023-06-30"
+msgstr ""
+
+#: ../../CHANGES.rst:343
+msgid "Disabled HTMX boosting on OIDC forms to avoid errors."
+msgstr ""
+
+#: ../../CHANGES.rst:346
+msgid "[0.0.28] - 2023-06-30"
+msgstr ""
+
+#: ../../CHANGES.rst:351
+msgid "A template variable was misnamed."
+msgstr ""
+
+#: ../../CHANGES.rst:354
+msgid "[0.0.27] - 2023-06-29"
+msgstr ""
+
+#: ../../CHANGES.rst:356
+msgid ""
+"🚨Configuration files must be updated.🚨 Check the new format with ``git "
+"diff 0.0.26 0.0.27 canaille/conf/config.sample.toml``"
+msgstr ""
+
+#: ../../CHANGES.rst:362
+msgid ""
+"Configuration entries can be loaded from files if the entry key has a "
+"*_FILE* suffix and the entry value is the path to the file. :issue:`134` "
+":pr:`134`"
+msgstr ""
+
+#: ../../CHANGES.rst:364
+msgid "Field list support. :issue:`115` :pr:`136`"
+msgstr ""
+
+#: ../../CHANGES.rst:365
+msgid "Pages are boosted with HTMX :issue:`144` :issue:`145` :pr:`137`"
+msgstr ""
+
+#: ../../CHANGES.rst:370
+msgid "Bump to jquery 3.7.0 :pr:`138`"
+msgstr ""
+
+#: ../../CHANGES.rst:375
+msgid "Profile edition when the user RDN was not ``uid`` :issue:`148` :pr:`139`"
+msgstr ""
+
+#: ../../CHANGES.rst:380
+msgid "Stop support for python 3.7 :pr:`131`"
+msgstr ""
+
+#: ../../CHANGES.rst:383
+msgid "[0.0.26] - 2023-06-03"
+msgstr ""
+
+#: ../../CHANGES.rst:388
+msgid ""
+"Implemented account expiration based on OpenLDAP ppolicy overlay. Needs "
+"OpenLDAP 2.5+ :issue:`13` :pr:`118`"
+msgstr ""
+
+#: ../../CHANGES.rst:390
+msgid "Timezone configuration entry. :issue:`137` :pr:`130`"
+msgstr ""
+
+#: ../../CHANGES.rst:395
+msgid "Avoid setting ``None`` in JWT claims when they have no value."
+msgstr ""
+
+#: ../../CHANGES.rst:396
+msgid "Display password recovery button on OIDC login page. :pr:`129`"
+msgstr ""
+
+#: ../../CHANGES.rst:399
+msgid "[0.0.25] - 2023-05-05"
+msgstr ""
+
+#: ../../CHANGES.rst:401
+msgid ""
+"🚨Configuration files must be updated.🚨 Check the new format with ``git "
+"diff 0.0.25 0.0.24 canaille/conf/config.sample.toml``"
+msgstr ""
+
+#: ../../CHANGES.rst:407
+msgid "Renamed user model attributes to match SCIM naming convention. :pr:`123`"
+msgstr ""
+
+#: ../../CHANGES.rst:408
+msgid "Moved OIDC related configuration entries in ``OIDC``"
+msgstr ""
+
+#: ../../CHANGES.rst:409
+msgid "Moved ``LDAP`` configuration entry to ``BACKENDS.LDAP``"
+msgstr ""
+
+#: ../../CHANGES.rst:410
+msgid "Bumped to htmx 1.9.0 :pr:`124`"
+msgstr ""
+
+#: ../../CHANGES.rst:411
+msgid ""
+"ACL filters are no more LDAP filters but user attribute mappings. "
+":pr:`125`"
+msgstr ""
+
+#: ../../CHANGES.rst:412
+msgid "Bumped to htmx 1.9.2 :pr:`127`"
+msgstr ""
+
+#: ../../CHANGES.rst:417
+msgid "``OIDC.JWT.MAPPING`` configuration entry is really optional now."
+msgstr ""
+
+#: ../../CHANGES.rst:418
+msgid "Fixed empty model attributes registration :pr:`125`"
+msgstr ""
+
+#: ../../CHANGES.rst:419
+msgid "Password initialization mails were not correctly sent. :pr:`128`"
+msgstr ""
+
+#: ../../CHANGES.rst:422
+msgid "[0.0.24] - 2023-04-07"
+msgstr ""
+
+#: ../../CHANGES.rst:427
+msgid "Fixed avatar update. :pr:`122`"
+msgstr ""
+
+#: ../../CHANGES.rst:430
+msgid "[0.0.23] - 2023-04-05"
+msgstr ""
+
+#: ../../CHANGES.rst:435
+msgid "Organization field. :pr:`116`"
+msgstr ""
+
+#: ../../CHANGES.rst:436
+msgid "ETag and Last-Modified headers on user photos. :pr:`116`"
+msgstr ""
+
+#: ../../CHANGES.rst:437
+msgid "Dynamic form validation :pr:`120`"
+msgstr ""
+
+#: ../../CHANGES.rst:442
+msgid "UX rework. Submenu addition. :pr:`114`"
+msgstr ""
+
+#: ../../CHANGES.rst:443
+msgid "Properly handle LDAP date timezones. :pr:`117`"
+msgstr ""
+
+#: ../../CHANGES.rst:448
+msgid "CSRF protection on every forms. :pr:`119`"
+msgstr ""
+
+#: ../../CHANGES.rst:451
+msgid "[0.0.22] - 2023-03-13"
+msgstr ""
+
+#: ../../CHANGES.rst:455
+msgid "faker is not imported anymore when the `clean` command is called."
+msgstr ""
+
+#: ../../CHANGES.rst:458
+msgid "[0.0.21] - 2023-03-12"
+msgstr ""
+
+#: ../../CHANGES.rst:463
+msgid "Display TOS and policy URI on the consent list page. :pr:`102`"
+msgstr ""
+
+#: ../../CHANGES.rst:464
+msgid "Admin token deletion :pr:`100` :pr:`101`"
+msgstr ""
+
+#: ../../CHANGES.rst:465
+msgid "Revoked consents can be restored. :pr:`103`"
+msgstr ""
+
+#: ../../CHANGES.rst:466
+msgid ""
+"Pre-consented clients are displayed in the user consent list, and their "
+"consents can be revoked. :issue:`69` :pr:`103`"
+msgstr ""
+
+#: ../../CHANGES.rst:468
+msgid ""
+"A ``populate`` command can be used to fill the database with random users"
+" generated with faker. :pr:`105`"
+msgstr ""
+
+#: ../../CHANGES.rst:470
+msgid "SMTP SSL support. :pr:`108`"
+msgstr ""
+
+#: ../../CHANGES.rst:471
+msgid "Server side pagination. :issue:`114` :pr:`111`"
+msgstr ""
+
+#: ../../CHANGES.rst:472
+msgid "Department number support. :issue:`129`"
+msgstr ""
+
+#: ../../CHANGES.rst:473
+msgid "Address edition support (but not in the OIDC claims yet) :pr:`112`"
+msgstr ""
+
+#: ../../CHANGES.rst:474
+msgid "Title edition support :pr:`113`"
+msgstr ""
+
+#: ../../CHANGES.rst:479
+msgid ""
+"Client deletion also deletes related Consent, Token and AuthorizationCode"
+" objects. :issue:`126` :pr:`98`"
+msgstr ""
+
+#: ../../CHANGES.rst:485
+msgid "Removed datatables."
+msgstr ""
+
+#: ../../CHANGES.rst:488
+msgid "[0.0.20] - 2023-01-28"
+msgstr ""
+
+#: ../../CHANGES.rst:493
+msgid "Spanish translation. :pr:`85` :pr:`88`"
+msgstr ""
+
+#: ../../CHANGES.rst:494
+msgid "Dedicated connectivity test email :pr:`89`"
+msgstr ""
+
+#: ../../CHANGES.rst:495
+msgid "Update to jquery 3.6.3 :pr:`90`"
+msgstr ""
+
+#: ../../CHANGES.rst:496
+msgid "Update to fomantic-ui 2.9.1 :pr:`90`"
+msgstr ""
+
+#: ../../CHANGES.rst:497
+msgid "Update to datatables 1.13.1 :pr:`90`"
+msgstr ""
+
+#: ../../CHANGES.rst:502
+msgid "Fix typos and grammar errors. :pr:`84`"
+msgstr ""
+
+#: ../../CHANGES.rst:503
+msgid "Fix wording and punctuations. :pr:`86`"
+msgstr ""
+
+#: ../../CHANGES.rst:504
+msgid "Fix HTML lang tag :issue:`122` :pr:`87`"
+msgstr ""
+
+#: ../../CHANGES.rst:505
+msgid "Automatically trims the HTML translated strings. :pr:`91`"
+msgstr ""
+
+#: ../../CHANGES.rst:506
+msgid "Fixed dynamic registration scope management. :issue:`123` :pr:`93`"
+msgstr ""
+
+#: ../../CHANGES.rst:509
+msgid "[0.0.19] - 2023-01-14"
+msgstr ""
+
+#: ../../CHANGES.rst:514
+msgid ""
+"Ensures the token `expires_in` claim and the `access_token` `exp` claim "
+"have the same value. :pr:`83`"
+msgstr ""
+
+#: ../../CHANGES.rst:518
+msgid "[0.0.18] - 2022-12-28"
+msgstr ""
+
+#: ../../CHANGES.rst:523
+msgid ""
+"OIDC end_session was not returning the ``state`` parameter in the "
+"``post_logout_redirect_uri`` :pr:`82`"
+msgstr ""
+
+#: ../../CHANGES.rst:527
+msgid "[0.0.17] - 2022-12-26"
+msgstr ""
+
+#: ../../CHANGES.rst:532
+msgid "Fixed group deletion button. :pr:`80`"
+msgstr ""
+
+#: ../../CHANGES.rst:533
+msgid "Fixed post requests in oidc clients views. :pr:`81`"
+msgstr ""
+
+#: ../../CHANGES.rst:536
+msgid "[0.0.16] - 2022-12-15"
+msgstr ""
+
+#: ../../CHANGES.rst:541
+msgid "Fixed LDAP operational attributes handling."
+msgstr ""
+
+#: ../../CHANGES.rst:544
+msgid "[0.0.15] - 2022-12-15"
+msgstr ""
+
+#: ../../CHANGES.rst:549
+msgid "User can chose their favourite display name. :pr:`77`"
+msgstr ""
+
+#: ../../CHANGES.rst:550
+msgid "Bumped to authlib 1.2. :pr:`78`"
+msgstr ""
+
+#: ../../CHANGES.rst:551
+msgid ""
+"Implemented RFC7592 OAuth 2.0 Dynamic Client Registration Management "
+"Protocol :pr:`79`"
+msgstr ""
+
+#: ../../CHANGES.rst:553
+msgid "Added ``nonce`` to the ``claims_supported`` server metadata list."
+msgstr ""
+
+#: ../../CHANGES.rst:556
+msgid "[0.0.14] - 2022-11-29"
+msgstr ""
+
+#: ../../CHANGES.rst:560
+msgid "Fixed translation mo files packaging."
+msgstr ""
+
+#: ../../CHANGES.rst:563
+msgid "[0.0.13] - 2022-11-21"
+msgstr ""
+
+#: ../../CHANGES.rst:568
+msgid ""
+"Fixed a bug on the contacts field in the admin client form following the "
+"LDAP schema update of 0.0.12"
+msgstr ""
+
+#: ../../CHANGES.rst:570
+msgid ""
+"Fixed a bug happening during RP initiated logout on clients without "
+"`post_logout_redirect_uri` defined."
+msgstr ""
+
+#: ../../CHANGES.rst:572
+msgid "Gitlab CI fix. :pr:`64`"
+msgstr ""
+
+#: ../../CHANGES.rst:573
+msgid "Fixed `client_secret` display on the client administration page. :pr:`65`"
+msgstr ""
+
+#: ../../CHANGES.rst:574
+msgid "Fixed non-square logo CSS. :pr:`67`"
+msgstr ""
+
+#: ../../CHANGES.rst:575
+msgid "Fixed schema path on installation. :pr:`68`"
+msgstr ""
+
+#: ../../CHANGES.rst:576
+msgid "Fixed RFC7591 ``software_statement`` claim support. :pr:`70`"
+msgstr ""
+
+#: ../../CHANGES.rst:577
+msgid "Fixed client preconsent disabling. :pr:`72`"
+msgstr ""
+
+#: ../../CHANGES.rst:582
+msgid "Python 3.11 support. :pr:`61`"
+msgstr ""
+
+#: ../../CHANGES.rst:583
+msgid "apparmor slapd configuration instructions in CONTRIBUTING.rst :pr:`66`"
+msgstr ""
+
+#: ../../CHANGES.rst:584
+msgid "``preferredLanguage`` attribute support. :pr:`75`"
+msgstr ""
+
+#: ../../CHANGES.rst:589
+msgid ""
+"Replaced the use of the deprecated `FLASK_ENV` environment variable by "
+"`FLASK_DEBUG`."
+msgstr ""
+
+#: ../../CHANGES.rst:591
+msgid ""
+"Dynamically generate the server metadata. Users won't have to copy and "
+"manually edit ``oauth-authorizationserver.json`` and ``openid-"
+"configuration.json``. :pr:`71`"
+msgstr ""
+
+#: ../../CHANGES.rst:594
+msgid "The `FROM_ADDR` configuration option is not mandatory anymore. :pr:`73`"
+msgstr ""
+
+#: ../../CHANGES.rst:595
+msgid "The `JWT.ISS` configuration option is not mandatory anymore. :pr:`74`"
+msgstr ""
+
+#: ../../CHANGES.rst:598
+msgid "[0.0.12] - 2022-10-24"
+msgstr ""
+
+#: ../../CHANGES.rst:603
+msgid "Basic WebFinger endpoint. :pr:`59`"
+msgstr ""
+
+#: ../../CHANGES.rst:604
+msgid "Bumped to FomanticUI 2.9.0 00ffffee"
+msgstr ""
+
+#: ../../CHANGES.rst:605
+msgid "Implemented Dynamic Client Registration :pr:`60`"
+msgstr ""
+
+#: ../../CHANGES.rst:608
+msgid "[0.0.11] - 2022-08-11"
+msgstr ""
+
+#: ../../CHANGES.rst:613
+msgid "Default theme has a dark variant. :pr:`57`"
+msgstr ""
+
+#: ../../CHANGES.rst:618
+msgid "Fixed missing ``canaille`` binary. :pr:`58`"
+msgstr ""
+
+#: ../../CHANGES.rst:621
+msgid "[0.0.10] - 2022-07-07"
+msgstr ""
+
+#: ../../CHANGES.rst:626
+msgid "Online demo. :pr:`55`"
+msgstr ""
+
+#: ../../CHANGES.rst:627
+msgid "The consent page was displaying scopes not supported by clients. :pr:`56`"
+msgstr ""
+
+#: ../../CHANGES.rst:628
+msgid "Fixed end session when user are already disconnected."
+msgstr ""
+
+#: ../../CHANGES.rst:631
+msgid "[0.0.9] - 2022-06-05"
+msgstr ""
+
+#: ../../CHANGES.rst:636
+msgid ""
+"``DISABLE_PASSWORD_RESET`` configuration option to disable password "
+"recovery. :pr:`46`"
+msgstr ""
+
+#: ../../CHANGES.rst:637
+msgid "``edit_self`` ACL permission to control user self edition. :pr:`47`"
+msgstr ""
+
+#: ../../CHANGES.rst:638
+msgid "Implemented RP-initiated logout :pr:`54`"
+msgstr ""
+
+#: ../../CHANGES.rst:643
+msgid "Bumped to authlib 1 :pr:`48`"
+msgstr ""
+
+#: ../../CHANGES.rst:644
+msgid "documentation improvements :pr:`50`"
+msgstr ""
+
+#: ../../CHANGES.rst:645
+msgid "use poetry instead of setuptools :pr:`51`"
+msgstr ""
+
+#: ../../CHANGES.rst:646
+msgid "additional nonce tests :pr:`52`"
+msgstr ""
+
+#: ../../CHANGES.rst:650
+msgid "``HIDE_INVALID_LOGIN`` behavior and default value."
+msgstr ""
+
+#: ../../CHANGES.rst:651
+msgid "mo files are not versioned anymore :pr:`49` :pr:`53`"
+msgstr ""
+
+#: ../../CHANGES.rst:654
+msgid "[0.0.8] - 2022-03-15"
+msgstr ""
+
+#: ../../CHANGES.rst:659
+msgid "Fixed dependencies"
+msgstr ""
+
+#: ../../CHANGES.rst:662
+msgid "[0.0.7] - 2022-03-15"
+msgstr ""
+
+#: ../../CHANGES.rst:667
+msgid "Fixed spaces and escaped special char in ldap cn/dn :pr:`43`"
+msgstr ""
+
+#: ../../CHANGES.rst:670
+msgid "[0.0.6] - 2022-03-08"
+msgstr ""
+
+#: ../../CHANGES.rst:675
+msgid "Access token are JWT. :pr:`38`"
+msgstr ""
+
+#: ../../CHANGES.rst:680
+msgid "Default groups on invitations :pr:`41`"
+msgstr ""
+
+#: ../../CHANGES.rst:681
+msgid "Schemas are shipped within the canaille package :pr:`42`"
+msgstr ""
+
+#: ../../CHANGES.rst:684
+msgid "[0.0.5] - 2022-02-17"
+msgstr ""
+
+#: ../../CHANGES.rst:689
+msgid "LDAP model objects have new identifiers :pr:`37`"
+msgstr ""
+
+#: ../../CHANGES.rst:694
+msgid "Admin menu dropdown display :pr:`39`"
+msgstr ""
+
+#: ../../CHANGES.rst:695
+msgid "`GROUP_ID_ATTRIBUTE` configuration typo :pr:`40`"
+msgstr ""
+
+#: ../../CHANGES.rst:698
+msgid "[0.0.4] - 2022-02-16"
+msgstr ""
+
+#: ../../CHANGES.rst:703
+msgid "Client preauthorization :pr:`11`"
+msgstr ""
+
+#: ../../CHANGES.rst:704
+msgid "LDAP permissions check with the check command :pr:`12`"
+msgstr ""
+
+#: ../../CHANGES.rst:705
+msgid ""
+"Update consents when a scope required is larger than the scope of an "
+"already given consent :pr:`13`"
+msgstr ""
+
+#: ../../CHANGES.rst:707
+msgid "Theme customization :pr:`15`"
+msgstr ""
+
+#: ../../CHANGES.rst:708
+msgid "Logging configuration :pr:`16`"
+msgstr ""
+
+#: ../../CHANGES.rst:709
+msgid "Installation command :pr:`17`"
+msgstr ""
+
+#: ../../CHANGES.rst:710
+msgid "Invitation links :pr:`18`"
+msgstr ""
+
+#: ../../CHANGES.rst:711
+msgid "Advanced permissions :pr:`20`"
+msgstr ""
+
+#: ../../CHANGES.rst:712
+msgid "An option to not use OIDC :pr:`23`"
+msgstr ""
+
+#: ../../CHANGES.rst:713
+msgid "Disable some features when no SMTP server is configured :pr:`24`"
+msgstr ""
+
+#: ../../CHANGES.rst:714
+msgid ""
+"Login placeholder dynamically generated according to the configuration "
+":pr:`25`"
+msgstr ""
+
+#: ../../CHANGES.rst:715
+msgid "Added an option to tune object IDs :pr:`26`"
+msgstr ""
+
+#: ../../CHANGES.rst:716
+msgid "Avatar support :pr:`27`"
+msgstr ""
+
+#: ../../CHANGES.rst:717
+msgid "Dynamical and configurable JWT claims :pr:`28`"
+msgstr ""
+
+#: ../../CHANGES.rst:718
+msgid "UI improvements :pr:`29`"
+msgstr ""
+
+#: ../../CHANGES.rst:719
+msgid "Invitation links expiration :pr:`30`"
+msgstr ""
+
+#: ../../CHANGES.rst:720
+msgid "Invitees can choose their IDs :pr:`31`"
+msgstr ""
+
+#: ../../CHANGES.rst:721
+msgid "LDAP backend refactoring :pr:`35`"
+msgstr ""
+
+#: ../../CHANGES.rst:726
+msgid "Fixed ghost members in a group :pr:`14`"
+msgstr ""
+
+#: ../../CHANGES.rst:727
+msgid "Fixed email sender names :pr:`19`"
+msgstr ""
+
+#: ../../CHANGES.rst:728
+msgid "Fixed filter being not escaped :pr:`21`"
+msgstr ""
+
+#: ../../CHANGES.rst:729
+msgid "Demo script good practices :pr:`32`"
+msgstr ""
+
+#: ../../CHANGES.rst:730
+msgid "Binary path for Debian :pr:`33`"
+msgstr ""
+
+#: ../../CHANGES.rst:731
+msgid ""
+"Last name was not mandatory in the forms while this was mandatory in the "
+"LDAP server :pr:`34`"
+msgstr ""
+
+#: ../../CHANGES.rst:733
+msgid "Spelling typos :pr:`36`"
+msgstr ""
+
+#: ../../CHANGES.rst:736
+msgid "[0.0.3] - 2021-10-13"
+msgstr ""
+
+#: ../../CHANGES.rst:741
+msgid "Two-steps sign-in :issue:`49`"
+msgstr ""
+
+#: ../../CHANGES.rst:742
+msgid "Tokens can have several audiences. :issue:`62` :pr:`9`"
+msgstr ""
+
+#: ../../CHANGES.rst:743
+msgid "Configuration check command. :issue:`66` :pr:`8`"
+msgstr ""
+
+#: ../../CHANGES.rst:744
+msgid "Groups management. :issue:`12` :pr:`6`"
+msgstr ""
+
+#: ../../CHANGES.rst:749
+msgid "Introspection access bugfix. :issue:`63` :pr:`10`"
+msgstr ""
+
+#: ../../CHANGES.rst:750
+msgid "Introspection sub claim. :issue:`64` :pr:`7`"
+msgstr ""
+
+#: ../../CHANGES.rst:753
+msgid "[0.0.2] - 2021-01-06"
+msgstr ""
+
+#: ../../CHANGES.rst:758
+msgid "Login page is responsive. :issue:`1`"
+msgstr ""
+
+#: ../../CHANGES.rst:759
+msgid "Adapt mobile keyboards to login page fields. :issue:`2`"
+msgstr ""
+
+#: ../../CHANGES.rst:760
+msgid "Password recovery interface. :issue:`3`"
+msgstr ""
+
+#: ../../CHANGES.rst:761
+msgid "User profile interface. :issue:`4`"
+msgstr ""
+
+#: ../../CHANGES.rst:762
+msgid "Renamed the project *canaille*. :issue:`5`"
+msgstr ""
+
+#: ../../CHANGES.rst:763
+msgid "Command to remove old tokens. :issue:`17`"
+msgstr ""
+
+#: ../../CHANGES.rst:764
+msgid "Improved password recovery email. :issue:`14` :issue:`26`"
+msgstr ""
+
+#: ../../CHANGES.rst:765
+msgid ""
+"Use flask `SERVER_NAME` configuration variable instead of `URL`. "
+":issue:`24`"
+msgstr ""
+
+#: ../../CHANGES.rst:766
+msgid "Improved consents page. :issue:`27`"
+msgstr ""
+
+#: ../../CHANGES.rst:767
+msgid "Admin user page. :issue:`8`"
+msgstr ""
+
+#: ../../CHANGES.rst:768
+msgid "Project logo. :pr:`29`"
+msgstr ""
+
+#: ../../CHANGES.rst:769
+msgid ""
+"User account self-deletion can be enabled in the configuration with "
+"`SELF_DELETION`. :issue:`35`"
+msgstr ""
+
+#: ../../CHANGES.rst:770
+msgid "Admins can impersonate users. :issue:`39`"
+msgstr ""
+
+#: ../../CHANGES.rst:771
+msgid "Forgotten page UX improvement. :pr:`43`"
+msgstr ""
+
+#: ../../CHANGES.rst:772
+msgid "Admins can remove clients. :pr:`45`"
+msgstr ""
+
+#: ../../CHANGES.rst:773
+msgid ""
+"Option `HIDE_INVALID_LOGIN` that can be unactivated to let the user know "
+"if the login he attempt to sign in with exists or not. :pr:`48`"
+msgstr ""
+
+#: ../../CHANGES.rst:775
+msgid "Password initialization mail. :pr:`51`"
+msgstr ""
+
+#: ../../CHANGES.rst:780
+msgid "Form translations. :issue:`19` :issue:`23`"
+msgstr ""
+
+#: ../../CHANGES.rst:781
+msgid "Avoid to use Google Fonts. :issue:`21`"
+msgstr ""
+
+#: ../../CHANGES.rst:786
+msgid "'My tokens' page. :issue:`22`"
+msgstr ""
+
+#: ../../CHANGES.rst:789
+msgid "[0.0.1] - 2020-10-21"
+msgstr ""
+
+#: ../../CHANGES.rst:794
+msgid "Initial release."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:2
+msgid "Contributions"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:4
+msgid "Contributions are welcome!"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:6
+msgid ""
+"The repository is hosted at `gitlab.com/yaal/canaille "
+"`_."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:9
+msgid "Discuss"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:11
+msgid ""
+"If you want to implement a feature or a bugfix, please start by "
+"discussing it with us on the `bugtracker "
+"`_ or the `matrix room "
+"`_."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:16
+msgid "Development environment"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:18
+msgid "You can either run the demo locally or with Docker."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:20
+msgid ""
+"The only tool required for local development is `uv`. Make sure to have "
+"uv `installed on your computer `_ to be able to hack Canaille."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:24
+msgid ""
+"Initialize your development environment with: - ``uv sync --extra front "
+"--extra oidc`` to have a minimal working development environment. This "
+"will allow you to run the tests with ``uv pytest --backend memory``. - "
+"``uv sync --extra front --extra oidc --extra sqlite`` to have a minimal "
+"working development environment with SQLite backend support. This will "
+"allow you to run the tests with ``uv pytest --backend sql``. - ``uv sync "
+"--extra front --extra oidc --extra ldap`` to have a minimal working "
+"development environment with LDAP backend support. This will allow you to"
+" run the tests with ``uv pytest --backend ldap``. - ``uv sync --all-"
+"extras`` if you want to have everything at your fingertips. Note that it "
+"may compile some Python dependencies that would expect things to be "
+"installed on your system; Some dependencies of Canaille might need to be "
+"compiled, so you probably want to check that `GCC` and `cargo` are "
+"available on your computer."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:31
+msgid "After having launched the demo you have access to several services:"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:33
+msgid "A canaille server at `localhost:5000 `_"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:34
+msgid "A dummy client at `localhost:5001 `_"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:35
+msgid "Another dummy client at `localhost:5002 `_"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:37
+msgid "The canaille server has some default users:"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:39
+msgid "A regular user which login and password are **user**;"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:40
+msgid "A moderator user which login and password are **moderator**;"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:41
+msgid "An admin user which admin and password are **admin**;"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:42
+msgid ""
+"A new user which login is **james**. This user has no password yet, and "
+"his first attempt to log-in would result in sending a password "
+"initialization email (if a smtp server is configured)."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:47 ../../doc/development/specifications.rst:62
+msgid "Backends"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:49
+msgid "Canaille comes with several backends:"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:51
+msgid "a lightweight test purpose `memory` backend"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:52
+msgid "a `sql` backend, based on sqlalchemy"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:53
+msgid "a production-ready `LDAP` backend"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:56
+msgid "Docker environment"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:58
+msgid ""
+"If you want to develop with docker, your browser needs to be able to "
+"reach the `canaille` container. The docker-compose file exposes the right"
+" ports, but front requests are from outside the docker network: the "
+"`canaille` url that makes sense for docker, points nowhere from your "
+"browser. As exposed ports are on `localhost`, you need to tell your "
+"computer that `canaille` url means `localhost`."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:63
+msgid "To do that, you can add the following line to your `/etc/hosts`:"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:69
+msgid "To launch containers, use:"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:84
+msgid "Local environment"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:98
+msgid ""
+"If you want to run the demo locally with the LDAP backend, you need to "
+"have `OpenLDAP `_ installed on your system. It"
+" is generally shipped under the ``slapd`` or ``openldap`` package name."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:103
+msgid ""
+"On Debian or Ubuntu systems, the OpenLDAP `slapd` binary usage might be "
+"restricted by apparmor, and thus makes the tests and the demo fail. This "
+"can be mitigated by removing apparmor restrictions on `slapd`."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:113
+msgid "Populate the database"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:115
+msgid ""
+"The demo database comes populated with some random users and groups. If "
+"you need more, you can generate users and groups with the ``populate`` "
+"command:"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:126
+msgid ""
+"Adapt to use either the `ldap` or the `sql` configuration file. Note that"
+" this will not work with the memory backend."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:129
+msgid "Unit tests"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:131
+msgid ""
+"To run the tests, you just can run `uv run pytest` and/or `uv run tox` to"
+" test all the supported python environments. Everything must be green "
+"before patches get merged."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:134
+msgid ""
+"To test a specific backend you can pass ``--backend memory``, ``--backend"
+" sql`` or ``--backend ldap`` to pytest and tox."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:136
+msgid ""
+"The test coverage is 100%, patches won't be accepted if not entirely "
+"covered. You can check the test coverage with ``uv run pytest --cov "
+"--cov-report=html`` or ``uv run tox -e coverage -- --cov-report=html``. "
+"You can check the HTML coverage report in the newly created `htmlcov` "
+"directory."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:141
+msgid "Code style"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:143
+msgid ""
+"We use `ruff `_ along with other tools to "
+"format our code. Please run ``uv run tox -e style`` on your patches "
+"before submitting them. In order to perform a style check and correction "
+"at each commit you can use our `pre-commit `_ "
+"configuration with ``uv run pre-commit install``."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:149
+msgid "Front"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:151
+msgid ""
+"The interface is built upon the `Fomantic UI `_"
+" CSS framework. The dynamical parts of the interface use `htmx "
+"`_."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:154
+msgid ""
+"Using Javascript in the interface is tolerated, but the whole website "
+"MUST be accessible for browsers without Javascript support, and without "
+"any feature loss."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:156
+msgid ""
+"Because of Fomantic UI we have a dependency to jQuery, however new "
+"contributions should not depend on jQuery at all. See the `related issue "
+"`_."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:161
+msgid "Translations"
+msgstr ""
+
+#: ../../canaille/translations/README.rst:1
+msgid ""
+"Translations are done with `Weblate "
+"`_."
+msgstr ""
+
+#: ../../canaille/translations/README.rst:3
+msgid ""
+"The following commands are there as documentation, only the message "
+"extraction is needed for contributors. All the other steps are "
+"automatically done with Weblate."
+msgstr ""
+
+#: ../../canaille/translations/README.rst:8
+msgid "Message extraction"
+msgstr ""
+
+#: ../../canaille/translations/README.rst:10
+msgid ""
+"After you have edited translatable strings, you should extract the "
+"messages with:"
+msgstr ""
+
+#: ../../canaille/translations/README.rst:17
+msgid "Language addition"
+msgstr ""
+
+#: ../../canaille/translations/README.rst:19
+msgid ""
+"You can add a new language manually with the following command, however "
+"this should not be needed as Weblate takes car of this:"
+msgstr ""
+
+#: ../../canaille/translations/README.rst:26
+msgid "Catalog update"
+msgstr ""
+
+#: ../../canaille/translations/README.rst:28
+msgid ""
+"You can update the catalogs with the following command, however this "
+"should not be needed as Weblate automatically update language catalogs "
+"when it detects new strings or when someone translate some existing "
+"strings. Weblate pushes happen every 24h."
+msgstr ""
+
+#: ../../canaille/translations/README.rst:36
+msgid "Catalog compilation"
+msgstr ""
+
+#: ../../canaille/translations/README.rst:38
+msgid ""
+"You can compile the catalogs with the following command, however this "
+"should not be needed as catalogs are automatically compiled before "
+"running the unit tests, before launching the demo and before compiling "
+"the Canaille python package:"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:166
+msgid "Documentation"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:168
+msgid "The documentation is generated when the tests run:"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:174
+msgid ""
+"You can also run sphinx by hand, that should be faster since it avoids "
+"the tox environment initialization:"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:180
+msgid "The generated documentation is located at ``build/sphinx/html``."
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:183
+msgid "Publish a new release"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:185
+msgid ""
+"Check that dependencies are up to date with ``uv sync --all-extras "
+"--upgrade`` and update dependencies accordingly in separated commits;"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:186
+msgid ""
+"Check that tests are still green for every supported python version, and "
+"that coverage is still at 100%, by running ``uv run tox``;"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:187
+msgid ""
+"Check that the demo environments are still working, both the local and "
+"the Docker one;"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:188
+msgid ""
+"Check that the :ref:`development/changelog:Release notes` section is "
+"correctly filled up;"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:189
+msgid "Increase the version number in ``pyproject.toml``;"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:190
+msgid "Commit with ``git commit``;"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:191
+msgid "Build with ``uv build``;"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:192
+msgid ""
+"Publish on test PyPI with ``uv publish --publish-url "
+"https://test.pypi.org/legacy/``;"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:193
+msgid ""
+"Install the test package somewhere with ``pip install --extra-index-url "
+"https://test.pypi.org/simple --upgrade canaille``. Check that everything "
+"looks fine;"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:194
+msgid "Publish on production PyPI ``uv publish``;"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:195
+msgid "Tag the commit with ``git tag XX.YY.ZZ``;"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:196
+msgid ""
+"Push the release commit and the new tag on the repository with ``git push"
+" --tags``."
+msgstr ""
+
+#: ../../doc/development/index.rst:2
+msgid "Development"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:2
+msgid "Specifications"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:4
+msgid ""
+"This page details which specifications are implemented in Canaille, and "
+"compares Canaille with other well-known identity providers."
+msgstr ""
+
+#: ../../doc/development/specifications.rst:7
+msgid "State of the specs in Canaille"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:10
+msgid "OAuth2"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:12
+msgid "✅ `RFC6749: OAuth 2.0 Framework `_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:13
+msgid ""
+"✅ `RFC6750: OAuth 2.0 Bearer Tokens "
+"`_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:14
+msgid ""
+"✅ `RFC7009: OAuth 2.0 Token Revocation "
+"`_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:15
+msgid ""
+"❌ `RFC7523: JWT Profile for OAuth 2.0 Client Authentication and "
+"Authorization Grants `_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:16
+msgid ""
+"✅ `RFC7591: OAuth 2.0 Dynamic Client Registration Protocol "
+"`_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:17
+msgid ""
+"✅ `RFC7592: OAuth 2.0 Dynamic Client Registration Management Protocol "
+"`_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:18
+msgid ""
+"✅ `RFC7636: Proof Key for Code Exchange by OAuth Public Clients "
+"`_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:19
+msgid ""
+"✅ `RFC7662: OAuth 2.0 Token Introspection "
+"`_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:20
+msgid ""
+"✅ `RFC8414: OAuth 2.0 Authorization Server Metadata "
+"`_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:21
+msgid ""
+"❌ `RFC8428: OAuth 2.0 Device Authorization Grant "
+"`_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:22
+msgid ""
+"❌ `RFC8693: OAuth 2.0 Token Exchange "
+"`_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:23
+msgid ""
+"❌ `RFC8705: OAuth 2.0 Mutual-TLS Client Authentication and Certificate-"
+"Bound Access Tokens `_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:24
+msgid ""
+"❌ `RFC8707: Resource Indicators for OAuth 2.0 "
+"`_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:25
+msgid ""
+"❌ `RFC9068: JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens "
+"`_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:26
+msgid ""
+"❌ `RFC9101: OAuth 2.0 JWT-Secured Authorization Request (JAR) "
+"`_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:27
+msgid ""
+"❌ `RFC9126: OAuth 2.0 Pushed Authorization Requests "
+"`_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:28
+msgid ""
+"❌ `RFC9207: OAuth 2.0 Authorization Server Issuer Identification "
+"`_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:29
+msgid ""
+"❌ `RFC9394: OAuth 2.0 Rich Authorization Requests `_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:30
+msgid ""
+"❌ `OAuth2 Multiple Response Types `_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:31
+msgid ""
+"❌ `OAuth2 Form Post Response Mode `_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:34
+msgid "OpenID Connect"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:36
+msgid ""
+"✅ `OpenID Connect Core `_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:37
+msgid ""
+"✅ `OpenID Connect Discovery `_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:38
+msgid ""
+"✅ `OpenID Connect Dynamic Client Registration `_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:39
+msgid ""
+"✅ `OpenID Connect RP Initiated Logout `_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:40
+msgid ""
+"❌ `OpenID Connect Session Management `_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:41
+msgid ""
+"❌ `OpenID Connect Front Channel Logout `_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:42
+msgid ""
+"❌ `OpenID Connect Back Channel Logout `_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:43
+msgid ""
+"❌ `OpenID Connect Back Channel Authentication Flow "
+"`_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:44
+msgid ""
+"❌ `OpenID Connect Core Error Code unmet_authentication_requirements "
+"`_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:45
+msgid ""
+"✅ `Initiating User Registration via OpenID Connect 1.0 "
+"`_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:48
+#: ../../doc/development/specifications.rst:64
+msgid "SCIM"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:50
+msgid ""
+"❌ `RFC7642: System for Cross-domain Identity Management: Definitions, "
+"Overview, Concepts, and Requirements `_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:51
+msgid ""
+"❌ `RFC7643: System for Cross-domain Identity Management: Core Schema "
+"`_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:52
+msgid ""
+"❌ `RFC7644: System for Cross-domain Identity Management: Protocol "
+"`_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:55
+msgid "Comparison with other providers"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:57
+msgid "Here is a feature comparison with other OpenID Connect server software."
+msgstr ""
+
+#: ../../doc/development/specifications.rst:59
+msgid ""
+"Canaille voluntarily only implements the OpenID Connect protocol to keep "
+"its codebase simple."
+msgstr ""
+
+#: ../../doc/development/specifications.rst:62
+msgid "Software"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:62
+msgid "Project"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:62
+msgid "Protocols implementations"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:64
+msgid "FLOSS"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:64
+msgid "Language"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:64
+msgid "LOC"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:64
+msgid "OIDC"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:64
+msgid "SAML"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:64
+msgid "CAS"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:64
+msgid "LDAP"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:64
+msgid "SQL"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:66
+msgid "Canaille"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:66
+#: ../../doc/development/specifications.rst:68
+#: ../../doc/development/specifications.rst:70
+#: ../../doc/development/specifications.rst:72
+#: ../../doc/development/specifications.rst:74
+#: ../../doc/development/specifications.rst:76
+#: ../../doc/development/specifications.rst:78
+#: ../../doc/development/specifications.rst:80
+#: ../../doc/development/specifications.rst:82
+#: ../../doc/development/specifications.rst:84
+#: ../../doc/development/specifications.rst:86
+#: ../../doc/development/specifications.rst:88
+msgid "✅"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:66
+#: ../../doc/development/specifications.rst:72
+#: ../../doc/development/specifications.rst:74
+msgid "Python"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:66
+msgid "10k"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:66
+#: ../../doc/development/specifications.rst:68
+#: ../../doc/development/specifications.rst:70
+#: ../../doc/development/specifications.rst:72
+#: ../../doc/development/specifications.rst:74
+#: ../../doc/development/specifications.rst:76
+#: ../../doc/development/specifications.rst:78
+#: ../../doc/development/specifications.rst:82
+#: ../../doc/development/specifications.rst:86
+#: ../../doc/development/specifications.rst:88
+msgid "❌"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:68
+msgid "`Auth0`_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:68
+#: ../../doc/development/specifications.rst:78
+#: ../../doc/development/specifications.rst:80
+#: ../../doc/development/specifications.rst:88
+msgid "❔"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:70
+msgid "`Authelia`_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:70
+#: ../../doc/development/specifications.rst:82
+msgid "Go"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:70
+#: ../../doc/development/specifications.rst:82
+msgid "50k"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:72
+msgid "`Authentic2`_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:72
+msgid "65k"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:74
+msgid "`Authentik`_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:74
+msgid "55k"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:76
+msgid "`CAS`_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:76
+#: ../../doc/development/specifications.rst:80
+#: ../../doc/development/specifications.rst:84
+msgid "Java"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:76
+msgid "360k"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:78
+msgid "`Connect2id`_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:80
+msgid "`Gluu`_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:82
+msgid "`Hydra`_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:84
+msgid "`Keycloak`_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:84
+msgid "600k"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:86
+msgid "`LemonLDAP`_"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:86
+msgid "Perl"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:86
+msgid "130k"
+msgstr ""
+
+#: ../../doc/development/specifications.rst:88
+msgid "`Okta`_"
+msgstr ""
+
diff --git a/doc/locales/fr_FR/LC_MESSAGES/development/changelog.po b/doc/locales/fr_FR/LC_MESSAGES/development/changelog.po
new file mode 100644
index 00000000..3a32756c
--- /dev/null
+++ b/doc/locales/fr_FR/LC_MESSAGES/development/changelog.po
@@ -0,0 +1,1392 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) 2024, Yaal Coop
+# This file is distributed under the same license as the canaille package.
+# FIRST AUTHOR , 2024.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: canaille 0.0.56\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2024-11-22 15:37+0100\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME \n"
+"Language: fr_FR\n"
+"Language-Team: fr_FR \n"
+"Plural-Forms: nplurals=2; plural=(n > 1);\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=utf-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Generated-By: Babel 2.16.0\n"
+
+#: ../../doc/development/changelog.rst:2 b953fe737ee247f583dd6c9212acef59
+msgid "Release notes"
+msgstr ""
+
+#: ../../doc/development/changelog.rst:4 40dbf3144baf490ab44d2f0f499b9b1e
+msgid "All notable changes to this project will be documented in there."
+msgstr ""
+
+#: ../../doc/development/changelog.rst:6 8c832c6f18f54d8bba77166a15f18c63
+msgid ""
+"The format is based on `Keep a Changelog "
+"`_, and this project adheres to "
+"`Semantic Versioning `_."
+msgstr ""
+
+#: ../../CHANGES.rst:2 8927273f210040ebbad5c6071b5006c2
+msgid "[0.0.57] - Unreleased"
+msgstr ""
+
+#: ../../CHANGES.rst:5 ../../CHANGES.rst:20 ../../CHANGES.rst:48
+#: ../../CHANGES.rst:67 ../../CHANGES.rst:74 ../../CHANGES.rst:93
+#: ../../CHANGES.rst:151 ../../CHANGES.rst:177 ../../CHANGES.rst:192
+#: ../../CHANGES.rst:241 ../../CHANGES.rst:267 ../../CHANGES.rst:286
+#: ../../CHANGES.rst:294 ../../CHANGES.rst:303 ../../CHANGES.rst:327
+#: ../../CHANGES.rst:360 ../../CHANGES.rst:386 ../../CHANGES.rst:433
+#: ../../CHANGES.rst:461 ../../CHANGES.rst:491 ../../CHANGES.rst:547
+#: ../../CHANGES.rst:580 ../../CHANGES.rst:601 ../../CHANGES.rst:611
+#: ../../CHANGES.rst:634 ../../CHANGES.rst:701 ../../CHANGES.rst:739
+#: ../../CHANGES.rst:756 ../../CHANGES.rst:792 0125c583218243cd94ca0859ba8e8a3d
+#: 03978660cd4b4c99a7145f52b82bcb27 051b1f61ec4c4fcf87fc2cfa31698a20
+#: 1316ff00915a48649c3b2598062dab41 2b24cede68ea4a7ab37483a2a3a2326d
+#: 2cf6afabae70487db640141c4ceb399e 37617587803b4f4383375d882f13d0a1
+#: 4234c89cb14d4364931015ca8817b153 4e64a471c6214f42a1f4dfe262f2799e
+#: 61a4e6fd45e34a939958f583cef6f230 6338d173211048ff9def65d83a72edfc
+#: 68a4c23f628444bd96f96f57c39e4f23 68eeab3654994232b50ae3785a1490cd
+#: 69df7421a9fd47aa8fee7f2d50d6a474 807b12dc61b2479a9e55dbc1d76660a5
+#: 8982b2425feb472ab36a0c0443eff5e1 8a44683142bb4cb683d38ccf17b25252
+#: 98b317b0afda4de591c4ca2542704cc1 a4835d93fc9548fe86a3cb3e66fe162c
+#: b579d76d8b884c69a1e52a208019f69e bbfe28d18576409cb70b9dc2b2c61bf4
+#: be26a5b28a3546a19e7fc2a9ecbe4eb2 d11739187bc54daa9b6d8400d3590f0b
+#: d22dbd6c80e644d0a9caa4d9ace64ca8 e3956055d373407394d165eae011cb4f
+#: e41dbb00721a434aae8f93d3ff56483e f02e722cf8b942a7b5b49492c72bdaca
+#: f286f296f1704be2a4858bbc27e1d644 fc5801109e2d485ab43e984382ad54a9
+msgid "Added"
+msgstr ""
+
+#: ../../CHANGES.rst:6 49fa6dfcaf764f5bb6ae66591f201aae
+msgid "Password compromission check :issue:`179`"
+msgstr ""
+
+#: ../../CHANGES.rst:7 17a4f3bd684041b5a2a1d78b8f01a550
+msgid ""
+":attr:`~canaille.core.configuration.CoreSettings.ADMIN_EMAIL` and "
+":attr:`~canaille.core.configuration.CoreSettings.ENABLE_PASSWORD_COMPROMISSION_CHECK`"
+" and :attr:`~canaille.core.configuration.CoreSettings.API_URL_HIBP` "
+":issue:`179`"
+msgstr ""
+
+#: ../../CHANGES.rst:13 a9b16de086804e25b67bf261e9464331
+msgid "[0.0.56] - 2024-11-07"
+msgstr ""
+
+#: ../../CHANGES.rst:16 ../../CHANGES.rst:58 ../../CHANGES.rst:97
+#: ../../CHANGES.rst:105 ../../CHANGES.rst:113 ../../CHANGES.rst:120
+#: ../../CHANGES.rst:127 ../../CHANGES.rst:141 ../../CHANGES.rst:169
+#: ../../CHANGES.rst:182 ../../CHANGES.rst:200 ../../CHANGES.rst:219
+#: ../../CHANGES.rst:227 ../../CHANGES.rst:253 ../../CHANGES.rst:261
+#: ../../CHANGES.rst:281 ../../CHANGES.rst:311 ../../CHANGES.rst:341
+#: ../../CHANGES.rst:349 ../../CHANGES.rst:373 ../../CHANGES.rst:393
+#: ../../CHANGES.rst:415 ../../CHANGES.rst:425 ../../CHANGES.rst:446
+#: ../../CHANGES.rst:454 ../../CHANGES.rst:477 ../../CHANGES.rst:500
+#: ../../CHANGES.rst:512 ../../CHANGES.rst:521 ../../CHANGES.rst:530
+#: ../../CHANGES.rst:539 ../../CHANGES.rst:559 ../../CHANGES.rst:566
+#: ../../CHANGES.rst:616 ../../CHANGES.rst:624 ../../CHANGES.rst:649
+#: ../../CHANGES.rst:657 ../../CHANGES.rst:665 ../../CHANGES.rst:678
+#: ../../CHANGES.rst:692 ../../CHANGES.rst:724 ../../CHANGES.rst:747
+#: ../../CHANGES.rst:778 007bdc1185b34411a9989032def6e734
+#: 0487135731d04a3aa314ceea5915edb4 088404ba603e4fbc8b21a95de856436e
+#: 0b05d07458664d0db19ed122dd1a8192 0e84f3d232f643f09baaeabe9354c988
+#: 10a8191daed24f1cab994480cc9c9967 23667c30b6bd4767a30b60942f8137b5
+#: 2e0624e4b4674f0394070c123f740c4b 3b079330d4e04813a1c0e70e8fb8087a
+#: 3e326d57ad8d40309c34d461a0604e6d 4509ce4b8cb44db596393715aa3a478e
+#: 45f00c89b1664977bdb1233ed3d8507a 4a0617fb05f7460480f47d292565de76
+#: 51b78297b8b54438aec1819d5b22d814 5969c0c275ad40628372a22803af272e
+#: 5997f1b979e24ab09974b1fb77de5768 5a3b4a133f654c048b11d19445c95edb
+#: 661d8dddba944038a5d780784f2d36b6 66897f90441343b8aaf02e321ca1c10f
+#: 673a58291a8543f3a0a894e07b649384 6d138086a0c34278aa90ec27616ca9c0
+#: 6e81fa4e83924342aeae30e444d40ef7 6ed18713552a42ab8852cf086b724461
+#: 6f2945ce69f748e289da0447f96c2be6 722bd0a5308444df85d24f9f18bdcb6c
+#: 83dc0e83285145c980a70e24660a16ea 85173bffae504994a975371bf96abd14
+#: ad7c89feb9d74c29afb5be9b6c9dd959 b325380f6ffc4fa7bf0cdbf98c21af99
+#: b5822b7da25e4772bdfdb1c821c02f6b b6f339b8b13c4b70a96bcc74500018b5
+#: c449dccd3424400d814861607e1c7f99 c6ff05030e01477c836d2c793e19f3e9
+#: ca0e632319334167b644a293ba3e8da4 ccfb26fdc8a242598b4846e994bdccde
+#: d996fb33e1d3452d8aeace6959df8bec dfa42b4e8bea4b7b86ed46c4b91509f9
+#: e096bf03b4174cd4b92005c2a873e444 e5743e4b4647495a998c5dc6674f2d0d
+#: f04e3cbb35c64a0f8eb5e73c81b9cc57 f32bfb230dc54a85bb934cd98c378aea
+#: f77db81c82ff43acb59b840d3a785859 febfb86b50494ae28cc6f18fb3dc1764
+msgid "Fixed"
+msgstr ""
+
+#: ../../CHANGES.rst:17 bdec2ee1aca34f16886bd18ac53a7644
+msgid ""
+"With LDAP backend, updating another user groups could result in a "
+"permission lost for the editor. :issue:`202`"
+msgstr ""
+
+#: ../../CHANGES.rst:21 a83f3ed53e38436f860b2d4e4ee7a14f
+msgid ""
+":attr:`~canaille.core.configuration.CoreSettings.MAX_PASSWORD_LENGHT` and"
+" :attr:`~canaille.core.configuration.CoreSettings.MIN_PASSWORD_LENGHT` "
+"configuration options :issue:`174`"
+msgstr ""
+
+#: ../../CHANGES.rst:23 9e5501878fd049edb1c68e497d3461e8
+msgid "Password strength visual indicator :issue:`174`"
+msgstr ""
+
+#: ../../CHANGES.rst:24 b8dfb3be3e7d46bbbd5f3e38d79d85a7
+msgid "Security events logs :issue:`177`"
+msgstr ""
+
+#: ../../CHANGES.rst:25 170ac8c915d34af4b0be1427dfb94d4f
+msgid "Support for Python 3.13 :pr:`186`"
+msgstr ""
+
+#: ../../CHANGES.rst:28 ../../CHANGES.rst:41 ../../CHANGES.rst:53
+#: ../../CHANGES.rst:78 ../../CHANGES.rst:86 ../../CHANGES.rst:134
+#: ../../CHANGES.rst:158 ../../CHANGES.rst:210 ../../CHANGES.rst:247
+#: ../../CHANGES.rst:316 ../../CHANGES.rst:332 ../../CHANGES.rst:368
+#: ../../CHANGES.rst:405 ../../CHANGES.rst:440 ../../CHANGES.rst:483
+#: ../../CHANGES.rst:587 ../../CHANGES.rst:641 ../../CHANGES.rst:673
+#: ../../CHANGES.rst:687 05341edb23f9457ba7c9bd3987687183
+#: 1be6e9d75caa4ff0b6813f9ce5c8d5a2 1c6470a4e53e43f48208dc4111a4a2a8
+#: 243b09f2700544c1a75d41efb3b74bb7 2da78da44c2246eb9450e8397233b7d4
+#: 3d4b412e4e7f47e6a0cd06955509f3bd 3da1ec593e1e461ca0b282b90d913862
+#: 4c389d7dc8234fc5b31262a4e181b122 505c97bab1d548e195269d36b421a775
+#: 5b236db2a7de4154bdaf581fd2a24455 8566e6dfaaff4fd18c3e809d9265eba6
+#: 972d637bb6b649778d67f37a6a7a22a6 977e856b0a574461b0e8ed71f4ff4ffb
+#: 9d3405c899ac498b80eb85fa2c4f4e64 a7ccc52ad3ac4b48a8be79849f611cb6
+#: b847d5e65bcf4e93b4ecbe282285a141 e64c59795a944dd28070b1f476581240
+#: e8f91fdee09a49eb8008f27774c7c5c9 f8f0417fc5b848fda8ec71068eda0393
+msgid "Changed"
+msgstr ""
+
+#: ../../CHANGES.rst:29 dd048821567d4e49af30e67f4c47103c
+msgid "Update to HTMX 2.0.3 :pr:`184`"
+msgstr ""
+
+#: ../../CHANGES.rst:30 4084e27a86394f33867d7239e59e6bea
+msgid "Migrate from poetry to uv :pr:`187`"
+msgstr ""
+
+#: ../../CHANGES.rst:31 6a0cf89a022f4f5b8502d927d835951f
+msgid ""
+"The ``sql`` package extra is now split between ``sqlite``, ``postgresql``"
+" and ``mysql``."
+msgstr ""
+
+#: ../../CHANGES.rst:34 ../../CHANGES.rst:378 ../../CHANGES.rst:784
+#: 0ed515407ffc47c780b03fa4519b1ca7 12aaef7c56474ce48f52af0702cd178e
+#: 6656baf3e85f4cfd96e9ed62fac5ae78
+msgid "Removed"
+msgstr ""
+
+#: ../../CHANGES.rst:35 07953d82baf44f0db6cc2278ceaf269b
+msgid "End support for python 3.9. :pr:`179`"
+msgstr ""
+
+#: ../../CHANGES.rst:38 5fa95f977dbd4265865f64d7e42dec39
+msgid "[0.0.55] - 2024-08-30"
+msgstr ""
+
+#: ../../CHANGES.rst:42 e9901054edc44653900edc69f8d6fde7
+msgid "Use poetry-core build backend. :pr:`178`"
+msgstr ""
+
+#: ../../CHANGES.rst:45 f91a035f08fc4076ad9637ccd860abe2
+msgid "[0.0.54] - 2024-07-25"
+msgstr ""
+
+#: ../../CHANGES.rst:49 2a7996d226fd493c826457882881f1f9
+msgid ""
+"Group member removal can be achieved from the group edition page "
+":issue:`192`"
+msgstr ""
+
+#: ../../CHANGES.rst:50 cad21b9996ca424f83f01d8db016371f
+msgid "Model management commands :issue:`117` :issue:`54`"
+msgstr ""
+
+#: ../../CHANGES.rst:54 6b13d83d04764aba9f42401630e68939
+msgid "Model `identifier_attributes` are fixed."
+msgstr ""
+
+#: ../../CHANGES.rst:55 c6040e83c46443189bf69d945b928fd8
+msgid "Bump to htmx 1.9.12 :pr:`172`"
+msgstr ""
+
+#: ../../CHANGES.rst:60 6ca29c12340d4e4494ce6879b489eb28
+msgid "Dark theme colors for better readability"
+msgstr ""
+
+#: ../../CHANGES.rst:61 de4774aefa8c4745809602f22d150c3d
+msgid "Crash for passwordless users at login when no SMTP server was configured."
+msgstr ""
+
+#: ../../CHANGES.rst:64 e3328c3129ea4dc3a1db531991c57d85
+msgid "[0.0.53] - 2024-04-22"
+msgstr ""
+
+#: ../../CHANGES.rst:68 0d7fe02c47ea4e17b0ef72a288440bd1
+msgid "`env_prefix` create_app variable can select the environment var prefix."
+msgstr ""
+
+#: ../../CHANGES.rst:71 8d9f6d0d35374b39ad83bf53251a14cc
+msgid "[0.0.52] - 2024-04-22"
+msgstr ""
+
+#: ../../CHANGES.rst:75 32199e42abcf4b23933031beffe769c0
+msgid "`env_file` create_app variable can customize/disable the .env file"
+msgstr ""
+
+#: ../../CHANGES.rst:79 401111928fc34feb9272364166b105b2
+msgid "Locked users cannot be impersonated anymore."
+msgstr ""
+
+#: ../../CHANGES.rst:80 a214f59b30c04a708ecef89514c7d46f
+msgid "Minimum python requirement is 3.9."
+msgstr ""
+
+#: ../../CHANGES.rst:83 8c14a591bdf84d82ae7aa30bee8d94a9
+msgid "[0.0.51] - 2024-04-09"
+msgstr ""
+
+#: ../../CHANGES.rst:87 4bf1248127bb4cf8af69abf7df835658
+msgid "Display the menu bar on error pages."
+msgstr ""
+
+#: ../../CHANGES.rst:90 541743d76fa64548901b83eabf825abb
+msgid "[0.0.50] - 2024-04-09"
+msgstr ""
+
+#: ../../CHANGES.rst:94 1827e805745947cdbbe7f9e67b90ea71
+msgid "Sign in/out events are logged in :issue:`177`"
+msgstr ""
+
+#: ../../CHANGES.rst:98 167211a08f6c473f97a730a4128a0b38
+msgid "HTMX and JAVASCRIPT configuration settings."
+msgstr ""
+
+#: ../../CHANGES.rst:99 dc4b4e101ae5484a96c92c90424d39e1
+msgid "Compatibility with old sessions IDs."
+msgstr ""
+
+#: ../../CHANGES.rst:102 d0e1de26bdea41f2bc8aeff69bfcf386
+msgid "[0.0.49] - 2024-04-08"
+msgstr ""
+
+#: ../../CHANGES.rst:106 d909a539577b4cddacd4c9abcde77d07
+msgid "LDAP user group removal."
+msgstr ""
+
+#: ../../CHANGES.rst:107 9b033c0897f94c27880b5c1a02065273
+msgid "Display an error message when trying to remove the last user from a group."
+msgstr ""
+
+#: ../../CHANGES.rst:110 9971fac7643f4e67b3f08a955f68ad2f
+msgid "[0.0.48] - 2024-04-08"
+msgstr ""
+
+#: ../../CHANGES.rst:114 bb813e98f6054468a4db1346adef2dbd
+msgid "LDAP objectClass guessing exception."
+msgstr ""
+
+#: ../../CHANGES.rst:117 39656a75074041628c38126830d285a4
+msgid "[0.0.47] - 2024-04-08"
+msgstr ""
+
+#: ../../CHANGES.rst:121 933ff1cc04924324b1f18329f393ce53
+msgid "Lazy permission loading exception."
+msgstr ""
+
+#: ../../CHANGES.rst:124 9f158cb712bf4035a680812921a75956
+msgid "[0.0.46] - 2024-04-08"
+msgstr ""
+
+#: ../../CHANGES.rst:128 091f328b894c425eae39f1e645798d77
+msgid ""
+"Saving an object with the LDAP backend keeps the objectClass un-managed "
+"by Canaille. :pr:`171`"
+msgstr ""
+
+#: ../../CHANGES.rst:131 366a30f8bbb64a55ba03347cf6c1ef14
+msgid "[0.0.45] - 2024-04-04"
+msgstr ""
+
+#: ../../CHANGES.rst:135 212d52d0d8204396ba53062383a6591f
+msgid ""
+"Internal indexation mechanism of "
+":class:`~canaille.backends.memory.model.MemoryModel`"
+msgstr ""
+
+#: ../../CHANGES.rst:138 cdc31795a25b4667b879c856594b3219
+msgid "[0.0.44] - 2024-03-29"
+msgstr ""
+
+#: ../../CHANGES.rst:142 a47297bb8f7a487da4be0f2c6714a508
+msgid "Fix the default LDAP USER_FILTER value"
+msgstr ""
+
+#: ../../CHANGES.rst:143 7b60e45b9a114c7e8b596465811de32c
+msgid "Fix the OIDC feature detection"
+msgstr ""
+
+#: ../../CHANGES.rst:146 6fe2ccbf1a3c4a10a9027058a355a8d5
+msgid "[0.0.43] - 2024-03-29"
+msgstr ""
+
+#: ../../CHANGES.rst:148 23cb4f6afc88442fb78da6cc01b72994
+msgid "🚨Configuration files must be updated.🚨"
+msgstr ""
+
+#: ../../CHANGES.rst:153 eec7be14b382411780febe777f457fc2
+msgid "Add `created` and `last_modified` datetime for all models"
+msgstr ""
+
+#: ../../CHANGES.rst:154 ae31112ef9cb4d99815847b3442fd989
+msgid "Sitemap to the documentation :pr:`169`"
+msgstr ""
+
+#: ../../CHANGES.rst:155 f8a8944ee68c43e0b502f4e4586617c7
+msgid "Configuration management with pydantic-settings :issue:`138` :pr:`170`"
+msgstr ""
+
+#: ../../CHANGES.rst:160 b4db97cf152c42c1a7c0d8e4742ce3bf
+msgid "Use default python logging configuration format. :issue:`188` :pr:`165`"
+msgstr ""
+
+#: ../../CHANGES.rst:161 3bad9d766b934e83904c8453837f4b56
+msgid "Bump to htmx 1.99.11 :pr:`166`"
+msgstr ""
+
+#: ../../CHANGES.rst:162 567c0839f9c34d0c95fcc1f47c6c0959
+msgid ""
+"Use the standard tomllib python module instead of `toml` starting from "
+"python 3.11 :pr:`167`"
+msgstr ""
+
+#: ../../CHANGES.rst:163 d3ecadf15f1348d6a4716f524043cc89
+msgid "Use shibuya as the documentation theme :pr:`168`"
+msgstr ""
+
+#: ../../CHANGES.rst:166 2c46a90c1f994c21956cb9ae180ecfeb
+msgid "[0.0.42] - 2023-12-29"
+msgstr ""
+
+#: ../../CHANGES.rst:171 308f3903de604e6d9236bcf00d769b5e
+msgid "Avoid to fail on imports if ``cryptography`` is missing."
+msgstr ""
+
+#: ../../CHANGES.rst:174 1374d9b0ed624731bf674e0a8833a58c
+msgid "[0.0.41] - 2023-12-25"
+msgstr ""
+
+#: ../../CHANGES.rst:179 14963beceb7246c3a1b6342505f34998
+msgid "OIDC `prompt=create` support. :issue:`185` :pr:`164`"
+msgstr ""
+
+#: ../../CHANGES.rst:184 59218726e94a4c9ebcf6f10efb2f672c
+msgid "Correctly set up Client audience during OIDC dynamic registration."
+msgstr ""
+
+#: ../../CHANGES.rst:185 87ad3206d3fc4aa0b7d50387f402fe4e
+msgid ""
+"``post_logout_redirect_uris`` was ignored during OIDC dynamic "
+"registration."
+msgstr ""
+
+#: ../../CHANGES.rst:186 6e7c346de51b40d3b14644f4e0f3e5fc
+msgid "Group field error prevented the registration form validation."
+msgstr ""
+
+#: ../../CHANGES.rst:189 d6c7e10243be4b5b915e75f025dcb544
+msgid "[0.0.40] - 2023-12-22"
+msgstr ""
+
+#: ../../CHANGES.rst:194 913ef14cd29843479a065fde1fdf056b
+msgid "``THEME`` can be a relative path"
+msgstr ""
+
+#: ../../CHANGES.rst:197 ec358936809d4d4ca1ea37efc4046638
+msgid "[0.0.39] - 2023-12-15"
+msgstr ""
+
+#: ../../CHANGES.rst:202 d5ba2f04fb3244328141f0d34e78a83a
+msgid "Crash when no ACL were defined"
+msgstr ""
+
+#: ../../CHANGES.rst:203 d923912320f643df9861438d83f87a33
+msgid "OIDC Userinfo endpoint is also available in POST"
+msgstr ""
+
+#: ../../CHANGES.rst:204 0c6600fdec4f4d90ad959a714191eed6
+msgid "Fix redirection after password reset :issue:`159`"
+msgstr ""
+
+#: ../../CHANGES.rst:207 54dae082411a462ab86f892e84ec7d03
+msgid "[0.0.38] - 2023-12-15"
+msgstr ""
+
+#: ../../CHANGES.rst:212 35a215464c9147118d8e2612056f114c
+msgid "Convert all the png in webp. :pr:`162`"
+msgstr ""
+
+#: ../../CHANGES.rst:213 b69015e35a2d4e32bbb0aeb7c5deb4b5
+msgid "Update to flask 3 :issue:`161` :pr:`163`"
+msgstr ""
+
+#: ../../CHANGES.rst:216 cf38d0baf7384aa1bfc0a593041f3cc5
+msgid "[0.0.37] - 2023-12-01"
+msgstr ""
+
+#: ../../CHANGES.rst:221 6013f95269f842eeab177eefbf7dc22b
+msgid "Handle 4xx and 5xx error codes with htmx. :issue:`171` :pr:`161`"
+msgstr ""
+
+#: ../../CHANGES.rst:224 654f86051b784d3cb6a50601907474cd
+msgid "[0.0.36] - 2023-12-01"
+msgstr ""
+
+#: ../../CHANGES.rst:229 fbdeab944a24477486321320b8632ad0
+msgid "Avoid crashing when LDAP groups references unexisting users."
+msgstr ""
+
+#: ../../CHANGES.rst:230 89a4bf4e5f9546fe90560bc01f1b3114
+msgid ""
+"Password reset and initialization mails were only sent to the preferred "
+"user email address."
+msgstr ""
+
+#: ../../CHANGES.rst:232 ac5160b2673e4323b53eef77fa3c6377
+msgid ""
+"Password reset and initialization mails were not sent at all the user "
+"addresses if one email address could not be reached."
+msgstr ""
+
+#: ../../CHANGES.rst:234 bfe919707374471c8528f789f95f841d
+msgid "Password comparison was too permissive on login."
+msgstr ""
+
+#: ../../CHANGES.rst:235 91332f76075d4bcbabfacad3a0e06ac3
+msgid "Encrypt passwords in the SQL backend."
+msgstr ""
+
+#: ../../CHANGES.rst:238 515b41fe279c4d169d8945be66a840bc
+msgid "[0.0.35] - 2023-11-25"
+msgstr ""
+
+#: ../../CHANGES.rst:243 cd9cc2a6d6b54601bd5083fd4a140050
+msgid ""
+"Refresh token grant supports other client authentication methods. "
+":pr:`157`"
+msgstr ""
+
+#: ../../CHANGES.rst:244 5b7437d731d54a5999d354a8be5489ae
+msgid "Implement a SQLAlchemy backend. :issue:`30` :pr:`158`"
+msgstr ""
+
+#: ../../CHANGES.rst:249 f0bf9b769b7b43ddbe427e8d5f28e6ae
+msgid "Model attributes cardinality is closer to SCIM model. :pr:`155`"
+msgstr ""
+
+#: ../../CHANGES.rst:250 1ce41231913044f384a9de0f7f96ae22
+msgid "Bump to htmx 1.9.9 :pr:`159`"
+msgstr ""
+
+#: ../../CHANGES.rst:255 8351661b912f48e39a72cb98a9068ca5
+msgid "Disable HTMX boosting during the OIDC dance. :pr:`160`"
+msgstr ""
+
+#: ../../CHANGES.rst:258 ace5739415d846d7b00e6c8946636080
+msgid "[0.0.34] - 2023-10-02"
+msgstr ""
+
+#: ../../CHANGES.rst:263 276aa40d06374cd6b9c554b30f1ec3bf
+msgid ""
+"Canaille installations without account lockabilty could not delete users."
+" :pr:`153`"
+msgstr ""
+
+#: ../../CHANGES.rst:269 f190522602804127b47b276cea07d314
+msgid ""
+"If users register or authenticate during a OAuth Authorization phase, "
+"they get redirected back to that page afterwards. :issue:`168` :pr:`151`"
+msgstr ""
+
+#: ../../CHANGES.rst:272 d94a556a500446e69f5e7daed22812be
+msgid "flask-babel and pytz are now part of the `front` extras"
+msgstr ""
+
+#: ../../CHANGES.rst:273 364cb001baac408a9b89782a2161aebe
+msgid "Bump to fomantic-ui 2.9.3 :pr:`152`"
+msgstr ""
+
+#: ../../CHANGES.rst:274 9810cae84305458a8566e2fa477e3d0a
+msgid "Bump to htmx 1.9.6 :pr:`154`"
+msgstr ""
+
+#: ../../CHANGES.rst:275 86b075164fe24f9487437fec98102a80
+msgid "Add support for python 3.12 :pr:`155`"
+msgstr ""
+
+#: ../../CHANGES.rst:278 a08b8fa3e5bb4635a8b9dde8f1394fed
+msgid "[0.0.33] - 2023-08-26"
+msgstr ""
+
+#: ../../CHANGES.rst:283 d004ef51361b4f239aad47bff5e3ac41
+msgid "OIDC jwks endpoint do not return empty kid claim"
+msgstr ""
+
+#: ../../CHANGES.rst:288 923d07875a1d4848b57c2d9586ba992e
+msgid "Documentation details on the canaille models."
+msgstr ""
+
+#: ../../CHANGES.rst:291 92fa88da8da64ac0bea4e50961ee140c
+msgid "[0.0.32] - 2023-08-17"
+msgstr ""
+
+#: ../../CHANGES.rst:296 e209c6d3a5bb487a8a0b76258d6e9d60
+msgid "Additional inmemory backend :issue:`30` :pr:`149`"
+msgstr ""
+
+#: ../../CHANGES.rst:297 bc4fbd86ddbc4b3880ea246fef1a0163
+msgid "Installation extras :issue:`167` :pr:`150`"
+msgstr ""
+
+#: ../../CHANGES.rst:300 b9fa32026c05490e9c73fc5297f6ed61
+msgid "[0.0.31] - 2023-08-15"
+msgstr ""
+
+#: ../../CHANGES.rst:305 94f1df8be04f4046b0fa3ca7651f6b8e
+msgid "Configuration option to disable the forced usage of OIDC nonce :pr:`143`"
+msgstr ""
+
+#: ../../CHANGES.rst:306 42fff4ae7f0349908683a9d511805869
+msgid "Validate phone numbers with a regex :pr:`146`"
+msgstr ""
+
+#: ../../CHANGES.rst:307 3ed81e72ff7f4c409698c35ec91ad04d
+msgid "Email verification :issue:`41` :pr:`147`"
+msgstr ""
+
+#: ../../CHANGES.rst:308 774f017b2c314cec9685f6c85ce32108
+msgid "Account registration :issue:`55` :pr:`133` :pr:`148`"
+msgstr ""
+
+#: ../../CHANGES.rst:313 1d413d46cb92419f80e944e6aeb16333
+msgid "The `check` command uses the default configuration values."
+msgstr ""
+
+#: ../../CHANGES.rst:318 d3b68d52c0964a3f9933749c5a209283
+msgid "Modals do not need use javascript at the moment. :issue:`158` :pr:`144`"
+msgstr ""
+
+#: ../../CHANGES.rst:321 a4c908dee0734b9ab3997f415639cf28
+msgid "[0.0.30] - 2023-07-06"
+msgstr ""
+
+#: ../../CHANGES.rst:323 eb07e82a8fb34cebb6351252cd115c2b
+msgid ""
+"🚨Configuration files must be updated.🚨 Check the new format with ``git "
+"diff 0.0.29 0.0.30 canaille/conf/config.sample.toml``"
+msgstr ""
+
+#: ../../CHANGES.rst:329 b4bd90296d1d47af89aba539655f8f82
+msgid "Configuration option to disable javascript :pr:`141`"
+msgstr ""
+
+#: ../../CHANGES.rst:334 72cc852826a247d5b06228a7c185c4b8
+msgid "Configuration ``USER_FILTER`` is parsed with jinja."
+msgstr ""
+
+#: ../../CHANGES.rst:335 ec3775541c444b57b12b74bc5a96742f
+msgid ""
+"Configuration use ``PRIVATE_KEY_FILE`` instead of ``PRIVATE_KEY`` and "
+"``PUBLIC_KEY_FILE`` instead of ``PUBLIC_KEY``"
+msgstr ""
+
+#: ../../CHANGES.rst:338 94a54df320c1406ab44dab2824fcd953
+msgid "[0.0.29] - 2023-06-30"
+msgstr ""
+
+#: ../../CHANGES.rst:343 8fc4dedd2b2543629eea185f7da6f42c
+msgid "Disabled HTMX boosting on OIDC forms to avoid errors."
+msgstr ""
+
+#: ../../CHANGES.rst:346 2d1c74ad63c0479cb1474fd7db4d0145
+msgid "[0.0.28] - 2023-06-30"
+msgstr ""
+
+#: ../../CHANGES.rst:351 5631fc7eb7914b4bab2b5b6358e1d60a
+msgid "A template variable was misnamed."
+msgstr ""
+
+#: ../../CHANGES.rst:354 b0d8621a55644b419f22af6e811d58bd
+msgid "[0.0.27] - 2023-06-29"
+msgstr ""
+
+#: ../../CHANGES.rst:356 d0683d18c05b457a8cf22f754633d390
+msgid ""
+"🚨Configuration files must be updated.🚨 Check the new format with ``git "
+"diff 0.0.26 0.0.27 canaille/conf/config.sample.toml``"
+msgstr ""
+
+#: ../../CHANGES.rst:362 34f99d193d834b98bbd4817fdb5af20f
+msgid ""
+"Configuration entries can be loaded from files if the entry key has a "
+"*_FILE* suffix and the entry value is the path to the file. :issue:`134` "
+":pr:`134`"
+msgstr ""
+
+#: ../../CHANGES.rst:364 196181fff8114b51a4dd6851dd20b92c
+msgid "Field list support. :issue:`115` :pr:`136`"
+msgstr ""
+
+#: ../../CHANGES.rst:365 0156b03aeb334f1aa8345cb270b48756
+msgid "Pages are boosted with HTMX :issue:`144` :issue:`145` :pr:`137`"
+msgstr ""
+
+#: ../../CHANGES.rst:370 3a74e9a4d66046779063b2592e045285
+msgid "Bump to jquery 3.7.0 :pr:`138`"
+msgstr ""
+
+#: ../../CHANGES.rst:375 35f1d85e4cd9431aa96424bd25208d1b
+msgid "Profile edition when the user RDN was not ``uid`` :issue:`148` :pr:`139`"
+msgstr ""
+
+#: ../../CHANGES.rst:380 8d0199c3a26b454a985ddb1082b5bdb1
+msgid "Stop support for python 3.7 :pr:`131`"
+msgstr ""
+
+#: ../../CHANGES.rst:383 b54fbc48f5394d2ead7b5ec7315ecb80
+msgid "[0.0.26] - 2023-06-03"
+msgstr ""
+
+#: ../../CHANGES.rst:388 85efd66bc5994ce687098c0503095fcf
+msgid ""
+"Implemented account expiration based on OpenLDAP ppolicy overlay. Needs "
+"OpenLDAP 2.5+ :issue:`13` :pr:`118`"
+msgstr ""
+
+#: ../../CHANGES.rst:390 bc2b1d5ea9ab418bb6a8f9c661adebbc
+msgid "Timezone configuration entry. :issue:`137` :pr:`130`"
+msgstr ""
+
+#: ../../CHANGES.rst:395 171f3b2b12524bbc931afd1ea6db3e50
+msgid "Avoid setting ``None`` in JWT claims when they have no value."
+msgstr ""
+
+#: ../../CHANGES.rst:396 79c76be5954045f8b53315616fe21675
+msgid "Display password recovery button on OIDC login page. :pr:`129`"
+msgstr ""
+
+#: ../../CHANGES.rst:399 684dbc7af50949fa898caf64b6f035fe
+msgid "[0.0.25] - 2023-05-05"
+msgstr ""
+
+#: ../../CHANGES.rst:401 39a87402ccbe4dcbb8ec410338e9027c
+msgid ""
+"🚨Configuration files must be updated.🚨 Check the new format with ``git "
+"diff 0.0.25 0.0.24 canaille/conf/config.sample.toml``"
+msgstr ""
+
+#: ../../CHANGES.rst:407 551972a73a66474bb2f9dac1527250cf
+msgid "Renamed user model attributes to match SCIM naming convention. :pr:`123`"
+msgstr ""
+
+#: ../../CHANGES.rst:408 3dc71347819447909160d063b9a7db59
+msgid "Moved OIDC related configuration entries in ``OIDC``"
+msgstr ""
+
+#: ../../CHANGES.rst:409 c1d8c2c5084046f3b7bbe20fdf0557e7
+msgid "Moved ``LDAP`` configuration entry to ``BACKENDS.LDAP``"
+msgstr ""
+
+#: ../../CHANGES.rst:410 98f58ffce1014bb49f854597f95ee53e
+msgid "Bumped to htmx 1.9.0 :pr:`124`"
+msgstr ""
+
+#: ../../CHANGES.rst:411 3ce37ba19f54476b9d025653f843ec38
+msgid ""
+"ACL filters are no more LDAP filters but user attribute mappings. "
+":pr:`125`"
+msgstr ""
+
+#: ../../CHANGES.rst:412 2c65421b623544fcbf758af9798b687b
+msgid "Bumped to htmx 1.9.2 :pr:`127`"
+msgstr ""
+
+#: ../../CHANGES.rst:417 a401d129c5994222aec3dc8c7a81fb93
+msgid "``OIDC.JWT.MAPPING`` configuration entry is really optional now."
+msgstr ""
+
+#: ../../CHANGES.rst:418 4d7c22dba82c40a085052828baf362dc
+msgid "Fixed empty model attributes registration :pr:`125`"
+msgstr ""
+
+#: ../../CHANGES.rst:419 b3bc4785f19e487e995763c1e9eac55b
+msgid "Password initialization mails were not correctly sent. :pr:`128`"
+msgstr ""
+
+#: ../../CHANGES.rst:422 ddc0b07069bf449fb65b6c7024a02721
+msgid "[0.0.24] - 2023-04-07"
+msgstr ""
+
+#: ../../CHANGES.rst:427 228ec0acb22e46f999fadf41accac34a
+msgid "Fixed avatar update. :pr:`122`"
+msgstr ""
+
+#: ../../CHANGES.rst:430 9f203b56717c498f8133d8dc6ad78fcc
+msgid "[0.0.23] - 2023-04-05"
+msgstr ""
+
+#: ../../CHANGES.rst:435 6ebaef9c1d5c453a8e02181222d3406d
+msgid "Organization field. :pr:`116`"
+msgstr ""
+
+#: ../../CHANGES.rst:436 4c78eb5a32cc449b8b76683f5d15322b
+msgid "ETag and Last-Modified headers on user photos. :pr:`116`"
+msgstr ""
+
+#: ../../CHANGES.rst:437 6f6ebd50147a4714a4cd6e69e10af4f1
+msgid "Dynamic form validation :pr:`120`"
+msgstr ""
+
+#: ../../CHANGES.rst:442 bfaeeb80d6ad41d5ab7c6eec94aa8d54
+msgid "UX rework. Submenu addition. :pr:`114`"
+msgstr ""
+
+#: ../../CHANGES.rst:443 f9cd9a23ba6b48a0b7416432db4ee2b2
+msgid "Properly handle LDAP date timezones. :pr:`117`"
+msgstr ""
+
+#: ../../CHANGES.rst:448 f3589fa4cdcf490b97bc1d94ad4b25a0
+msgid "CSRF protection on every forms. :pr:`119`"
+msgstr ""
+
+#: ../../CHANGES.rst:451 a8d0b74b5a3a4f83b9588f078b139426
+msgid "[0.0.22] - 2023-03-13"
+msgstr ""
+
+#: ../../CHANGES.rst:455 5dfb6cc3639f4dbabd82bc60c9f27063
+msgid "faker is not imported anymore when the `clean` command is called."
+msgstr ""
+
+#: ../../CHANGES.rst:458 594169630346460cb9a1d47434d5bac1
+msgid "[0.0.21] - 2023-03-12"
+msgstr ""
+
+#: ../../CHANGES.rst:463 b5dc191b86b84829acafdfb7158cbb65
+msgid "Display TOS and policy URI on the consent list page. :pr:`102`"
+msgstr ""
+
+#: ../../CHANGES.rst:464 e7c598b0ebae43babfc3c336fb3fbf71
+msgid "Admin token deletion :pr:`100` :pr:`101`"
+msgstr ""
+
+#: ../../CHANGES.rst:465 e6fcf26480ba43a9a40bb159f8bde348
+msgid "Revoked consents can be restored. :pr:`103`"
+msgstr ""
+
+#: ../../CHANGES.rst:466 95a4a5e40ccc43e09a53e8a1b6276376
+msgid ""
+"Pre-consented clients are displayed in the user consent list, and their "
+"consents can be revoked. :issue:`69` :pr:`103`"
+msgstr ""
+
+#: ../../CHANGES.rst:468 ddff6021ec63429c9c185fcdd93096fd
+msgid ""
+"A ``populate`` command can be used to fill the database with random users"
+" generated with faker. :pr:`105`"
+msgstr ""
+
+#: ../../CHANGES.rst:470 b3b272a9400044eaba8158f0daa0c0d5
+msgid "SMTP SSL support. :pr:`108`"
+msgstr ""
+
+#: ../../CHANGES.rst:471 516eb7a492da400f95527c1419649eb3
+msgid "Server side pagination. :issue:`114` :pr:`111`"
+msgstr ""
+
+#: ../../CHANGES.rst:472 32250cac90ec44618e330a516c33d9c6
+msgid "Department number support. :issue:`129`"
+msgstr ""
+
+#: ../../CHANGES.rst:473 d950f5a579db48909072536d95e91c05
+msgid "Address edition support (but not in the OIDC claims yet) :pr:`112`"
+msgstr ""
+
+#: ../../CHANGES.rst:474 913cf5b4f05047a0bc64bdce3c49255f
+msgid "Title edition support :pr:`113`"
+msgstr ""
+
+#: ../../CHANGES.rst:479 add34f76e10b4a2986005779334f3940
+msgid ""
+"Client deletion also deletes related Consent, Token and AuthorizationCode"
+" objects. :issue:`126` :pr:`98`"
+msgstr ""
+
+#: ../../CHANGES.rst:485 215c34173f74444bb5f793b0fdc2d8bb
+msgid "Removed datatables."
+msgstr ""
+
+#: ../../CHANGES.rst:488 d244ef4a2d2e4fb4b87468dab9041ea2
+msgid "[0.0.20] - 2023-01-28"
+msgstr ""
+
+#: ../../CHANGES.rst:493 6a15bbd7f57949bb828987afe18521ea
+msgid "Spanish translation. :pr:`85` :pr:`88`"
+msgstr ""
+
+#: ../../CHANGES.rst:494 99b1323d25b94195824650d9f1edc2f2
+msgid "Dedicated connectivity test email :pr:`89`"
+msgstr ""
+
+#: ../../CHANGES.rst:495 cd74e88113ea4dd5b1bf52a0c7080260
+msgid "Update to jquery 3.6.3 :pr:`90`"
+msgstr ""
+
+#: ../../CHANGES.rst:496 61846539bdfa4149b6e2190ae4aeb785
+msgid "Update to fomantic-ui 2.9.1 :pr:`90`"
+msgstr ""
+
+#: ../../CHANGES.rst:497 25d836c7d71743649502f95c89eb1945
+msgid "Update to datatables 1.13.1 :pr:`90`"
+msgstr ""
+
+#: ../../CHANGES.rst:502 6ac3c75c071a4beda3606aaf0549c422
+msgid "Fix typos and grammar errors. :pr:`84`"
+msgstr ""
+
+#: ../../CHANGES.rst:503 130373c3d7d2468397a52197fe575885
+msgid "Fix wording and punctuations. :pr:`86`"
+msgstr ""
+
+#: ../../CHANGES.rst:504 c891fa84f8344c829d0f12b22cb8c212
+msgid "Fix HTML lang tag :issue:`122` :pr:`87`"
+msgstr ""
+
+#: ../../CHANGES.rst:505 9b760fbb3585400689b68d3bd29f9ff1
+msgid "Automatically trims the HTML translated strings. :pr:`91`"
+msgstr ""
+
+#: ../../CHANGES.rst:506 e652821eae824b4888d8248bb84b5744
+msgid "Fixed dynamic registration scope management. :issue:`123` :pr:`93`"
+msgstr ""
+
+#: ../../CHANGES.rst:509 2e4d232bc1dc4df9b422f293fa659100
+msgid "[0.0.19] - 2023-01-14"
+msgstr ""
+
+#: ../../CHANGES.rst:514 7bda5c915ba9434b809397f5274a6de4
+msgid ""
+"Ensures the token `expires_in` claim and the `access_token` `exp` claim "
+"have the same value. :pr:`83`"
+msgstr ""
+
+#: ../../CHANGES.rst:518 9143cf51154d45f28274bdda680886d4
+msgid "[0.0.18] - 2022-12-28"
+msgstr ""
+
+#: ../../CHANGES.rst:523 83dc2033954045699ea53d7d2263b6c1
+msgid ""
+"OIDC end_session was not returning the ``state`` parameter in the "
+"``post_logout_redirect_uri`` :pr:`82`"
+msgstr ""
+
+#: ../../CHANGES.rst:527 f61656a46d294a8fb91032254181c7e6
+msgid "[0.0.17] - 2022-12-26"
+msgstr ""
+
+#: ../../CHANGES.rst:532 a64cd4f54327461da8921ffb21976acc
+msgid "Fixed group deletion button. :pr:`80`"
+msgstr ""
+
+#: ../../CHANGES.rst:533 9e3667cccf2b44939a318b8ebf7e93b9
+msgid "Fixed post requests in oidc clients views. :pr:`81`"
+msgstr ""
+
+#: ../../CHANGES.rst:536 b91fa7c1ea6a4d01b722548add0639be
+msgid "[0.0.16] - 2022-12-15"
+msgstr ""
+
+#: ../../CHANGES.rst:541 6d65191c80314a0e94b4c6c05386e563
+msgid "Fixed LDAP operational attributes handling."
+msgstr ""
+
+#: ../../CHANGES.rst:544 af14f518a45f424ead7a5df098258fc5
+msgid "[0.0.15] - 2022-12-15"
+msgstr ""
+
+#: ../../CHANGES.rst:549 c54ff84eb6e544d1b3a864585e4f2be0
+msgid "User can chose their favourite display name. :pr:`77`"
+msgstr ""
+
+#: ../../CHANGES.rst:550 48da4cb14c5c4dd29fadf0a0d75a0e72
+msgid "Bumped to authlib 1.2. :pr:`78`"
+msgstr ""
+
+#: ../../CHANGES.rst:551 d84bbd0f614e4cd7b8a8a96996f309d9
+msgid ""
+"Implemented RFC7592 OAuth 2.0 Dynamic Client Registration Management "
+"Protocol :pr:`79`"
+msgstr ""
+
+#: ../../CHANGES.rst:553 d15f082b4d544940a563d780f8bc1e08
+msgid "Added ``nonce`` to the ``claims_supported`` server metadata list."
+msgstr ""
+
+#: ../../CHANGES.rst:556 88dc1bd8ca5c4bb8a7f9bd52cdc75830
+msgid "[0.0.14] - 2022-11-29"
+msgstr ""
+
+#: ../../CHANGES.rst:560 6d5d1d529eba4b15a456d64fd13e39a1
+msgid "Fixed translation mo files packaging."
+msgstr ""
+
+#: ../../CHANGES.rst:563 4c1c3a24fd6c4d379d56069dbd99a08b
+msgid "[0.0.13] - 2022-11-21"
+msgstr ""
+
+#: ../../CHANGES.rst:568 61292635681d41bd8a0811165d589512
+msgid ""
+"Fixed a bug on the contacts field in the admin client form following the "
+"LDAP schema update of 0.0.12"
+msgstr ""
+
+#: ../../CHANGES.rst:570 681e8dd9afdb4f2e958b78bbfc4ed595
+msgid ""
+"Fixed a bug happening during RP initiated logout on clients without "
+"`post_logout_redirect_uri` defined."
+msgstr ""
+
+#: ../../CHANGES.rst:572 e448157c32c243aeae3c13ccbbec1cd1
+msgid "Gitlab CI fix. :pr:`64`"
+msgstr ""
+
+#: ../../CHANGES.rst:573 b7167e49350f44bf93df250bbf94b7bc
+msgid "Fixed `client_secret` display on the client administration page. :pr:`65`"
+msgstr ""
+
+#: ../../CHANGES.rst:574 eb962d6e5bf645b7ab7fd89c05b29d04
+msgid "Fixed non-square logo CSS. :pr:`67`"
+msgstr ""
+
+#: ../../CHANGES.rst:575 5d6456ea544442f09281af419d6bd9ce
+msgid "Fixed schema path on installation. :pr:`68`"
+msgstr ""
+
+#: ../../CHANGES.rst:576 2071fc0debdb4b2ab2eacb7ada57a027
+msgid "Fixed RFC7591 ``software_statement`` claim support. :pr:`70`"
+msgstr ""
+
+#: ../../CHANGES.rst:577 c63eef91b1b6400facb7ab15a2f7e33f
+msgid "Fixed client preconsent disabling. :pr:`72`"
+msgstr ""
+
+#: ../../CHANGES.rst:582 cfd3fd338517432c9b2e55d6da22d651
+msgid "Python 3.11 support. :pr:`61`"
+msgstr ""
+
+#: ../../CHANGES.rst:583 544c46511d2c4bf2b567fca0f666022e
+msgid "apparmor slapd configuration instructions in CONTRIBUTING.rst :pr:`66`"
+msgstr ""
+
+#: ../../CHANGES.rst:584 6c51bb0dce3d4d35af9247f9bac46f2c
+msgid "``preferredLanguage`` attribute support. :pr:`75`"
+msgstr ""
+
+#: ../../CHANGES.rst:589 9e52448d99194eb4ae9411a0c87e7b26
+msgid ""
+"Replaced the use of the deprecated `FLASK_ENV` environment variable by "
+"`FLASK_DEBUG`."
+msgstr ""
+
+#: ../../CHANGES.rst:591 92aa84a20bce44098992a9bb2c03c6fa
+msgid ""
+"Dynamically generate the server metadata. Users won't have to copy and "
+"manually edit ``oauth-authorizationserver.json`` and ``openid-"
+"configuration.json``. :pr:`71`"
+msgstr ""
+
+#: ../../CHANGES.rst:594 8d805e80f7ab481e9d54828c09fe704d
+msgid "The `FROM_ADDR` configuration option is not mandatory anymore. :pr:`73`"
+msgstr ""
+
+#: ../../CHANGES.rst:595 512672f6749541e28c776052005debaa
+msgid "The `JWT.ISS` configuration option is not mandatory anymore. :pr:`74`"
+msgstr ""
+
+#: ../../CHANGES.rst:598 719465d8df524d6aa66f1458157f57d5
+msgid "[0.0.12] - 2022-10-24"
+msgstr ""
+
+#: ../../CHANGES.rst:603 4118a5125b4841a190cd4f857244dc22
+msgid "Basic WebFinger endpoint. :pr:`59`"
+msgstr ""
+
+#: ../../CHANGES.rst:604 801ca69eff1f4540b54ca42b2dfaf866
+msgid "Bumped to FomanticUI 2.9.0 00ffffee"
+msgstr ""
+
+#: ../../CHANGES.rst:605 00f2d1f75caa439aa8283e1a05d463aa
+msgid "Implemented Dynamic Client Registration :pr:`60`"
+msgstr ""
+
+#: ../../CHANGES.rst:608 f3edd3260cce435abc5a1930ff239e5a
+msgid "[0.0.11] - 2022-08-11"
+msgstr ""
+
+#: ../../CHANGES.rst:613 0d143febef754055a90791ec48a2574a
+msgid "Default theme has a dark variant. :pr:`57`"
+msgstr ""
+
+#: ../../CHANGES.rst:618 ac8fb78dd6754ffc829ab6f01315d2ba
+msgid "Fixed missing ``canaille`` binary. :pr:`58`"
+msgstr ""
+
+#: ../../CHANGES.rst:621 0533665fb4e945468fa03d4417985c07
+msgid "[0.0.10] - 2022-07-07"
+msgstr ""
+
+#: ../../CHANGES.rst:626 8b5fd21d60c64ca68f79696fad57bfc8
+msgid "Online demo. :pr:`55`"
+msgstr ""
+
+#: ../../CHANGES.rst:627 e36f295ed93e419fad2426e5e7856ea1
+msgid "The consent page was displaying scopes not supported by clients. :pr:`56`"
+msgstr ""
+
+#: ../../CHANGES.rst:628 72180e56a3034bf587e5d5278f41a28d
+msgid "Fixed end session when user are already disconnected."
+msgstr ""
+
+#: ../../CHANGES.rst:631 09398279ac44400da7f778c5d27cd8bf
+msgid "[0.0.9] - 2022-06-05"
+msgstr ""
+
+#: ../../CHANGES.rst:636 f4a57111a02546628456bbcbb9b10751
+msgid ""
+"``DISABLE_PASSWORD_RESET`` configuration option to disable password "
+"recovery. :pr:`46`"
+msgstr ""
+
+#: ../../CHANGES.rst:637 371609f8181e47fbb90792b94f91d4fe
+msgid "``edit_self`` ACL permission to control user self edition. :pr:`47`"
+msgstr ""
+
+#: ../../CHANGES.rst:638 cc9a1f22935b4af3b84edfc356b8951d
+msgid "Implemented RP-initiated logout :pr:`54`"
+msgstr ""
+
+#: ../../CHANGES.rst:643 87b28a41b81749a0811c045563f968bf
+msgid "Bumped to authlib 1 :pr:`48`"
+msgstr ""
+
+#: ../../CHANGES.rst:644 0c004930bd594c7cb50f01eed19476e6
+msgid "documentation improvements :pr:`50`"
+msgstr ""
+
+#: ../../CHANGES.rst:645 a7f6b2f166014b26b869d643a594b2cd
+msgid "use poetry instead of setuptools :pr:`51`"
+msgstr ""
+
+#: ../../CHANGES.rst:646 f64d736b7cd54dd49df64fef30d37a1c
+msgid "additional nonce tests :pr:`52`"
+msgstr ""
+
+#: ../../CHANGES.rst:650 d2bbdbfb81db485f8faa4204b0f1c746
+msgid "``HIDE_INVALID_LOGIN`` behavior and default value."
+msgstr ""
+
+#: ../../CHANGES.rst:651 cc47b7e41f7f4319ae1bf87e29fd58bd
+msgid "mo files are not versioned anymore :pr:`49` :pr:`53`"
+msgstr ""
+
+#: ../../CHANGES.rst:654 2eb795d5552d45f68359efb37ecdd3ee
+msgid "[0.0.8] - 2022-03-15"
+msgstr ""
+
+#: ../../CHANGES.rst:659 b178f8851ee34dbc9274c1e6db2d100f
+msgid "Fixed dependencies"
+msgstr ""
+
+#: ../../CHANGES.rst:662 6c8555c1480a47cb9f2b6f96498d2a84
+msgid "[0.0.7] - 2022-03-15"
+msgstr ""
+
+#: ../../CHANGES.rst:667 f0a2de638e994ff49c903d11d4b9112d
+msgid "Fixed spaces and escaped special char in ldap cn/dn :pr:`43`"
+msgstr ""
+
+#: ../../CHANGES.rst:670 65dea365c33d4b0bb1c6fac9db148a39
+msgid "[0.0.6] - 2022-03-08"
+msgstr ""
+
+#: ../../CHANGES.rst:675 88ac5497c1f2451ba95029292b3bea24
+msgid "Access token are JWT. :pr:`38`"
+msgstr ""
+
+#: ../../CHANGES.rst:680 503af07edfd3447185935dc6e6f0e510
+msgid "Default groups on invitations :pr:`41`"
+msgstr ""
+
+#: ../../CHANGES.rst:681 edd5b58b1dbb41dbb2c315fb1b2f2370
+msgid "Schemas are shipped within the canaille package :pr:`42`"
+msgstr ""
+
+#: ../../CHANGES.rst:684 83039d3d01dc42ffbdd81d08d677fc46
+msgid "[0.0.5] - 2022-02-17"
+msgstr ""
+
+#: ../../CHANGES.rst:689 4bc8cbfc22044525ac90dbca6bc2f9fc
+msgid "LDAP model objects have new identifiers :pr:`37`"
+msgstr ""
+
+#: ../../CHANGES.rst:694 46c43eba4bf34f96ac708b90493926d4
+msgid "Admin menu dropdown display :pr:`39`"
+msgstr ""
+
+#: ../../CHANGES.rst:695 19df29bb500d46029a53bf88a3b49be8
+msgid "`GROUP_ID_ATTRIBUTE` configuration typo :pr:`40`"
+msgstr ""
+
+#: ../../CHANGES.rst:698 4c9b4d6a4016491a966aeabc0bcc1097
+msgid "[0.0.4] - 2022-02-16"
+msgstr ""
+
+#: ../../CHANGES.rst:703 0bf19b3c295442caa42a71e7cedf78ab
+msgid "Client preauthorization :pr:`11`"
+msgstr ""
+
+#: ../../CHANGES.rst:704 6e96f08567764f97b7df3b6ac165ff5f
+msgid "LDAP permissions check with the check command :pr:`12`"
+msgstr ""
+
+#: ../../CHANGES.rst:705 f35445dc59084cd28fc850ac88ce5faf
+msgid ""
+"Update consents when a scope required is larger than the scope of an "
+"already given consent :pr:`13`"
+msgstr ""
+
+#: ../../CHANGES.rst:707 4f77fff113244c84910357f609823bf6
+msgid "Theme customization :pr:`15`"
+msgstr ""
+
+#: ../../CHANGES.rst:708 a17e63a679c742c48be42b3eb0c619bc
+msgid "Logging configuration :pr:`16`"
+msgstr ""
+
+#: ../../CHANGES.rst:709 9cde02d9ce3544779a2ec03427b3ad91
+msgid "Installation command :pr:`17`"
+msgstr ""
+
+#: ../../CHANGES.rst:710 d19d4b7176484d6e918acfc93bf0e2d3
+msgid "Invitation links :pr:`18`"
+msgstr ""
+
+#: ../../CHANGES.rst:711 f2e504d792e54511a40a9c5cfab43d06
+msgid "Advanced permissions :pr:`20`"
+msgstr ""
+
+#: ../../CHANGES.rst:712 f666c2446c044ee7a75246fd26b8533d
+msgid "An option to not use OIDC :pr:`23`"
+msgstr ""
+
+#: ../../CHANGES.rst:713 770117e57e384012943bf1b963ee57ed
+msgid "Disable some features when no SMTP server is configured :pr:`24`"
+msgstr ""
+
+#: ../../CHANGES.rst:714 450b7e3fb1a345a888fc22a71363b85f
+msgid ""
+"Login placeholder dynamically generated according to the configuration "
+":pr:`25`"
+msgstr ""
+
+#: ../../CHANGES.rst:715 c0a5164fc3f841099c3f38e28ccb59ba
+msgid "Added an option to tune object IDs :pr:`26`"
+msgstr ""
+
+#: ../../CHANGES.rst:716 50cbfe5b66ed41db8e48e7a93b611416
+msgid "Avatar support :pr:`27`"
+msgstr ""
+
+#: ../../CHANGES.rst:717 e32c480c5b99469699d6c3e28116c1b7
+msgid "Dynamical and configurable JWT claims :pr:`28`"
+msgstr ""
+
+#: ../../CHANGES.rst:718 63a7f081e0994aa9a4fb9aa38981d755
+msgid "UI improvements :pr:`29`"
+msgstr ""
+
+#: ../../CHANGES.rst:719 7c2ab828372c4997a726eec9c0713579
+msgid "Invitation links expiration :pr:`30`"
+msgstr ""
+
+#: ../../CHANGES.rst:720 38a72e0f5beb4718a059df0e7e308578
+msgid "Invitees can choose their IDs :pr:`31`"
+msgstr ""
+
+#: ../../CHANGES.rst:721 ddbe74ed313649308b6ab98456198355
+msgid "LDAP backend refactoring :pr:`35`"
+msgstr ""
+
+#: ../../CHANGES.rst:726 6e485e4e3b3741a9b269329a19237e29
+msgid "Fixed ghost members in a group :pr:`14`"
+msgstr ""
+
+#: ../../CHANGES.rst:727 8ef055e72f514424901798fa202cef04
+msgid "Fixed email sender names :pr:`19`"
+msgstr ""
+
+#: ../../CHANGES.rst:728 f0a07fe57b57478bb0678b48be12f462
+msgid "Fixed filter being not escaped :pr:`21`"
+msgstr ""
+
+#: ../../CHANGES.rst:729 140a09fe8d424d41a39c335de5605516
+msgid "Demo script good practices :pr:`32`"
+msgstr ""
+
+#: ../../CHANGES.rst:730 ecce3a2165a04c65acf4559f9fb7903c
+msgid "Binary path for Debian :pr:`33`"
+msgstr ""
+
+#: ../../CHANGES.rst:731 507756a0b9c54e27a73bca468b2d6374
+msgid ""
+"Last name was not mandatory in the forms while this was mandatory in the "
+"LDAP server :pr:`34`"
+msgstr ""
+
+#: ../../CHANGES.rst:733 e0b1632741454dfc837ae57ee1d20540
+msgid "Spelling typos :pr:`36`"
+msgstr ""
+
+#: ../../CHANGES.rst:736 c22c5d2bb72d4f24aa52e49c8d6705b1
+msgid "[0.0.3] - 2021-10-13"
+msgstr ""
+
+#: ../../CHANGES.rst:741 2cc5d5ce32eb49e2894d1f1d88d41ae1
+msgid "Two-steps sign-in :issue:`49`"
+msgstr ""
+
+#: ../../CHANGES.rst:742 f123282d6e1841008a8fc46e59fa6b73
+msgid "Tokens can have several audiences. :issue:`62` :pr:`9`"
+msgstr ""
+
+#: ../../CHANGES.rst:743 eb744023124d4e27bb95d97031dc772d
+msgid "Configuration check command. :issue:`66` :pr:`8`"
+msgstr ""
+
+#: ../../CHANGES.rst:744 9d4efea0eaa34978a7b8e1647140158d
+msgid "Groups management. :issue:`12` :pr:`6`"
+msgstr ""
+
+#: ../../CHANGES.rst:749 93e756795d784f93a5b146d8917f5986
+msgid "Introspection access bugfix. :issue:`63` :pr:`10`"
+msgstr ""
+
+#: ../../CHANGES.rst:750 080a57bd199c409db86f03476f6ba14c
+msgid "Introspection sub claim. :issue:`64` :pr:`7`"
+msgstr ""
+
+#: ../../CHANGES.rst:753 0dc9fc1412334f54a2d88f930d399ded
+msgid "[0.0.2] - 2021-01-06"
+msgstr ""
+
+#: ../../CHANGES.rst:758 d8894f6cb5ba46069fb0fcf6d788281e
+msgid "Login page is responsive. :issue:`1`"
+msgstr ""
+
+#: ../../CHANGES.rst:759 bd8151871c7043e1ab23b9a329b97fa3
+msgid "Adapt mobile keyboards to login page fields. :issue:`2`"
+msgstr ""
+
+#: ../../CHANGES.rst:760 900a77596f7f4f74aa6f7d92063d0313
+msgid "Password recovery interface. :issue:`3`"
+msgstr ""
+
+#: ../../CHANGES.rst:761 dcb6f2dcc8b040c08054afe5aa25ac9f
+msgid "User profile interface. :issue:`4`"
+msgstr ""
+
+#: ../../CHANGES.rst:762 e19659ec5aa048fab31a47bab447c05f
+msgid "Renamed the project *canaille*. :issue:`5`"
+msgstr ""
+
+#: ../../CHANGES.rst:763 9b165231e7a1497a9b16f88cec603b64
+msgid "Command to remove old tokens. :issue:`17`"
+msgstr ""
+
+#: ../../CHANGES.rst:764 9ddaf038c2b84f2a88748b749321b2a7
+msgid "Improved password recovery email. :issue:`14` :issue:`26`"
+msgstr ""
+
+#: ../../CHANGES.rst:765 cdeb34db9b5d4f5598b2202dbd439179
+msgid ""
+"Use flask `SERVER_NAME` configuration variable instead of `URL`. "
+":issue:`24`"
+msgstr ""
+
+#: ../../CHANGES.rst:766 8ad48575924e4b0c922baf7e23c3fd83
+msgid "Improved consents page. :issue:`27`"
+msgstr ""
+
+#: ../../CHANGES.rst:767 ffd55065337140a6a90449c06717225a
+msgid "Admin user page. :issue:`8`"
+msgstr ""
+
+#: ../../CHANGES.rst:768 08806c4fa60f49ae88c1f4b7557b6c5f
+msgid "Project logo. :pr:`29`"
+msgstr ""
+
+#: ../../CHANGES.rst:769 5fe1184956d14f33a531bfc78f6aa844
+msgid ""
+"User account self-deletion can be enabled in the configuration with "
+"`SELF_DELETION`. :issue:`35`"
+msgstr ""
+
+#: ../../CHANGES.rst:770 069ec9317ed340e9ba74cd3b99df96b0
+msgid "Admins can impersonate users. :issue:`39`"
+msgstr ""
+
+#: ../../CHANGES.rst:771 bd69e0ad71714b9ebc9ee753e798285f
+msgid "Forgotten page UX improvement. :pr:`43`"
+msgstr ""
+
+#: ../../CHANGES.rst:772 f745abf4158843ce8f5a338c061326d4
+msgid "Admins can remove clients. :pr:`45`"
+msgstr ""
+
+#: ../../CHANGES.rst:773 401588524d4f476d86f5da15088d03cd
+msgid ""
+"Option `HIDE_INVALID_LOGIN` that can be unactivated to let the user know "
+"if the login he attempt to sign in with exists or not. :pr:`48`"
+msgstr ""
+
+#: ../../CHANGES.rst:775 60d6a76f041442888c5582b4a9ae8bef
+msgid "Password initialization mail. :pr:`51`"
+msgstr ""
+
+#: ../../CHANGES.rst:780 6aa2b2cbfc18468bb3218a76287422c1
+msgid "Form translations. :issue:`19` :issue:`23`"
+msgstr ""
+
+#: ../../CHANGES.rst:781 34c7961d2a25459487fbe7f20081279f
+msgid "Avoid to use Google Fonts. :issue:`21`"
+msgstr ""
+
+#: ../../CHANGES.rst:786 aab08055fb7e413c90b6052a96377e3a
+msgid "'My tokens' page. :issue:`22`"
+msgstr ""
+
+#: ../../CHANGES.rst:789 3fda3f8a84304a3798f8e6ce4f7c85d2
+msgid "[0.0.1] - 2020-10-21"
+msgstr ""
+
+#: ../../CHANGES.rst:794 f0395a6cd6704b9a8a7932926ae63489
+msgid "Initial release."
+msgstr ""
+
diff --git a/doc/locales/fr_FR/LC_MESSAGES/development/contributing.po b/doc/locales/fr_FR/LC_MESSAGES/development/contributing.po
new file mode 100644
index 00000000..eefbc656
--- /dev/null
+++ b/doc/locales/fr_FR/LC_MESSAGES/development/contributing.po
@@ -0,0 +1,406 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) 2024, Yaal Coop
+# This file is distributed under the same license as the canaille package.
+# FIRST AUTHOR , 2024.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: canaille 0.0.56\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2024-11-22 15:37+0100\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME \n"
+"Language: fr_FR\n"
+"Language-Team: fr_FR \n"
+"Plural-Forms: nplurals=2; plural=(n > 1);\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=utf-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Generated-By: Babel 2.16.0\n"
+
+#: ../../CONTRIBUTING.rst:2 7c1ab3305147436fb9421dffeac09375
+msgid "Contributions"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:4 a73a38a924914b208c350201b99ade0c
+msgid "Contributions are welcome!"
+msgstr ""
+
+#: ../../CONTRIBUTING.rst:6 bb5639fbdf6c49bfa96bf0a26b42ee2a
+msgid ""
+"The repository is hosted at `gitlab.com/yaal/canaille "
+"