config/locales/service_providers/en.yml
---
en:
call_to_action:
ready_to_deploy: Ready to deploy or make an update?
review_changes: All changes to integrations between Login.gov and your application must be reviewed before being deployed.
read_process: Read production configuration process
submit_request: Submit a request
two_weeks: Please allow two weeks for integration launch or change requests.
service_provider_form:
wizard_steps:
intro: Introduction
settings: App settings
authentication: Authentication
issuer: Issuer
logo_and_cert: Logo and certificate
redirects: Redirect URIs
help_text: Help Text
app_name_html: "As it appears in the signed <a href='https://developers.login.gov/production/#confirm-interagency-agreement-iaa'>Inter-Agency Agreement (IAA)</a> with Login.gov."
friendly_name_html: "The name of your app that will be displayed to users when logging in."
description: A description of the app (may be helpful for your colleagues).
team: Assign an agency team to this client.
protocol: This is the authentication protocol used by the service provider. We highly recommend using OpenID Connect, unless a technical reason prevents you.
identity_protocol: This is the authentication protocol used by the service provider. We highly recommend using OpenID Connect, unless a technical reason prevents you.
ial_option_1: Authentication only (no verified attributes)
ial_option_2: Identity verification permitted
aal_option_default: MFA required + remember device up to 30 days (AAL1)
aal_option_2: MFA required, remember device disallowed (AAL2)
aal_option_3: Phishing-resistant MFA (e.g. WebAuthn or PIV/CAC cards) required, remember device disallowed (AAL2)
before_start_1_html: "All new configurations or configuration changes must be promoted to production following the <a href='https://developers.login.gov/production' class='usa-link'>process outlined in the Login.gov Developer docs</a>. Configurations must be reviewed and approved by the Login.gov Partnerships team. Changes to production apps are not automatic and can take up to two weeks."
before_start_2_html: "Please note that you will need a signed Inter-Agency Agreement with Login.gov in order to go live in production. Visit the <a href='https://developers.login.gov/production' class='usa-link'>Login.gov Developer docs</a> for more details or email <a href='mailto:partners@login.gov?subject=Beginning%20integration%20questions%20(IAA,%20requirements)' class='usa-link'>partners@login.gov</a> with any questions."
identity_assurance_level_html: "Determines whether or not an application is permitted to request and receive verified attributes from users who have gone through Identity Verification.</p><p>Authentication only means your application will not be able to request or receive verified <a href='https://developers.login.gov/attributes/'>attributes</a>.</p><p>Note that Login.gov identity proofing services do not meet NIST IAL2 standards at this time. We continue to work toward achieving certification of compliance with the IAL2 standard from a third-party assessment organization."
ial_html: "Determines whether or not an application is permitted to request and receive verified attributes from users who have gone through Identity Verification.</p><p class='usa-hint'>Authentication only means your application will not be able to request or receive verified <a href='https://developers.login.gov/attributes/'>attributes</a>.</p><p class='usa-hint'>Note that Login.gov identity proofing services do not meet NIST IAL2 standards at this time. We continue to work toward achieving certification of compliance with the IAL2 standard from a third-party assessment organization."
intro_html: "This partner portal is where you will manage your Login.gov integrations for testing and production. Before you start creating an integration, review our <a href='https://developers.login.gov/' class='usa-link'>Developer docs</a> to understand any requirements. If you have any questions, reach out to our engineers through the <a href='https://gsa.enterprise.slack.com/archives/CG64NU5C7' class='usa-link'>Partner Slack Channel</a> or submit a support ticket through the <a href='https://zendesk.login.gov' class='usa-link'>Partner support help desk</a>."
change_issuer: "The issuer cannot be changed, but you can create a new test app with a different issuer."
issuer_html: "This is a unique string to identify the app in the IdP, and is also used as the <code>client_id</code>. We recommend something like the following, replacing <code>agency_name</code> and <code>app_name</code> with your own.</p><p>For OpenID Connect: </p><p><code class=‘ml2’>urn:gov:gsa:openidconnect.profiles:sp:sso:agency_name:app_name</code><p>For SAML: </p><p><code class=‘ml2’>urn:gov:gsa:SAML:2.0.profiles:sp:sso:agency_name:app_name</code>"
logo_html: "Choose a file to upload as your logo. Your file should follow <a href='https://developers.login.gov/design-guidelines/#agency-logo-guidelines'>our guidelines</a>."
logo_input: "Logo file type must be SVG"
cert_input: "Upload your PEM encoded public certificate"
save_new: Create app
save_existing: Update app
certificate: "Your public certificate (or certificates), which contains your public key. Needed for OpenID Connect (when using private_key_jwt) and for SAML. Optional for OIDC PKCE."
certificate_html: "Your public certificate will contain your public key and should match your corresponding private key.</p><p class='usa-hint'>Take a look at our developer documentation for <a class='usa-link' href='https://developers.login.gov/testing/#creating-a-public-certificate'>how to generate a public-private key pair.</a></p><p class='usa-hint'>Certificate must be <a class='usa-link' href='https://en.wikipedia.org/wiki/Privacy-enhanced_Electronic_Mail'>PEM encoded</a> like this example:"
assertion_consumer_service_url_html: "Your application's endpoint which receives <a href= 'https://developers.login.gov/saml/#auth-response' target='_blank'>authentication assertions</a>, for example: <code>https://app.agency.gov/auth/saml/sso</code>"
assertion_consumer_logout_service_url_html: "The <a href='https://developers.login.gov/saml/#logout-response' target='_blank'>endpoint</a> which receives logout requests and responses, for example: <code>https://app.agency.gov/auth/saml/logout</code>"
sp_initiated_login_url_html: "The endpoint which initializes authentication with Login.gov. This is used to trigger a new authentication request and response at the SP for better usability. For example: <code>https://app.agency.gov/users/auth/saml/login</code>"
saml_assertion_encryption: "Whether to encrypt SAML assertions sent to your SP. If set to AES, authentication assertions received at your ACS URL will be encrypted with the public key specified above. If set to none, assertions will be protected only by HTTPS. Production applications must have assertion encryption turned on."
signed_response_requested: This feature controls whether or not the entire authentication response is signed, as opposed to just the attribute statement.
return_to_app_url_html: "The application's URL which Login.gov provides to users when they wish to go directly to the app's site or cancel out of authentication. For example: <code>https://app.agency.gov</code>"
failure_to_proof_url: The URL provided to users who are unable to complete identity proofing and returning to your application.
push_notification_url: Your application's endpoint which receives push notifications.
oidc_redirects_html: "One or more URIs that Login.gov will redirect to after authentication. Login.gov will only redirect to URIs listed here. These can be web URLs (public, internal, or localhost) or a custom scheme to support native applications, for example: <code>gov.agency.app://result</code>. See the <a href='https://developers.login.gov/user-experience/cancel-url/#oidc-redirect-uri'>Cancel URL</a> information in our Developer docs for more details."
saml_redirects_html: "One or more URIs that Login.gov will include in the SAML response CSP headers to allow multiple targets for redirection. These can be web URLs (public, internal, or localhost) or a custom scheme to support native applications, for example: <code>gov.agency.app://result</code>. See the <a href='https://developers.login.gov/user-experience/cancel-url/#saml-return-to-sp-url'>Cancel URL</a> information in our Developer docs for more details."
attribute_bundle: "The default attributes that Login.gov will return to your application during authentication."
help_text: You can specify help text in these different areas to alert users of important information for logging into your app.
active: Setting Accessible to “No” will remove this application from the Integration environment. This configuration setting will have no effect on Production applications.
custom_help_text_html: "If your app requires custom help text, reach out to the <a href='https://logingov.zendesk.com'>Partner Support Help Desk</a>. Help text guidance is outlined in the <a class='usa-link' href='https://developers.login.gov/user-experience/help-text/'>User experience section</a> of the developer docs. Please review the guidance before requesting support."
help_text:
sign_in:
blank: Leave blank
first_time: "First time here from %{sp_name}? Your old %{sp_name} username and password won’t work. Create a Login.gov account with the same email used previously."
agency_email: "Sign in to Login.gov with your %{agency} email."
piv_cac: "Sign in to Login.gov with your %{agency} PIV/CAC."
sign_up:
blank: Leave blank
first_time: "First time here from %{sp_name}? Your old %{sp_name} username and password won’t work. Create a Login.gov account with the same email used previously."
agency_email: "Create a Login.gov account using your %{agency} email."
same_email: Create a Login.gov account using the same email provided on your application.
forgot_password:
blank: Leave blank
troubleshoot_html: "If you are having trouble accessing your Login.gov account, <a href=\"https://login.gov/help\">visit the Login.gov help center</a> for support."
banner_form:
message_hint: Please attempt to keep messages to under 150 characters if possible.