Revert "feat: use i18next-resources-to-backend to lazy load i18n (#2738 )"

This reverts commit dc3131c683.
feat: use i18next-resources-to-backend to lazy load i18n (#2738 )
2025-07-18 06:33:49 +08:00 · 2024-02-23 23:38:15 +08:00 · 2024-02-23 22:35:59 +08:00 · 2024-02-23 00:09:37 +08:00 · 2024-02-22 17:56:47 +08:00 · 2024-02-21 17:33:08 +08:00
110 changed files with 3339 additions and 485 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@ -127,7 +127,7 @@ jobs:
  release-and-push:
    name: Release And Push
    runs-on: ubuntu-latest
-    if: github.repository == 'casbin/casdoor' && github.event_name == 'push'
+    if: github.repository == 'casdoor/casdoor' && github.event_name == 'push'
    needs: [ frontend, backend, linter, e2e ]
    steps:
      - name: Checkout
@ -182,14 +182,14 @@ jobs:

      - name: Log in to Docker Hub
        uses: docker/login-action@v1
-        if: github.repository == 'casbin/casdoor' && github.event_name == 'push' && steps.should_push.outputs.push=='true'
+        if: github.repository == 'casdoor/casdoor' && github.event_name == 'push' && steps.should_push.outputs.push=='true'
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_PASSWORD }}

      - name: Push to Docker Hub
        uses: docker/build-push-action@v3
-        if: github.repository == 'casbin/casdoor' && github.event_name == 'push' && steps.should_push.outputs.push=='true'
+        if: github.repository == 'casdoor/casdoor' && github.event_name == 'push' && steps.should_push.outputs.push=='true'
        with:
          context: .
          target: STANDARD
@ -199,7 +199,7 @@ jobs:

      - name: Push All In One Version to Docker Hub
        uses: docker/build-push-action@v3
-        if: github.repository == 'casbin/casdoor' && github.event_name == 'push' && steps.should_push.outputs.push=='true'
+        if: github.repository == 'casdoor/casdoor' && github.event_name == 'push' && steps.should_push.outputs.push=='true'
        with:
          context: .
          target: ALLINONE
--- a/.github/workflows/sync.yml
+++ b/.github/workflows/sync.yml
@ -7,7 +7,7 @@ on:
 jobs:
  synchronize-with-crowdin:
    runs-on: ubuntu-latest
-    if: github.repository == 'casbin/casdoor' && github.event_name == 'push'
+    if: github.repository == 'casdoor/casdoor' && github.event_name == 'push'
    steps:

    - name: Checkout
--- a/README.md
+++ b/README.md
@ -87,8 +87,7 @@ https://casdoor.org/docs/category/integrations
 ## How to contact?

 - Discord: https://discord.gg/5rPsrAzK7S
- Forum: https://forum.casbin.com
- Contact: https://tawk.to/chat/623352fea34c2456412b8c51/1fuc7od6e
+- Contact: https://casdoor.org/help

 ## Contribute

--- a/conf/conf.go
+++ b/conf/conf.go
@ -71,7 +71,10 @@ func GetConfigInt64(key string) (int64, error) {

 func GetConfigDataSourceName() string {
 	dataSourceName := GetConfigString("dataSourceName")
+	return ReplaceDataSourceNameByDocker(dataSourceName)
+}

+func ReplaceDataSourceNameByDocker(dataSourceName string) string {
 	runningInDocker := os.Getenv("RUNNING_IN_DOCKER")
 	if runningInDocker == "true" {
 		// https://stackoverflow.com/questions/48546124/what-is-linux-equivalent-of-host-docker-internal
@ -81,7 +84,6 @@ func GetConfigDataSourceName() string {
 			dataSourceName = strings.ReplaceAll(dataSourceName, "localhost", "host.docker.internal")
 		}
 	}
-
 	return dataSourceName
 }

@ -108,13 +110,3 @@ func GetConfigBatchSize() int {
 	}
 	return res
 }
-
-func GetConfigRealDataSourceName(driverName string) string {
-	var dataSourceName string
-	if driverName != "mysql" {
-		dataSourceName = GetConfigDataSourceName()
-	} else {
-		dataSourceName = GetConfigDataSourceName() + GetConfigString("dbName")
-	}
-	return dataSourceName
-}
--- a/controllers/account.go
+++ b/controllers/account.go
@ -94,7 +94,7 @@ func (c *ApiController) Signup() {
 		return
 	}
 	if application == nil {
-		c.ResponseError(fmt.Sprintf(c.T("auth:The application: %s does not exist")), authForm.Application)
+		c.ResponseError(fmt.Sprintf(c.T("auth:The application: %s does not exist"), authForm.Application))
 		return
 	}

@ -110,7 +110,7 @@ func (c *ApiController) Signup() {
 	}

 	if organization == nil {
-		c.ResponseError(fmt.Sprintf(c.T("auth:The organization: %s does not exist")), authForm.Organization)
+		c.ResponseError(fmt.Sprintf(c.T("auth:The organization: %s does not exist"), authForm.Organization))
 		return
 	}

@ -131,7 +131,12 @@ func (c *ApiController) Signup() {
 	}

 	if application.IsSignupItemVisible("Email") && application.GetSignupItemRule("Email") != "No verification" && authForm.Email != "" {
-		checkResult := object.CheckVerificationCode(authForm.Email, authForm.EmailCode, c.GetAcceptLanguage())
+		var checkResult *object.VerifyResult
+		checkResult, err = object.CheckVerificationCode(authForm.Email, authForm.EmailCode, c.GetAcceptLanguage())
+		if err != nil {
+			c.ResponseError(c.T(err.Error()))
+			return
+		}
 		if checkResult.Code != object.VerificationSuccess {
 			c.ResponseError(checkResult.Msg)
 			return
@ -141,7 +146,13 @@ func (c *ApiController) Signup() {
 	var checkPhone string
 	if application.IsSignupItemVisible("Phone") && application.GetSignupItemRule("Phone") != "No verification" && authForm.Phone != "" {
 		checkPhone, _ = util.GetE164Number(authForm.Phone, authForm.CountryCode)
-		checkResult := object.CheckVerificationCode(checkPhone, authForm.PhoneCode, c.GetAcceptLanguage())
+
+		var checkResult *object.VerifyResult
+		checkResult, err = object.CheckVerificationCode(checkPhone, authForm.PhoneCode, c.GetAcceptLanguage())
+		if err != nil {
+			c.ResponseError(c.T(err.Error()))
+			return
+		}
 		if checkResult.Code != object.VerificationSuccess {
 			c.ResponseError(checkResult.Msg)
 			return
--- a/controllers/auth.go
+++ b/controllers/auth.go
@ -24,7 +24,6 @@ import (
 	"net/url"
 	"strconv"
 	"strings"
-	"sync"

 	"github.com/casdoor/casdoor/captcha"
 	"github.com/casdoor/casdoor/conf"
@ -37,11 +36,6 @@ import (
 	"golang.org/x/oauth2"
 )

-var (
-	wechatCacheMap map[string]idp.WechatCacheMapValue
-	lock           sync.RWMutex
-)
-
 func codeToResponse(code *object.Code) *Response {
 	if code.Code == "" {
 		return &Response{Status: "error", Msg: code.Message, Data: code.Code}
@ -896,6 +890,7 @@ func (c *ApiController) GetSamlLogin() {
 	authURL, method, err := object.GenerateSamlRequest(providerId, relayState, c.Ctx.Request.Host, c.GetAcceptLanguage())
 	if err != nil {
 		c.ResponseError(err.Error())
+		return
 	}
 	c.ResponseOk(authURL, method)
 }
@ -906,6 +901,7 @@ func (c *ApiController) HandleSamlLogin() {
 	decode, err := base64.StdEncoding.DecodeString(relayState)
 	if err != nil {
 		c.ResponseError(err.Error())
+		return
 	}
 	slice := strings.Split(string(decode), "&")
 	relayState = url.QueryEscape(relayState)
@ -972,15 +968,15 @@ func (c *ApiController) HandleOfficialAccountEvent() {
 		return
 	}

-	lock.Lock()
-	if wechatCacheMap == nil {
-		wechatCacheMap = make(map[string]idp.WechatCacheMapValue)
+	idp.Lock.Lock()
+	if idp.WechatCacheMap == nil {
+		idp.WechatCacheMap = make(map[string]idp.WechatCacheMapValue)
 	}
-	wechatCacheMap[data.Ticket] = idp.WechatCacheMapValue{
-		IsScanned:    true,
-		WechatOpenId: data.FromUserName,
+	idp.WechatCacheMap[data.Ticket] = idp.WechatCacheMapValue{
+		IsScanned:     true,
+		WechatUnionId: data.FromUserName,
 	}
-	lock.Unlock()
+	idp.Lock.Unlock()

 	c.Ctx.WriteString("")
 }
@ -994,18 +990,15 @@ func (c *ApiController) HandleOfficialAccountEvent() {
 func (c *ApiController) GetWebhookEventType() {
 	ticket := c.Input().Get("ticket")

-	lock.RLock()
-	wechatMsg, ok := wechatCacheMap[ticket]
-	lock.RUnlock()
+	idp.Lock.RLock()
+	_, ok := idp.WechatCacheMap[ticket]
+	idp.Lock.RUnlock()
 	if !ok {
 		c.ResponseError("ticket not found")
 		return
 	}
-	lock.Lock()
-	delete(wechatCacheMap, ticket)
-	lock.Unlock()

-	c.ResponseOk("SCAN", wechatMsg.IsScanned)
+	c.ResponseOk("SCAN", ticket)
 }

 // GetQRCode
--- a/controllers/casbin_api.go
+++ b/controllers/casbin_api.go
@ -85,7 +85,7 @@ func (c *ApiController) Enforce() {
 			return
 		}
 		if permission == nil {
-			c.ResponseError(fmt.Sprintf("permission: %s doesn't exist", permissionId))
+			c.ResponseError(fmt.Sprintf(c.T("permission:The permission: \"%s\" doesn't exist"), permissionId))
 			return
 		}

@ -209,7 +209,7 @@ func (c *ApiController) BatchEnforce() {
 			return
 		}
 		if permission == nil {
-			c.ResponseError(fmt.Sprintf("permission: %s doesn't exist", permissionId))
+			c.ResponseError(fmt.Sprintf(c.T("permission:The permission: \"%s\" doesn't exist"), permissionId))
 			return
 		}

--- a/controllers/mfa.go
+++ b/controllers/mfa.go
@ -110,7 +110,7 @@ func (c *ApiController) MfaSetupVerify() {
 			return
 		}
 		config.Secret = secret.(string)
-	} else if mfaType == object.EmailType || mfaType == object.SmsType {
+	} else if mfaType == object.SmsType {
 		dest := c.GetSession(MfaDestSession)
 		if dest == nil {
 			c.ResponseError("destination is missing")
@ -123,6 +123,13 @@ func (c *ApiController) MfaSetupVerify() {
 			return
 		}
 		config.CountryCode = countryCode.(string)
+	} else if mfaType == object.EmailType {
+		dest := c.GetSession(MfaDestSession)
+		if dest == nil {
+			c.ResponseError("destination is missing")
+			return
+		}
+		config.Secret = dest.(string)
 	}

 	mfaUtil := object.GetMfaUtil(mfaType, config)
@ -175,19 +182,30 @@ func (c *ApiController) MfaSetupEnable() {
 			return
 		}
 		config.Secret = secret.(string)
-	} else if mfaType == object.EmailType || mfaType == object.SmsType {
-		dest := c.GetSession(MfaDestSession)
-		if dest == nil {
-			c.ResponseError("destination is missing")
-			return
+	} else if mfaType == object.EmailType {
+		if user.Email == "" {
+			dest := c.GetSession(MfaDestSession)
+			if dest == nil {
+				c.ResponseError("destination is missing")
+				return
+			}
+			user.Email = dest.(string)
 		}
-		config.Secret = dest.(string)
-		countryCode := c.GetSession(MfaCountryCodeSession)
-		if countryCode == nil {
-			c.ResponseError("country code is missing")
-			return
+	} else if mfaType == object.SmsType {
+		if user.Phone == "" {
+			dest := c.GetSession(MfaDestSession)
+			if dest == nil {
+				c.ResponseError("destination is missing")
+				return
+			}
+			user.Phone = dest.(string)
+			countryCode := c.GetSession(MfaCountryCodeSession)
+			if countryCode == nil {
+				c.ResponseError("country code is missing")
+				return
+			}
+			user.CountryCode = countryCode.(string)
 		}
-		config.CountryCode = countryCode.(string)
 	}
 	recoveryCodes := c.GetSession(MfaRecoveryCodesSession)
 	if recoveryCodes == nil {
--- a/controllers/record.go
+++ b/controllers/record.go
@ -0,0 +1,123 @@
+// Copyright 2021 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package controllers
+
+import (
+	"encoding/json"
+
+	"github.com/casvisor/casvisor-go-sdk/casvisorsdk"
+
+	"github.com/beego/beego/utils/pagination"
+	"github.com/casdoor/casdoor/object"
+	"github.com/casdoor/casdoor/util"
+)
+
+// GetRecords
+// @Title GetRecords
+// @Tag Record API
+// @Description get all records
+// @Param   pageSize     query    string  true        "The size of each page"
+// @Param   p     query    string  true        "The number of the page"
+// @Success 200 {object} object.Record The Response object
+// @router /get-records [get]
+func (c *ApiController) GetRecords() {
+	organization, ok := c.RequireAdmin()
+	if !ok {
+		return
+	}
+
+	limit := c.Input().Get("pageSize")
+	page := c.Input().Get("p")
+	field := c.Input().Get("field")
+	value := c.Input().Get("value")
+	sortField := c.Input().Get("sortField")
+	sortOrder := c.Input().Get("sortOrder")
+	organizationName := c.Input().Get("organizationName")
+
+	if limit == "" || page == "" {
+		records, err := object.GetRecords()
+		if err != nil {
+			c.ResponseError(err.Error())
+			return
+		}
+
+		c.ResponseOk(records)
+	} else {
+		limit := util.ParseInt(limit)
+		if c.IsGlobalAdmin() && organizationName != "" {
+			organization = organizationName
+		}
+		filterRecord := &casvisorsdk.Record{Organization: organization}
+		count, err := object.GetRecordCount(field, value, filterRecord)
+		if err != nil {
+			c.ResponseError(err.Error())
+			return
+		}
+
+		paginator := pagination.SetPaginator(c.Ctx, limit, count)
+		records, err := object.GetPaginationRecords(paginator.Offset(), limit, field, value, sortField, sortOrder, filterRecord)
+		if err != nil {
+			c.ResponseError(err.Error())
+			return
+		}
+
+		c.ResponseOk(records, paginator.Nums())
+	}
+}
+
+// GetRecordsByFilter
+// @Tag Record API
+// @Title GetRecordsByFilter
+// @Description get records by filter
+// @Param   filter  body string     true  "filter Record message"
+// @Success 200 {object} object.Record The Response object
+// @router /get-records-filter [post]
+func (c *ApiController) GetRecordsByFilter() {
+	body := string(c.Ctx.Input.RequestBody)
+
+	record := &casvisorsdk.Record{}
+	err := util.JsonToStruct(body, record)
+	if err != nil {
+		c.ResponseError(err.Error())
+		return
+	}
+
+	records, err := object.GetRecordsByField(record)
+	if err != nil {
+		c.ResponseError(err.Error())
+		return
+	}
+
+	c.ResponseOk(records)
+}
+
+// AddRecord
+// @Title AddRecord
+// @Tag Record API
+// @Description add a record
+// @Param   body    body   object.Record  true        "The details of the record"
+// @Success 200 {object} controllers.Response The Response object
+// @router /add-record [post]
+func (c *ApiController) AddRecord() {
+	var record casvisorsdk.Record
+	err := json.Unmarshal(c.Ctx.Input.RequestBody, &record)
+	if err != nil {
+		c.ResponseError(err.Error())
+		return
+	}
+
+	c.Data["json"] = wrapActionResponse(object.AddRecord(&record))
+	c.ServeJSON()
+}
--- a/controllers/syncer.go
+++ b/controllers/syncer.go
@ -168,3 +168,20 @@ func (c *ApiController) RunSyncer() {

 	c.ResponseOk()
 }
+
+func (c *ApiController) TestSyncerDb() {
+	var syncer object.Syncer
+	err := json.Unmarshal(c.Ctx.Input.RequestBody, &syncer)
+	if err != nil {
+		c.ResponseError(err.Error())
+		return
+	}
+
+	err = object.TestSyncerDb(syncer)
+	if err != nil {
+		c.ResponseError(err.Error())
+		return
+	}
+
+	c.ResponseOk()
+}
--- a/controllers/user.go
+++ b/controllers/user.go
@ -156,6 +156,10 @@ func (c *ApiController) GetUser() {
 			c.ResponseError(err.Error())
 			return
 		}
+		if userFromUserId == nil {
+			c.ResponseOk(nil)
+			return
+		}

 		id = util.GetId(userFromUserId.Owner, userFromUserId.Name)
 	}
@ -200,7 +204,7 @@ func (c *ApiController) GetUser() {
 			return
 		}
 		if organization == nil {
-			c.ResponseError(fmt.Sprintf("the organization: %s is not found", owner))
+			c.ResponseError(fmt.Sprintf(c.T("auth:The organization: %s does not exist"), owner))
 			return
 		}

--- a/controllers/verification.go
+++ b/controllers/verification.go
@ -164,13 +164,13 @@ func (c *ApiController) SendVerificationCode() {
 			c.SetSession(MfaDestSession, vform.Dest)
 		}

-		provider, err := application.GetEmailProvider()
+		provider, err = application.GetEmailProvider(vform.Method)
 		if err != nil {
 			c.ResponseError(err.Error())
 			return
 		}
 		if provider == nil {
-			c.ResponseError(fmt.Sprintf("please add an Email provider to the \"Providers\" list for the application: %s", application.Name))
+			c.ResponseError(fmt.Sprintf(c.T("verification:please add an Email provider to the \"Providers\" list for the application: %s"), application.Name))
 			return
 		}

@ -210,13 +210,13 @@ func (c *ApiController) SendVerificationCode() {
 			vform.CountryCode = mfaProps.CountryCode
 		}

-		provider, err := application.GetSmsProvider()
+		provider, err = application.GetSmsProvider(vform.Method)
 		if err != nil {
 			c.ResponseError(err.Error())
 			return
 		}
 		if provider == nil {
-			c.ResponseError(fmt.Sprintf("please add a SMS provider to the \"Providers\" list for the application: %s", application.Name))
+			c.ResponseError(fmt.Sprintf(c.T("verification:please add a SMS provider to the \"Providers\" list for the application: %s"), application.Name))
 			return
 		}

@ -343,7 +343,12 @@ func (c *ApiController) ResetEmailOrPhone() {
 		}
 	}

-	if result := object.CheckVerificationCode(checkDest, code, c.GetAcceptLanguage()); result.Code != object.VerificationSuccess {
+	result, err := object.CheckVerificationCode(checkDest, code, c.GetAcceptLanguage())
+	if err != nil {
+		c.ResponseError(c.T(err.Error()))
+		return
+	}
+	if result.Code != object.VerificationSuccess {
 		c.ResponseError(result.Msg)
 		return
 	}
@ -425,16 +430,22 @@ func (c *ApiController) VerifyCode() {
 		}
 	}

-	if result := object.CheckVerificationCode(checkDest, authForm.Code, c.GetAcceptLanguage()); result.Code != object.VerificationSuccess {
+	result, err := object.CheckVerificationCode(checkDest, authForm.Code, c.GetAcceptLanguage())
+	if err != nil {
+		c.ResponseError(c.T(err.Error()))
+		return
+	}
+	if result.Code != object.VerificationSuccess {
 		c.ResponseError(result.Msg)
 		return
 	}
+
 	err = object.DisableVerificationCode(checkDest)
 	if err != nil {
 		c.ResponseError(err.Error())
 		return
 	}
-	c.SetSession("verifiedCode", authForm.Code)

+	c.SetSession("verifiedCode", authForm.Code)
 	c.ResponseOk()
 }
--- a/go.mod
+++ b/go.mod
@ -59,7 +59,7 @@ require (
 	github.com/xorm-io/core v0.7.4
 	github.com/xorm-io/xorm v1.1.6
 	github.com/yusufpapurcu/wmi v1.2.2 // indirect
-	golang.org/x/crypto v0.14.0
+	golang.org/x/crypto v0.19.0
 	golang.org/x/net v0.17.0
 	golang.org/x/oauth2 v0.13.0
 	google.golang.org/api v0.150.0
--- a/go.sum
+++ b/go.sum
@ -2117,8 +2117,9 @@ golang.org/x/crypto v0.10.0/go.mod h1:o4eNf7Ede1fv+hwOwZsTHl9EsPFO6q6ZvYR8vYfY45
 golang.org/x/crypto v0.11.0/go.mod h1:xgJhtzW8F9jGdVFWZESrid1U1bjeNy4zgy5cRr/CIio=
 golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98yw=
 golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
-golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc=
 golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4=
+golang.org/x/crypto v0.19.0 h1:ENy+Az/9Y1vSrlrvBSyna3PITt4tiZLf7sgCjZBX7Wo=
+golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
 golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20181106170214-d68db9428509/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
@ -2447,8 +2448,9 @@ golang.org/x/sys v0.9.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE=
 golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y=
+golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
@ -2465,8 +2467,9 @@ golang.org/x/term v0.9.0/go.mod h1:M6DEAAIenWoTxdKrOltXcmDY3rSplQUkrvaDU5FcQyo=
 golang.org/x/term v0.10.0/go.mod h1:lpqdcUyK/oCiQxvxVrppt5ggO2KCZ5QblwqPnfZ6d5o=
 golang.org/x/term v0.11.0/go.mod h1:zC9APTIj3jG3FdV/Ons+XE1riIZXG4aZ4GTHiPZJPIU=
 golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU=
-golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek=
 golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U=
+golang.org/x/term v0.17.0 h1:mkTF7LCd6WGJNL3K1Ad7kwxNfYAW6a8a8QqtMblp/4U=
+golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@ -2486,8 +2489,9 @@ golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
 golang.org/x/text v0.10.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
 golang.org/x/text v0.11.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
 golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
-golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k=
 golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
+golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
+golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
--- a/i18n/locales/ar/data.json
+++ b/i18n/locales/ar/data.json
@ -19,6 +19,7 @@
    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
    "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
+    "The organization: %s does not exist": "The organization: %s does not exist",
    "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
    "Unauthorized operation": "Unauthorized operation",
    "Unknown authentication type (not password or provider), form = %s": "Unknown authentication type (not password or provider), form = %s",
@ -57,6 +58,7 @@
    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex": "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex",
    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Username already exists",
    "Username cannot be an email address": "Username cannot be an email address",
@ -73,6 +75,7 @@
  "general": {
    "Missing parameter": "Missing parameter",
    "Please login first": "Please login first",
+    "The organization: %s should have one application at least": "The organization: %s should have one application at least",
    "The user: %s doesn't exist": "The user: %s doesn't exist",
    "don't support captchaProvider: ": "don't support captchaProvider: ",
    "this operation is not allowed in demo mode": "this operation is not allowed in demo mode"
@ -93,6 +96,9 @@
    "The %s is immutable.": "The %s is immutable.",
    "Unknown modify rule %s.": "Unknown modify rule %s."
  },
+  "permission": {
+    "The permission: \\\"%s\\\" doesn't exist": "The permission: \\\"%s\\\" doesn't exist"
+  },
  "provider": {
    "Invalid application id": "Invalid application id",
    "the provider: %s does not exist": "the provider: %s does not exist"
@ -117,7 +123,6 @@
    "The provider type: %s is not supported": "The provider type: %s is not supported"
  },
  "token": {
-    "Empty clientId or clientSecret": "Empty clientId or clientSecret",
    "Grant_type: %s is not supported in this application": "Grant_type: %s is not supported in this application",
    "Invalid application or wrong clientSecret": "Invalid application or wrong clientSecret",
    "Invalid client_id": "Invalid client_id",
@ -146,6 +151,8 @@
    "Unknown type": "Unknown type",
    "Wrong verification code!": "Wrong verification code!",
    "You should verify your code in %d min!": "You should verify your code in %d min!",
+    "please add a SMS provider to the \\\"Providers\\\" list for the application: %s": "please add a SMS provider to the \\\"Providers\\\" list for the application: %s",
+    "please add an Email provider to the \\\"Providers\\\" list for the application: %s": "please add an Email provider to the \\\"Providers\\\" list for the application: %s",
    "the user does not exist, please sign up first": "the user does not exist, please sign up first"
  },
  "webauthn": {
--- a/i18n/locales/de/data.json
+++ b/i18n/locales/de/data.json
@ -19,6 +19,7 @@
    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
    "The login method: login with password is not enabled for the application": "Die Anmeldeart \"Anmeldung mit Passwort\" ist für die Anwendung nicht aktiviert",
+    "The organization: %s does not exist": "The organization: %s does not exist",
    "The provider: %s is not enabled for the application": "Der Anbieter: %s ist nicht für die Anwendung aktiviert",
    "Unauthorized operation": "Nicht autorisierte Operation",
    "Unknown authentication type (not password or provider), form = %s": "Unbekannter Authentifizierungstyp (nicht Passwort oder Anbieter), Formular = %s",
@ -57,6 +58,7 @@
    "The user is forbidden to sign in, please contact the administrator": "Dem Benutzer ist der Zugang verboten, bitte kontaktieren Sie den Administrator",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "Der Benutzername darf nur alphanumerische Zeichen, Unterstriche oder Bindestriche enthalten, keine aufeinanderfolgenden Bindestriche oder Unterstriche haben und darf nicht mit einem Bindestrich oder Unterstrich beginnen oder enden.",
+    "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex": "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex",
    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Benutzername existiert bereits",
    "Username cannot be an email address": "Benutzername kann keine E-Mail-Adresse sein",
@ -73,6 +75,7 @@
  "general": {
    "Missing parameter": "Fehlender Parameter",
    "Please login first": "Bitte zuerst einloggen",
+    "The organization: %s should have one application at least": "The organization: %s should have one application at least",
    "The user: %s doesn't exist": "Der Benutzer %s existiert nicht",
    "don't support captchaProvider: ": "Unterstütze captchaProvider nicht:",
    "this operation is not allowed in demo mode": "this operation is not allowed in demo mode"
@ -93,6 +96,9 @@
    "The %s is immutable.": "Das %s ist unveränderlich.",
    "Unknown modify rule %s.": "Unbekannte Änderungsregel %s."
  },
+  "permission": {
+    "The permission: \\\"%s\\\" doesn't exist": "The permission: \\\"%s\\\" doesn't exist"
+  },
  "provider": {
    "Invalid application id": "Ungültige Anwendungs-ID",
    "the provider: %s does not exist": "Der Anbieter %s existiert nicht"
@ -117,7 +123,6 @@
    "The provider type: %s is not supported": "Der Anbieter-Typ %s wird nicht unterstützt"
  },
  "token": {
-    "Empty clientId or clientSecret": "Leerer clientId oder clientSecret",
    "Grant_type: %s is not supported in this application": "Grant_type: %s wird von dieser Anwendung nicht unterstützt",
    "Invalid application or wrong clientSecret": "Ungültige Anwendung oder falsches clientSecret",
    "Invalid client_id": "Ungültige client_id",
@ -146,6 +151,8 @@
    "Unknown type": "Unbekannter Typ",
    "Wrong verification code!": "Falscher Bestätigungscode!",
    "You should verify your code in %d min!": "Du solltest deinen Code in %d Minuten verifizieren!",
+    "please add a SMS provider to the \\\"Providers\\\" list for the application: %s": "please add a SMS provider to the \\\"Providers\\\" list for the application: %s",
+    "please add an Email provider to the \\\"Providers\\\" list for the application: %s": "please add an Email provider to the \\\"Providers\\\" list for the application: %s",
    "the user does not exist, please sign up first": "Der Benutzer existiert nicht, bitte zuerst anmelden"
  },
  "webauthn": {
--- a/i18n/locales/en/data.json
+++ b/i18n/locales/en/data.json
@ -19,6 +19,7 @@
    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
    "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
+    "The organization: %s does not exist": "The organization: %s does not exist",
    "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
    "Unauthorized operation": "Unauthorized operation",
    "Unknown authentication type (not password or provider), form = %s": "Unknown authentication type (not password or provider), form = %s",
@ -57,6 +58,7 @@
    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex": "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex",
    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Username already exists",
    "Username cannot be an email address": "Username cannot be an email address",
@ -73,6 +75,7 @@
  "general": {
    "Missing parameter": "Missing parameter",
    "Please login first": "Please login first",
+    "The organization: %s should have one application at least": "The organization: %s should have one application at least",
    "The user: %s doesn't exist": "The user: %s doesn't exist",
    "don't support captchaProvider: ": "don't support captchaProvider: ",
    "this operation is not allowed in demo mode": "this operation is not allowed in demo mode"
@ -93,6 +96,9 @@
    "The %s is immutable.": "The %s is immutable.",
    "Unknown modify rule %s.": "Unknown modify rule %s."
  },
+  "permission": {
+    "The permission: \\\"%s\\\" doesn't exist": "The permission: \\\"%s\\\" doesn't exist"
+  },
  "provider": {
    "Invalid application id": "Invalid application id",
    "the provider: %s does not exist": "the provider: %s does not exist"
@ -117,7 +123,6 @@
    "The provider type: %s is not supported": "The provider type: %s is not supported"
  },
  "token": {
-    "Empty clientId or clientSecret": "Empty clientId or clientSecret",
    "Grant_type: %s is not supported in this application": "Grant_type: %s is not supported in this application",
    "Invalid application or wrong clientSecret": "Invalid application or wrong clientSecret",
    "Invalid client_id": "Invalid client_id",
@ -146,6 +151,8 @@
    "Unknown type": "Unknown type",
    "Wrong verification code!": "Wrong verification code!",
    "You should verify your code in %d min!": "You should verify your code in %d min!",
+    "please add a SMS provider to the \\\"Providers\\\" list for the application: %s": "please add a SMS provider to the \\\"Providers\\\" list for the application: %s",
+    "please add an Email provider to the \\\"Providers\\\" list for the application: %s": "please add an Email provider to the \\\"Providers\\\" list for the application: %s",
    "the user does not exist, please sign up first": "the user does not exist, please sign up first"
  },
  "webauthn": {
--- a/i18n/locales/es/data.json
+++ b/i18n/locales/es/data.json
@ -19,6 +19,7 @@
    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
    "The login method: login with password is not enabled for the application": "El método de inicio de sesión: inicio de sesión con contraseña no está habilitado para la aplicación",
+    "The organization: %s does not exist": "The organization: %s does not exist",
    "The provider: %s is not enabled for the application": "El proveedor: %s no está habilitado para la aplicación",
    "Unauthorized operation": "Operación no autorizada",
    "Unknown authentication type (not password or provider), form = %s": "Tipo de autenticación desconocido (no es contraseña o proveedor), formulario = %s",
@ -57,6 +58,7 @@
    "The user is forbidden to sign in, please contact the administrator": "El usuario no está autorizado a iniciar sesión, por favor contacte al administrador",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "El nombre de usuario solo puede contener caracteres alfanuméricos, guiones bajos o guiones, no puede tener guiones o subrayados consecutivos, y no puede comenzar ni terminar con un guión o subrayado.",
+    "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex": "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex",
    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "El nombre de usuario ya existe",
    "Username cannot be an email address": "Nombre de usuario no puede ser una dirección de correo electrónico",
@ -73,6 +75,7 @@
  "general": {
    "Missing parameter": "Parámetro faltante",
    "Please login first": "Por favor, inicia sesión primero",
+    "The organization: %s should have one application at least": "The organization: %s should have one application at least",
    "The user: %s doesn't exist": "El usuario: %s no existe",
    "don't support captchaProvider: ": "No apoyo a captchaProvider",
    "this operation is not allowed in demo mode": "this operation is not allowed in demo mode"
@ -93,6 +96,9 @@
    "The %s is immutable.": "El %s es inmutable.",
    "Unknown modify rule %s.": "Regla de modificación desconocida %s."
  },
+  "permission": {
+    "The permission: \\\"%s\\\" doesn't exist": "The permission: \\\"%s\\\" doesn't exist"
+  },
  "provider": {
    "Invalid application id": "Identificación de aplicación no válida",
    "the provider: %s does not exist": "El proveedor: %s no existe"
@ -117,7 +123,6 @@
    "The provider type: %s is not supported": "El tipo de proveedor: %s no es compatible"
  },
  "token": {
-    "Empty clientId or clientSecret": "ClienteId o clienteSecret vacío",
    "Grant_type: %s is not supported in this application": "El tipo de subvención: %s no es compatible con esta aplicación",
    "Invalid application or wrong clientSecret": "Solicitud inválida o clientSecret incorrecto",
    "Invalid client_id": "Identificador de cliente no válido",
@ -146,6 +151,8 @@
    "Unknown type": "Tipo desconocido",
    "Wrong verification code!": "¡Código de verificación incorrecto!",
    "You should verify your code in %d min!": "¡Deberías verificar tu código en %d minutos!",
+    "please add a SMS provider to the \\\"Providers\\\" list for the application: %s": "please add a SMS provider to the \\\"Providers\\\" list for the application: %s",
+    "please add an Email provider to the \\\"Providers\\\" list for the application: %s": "please add an Email provider to the \\\"Providers\\\" list for the application: %s",
    "the user does not exist, please sign up first": "El usuario no existe, por favor regístrese primero"
  },
  "webauthn": {
--- a/i18n/locales/fa/data.json
+++ b/i18n/locales/fa/data.json
@ -19,6 +19,7 @@
    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
    "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
+    "The organization: %s does not exist": "The organization: %s does not exist",
    "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
    "Unauthorized operation": "Unauthorized operation",
    "Unknown authentication type (not password or provider), form = %s": "Unknown authentication type (not password or provider), form = %s",
@ -57,6 +58,7 @@
    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex": "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex",
    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Username already exists",
    "Username cannot be an email address": "Username cannot be an email address",
@ -73,6 +75,7 @@
  "general": {
    "Missing parameter": "Missing parameter",
    "Please login first": "Please login first",
+    "The organization: %s should have one application at least": "The organization: %s should have one application at least",
    "The user: %s doesn't exist": "The user: %s doesn't exist",
    "don't support captchaProvider: ": "don't support captchaProvider: ",
    "this operation is not allowed in demo mode": "this operation is not allowed in demo mode"
@ -93,6 +96,9 @@
    "The %s is immutable.": "The %s is immutable.",
    "Unknown modify rule %s.": "Unknown modify rule %s."
  },
+  "permission": {
+    "The permission: \\\"%s\\\" doesn't exist": "The permission: \\\"%s\\\" doesn't exist"
+  },
  "provider": {
    "Invalid application id": "Invalid application id",
    "the provider: %s does not exist": "the provider: %s does not exist"
@ -117,7 +123,6 @@
    "The provider type: %s is not supported": "The provider type: %s is not supported"
  },
  "token": {
-    "Empty clientId or clientSecret": "Empty clientId or clientSecret",
    "Grant_type: %s is not supported in this application": "Grant_type: %s is not supported in this application",
    "Invalid application or wrong clientSecret": "Invalid application or wrong clientSecret",
    "Invalid client_id": "Invalid client_id",
@ -146,6 +151,8 @@
    "Unknown type": "Unknown type",
    "Wrong verification code!": "Wrong verification code!",
    "You should verify your code in %d min!": "You should verify your code in %d min!",
+    "please add a SMS provider to the \\\"Providers\\\" list for the application: %s": "please add a SMS provider to the \\\"Providers\\\" list for the application: %s",
+    "please add an Email provider to the \\\"Providers\\\" list for the application: %s": "please add an Email provider to the \\\"Providers\\\" list for the application: %s",
    "the user does not exist, please sign up first": "the user does not exist, please sign up first"
  },
  "webauthn": {
--- a/i18n/locales/fi/data.json
+++ b/i18n/locales/fi/data.json
@ -19,6 +19,7 @@
    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
    "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
+    "The organization: %s does not exist": "The organization: %s does not exist",
    "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
    "Unauthorized operation": "Unauthorized operation",
    "Unknown authentication type (not password or provider), form = %s": "Unknown authentication type (not password or provider), form = %s",
@ -57,6 +58,7 @@
    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex": "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex",
    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Username already exists",
    "Username cannot be an email address": "Username cannot be an email address",
@ -73,6 +75,7 @@
  "general": {
    "Missing parameter": "Missing parameter",
    "Please login first": "Please login first",
+    "The organization: %s should have one application at least": "The organization: %s should have one application at least",
    "The user: %s doesn't exist": "The user: %s doesn't exist",
    "don't support captchaProvider: ": "don't support captchaProvider: ",
    "this operation is not allowed in demo mode": "this operation is not allowed in demo mode"
@ -93,6 +96,9 @@
    "The %s is immutable.": "The %s is immutable.",
    "Unknown modify rule %s.": "Unknown modify rule %s."
  },
+  "permission": {
+    "The permission: \\\"%s\\\" doesn't exist": "The permission: \\\"%s\\\" doesn't exist"
+  },
  "provider": {
    "Invalid application id": "Invalid application id",
    "the provider: %s does not exist": "the provider: %s does not exist"
@ -117,7 +123,6 @@
    "The provider type: %s is not supported": "The provider type: %s is not supported"
  },
  "token": {
-    "Empty clientId or clientSecret": "Empty clientId or clientSecret",
    "Grant_type: %s is not supported in this application": "Grant_type: %s is not supported in this application",
    "Invalid application or wrong clientSecret": "Invalid application or wrong clientSecret",
    "Invalid client_id": "Invalid client_id",
@ -146,6 +151,8 @@
    "Unknown type": "Unknown type",
    "Wrong verification code!": "Wrong verification code!",
    "You should verify your code in %d min!": "You should verify your code in %d min!",
+    "please add a SMS provider to the \\\"Providers\\\" list for the application: %s": "please add a SMS provider to the \\\"Providers\\\" list for the application: %s",
+    "please add an Email provider to the \\\"Providers\\\" list for the application: %s": "please add an Email provider to the \\\"Providers\\\" list for the application: %s",
    "the user does not exist, please sign up first": "the user does not exist, please sign up first"
  },
  "webauthn": {
--- a/i18n/locales/fr/data.json
+++ b/i18n/locales/fr/data.json
@ -19,6 +19,7 @@
    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
    "The login method: login with password is not enabled for the application": "La méthode de connexion : connexion avec mot de passe n'est pas activée pour l'application",
+    "The organization: %s does not exist": "The organization: %s does not exist",
    "The provider: %s is not enabled for the application": "Le fournisseur :%s n'est pas activé pour l'application",
    "Unauthorized operation": "Opération non autorisée",
    "Unknown authentication type (not password or provider), form = %s": "Type d'authentification inconnu (pas de mot de passe ou de fournisseur), formulaire = %s",
@ -57,6 +58,7 @@
    "The user is forbidden to sign in, please contact the administrator": "L'utilisateur est interdit de se connecter, veuillez contacter l'administrateur",
    "The user: %s doesn't exist in LDAP server": "L'utilisateur %s n'existe pas sur le serveur LDAP",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "Le nom d'utilisateur ne peut contenir que des caractères alphanumériques, des traits soulignés ou des tirets, ne peut pas avoir de tirets ou de traits soulignés consécutifs et ne peut pas commencer ou se terminer par un tiret ou un trait souligné.",
+    "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex": "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex",
    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Nom d'utilisateur existe déjà",
    "Username cannot be an email address": "Nom d'utilisateur ne peut pas être une adresse e-mail",
@ -73,6 +75,7 @@
  "general": {
    "Missing parameter": "Paramètre manquant",
    "Please login first": "Veuillez d'abord vous connecter",
+    "The organization: %s should have one application at least": "The organization: %s should have one application at least",
    "The user: %s doesn't exist": "L'utilisateur : %s n'existe pas",
    "don't support captchaProvider: ": "ne prend pas en charge captchaProvider: ",
    "this operation is not allowed in demo mode": "cette opération n’est pas autorisée en mode démo"
@ -93,6 +96,9 @@
    "The %s is immutable.": "Le %s est immuable.",
    "Unknown modify rule %s.": "Règle de modification inconnue %s."
  },
+  "permission": {
+    "The permission: \\\"%s\\\" doesn't exist": "The permission: \\\"%s\\\" doesn't exist"
+  },
  "provider": {
    "Invalid application id": "Identifiant d'application invalide",
    "the provider: %s does not exist": "Le fournisseur : %s n'existe pas"
@ -117,7 +123,6 @@
    "The provider type: %s is not supported": "Le type de fournisseur : %s n'est pas pris en charge"
  },
  "token": {
-    "Empty clientId or clientSecret": "clientId ou clientSecret vide",
    "Grant_type: %s is not supported in this application": "Type_de_subvention : %s n'est pas pris en charge dans cette application",
    "Invalid application or wrong clientSecret": "Application invalide ou clientSecret incorrect",
    "Invalid client_id": "Identifiant de client invalide",
@ -146,6 +151,8 @@
    "Unknown type": "Type inconnu",
    "Wrong verification code!": "Mauvais code de vérification !",
    "You should verify your code in %d min!": "Vous devriez vérifier votre code en %d min !",
+    "please add a SMS provider to the \\\"Providers\\\" list for the application: %s": "please add a SMS provider to the \\\"Providers\\\" list for the application: %s",
+    "please add an Email provider to the \\\"Providers\\\" list for the application: %s": "please add an Email provider to the \\\"Providers\\\" list for the application: %s",
    "the user does not exist, please sign up first": "L'utilisateur n'existe pas, veuillez vous inscrire d'abord"
  },
  "webauthn": {
--- a/i18n/locales/he/data.json
+++ b/i18n/locales/he/data.json
@ -19,6 +19,7 @@
    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
    "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
+    "The organization: %s does not exist": "The organization: %s does not exist",
    "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
    "Unauthorized operation": "Unauthorized operation",
    "Unknown authentication type (not password or provider), form = %s": "Unknown authentication type (not password or provider), form = %s",
@ -57,6 +58,7 @@
    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex": "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex",
    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Username already exists",
    "Username cannot be an email address": "Username cannot be an email address",
@ -73,6 +75,7 @@
  "general": {
    "Missing parameter": "Missing parameter",
    "Please login first": "Please login first",
+    "The organization: %s should have one application at least": "The organization: %s should have one application at least",
    "The user: %s doesn't exist": "The user: %s doesn't exist",
    "don't support captchaProvider: ": "don't support captchaProvider: ",
    "this operation is not allowed in demo mode": "this operation is not allowed in demo mode"
@ -93,6 +96,9 @@
    "The %s is immutable.": "The %s is immutable.",
    "Unknown modify rule %s.": "Unknown modify rule %s."
  },
+  "permission": {
+    "The permission: \\\"%s\\\" doesn't exist": "The permission: \\\"%s\\\" doesn't exist"
+  },
  "provider": {
    "Invalid application id": "Invalid application id",
    "the provider: %s does not exist": "the provider: %s does not exist"
@ -117,7 +123,6 @@
    "The provider type: %s is not supported": "The provider type: %s is not supported"
  },
  "token": {
-    "Empty clientId or clientSecret": "Empty clientId or clientSecret",
    "Grant_type: %s is not supported in this application": "Grant_type: %s is not supported in this application",
    "Invalid application or wrong clientSecret": "Invalid application or wrong clientSecret",
    "Invalid client_id": "Invalid client_id",
@ -146,6 +151,8 @@
    "Unknown type": "Unknown type",
    "Wrong verification code!": "Wrong verification code!",
    "You should verify your code in %d min!": "You should verify your code in %d min!",
+    "please add a SMS provider to the \\\"Providers\\\" list for the application: %s": "please add a SMS provider to the \\\"Providers\\\" list for the application: %s",
+    "please add an Email provider to the \\\"Providers\\\" list for the application: %s": "please add an Email provider to the \\\"Providers\\\" list for the application: %s",
    "the user does not exist, please sign up first": "the user does not exist, please sign up first"
  },
  "webauthn": {
--- a/i18n/locales/id/data.json
+++ b/i18n/locales/id/data.json
@ -19,6 +19,7 @@
    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
    "The login method: login with password is not enabled for the application": "Metode login: login dengan kata sandi tidak diaktifkan untuk aplikasi tersebut",
+    "The organization: %s does not exist": "The organization: %s does not exist",
    "The provider: %s is not enabled for the application": "Penyedia: %s tidak diaktifkan untuk aplikasi ini",
    "Unauthorized operation": "Operasi tidak sah",
    "Unknown authentication type (not password or provider), form = %s": "Jenis otentikasi tidak diketahui (bukan kata sandi atau pemberi), formulir = %s",
@ -57,6 +58,7 @@
    "The user is forbidden to sign in, please contact the administrator": "Pengguna dilarang masuk, silakan hubungi administrator",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "Nama pengguna hanya bisa menggunakan karakter alfanumerik, garis bawah atau tanda hubung, tidak boleh memiliki dua tanda hubung atau garis bawah berurutan, dan tidak boleh diawali atau diakhiri dengan tanda hubung atau garis bawah.",
+    "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex": "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex",
    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Nama pengguna sudah ada",
    "Username cannot be an email address": "Username tidak bisa menjadi alamat email",
@ -73,6 +75,7 @@
  "general": {
    "Missing parameter": "Parameter hilang",
    "Please login first": "Silahkan login terlebih dahulu",
+    "The organization: %s should have one application at least": "The organization: %s should have one application at least",
    "The user: %s doesn't exist": "Pengguna: %s tidak ada",
    "don't support captchaProvider: ": "Jangan mendukung captchaProvider:",
    "this operation is not allowed in demo mode": "this operation is not allowed in demo mode"
@ -93,6 +96,9 @@
    "The %s is immutable.": "%s tidak dapat diubah.",
    "Unknown modify rule %s.": "Aturan modifikasi tidak diketahui %s."
  },
+  "permission": {
+    "The permission: \\\"%s\\\" doesn't exist": "The permission: \\\"%s\\\" doesn't exist"
+  },
  "provider": {
    "Invalid application id": "ID aplikasi tidak valid",
    "the provider: %s does not exist": "provider: %s tidak ada"
@ -117,7 +123,6 @@
    "The provider type: %s is not supported": "Jenis penyedia: %s tidak didukung"
  },
  "token": {
-    "Empty clientId or clientSecret": "Kosong clientId atau clientSecret",
    "Grant_type: %s is not supported in this application": "Jenis grant (grant_type) %s tidak didukung dalam aplikasi ini",
    "Invalid application or wrong clientSecret": "Aplikasi tidak valid atau clientSecret salah",
    "Invalid client_id": "Invalid client_id = ID klien tidak valid",
@ -146,6 +151,8 @@
    "Unknown type": "Tipe tidak diketahui",
    "Wrong verification code!": "Kode verifikasi salah!",
    "You should verify your code in %d min!": "Anda harus memverifikasi kode Anda dalam %d menit!",
+    "please add a SMS provider to the \\\"Providers\\\" list for the application: %s": "please add a SMS provider to the \\\"Providers\\\" list for the application: %s",
+    "please add an Email provider to the \\\"Providers\\\" list for the application: %s": "please add an Email provider to the \\\"Providers\\\" list for the application: %s",
    "the user does not exist, please sign up first": "Pengguna tidak ada, silakan daftar terlebih dahulu"
  },
  "webauthn": {
--- a/i18n/locales/it/data.json
+++ b/i18n/locales/it/data.json
@ -19,6 +19,7 @@
    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
    "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
+    "The organization: %s does not exist": "The organization: %s does not exist",
    "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
    "Unauthorized operation": "Unauthorized operation",
    "Unknown authentication type (not password or provider), form = %s": "Unknown authentication type (not password or provider), form = %s",
@ -57,6 +58,7 @@
    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex": "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex",
    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Username already exists",
    "Username cannot be an email address": "Username cannot be an email address",
@ -73,6 +75,7 @@
  "general": {
    "Missing parameter": "Missing parameter",
    "Please login first": "Please login first",
+    "The organization: %s should have one application at least": "The organization: %s should have one application at least",
    "The user: %s doesn't exist": "The user: %s doesn't exist",
    "don't support captchaProvider: ": "don't support captchaProvider: ",
    "this operation is not allowed in demo mode": "this operation is not allowed in demo mode"
@ -93,6 +96,9 @@
    "The %s is immutable.": "The %s is immutable.",
    "Unknown modify rule %s.": "Unknown modify rule %s."
  },
+  "permission": {
+    "The permission: \\\"%s\\\" doesn't exist": "The permission: \\\"%s\\\" doesn't exist"
+  },
  "provider": {
    "Invalid application id": "Invalid application id",
    "the provider: %s does not exist": "the provider: %s does not exist"
@ -117,7 +123,6 @@
    "The provider type: %s is not supported": "The provider type: %s is not supported"
  },
  "token": {
-    "Empty clientId or clientSecret": "Empty clientId or clientSecret",
    "Grant_type: %s is not supported in this application": "Grant_type: %s is not supported in this application",
    "Invalid application or wrong clientSecret": "Invalid application or wrong clientSecret",
    "Invalid client_id": "Invalid client_id",
@ -146,6 +151,8 @@
    "Unknown type": "Unknown type",
    "Wrong verification code!": "Wrong verification code!",
    "You should verify your code in %d min!": "You should verify your code in %d min!",
+    "please add a SMS provider to the \\\"Providers\\\" list for the application: %s": "please add a SMS provider to the \\\"Providers\\\" list for the application: %s",
+    "please add an Email provider to the \\\"Providers\\\" list for the application: %s": "please add an Email provider to the \\\"Providers\\\" list for the application: %s",
    "the user does not exist, please sign up first": "the user does not exist, please sign up first"
  },
  "webauthn": {
--- a/i18n/locales/ja/data.json
+++ b/i18n/locales/ja/data.json
@ -19,6 +19,7 @@
    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
    "The login method: login with password is not enabled for the application": "ログイン方法：パスワードでのログインはアプリケーションで有効になっていません",
+    "The organization: %s does not exist": "The organization: %s does not exist",
    "The provider: %s is not enabled for the application": "プロバイダー：%sはアプリケーションでは有効化されていません",
    "Unauthorized operation": "不正操作",
    "Unknown authentication type (not password or provider), form = %s": "不明な認証タイプ（パスワードまたはプロバイダーではない）フォーム=%s",
@ -57,6 +58,7 @@
    "The user is forbidden to sign in, please contact the administrator": "ユーザーはサインインできません。管理者に連絡してください",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "ユーザー名には英数字、アンダースコア、ハイフンしか含めることができません。連続したハイフンまたはアンダースコアは不可であり、ハイフンまたはアンダースコアで始まるまたは終わることもできません。",
+    "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex": "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex",
    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "ユーザー名はすでに存在しています",
    "Username cannot be an email address": "ユーザー名には電子メールアドレスを使用できません",
@ -73,6 +75,7 @@
  "general": {
    "Missing parameter": "不足しているパラメーター",
    "Please login first": "最初にログインしてください",
+    "The organization: %s should have one application at least": "The organization: %s should have one application at least",
    "The user: %s doesn't exist": "そのユーザー：%sは存在しません",
    "don't support captchaProvider: ": "captchaProviderをサポートしないでください",
    "this operation is not allowed in demo mode": "this operation is not allowed in demo mode"
@ -93,6 +96,9 @@
    "The %s is immutable.": "%sは不変です。",
    "Unknown modify rule %s.": "未知の変更ルール%s。"
  },
+  "permission": {
+    "The permission: \\\"%s\\\" doesn't exist": "The permission: \\\"%s\\\" doesn't exist"
+  },
  "provider": {
    "Invalid application id": "アプリケーションIDが無効です",
    "the provider: %s does not exist": "プロバイダー%sは存在しません"
@ -117,7 +123,6 @@
    "The provider type: %s is not supported": "プロバイダータイプ：%sはサポートされていません"
  },
  "token": {
-    "Empty clientId or clientSecret": "クライアントIDまたはクライアントシークレットが空です",
    "Grant_type: %s is not supported in this application": "grant_type：%sはこのアプリケーションでサポートされていません",
    "Invalid application or wrong clientSecret": "無効なアプリケーションまたは誤ったクライアントシークレットです",
    "Invalid client_id": "client_idが無効です",
@ -146,6 +151,8 @@
    "Unknown type": "不明なタイプ",
    "Wrong verification code!": "誤った検証コードです！",
    "You should verify your code in %d min!": "あなたは%d分であなたのコードを確認する必要があります！",
+    "please add a SMS provider to the \\\"Providers\\\" list for the application: %s": "please add a SMS provider to the \\\"Providers\\\" list for the application: %s",
+    "please add an Email provider to the \\\"Providers\\\" list for the application: %s": "please add an Email provider to the \\\"Providers\\\" list for the application: %s",
    "the user does not exist, please sign up first": "ユーザーは存在しません。まず登録してください"
  },
  "webauthn": {
--- a/i18n/locales/kk/data.json
+++ b/i18n/locales/kk/data.json
@ -19,6 +19,7 @@
    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
    "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
+    "The organization: %s does not exist": "The organization: %s does not exist",
    "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
    "Unauthorized operation": "Unauthorized operation",
    "Unknown authentication type (not password or provider), form = %s": "Unknown authentication type (not password or provider), form = %s",
@ -57,6 +58,7 @@
    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex": "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex",
    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Username already exists",
    "Username cannot be an email address": "Username cannot be an email address",
@ -73,6 +75,7 @@
  "general": {
    "Missing parameter": "Missing parameter",
    "Please login first": "Please login first",
+    "The organization: %s should have one application at least": "The organization: %s should have one application at least",
    "The user: %s doesn't exist": "The user: %s doesn't exist",
    "don't support captchaProvider: ": "don't support captchaProvider: ",
    "this operation is not allowed in demo mode": "this operation is not allowed in demo mode"
@ -93,6 +96,9 @@
    "The %s is immutable.": "The %s is immutable.",
    "Unknown modify rule %s.": "Unknown modify rule %s."
  },
+  "permission": {
+    "The permission: \\\"%s\\\" doesn't exist": "The permission: \\\"%s\\\" doesn't exist"
+  },
  "provider": {
    "Invalid application id": "Invalid application id",
    "the provider: %s does not exist": "the provider: %s does not exist"
@ -117,7 +123,6 @@
    "The provider type: %s is not supported": "The provider type: %s is not supported"
  },
  "token": {
-    "Empty clientId or clientSecret": "Empty clientId or clientSecret",
    "Grant_type: %s is not supported in this application": "Grant_type: %s is not supported in this application",
    "Invalid application or wrong clientSecret": "Invalid application or wrong clientSecret",
    "Invalid client_id": "Invalid client_id",
@ -146,6 +151,8 @@
    "Unknown type": "Unknown type",
    "Wrong verification code!": "Wrong verification code!",
    "You should verify your code in %d min!": "You should verify your code in %d min!",
+    "please add a SMS provider to the \\\"Providers\\\" list for the application: %s": "please add a SMS provider to the \\\"Providers\\\" list for the application: %s",
+    "please add an Email provider to the \\\"Providers\\\" list for the application: %s": "please add an Email provider to the \\\"Providers\\\" list for the application: %s",
    "the user does not exist, please sign up first": "the user does not exist, please sign up first"
  },
  "webauthn": {
--- a/i18n/locales/ko/data.json
+++ b/i18n/locales/ko/data.json
@ -19,6 +19,7 @@
    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
    "The login method: login with password is not enabled for the application": "어플리케이션에서는 암호를 사용한 로그인 방법이 활성화되어 있지 않습니다",
+    "The organization: %s does not exist": "The organization: %s does not exist",
    "The provider: %s is not enabled for the application": "제공자 %s은(는) 응용 프로그램에서 활성화되어 있지 않습니다",
    "Unauthorized operation": "무단 조작",
    "Unknown authentication type (not password or provider), form = %s": "알 수 없는 인증 유형(암호 또는 공급자가 아님), 폼 = %s",
@ -57,6 +58,7 @@
    "The user is forbidden to sign in, please contact the administrator": "사용자는 로그인이 금지되어 있습니다. 관리자에게 문의하십시오",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "사용자 이름은 알파벳, 숫자, 밑줄 또는 하이픈만 포함할 수 있으며, 연속된 하이픈 또는 밑줄을 가질 수 없으며, 하이픈 또는 밑줄로 시작하거나 끝날 수 없습니다.",
+    "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex": "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex",
    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "사용자 이름이 이미 존재합니다",
    "Username cannot be an email address": "사용자 이름은 이메일 주소가 될 수 없습니다",
@ -73,6 +75,7 @@
  "general": {
    "Missing parameter": "누락된 매개변수",
    "Please login first": "먼저 로그인 하십시오",
+    "The organization: %s should have one application at least": "The organization: %s should have one application at least",
    "The user: %s doesn't exist": "사용자 %s는 존재하지 않습니다",
    "don't support captchaProvider: ": "CaptchaProvider를 지원하지 마세요",
    "this operation is not allowed in demo mode": "this operation is not allowed in demo mode"
@ -93,6 +96,9 @@
    "The %s is immutable.": "%s 는 변경할 수 없습니다.",
    "Unknown modify rule %s.": "미확인 수정 규칙 %s."
  },
+  "permission": {
+    "The permission: \\\"%s\\\" doesn't exist": "The permission: \\\"%s\\\" doesn't exist"
+  },
  "provider": {
    "Invalid application id": "잘못된 애플리케이션 ID입니다",
    "the provider: %s does not exist": "제공자 %s가 존재하지 않습니다"
@ -117,7 +123,6 @@
    "The provider type: %s is not supported": "제공자 유형: %s은/는 지원되지 않습니다"
  },
  "token": {
-    "Empty clientId or clientSecret": "클라이언트 ID 또는 클라이언트 비밀번호가 비어 있습니다",
    "Grant_type: %s is not supported in this application": "그랜트 유형: %s은(는) 이 어플리케이션에서 지원되지 않습니다",
    "Invalid application or wrong clientSecret": "잘못된 어플리케이션 또는 올바르지 않은 클라이언트 시크릿입니다",
    "Invalid client_id": "잘못된 클라이언트 ID입니다",
@ -146,6 +151,8 @@
    "Unknown type": "알 수 없는 유형",
    "Wrong verification code!": "잘못된 인증 코드입니다!",
    "You should verify your code in %d min!": "당신은 %d분 안에 코드를 검증해야 합니다!",
+    "please add a SMS provider to the \\\"Providers\\\" list for the application: %s": "please add a SMS provider to the \\\"Providers\\\" list for the application: %s",
+    "please add an Email provider to the \\\"Providers\\\" list for the application: %s": "please add an Email provider to the \\\"Providers\\\" list for the application: %s",
    "the user does not exist, please sign up first": "사용자가 존재하지 않습니다. 먼저 회원 가입 해주세요"
  },
  "webauthn": {
--- a/i18n/locales/ms/data.json
+++ b/i18n/locales/ms/data.json
@ -19,6 +19,7 @@
    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
    "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
+    "The organization: %s does not exist": "The organization: %s does not exist",
    "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
    "Unauthorized operation": "Unauthorized operation",
    "Unknown authentication type (not password or provider), form = %s": "Unknown authentication type (not password or provider), form = %s",
@ -57,6 +58,7 @@
    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex": "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex",
    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Username already exists",
    "Username cannot be an email address": "Username cannot be an email address",
@ -73,6 +75,7 @@
  "general": {
    "Missing parameter": "Missing parameter",
    "Please login first": "Please login first",
+    "The organization: %s should have one application at least": "The organization: %s should have one application at least",
    "The user: %s doesn't exist": "The user: %s doesn't exist",
    "don't support captchaProvider: ": "don't support captchaProvider: ",
    "this operation is not allowed in demo mode": "this operation is not allowed in demo mode"
@ -93,6 +96,9 @@
    "The %s is immutable.": "The %s is immutable.",
    "Unknown modify rule %s.": "Unknown modify rule %s."
  },
+  "permission": {
+    "The permission: \\\"%s\\\" doesn't exist": "The permission: \\\"%s\\\" doesn't exist"
+  },
  "provider": {
    "Invalid application id": "Invalid application id",
    "the provider: %s does not exist": "the provider: %s does not exist"
@ -117,7 +123,6 @@
    "The provider type: %s is not supported": "The provider type: %s is not supported"
  },
  "token": {
-    "Empty clientId or clientSecret": "Empty clientId or clientSecret",
    "Grant_type: %s is not supported in this application": "Grant_type: %s is not supported in this application",
    "Invalid application or wrong clientSecret": "Invalid application or wrong clientSecret",
    "Invalid client_id": "Invalid client_id",
@ -146,6 +151,8 @@
    "Unknown type": "Unknown type",
    "Wrong verification code!": "Wrong verification code!",
    "You should verify your code in %d min!": "You should verify your code in %d min!",
+    "please add a SMS provider to the \\\"Providers\\\" list for the application: %s": "please add a SMS provider to the \\\"Providers\\\" list for the application: %s",
+    "please add an Email provider to the \\\"Providers\\\" list for the application: %s": "please add an Email provider to the \\\"Providers\\\" list for the application: %s",
    "the user does not exist, please sign up first": "the user does not exist, please sign up first"
  },
  "webauthn": {
--- a/i18n/locales/nl/data.json
+++ b/i18n/locales/nl/data.json
@ -19,6 +19,7 @@
    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
    "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
+    "The organization: %s does not exist": "The organization: %s does not exist",
    "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
    "Unauthorized operation": "Unauthorized operation",
    "Unknown authentication type (not password or provider), form = %s": "Unknown authentication type (not password or provider), form = %s",
@ -57,6 +58,7 @@
    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex": "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex",
    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Username already exists",
    "Username cannot be an email address": "Username cannot be an email address",
@ -73,6 +75,7 @@
  "general": {
    "Missing parameter": "Missing parameter",
    "Please login first": "Please login first",
+    "The organization: %s should have one application at least": "The organization: %s should have one application at least",
    "The user: %s doesn't exist": "The user: %s doesn't exist",
    "don't support captchaProvider: ": "don't support captchaProvider: ",
    "this operation is not allowed in demo mode": "this operation is not allowed in demo mode"
@ -93,6 +96,9 @@
    "The %s is immutable.": "The %s is immutable.",
    "Unknown modify rule %s.": "Unknown modify rule %s."
  },
+  "permission": {
+    "The permission: \\\"%s\\\" doesn't exist": "The permission: \\\"%s\\\" doesn't exist"
+  },
  "provider": {
    "Invalid application id": "Invalid application id",
    "the provider: %s does not exist": "the provider: %s does not exist"
@ -117,7 +123,6 @@
    "The provider type: %s is not supported": "The provider type: %s is not supported"
  },
  "token": {
-    "Empty clientId or clientSecret": "Empty clientId or clientSecret",
    "Grant_type: %s is not supported in this application": "Grant_type: %s is not supported in this application",
    "Invalid application or wrong clientSecret": "Invalid application or wrong clientSecret",
    "Invalid client_id": "Invalid client_id",
@ -146,6 +151,8 @@
    "Unknown type": "Unknown type",
    "Wrong verification code!": "Wrong verification code!",
    "You should verify your code in %d min!": "You should verify your code in %d min!",
+    "please add a SMS provider to the \\\"Providers\\\" list for the application: %s": "please add a SMS provider to the \\\"Providers\\\" list for the application: %s",
+    "please add an Email provider to the \\\"Providers\\\" list for the application: %s": "please add an Email provider to the \\\"Providers\\\" list for the application: %s",
    "the user does not exist, please sign up first": "the user does not exist, please sign up first"
  },
  "webauthn": {
--- a/i18n/locales/pl/data.json
+++ b/i18n/locales/pl/data.json
@ -19,6 +19,7 @@
    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
    "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
+    "The organization: %s does not exist": "The organization: %s does not exist",
    "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
    "Unauthorized operation": "Unauthorized operation",
    "Unknown authentication type (not password or provider), form = %s": "Unknown authentication type (not password or provider), form = %s",
@ -57,6 +58,7 @@
    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex": "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex",
    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Username already exists",
    "Username cannot be an email address": "Username cannot be an email address",
@ -73,6 +75,7 @@
  "general": {
    "Missing parameter": "Missing parameter",
    "Please login first": "Please login first",
+    "The organization: %s should have one application at least": "The organization: %s should have one application at least",
    "The user: %s doesn't exist": "The user: %s doesn't exist",
    "don't support captchaProvider: ": "don't support captchaProvider: ",
    "this operation is not allowed in demo mode": "this operation is not allowed in demo mode"
@ -93,6 +96,9 @@
    "The %s is immutable.": "The %s is immutable.",
    "Unknown modify rule %s.": "Unknown modify rule %s."
  },
+  "permission": {
+    "The permission: \\\"%s\\\" doesn't exist": "The permission: \\\"%s\\\" doesn't exist"
+  },
  "provider": {
    "Invalid application id": "Invalid application id",
    "the provider: %s does not exist": "the provider: %s does not exist"
@ -117,7 +123,6 @@
    "The provider type: %s is not supported": "The provider type: %s is not supported"
  },
  "token": {
-    "Empty clientId or clientSecret": "Empty clientId or clientSecret",
    "Grant_type: %s is not supported in this application": "Grant_type: %s is not supported in this application",
    "Invalid application or wrong clientSecret": "Invalid application or wrong clientSecret",
    "Invalid client_id": "Invalid client_id",
@ -146,6 +151,8 @@
    "Unknown type": "Unknown type",
    "Wrong verification code!": "Wrong verification code!",
    "You should verify your code in %d min!": "You should verify your code in %d min!",
+    "please add a SMS provider to the \\\"Providers\\\" list for the application: %s": "please add a SMS provider to the \\\"Providers\\\" list for the application: %s",
+    "please add an Email provider to the \\\"Providers\\\" list for the application: %s": "please add an Email provider to the \\\"Providers\\\" list for the application: %s",
    "the user does not exist, please sign up first": "the user does not exist, please sign up first"
  },
  "webauthn": {
--- a/i18n/locales/pt/data.json
+++ b/i18n/locales/pt/data.json
@ -19,6 +19,7 @@
    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
    "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
+    "The organization: %s does not exist": "The organization: %s does not exist",
    "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
    "Unauthorized operation": "Unauthorized operation",
    "Unknown authentication type (not password or provider), form = %s": "Unknown authentication type (not password or provider), form = %s",
@ -57,6 +58,7 @@
    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex": "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex",
    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Username already exists",
    "Username cannot be an email address": "Username cannot be an email address",
@ -73,6 +75,7 @@
  "general": {
    "Missing parameter": "Missing parameter",
    "Please login first": "Please login first",
+    "The organization: %s should have one application at least": "The organization: %s should have one application at least",
    "The user: %s doesn't exist": "The user: %s doesn't exist",
    "don't support captchaProvider: ": "don't support captchaProvider: ",
    "this operation is not allowed in demo mode": "this operation is not allowed in demo mode"
@ -93,6 +96,9 @@
    "The %s is immutable.": "O %s é imutável.",
    "Unknown modify rule %s.": "Regra de modificação %s desconhecida."
  },
+  "permission": {
+    "The permission: \\\"%s\\\" doesn't exist": "The permission: \\\"%s\\\" doesn't exist"
+  },
  "provider": {
    "Invalid application id": "Id do aplicativo inválido",
    "the provider: %s does not exist": "o provedor: %s não existe"
@ -117,7 +123,6 @@
    "The provider type: %s is not supported": "The provider type: %s is not supported"
  },
  "token": {
-    "Empty clientId or clientSecret": "ClientId ou clientSecret vazio",
    "Grant_type: %s is not supported in this application": "Grant_type: %s is not supported in this application",
    "Invalid application or wrong clientSecret": "Aplicativo inválido ou clientSecret errado",
    "Invalid client_id": "client_id inválido",
@ -146,6 +151,8 @@
    "Unknown type": "Unknown type",
    "Wrong verification code!": "Wrong verification code!",
    "You should verify your code in %d min!": "You should verify your code in %d min!",
+    "please add a SMS provider to the \\\"Providers\\\" list for the application: %s": "please add a SMS provider to the \\\"Providers\\\" list for the application: %s",
+    "please add an Email provider to the \\\"Providers\\\" list for the application: %s": "please add an Email provider to the \\\"Providers\\\" list for the application: %s",
    "the user does not exist, please sign up first": "the user does not exist, please sign up first"
  },
  "webauthn": {
--- a/i18n/locales/ru/data.json
+++ b/i18n/locales/ru/data.json
@ -19,6 +19,7 @@
    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
    "The login method: login with password is not enabled for the application": "Метод входа: вход с паролем не включен для приложения",
+    "The organization: %s does not exist": "The organization: %s does not exist",
    "The provider: %s is not enabled for the application": "Провайдер: %s не включен для приложения",
    "Unauthorized operation": "Несанкционированная операция",
    "Unknown authentication type (not password or provider), form = %s": "Неизвестный тип аутентификации (не пароль и не провайдер), форма = %s",
@ -57,6 +58,7 @@
    "The user is forbidden to sign in, please contact the administrator": "Пользователю запрещен вход, пожалуйста, обратитесь к администратору",
    "The user: %s doesn't exist in LDAP server": "Пользователь %s не существует на LDAP сервере",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "Имя пользователя может состоять только из буквенно-цифровых символов, нижних подчеркиваний или дефисов, не может содержать последовательные дефисы или подчеркивания, а также не может начинаться или заканчиваться на дефис или подчеркивание.",
+    "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex": "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex",
    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Имя пользователя уже существует",
    "Username cannot be an email address": "Имя пользователя не может быть адресом электронной почты",
@ -73,6 +75,7 @@
  "general": {
    "Missing parameter": "Отсутствующий параметр",
    "Please login first": "Пожалуйста, сначала войдите в систему",
+    "The organization: %s should have one application at least": "The organization: %s should have one application at least",
    "The user: %s doesn't exist": "Пользователь %s не существует",
    "don't support captchaProvider: ": "неподдерживаемый captchaProvider: ",
    "this operation is not allowed in demo mode": "эта операция не разрешена в демо-режиме"
@ -93,6 +96,9 @@
    "The %s is immutable.": "%s неизменяемый.",
    "Unknown modify rule %s.": "Неизвестное изменение правила %s."
  },
+  "permission": {
+    "The permission: \\\"%s\\\" doesn't exist": "The permission: \\\"%s\\\" doesn't exist"
+  },
  "provider": {
    "Invalid application id": "Неверный идентификатор приложения",
    "the provider: %s does not exist": "провайдер: %s не существует"
@ -117,7 +123,6 @@
    "The provider type: %s is not supported": "Тип провайдера: %s не поддерживается"
  },
  "token": {
-    "Empty clientId or clientSecret": "Пустой идентификатор клиента или секрет клиента",
    "Grant_type: %s is not supported in this application": "Тип предоставления: %s не поддерживается в данном приложении",
    "Invalid application or wrong clientSecret": "Недействительное приложение или неправильный clientSecret",
    "Invalid client_id": "Недействительный идентификатор клиента",
@ -146,6 +151,8 @@
    "Unknown type": "Неизвестный тип",
    "Wrong verification code!": "Неправильный код подтверждения!",
    "You should verify your code in %d min!": "Вы должны проверить свой код через %d минут!",
+    "please add a SMS provider to the \\\"Providers\\\" list for the application: %s": "please add a SMS provider to the \\\"Providers\\\" list for the application: %s",
+    "please add an Email provider to the \\\"Providers\\\" list for the application: %s": "please add an Email provider to the \\\"Providers\\\" list for the application: %s",
    "the user does not exist, please sign up first": "Пользователь не существует, пожалуйста, сначала зарегистрируйтесь"
  },
  "webauthn": {
--- a/i18n/locales/sv/data.json
+++ b/i18n/locales/sv/data.json
@ -19,6 +19,7 @@
    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
    "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
+    "The organization: %s does not exist": "The organization: %s does not exist",
    "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
    "Unauthorized operation": "Unauthorized operation",
    "Unknown authentication type (not password or provider), form = %s": "Unknown authentication type (not password or provider), form = %s",
@ -57,6 +58,7 @@
    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex": "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex",
    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Username already exists",
    "Username cannot be an email address": "Username cannot be an email address",
@ -73,6 +75,7 @@
  "general": {
    "Missing parameter": "Missing parameter",
    "Please login first": "Please login first",
+    "The organization: %s should have one application at least": "The organization: %s should have one application at least",
    "The user: %s doesn't exist": "The user: %s doesn't exist",
    "don't support captchaProvider: ": "don't support captchaProvider: ",
    "this operation is not allowed in demo mode": "this operation is not allowed in demo mode"
@ -93,6 +96,9 @@
    "The %s is immutable.": "The %s is immutable.",
    "Unknown modify rule %s.": "Unknown modify rule %s."
  },
+  "permission": {
+    "The permission: \\\"%s\\\" doesn't exist": "The permission: \\\"%s\\\" doesn't exist"
+  },
  "provider": {
    "Invalid application id": "Invalid application id",
    "the provider: %s does not exist": "the provider: %s does not exist"
@ -117,7 +123,6 @@
    "The provider type: %s is not supported": "The provider type: %s is not supported"
  },
  "token": {
-    "Empty clientId or clientSecret": "Empty clientId or clientSecret",
    "Grant_type: %s is not supported in this application": "Grant_type: %s is not supported in this application",
    "Invalid application or wrong clientSecret": "Invalid application or wrong clientSecret",
    "Invalid client_id": "Invalid client_id",
@ -146,6 +151,8 @@
    "Unknown type": "Unknown type",
    "Wrong verification code!": "Wrong verification code!",
    "You should verify your code in %d min!": "You should verify your code in %d min!",
+    "please add a SMS provider to the \\\"Providers\\\" list for the application: %s": "please add a SMS provider to the \\\"Providers\\\" list for the application: %s",
+    "please add an Email provider to the \\\"Providers\\\" list for the application: %s": "please add an Email provider to the \\\"Providers\\\" list for the application: %s",
    "the user does not exist, please sign up first": "the user does not exist, please sign up first"
  },
  "webauthn": {
--- a/i18n/locales/tr/data.json
+++ b/i18n/locales/tr/data.json
@ -19,6 +19,7 @@
    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
    "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
+    "The organization: %s does not exist": "The organization: %s does not exist",
    "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
    "Unauthorized operation": "Unauthorized operation",
    "Unknown authentication type (not password or provider), form = %s": "Unknown authentication type (not password or provider), form = %s",
@ -57,6 +58,7 @@
    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex": "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex",
    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Kullanıcı adı zaten var",
    "Username cannot be an email address": "Kullanıcı adı bir e-mail adresi olamaz",
@ -73,6 +75,7 @@
  "general": {
    "Missing parameter": "Missing parameter",
    "Please login first": "Please login first",
+    "The organization: %s should have one application at least": "The organization: %s should have one application at least",
    "The user: %s doesn't exist": "The user: %s doesn't exist",
    "don't support captchaProvider: ": "don't support captchaProvider: ",
    "this operation is not allowed in demo mode": "this operation is not allowed in demo mode"
@ -93,6 +96,9 @@
    "The %s is immutable.": "The %s is immutable.",
    "Unknown modify rule %s.": "Unknown modify rule %s."
  },
+  "permission": {
+    "The permission: \\\"%s\\\" doesn't exist": "The permission: \\\"%s\\\" doesn't exist"
+  },
  "provider": {
    "Invalid application id": "Invalid application id",
    "the provider: %s does not exist": "the provider: %s does not exist"
@ -117,7 +123,6 @@
    "The provider type: %s is not supported": "The provider type: %s is not supported"
  },
  "token": {
-    "Empty clientId or clientSecret": "Empty clientId or clientSecret",
    "Grant_type: %s is not supported in this application": "Grant_type: %s is not supported in this application",
    "Invalid application or wrong clientSecret": "Invalid application or wrong clientSecret",
    "Invalid client_id": "Invalid client_id",
@ -146,6 +151,8 @@
    "Unknown type": "Unknown type",
    "Wrong verification code!": "Wrong verification code!",
    "You should verify your code in %d min!": "You should verify your code in %d min!",
+    "please add a SMS provider to the \\\"Providers\\\" list for the application: %s": "please add a SMS provider to the \\\"Providers\\\" list for the application: %s",
+    "please add an Email provider to the \\\"Providers\\\" list for the application: %s": "please add an Email provider to the \\\"Providers\\\" list for the application: %s",
    "the user does not exist, please sign up first": "the user does not exist, please sign up first"
  },
  "webauthn": {
--- a/i18n/locales/uk/data.json
+++ b/i18n/locales/uk/data.json
@ -19,6 +19,7 @@
    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
    "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
+    "The organization: %s does not exist": "The organization: %s does not exist",
    "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
    "Unauthorized operation": "Unauthorized operation",
    "Unknown authentication type (not password or provider), form = %s": "Unknown authentication type (not password or provider), form = %s",
@ -57,6 +58,7 @@
    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex": "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex",
    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Username already exists",
    "Username cannot be an email address": "Username cannot be an email address",
@ -73,6 +75,7 @@
  "general": {
    "Missing parameter": "Missing parameter",
    "Please login first": "Please login first",
+    "The organization: %s should have one application at least": "The organization: %s should have one application at least",
    "The user: %s doesn't exist": "The user: %s doesn't exist",
    "don't support captchaProvider: ": "don't support captchaProvider: ",
    "this operation is not allowed in demo mode": "this operation is not allowed in demo mode"
@ -93,6 +96,9 @@
    "The %s is immutable.": "The %s is immutable.",
    "Unknown modify rule %s.": "Unknown modify rule %s."
  },
+  "permission": {
+    "The permission: \\\"%s\\\" doesn't exist": "The permission: \\\"%s\\\" doesn't exist"
+  },
  "provider": {
    "Invalid application id": "Invalid application id",
    "the provider: %s does not exist": "the provider: %s does not exist"
@ -117,7 +123,6 @@
    "The provider type: %s is not supported": "The provider type: %s is not supported"
  },
  "token": {
-    "Empty clientId or clientSecret": "Empty clientId or clientSecret",
    "Grant_type: %s is not supported in this application": "Grant_type: %s is not supported in this application",
    "Invalid application or wrong clientSecret": "Invalid application or wrong clientSecret",
    "Invalid client_id": "Invalid client_id",
@ -146,6 +151,8 @@
    "Unknown type": "Unknown type",
    "Wrong verification code!": "Wrong verification code!",
    "You should verify your code in %d min!": "You should verify your code in %d min!",
+    "please add a SMS provider to the \\\"Providers\\\" list for the application: %s": "please add a SMS provider to the \\\"Providers\\\" list for the application: %s",
+    "please add an Email provider to the \\\"Providers\\\" list for the application: %s": "please add an Email provider to the \\\"Providers\\\" list for the application: %s",
    "the user does not exist, please sign up first": "the user does not exist, please sign up first"
  },
  "webauthn": {
--- a/i18n/locales/vi/data.json
+++ b/i18n/locales/vi/data.json
@ -19,6 +19,7 @@
    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
    "The login method: login with password is not enabled for the application": "Phương thức đăng nhập: đăng nhập bằng mật khẩu không được kích hoạt cho ứng dụng",
+    "The organization: %s does not exist": "The organization: %s does not exist",
    "The provider: %s is not enabled for the application": "Nhà cung cấp: %s không được kích hoạt cho ứng dụng",
    "Unauthorized operation": "Hoạt động không được ủy quyền",
    "Unknown authentication type (not password or provider), form = %s": "Loại xác thực không xác định (không phải mật khẩu hoặc nhà cung cấp), biểu mẫu = %s",
@ -57,6 +58,7 @@
    "The user is forbidden to sign in, please contact the administrator": "Người dùng bị cấm đăng nhập, vui lòng liên hệ với quản trị viên",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "Tên người dùng chỉ có thể chứa các ký tự chữ và số, gạch dưới hoặc gạch ngang, không được có hai ký tự gạch dưới hoặc gạch ngang liền kề và không được bắt đầu hoặc kết thúc bằng dấu gạch dưới hoặc gạch ngang.",
+    "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex": "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex",
    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Tên đăng nhập đã tồn tại",
    "Username cannot be an email address": "Tên người dùng không thể là địa chỉ email",
@ -73,6 +75,7 @@
  "general": {
    "Missing parameter": "Thiếu tham số",
    "Please login first": "Vui lòng đăng nhập trước",
+    "The organization: %s should have one application at least": "The organization: %s should have one application at least",
    "The user: %s doesn't exist": "Người dùng: %s không tồn tại",
    "don't support captchaProvider: ": "không hỗ trợ captchaProvider: ",
    "this operation is not allowed in demo mode": "this operation is not allowed in demo mode"
@ -93,6 +96,9 @@
    "The %s is immutable.": "%s không thể thay đổi được.",
    "Unknown modify rule %s.": "Quy tắc thay đổi không xác định %s."
  },
+  "permission": {
+    "The permission: \\\"%s\\\" doesn't exist": "The permission: \\\"%s\\\" doesn't exist"
+  },
  "provider": {
    "Invalid application id": "Sai ID ứng dụng",
    "the provider: %s does not exist": "Nhà cung cấp: %s không tồn tại"
@ -117,7 +123,6 @@
    "The provider type: %s is not supported": "Loại nhà cung cấp: %s không được hỗ trợ"
  },
  "token": {
-    "Empty clientId or clientSecret": "ClientId hoặc clientSecret trống",
    "Grant_type: %s is not supported in this application": "Loại cấp phép: %s không được hỗ trợ trong ứng dụng này",
    "Invalid application or wrong clientSecret": "Đơn đăng ký không hợp lệ hoặc sai clientSecret",
    "Invalid client_id": "Client_id không hợp lệ",
@ -146,6 +151,8 @@
    "Unknown type": "Loại không xác định",
    "Wrong verification code!": "Mã xác thực sai!",
    "You should verify your code in %d min!": "Bạn nên kiểm tra mã của mình trong %d phút!",
+    "please add a SMS provider to the \\\"Providers\\\" list for the application: %s": "please add a SMS provider to the \\\"Providers\\\" list for the application: %s",
+    "please add an Email provider to the \\\"Providers\\\" list for the application: %s": "please add an Email provider to the \\\"Providers\\\" list for the application: %s",
    "the user does not exist, please sign up first": "Người dùng không tồn tại, vui lòng đăng ký trước"
  },
  "webauthn": {
--- a/i18n/locales/zh/data.json
+++ b/i18n/locales/zh/data.json
@ -19,11 +19,12 @@
    "The login method: login with SMS is not enabled for the application": "该应用禁止采用短信登录方式",
    "The login method: login with email is not enabled for the application": "该应用禁止采用邮箱登录方式",
    "The login method: login with password is not enabled for the application": "该应用禁止采用密码登录方式",
+    "The organization: %s does not exist": "组织: %s 不存在",
    "The provider: %s is not enabled for the application": "该应用的提供商: %s未被启用",
    "Unauthorized operation": "未授权的操作",
    "Unknown authentication type (not password or provider), form = %s": "未知的认证类型（非密码或第三方提供商）：%s",
    "User's tag: %s is not listed in the application's tags": "用户的标签: %s不在该应用的标签列表中",
-    "paid-user %s does not have active or pending subscription and the application: %s does not have default pricing": "paid-user %s does not have active or pending subscription and the application: %s does not have default pricing"
+    "paid-user %s does not have active or pending subscription and the application: %s does not have default pricing": "paid-user %s 没有激活或正在等待订阅并且应用: %s 没有默认值"
  },
  "cas": {
    "Service %s and %s do not match": "服务%s与%s不匹配"
@ -38,9 +39,9 @@
    "Email is invalid": "无效邮箱",
    "Empty username.": "用户名不可为空",
    "FirstName cannot be blank": "名不可以为空",
-    "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code cannot be blank": "邀请码不能为空",
    "Invitation code exhausted": "邀请码使用次数已耗尽",
-    "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code is invalid": "邀请码无效",
    "Invitation code suspended": "邀请码已被禁止使用",
    "LDAP user name or password incorrect": "LDAP密码错误",
    "LastName cannot be blank": "姓不可以为空",
@ -57,6 +58,7 @@
    "The user is forbidden to sign in, please contact the administrator": "该用户被禁止登录，请联系管理员",
    "The user: %s doesn't exist in LDAP server": "用户: %s 在LDAP服务器中未找到",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "用户名只能包含字母数字字符、下划线或连字符，不能有连续的连字符或下划线，也不能以连字符或下划线开头或结尾",
+    "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex": "值 \\\"%s\\\"在账户信息字段\\\"%s\\\" 中与应用的账户项正则表达式不匹配",
    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "值\\\"%s\\\"在注册字段\\\"%s\\\"中与应用\\\"%s\\\"的注册项正则表达式不匹配",
    "Username already exists": "用户名已存在",
    "Username cannot be an email address": "用户名不可以是邮箱地址",
@ -73,6 +75,7 @@
  "general": {
    "Missing parameter": "缺少参数",
    "Please login first": "请先登录",
+    "The organization: %s should have one application at least": "组织: %s 应该拥有至少一个应用",
    "The user: %s doesn't exist": "用户: %s不存在",
    "don't support captchaProvider: ": "不支持验证码提供商: ",
    "this operation is not allowed in demo mode": "demo模式下不允许该操作"
@ -93,6 +96,9 @@
    "The %s is immutable.": "%s 是不可变的",
    "Unknown modify rule %s.": "未知的修改规则: %s"
  },
+  "permission": {
+    "The permission: \\\"%s\\\" doesn't exist": "权限: \\\"%s\\\" 不存在"
+  },
  "provider": {
    "Invalid application id": "无效的应用ID",
    "the provider: %s does not exist": "提供商: %s不存在"
@ -117,7 +123,6 @@
    "The provider type: %s is not supported": "不支持的提供商类型: %s"
  },
  "token": {
-    "Empty clientId or clientSecret": "clientId或clientSecret为空",
    "Grant_type: %s is not supported in this application": "该应用不支持Grant_type: %s",
    "Invalid application or wrong clientSecret": "无效应用或错误的clientSecret",
    "Invalid client_id": "无效的ClientId",
@ -146,6 +151,8 @@
    "Unknown type": "未知类型",
    "Wrong verification code!": "验证码错误!",
    "You should verify your code in %d min!": "请在 %d 分钟内输入正确验证码",
+    "please add a SMS provider to the \\\"Providers\\\" list for the application: %s": "请添加一个SMS提供商到应用： %s 的 \\\"提供商 \\\"列表",
+    "please add an Email provider to the \\\"Providers\\\" list for the application: %s": "请添加一个Email提供商到应用： %s 的 \\\"提供商 \\\"列表",
    "the user does not exist, please sign up first": "用户不存在，请先注册"
  },
  "webauthn": {
--- a/idp/adfs.go
+++ b/idp/adfs.go
@ -121,6 +121,9 @@ func (idp *AdfsIdProvider) GetUserInfo(token *oauth2.Token) (*UserInfo, error) {
 		return nil, err
 	}
 	body, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return nil, err
+	}
 	var respKeys struct {
 		Keys []interface{} `json:"keys"`
 	}
--- a/idp/goth.go
+++ b/idp/goth.go
@ -75,6 +75,7 @@ import (
 	"github.com/markbates/goth/providers/twitterv2"
 	"github.com/markbates/goth/providers/typetalk"
 	"github.com/markbates/goth/providers/uber"
+	"github.com/markbates/goth/providers/vk"
 	"github.com/markbates/goth/providers/wepay"
 	"github.com/markbates/goth/providers/xero"
 	"github.com/markbates/goth/providers/yahoo"
@ -371,6 +372,11 @@ func NewGothIdProvider(providerType string, clientId string, clientSecret string
 			Provider: uber.New(clientId, clientSecret, redirectUrl),
 			Session:  &uber.Session{},
 		}
+	case "VK":
+		idp = GothIdProvider{
+			Provider: vk.New(clientId, clientSecret, redirectUrl),
+			Session:  &vk.Session{},
+		}
 	case "Wepay":
 		idp = GothIdProvider{
 			Provider: wepay.New(clientId, clientSecret, redirectUrl),
--- a/idp/wechat.go
+++ b/idp/wechat.go
@ -26,20 +26,26 @@ import (
 	"net/url"
 	"sort"
 	"strings"
+	"sync"
 	"time"

 	"github.com/skip2/go-qrcode"
 	"golang.org/x/oauth2"
 )

+var (
+	WechatCacheMap map[string]WechatCacheMapValue
+	Lock           sync.RWMutex
+)
+
 type WeChatIdProvider struct {
 	Client *http.Client
 	Config *oauth2.Config
 }

 type WechatCacheMapValue struct {
-	IsScanned    bool
-	WechatOpenId string
+	IsScanned     bool
+	WechatUnionId string
 }

 func NewWeChatIdProvider(clientId string, clientSecret string, redirectUrl string) *WeChatIdProvider {
@ -84,6 +90,15 @@ type WechatAccessToken struct {
 // GetToken use code get access_token (*operation of getting code ought to be done in front)
 // get more detail via: https://developers.weixin.qq.com/doc/oplatform/Website_App/WeChat_Login/Wechat_Login.html
 func (idp *WeChatIdProvider) GetToken(code string) (*oauth2.Token, error) {
+	if strings.HasPrefix(code, "wechat_oa:") {
+		token := oauth2.Token{
+			AccessToken: code,
+			TokenType:   "WeChatAccessToken",
+			Expiry:      time.Time{},
+		}
+		return &token, nil
+	}
+
 	params := url.Values{}
 	params.Add("grant_type", "authorization_code")
 	params.Add("appid", idp.Config.ClientID)
@ -164,6 +179,29 @@ type WechatUserInfo struct {
 func (idp *WeChatIdProvider) GetUserInfo(token *oauth2.Token) (*UserInfo, error) {
 	var wechatUserInfo WechatUserInfo
 	accessToken := token.AccessToken
+
+	if strings.HasPrefix(accessToken, "wechat_oa:") {
+		Lock.RLock()
+		mapValue, ok := WechatCacheMap[accessToken[10:]]
+		Lock.RUnlock()
+
+		if !ok || mapValue.WechatUnionId == "" {
+			return nil, fmt.Errorf("error ticket")
+		}
+
+		Lock.Lock()
+		delete(WechatCacheMap, accessToken[10:])
+		Lock.Unlock()
+
+		userInfo := UserInfo{
+			Id:          mapValue.WechatUnionId,
+			Username:    "wx_user_" + mapValue.WechatUnionId,
+			DisplayName: "wx_user_" + mapValue.WechatUnionId,
+			AvatarUrl:   "",
+		}
+		return &userInfo, nil
+	}
+
 	openid := token.Extra("Openid")

 	userInfoUrl := fmt.Sprintf("https://api.weixin.qq.com/sns/userinfo?access_token=%s&openid=%s", accessToken, openid)
@ -234,7 +272,7 @@ func GetWechatOfficialAccountAccessToken(clientId string, clientSecret string) (
 		ExpireIn    int    `json:"expires_in"`
 		AccessToken string `json:"access_token"`
 		ErrCode     int    `json:"errcode"`
-		Errmsg      string `json:errmsg`
+		Errmsg      string `json:"errmsg"`
 	}
 	err = json.Unmarshal(respBytes, &data)
 	if err != nil {
--- a/init_data.json.template
+++ b/init_data.json.template
@ -8,12 +8,62 @@
      "favicon": "",
      "passwordType": "plain",
      "passwordSalt": "",
-      "passwordOptions": ["AtLeast6"],
-      "countryCodes": ["US", "GB", "ES", "FR", "DE", "CN", "JP", "KR", "VN", "ID", "SG", "IN", "IT", "MY", "TR", "DZ", "IL", "PH", "NL", "PL", "FI", "SE", "UA", "KZ"],
+      "passwordOptions": [
+        "AtLeast6"
+      ],
+      "countryCodes": [
+        "US",
+        "GB",
+        "ES",
+        "FR",
+        "DE",
+        "CN",
+        "JP",
+        "KR",
+        "VN",
+        "ID",
+        "SG",
+        "IN",
+        "IT",
+        "MY",
+        "TR",
+        "DZ",
+        "IL",
+        "PH",
+        "NL",
+        "PL",
+        "FI",
+        "SE",
+        "UA",
+        "KZ"
+      ],
      "defaultAvatar": "",
      "defaultApplication": "",
      "tags": [],
-      "languages": ["en", "zh", "es", "fr", "de", "id", "ja", "ko", "ru", "vi", "it", "ms", "tr","ar", "he", "nl", "pl", "fi", "sv", "uk", "kk", "fa"],
+      "languages": [
+        "en",
+        "zh",
+        "es",
+        "fr",
+        "de",
+        "id",
+        "ja",
+        "ko",
+        "ru",
+        "vi",
+        "it",
+        "ms",
+        "tr",
+        "ar",
+        "he",
+        "nl",
+        "pl",
+        "fi",
+        "sv",
+        "uk",
+        "kk",
+        "fa"
+      ],
      "masterPassword": "",
      "defaultPassword": "",
      "initScore": 2000,
@ -49,18 +99,18 @@
        {
          "name": "Password",
          "displayName": "Password",
-          "rule": "All",
+          "rule": "All"
        },
        {
          "name": "Verification code",
          "displayName": "Verification code",
-          "rule": "All",
+          "rule": "All"
        },
        {
          "name": "WebAuthn",
          "displayName": "WebAuthn",
-          "rule": "None",
-        },
+          "rule": "None"
+        }
      ],
      "signupItems": [
        {
@ -72,55 +122,65 @@
        },
        {
          "name": "Username",
-            "visible": true,
-            "required": true,
-            "prompted": false,
-            "rule": "None"
+          "visible": true,
+          "required": true,
+          "prompted": false,
+          "rule": "None"
        },
        {
          "name": "Display name",
-            "visible": true,
-            "required": true,
-            "prompted": false,
-            "rule": "None"
+          "visible": true,
+          "required": true,
+          "prompted": false,
+          "rule": "None"
        },
        {
          "name": "Password",
-            "visible": true,
-            "required": true,
-            "prompted": false,
-            "rule": "None"
+          "visible": true,
+          "required": true,
+          "prompted": false,
+          "rule": "None"
        },
        {
          "name": "Confirm password",
-            "visible": true,
-            "required": true,
-            "prompted": false,
-            "rule": "None"
+          "visible": true,
+          "required": true,
+          "prompted": false,
+          "rule": "None"
        },
        {
          "name": "Email",
-            "visible": true,
-            "required": true,
-            "prompted": false,
-            "rule": "None"
+          "visible": true,
+          "required": true,
+          "prompted": false,
+          "rule": "None"
        },
        {
          "name": "Phone",
-            "visible": true,
-            "required": true,
-            "prompted": false,
-            "rule": "None"
+          "visible": true,
+          "required": true,
+          "prompted": false,
+          "rule": "None"
        },
        {
          "name": "Agreement",
-            "visible": true,
-            "required": true,
-            "prompted": false,
-            "rule": "None"
+          "visible": true,
+          "required": true,
+          "prompted": false,
+          "rule": "None"
        }
      ],
-      "redirectUris": [""],
+      "grantTypes": [
+        "authorization_code",
+        "password",
+        "client_credentials",
+        "token",
+        "id_token",
+        "refresh_token"
+      ],
+      "redirectUris": [
+        ""
+      ],
      "expireInHours": 168,
      "failedSigninLimit": 5,
      "failedSigninFrozenTime": 15
@ -146,7 +206,8 @@
      "isForbidden": false,
      "isDeleted": false,
      "signupApplication": "",
-      "createdIp": ""
+      "createdIp": "",
+      "groups": []
    }
  ],
  "providers": [
@ -349,5 +410,74 @@
      "owner": "",
      "url": ""
    }
+  ],
+  "groups": [
+    {
+      "owner": "",
+      "name": "",
+      "displayName": "",
+      "manager": "",
+      "contactEmail": "",
+      "type": "",
+      "parent_id": "",
+      "isTopGroup": true,
+      "title": "",
+      "key": "",
+      "children": "",
+      "isEnabled": true
+    }
+  ],
+  "adapters": [
+    {
+      "owner": "",
+      "name": "",
+      "table": "",
+      "useSameDb": true,
+      "type": "",
+      "databaseType": "",
+      "database": "",
+      "host": "",
+      "port": 0,
+      "user": "",
+      "password": ""
+    }
+  ],
+  "enforcers": [
+    {
+      "owner": "",
+      "name": "",
+      "displayName": "",
+      "description": "",
+      "model": "",
+      "adapter": "",
+      "enforcer": ""
+    }
+  ],
+  "plans": [
+    {
+      "owner": "",
+      "name": "",
+      "displayName": "",
+      "description": "",
+      "price": 0,
+      "currency": "",
+      "period": "",
+      "product": "",
+      "paymentProviders": [],
+      "isEnabled": true,
+      "role": ""
+    }
+  ],
+  "pricings": [
+    {
+      "owner": "",
+      "name": "",
+      "displayName": "",
+      "description": "",
+      "plans": [],
+      "isEnabled": true,
+      "trialDuration": 0,
+      "application": ""
+    }
  ]
 }
--- a/main.go
+++ b/main.go
@ -36,12 +36,12 @@ func main() {
 	object.CreateTables()

 	object.InitDb()
-	object.InitFromFile()
 	object.InitDefaultStorageProvider()
 	object.InitLdapAutoSynchronizer()
 	proxy.InitHttpClient()
 	authz.InitApi()
 	object.InitUserManager()
+	object.InitFromFile()
 	object.InitCasvisorConfig()

 	util.SafeGoroutine(func() { object.RunSyncUsersJob() })
--- a/object/adapter.go
+++ b/object/adapter.go
@ -178,6 +178,7 @@ func (adapter *Adapter) InitAdapter() error {
 		dataSourceName = strings.ReplaceAll(dataSourceName, "dbi.", "db.")
 	}

+	dataSourceName = conf.ReplaceDataSourceNameByDocker(dataSourceName)
 	engine, err := xorm.NewEngine(driverName, dataSourceName)
 	if err != nil {
 		return err
--- a/object/application.go
+++ b/object/application.go
@ -40,6 +40,15 @@ type SignupItem struct {
 	Rule        string `json:"rule"`
 }

+type SigninItem struct {
+	Name        string `json:"name"`
+	Visible     bool   `json:"visible"`
+	Label       string `json:"label"`
+	Placeholder string `json:"placeholder"`
+	Rule        string `json:"rule"`
+	IsCustom    bool   `json:"isCustom"`
+}
+
 type SamlItem struct {
 	Name       string `json:"name"`
 	NameFormat string `json:"nameFormat"`
@ -57,6 +66,7 @@ type Application struct {
 	Description           string          `xorm:"varchar(100)" json:"description"`
 	Organization          string          `xorm:"varchar(100)" json:"organization"`
 	Cert                  string          `xorm:"varchar(100)" json:"cert"`
+	HeaderHtml            string          `xorm:"mediumtext" json:"headerHtml"`
 	EnablePassword        bool            `json:"enablePassword"`
 	EnableSignUp          bool            `json:"enableSignUp"`
 	EnableSigninSession   bool            `json:"enableSigninSession"`
@ -72,6 +82,7 @@ type Application struct {
 	Providers             []*ProviderItem `xorm:"mediumtext" json:"providers"`
 	SigninMethods         []*SigninMethod `xorm:"varchar(2000)" json:"signinMethods"`
 	SignupItems           []*SignupItem   `xorm:"varchar(2000)" json:"signupItems"`
+	SigninItems           []*SigninItem   `xorm:"mediumtext" json:"signinItems"`
 	GrantTypes            []string        `xorm:"varchar(1000)" json:"grantTypes"`
 	OrganizationObj       *Organization   `xorm:"-" json:"organizationObj"`
 	CertPublicKey         string          `xorm:"-" json:"certPublicKey"`
@ -190,6 +201,100 @@ func extendApplicationWithOrg(application *Application) (err error) {
 	return
 }

+func extendApplicationWithSigninItems(application *Application) (err error) {
+	if len(application.SigninItems) == 0 {
+		signinItem := &SigninItem{
+			Name:        "Back button",
+			Visible:     true,
+			Label:       "\n<style>\n  .back-button {\n      top: 65px;\n      left: 15px;\n      position: absolute;\n  }\n</style>\n",
+			Placeholder: "",
+			Rule:        "None",
+		}
+		application.SigninItems = append(application.SigninItems, signinItem)
+		signinItem = &SigninItem{
+			Name:        "Languages",
+			Visible:     true,
+			Label:       "\n<style>\n  .login-languages {\n      top: 55px;\n      right: 5px;\n      position: absolute;\n  }\n</style>\n",
+			Placeholder: "",
+			Rule:        "None",
+		}
+		application.SigninItems = append(application.SigninItems, signinItem)
+		signinItem = &SigninItem{
+			Name:        "Logo",
+			Visible:     true,
+			Label:       "\n<style>\n  .login-logo-box {\n  }\n<style>\n",
+			Placeholder: "",
+			Rule:        "None",
+		}
+		application.SigninItems = append(application.SigninItems, signinItem)
+		signinItem = &SigninItem{
+			Name:        "Signin methods",
+			Visible:     true,
+			Label:       "\n<style>\n  .signin-methods {\n  }\n<style>\n",
+			Placeholder: "",
+			Rule:        "None",
+		}
+		application.SigninItems = append(application.SigninItems, signinItem)
+		signinItem = &SigninItem{
+			Name:        "Username",
+			Visible:     true,
+			Label:       "\n<style>\n  .login-username {\n  }\n<style>\n",
+			Placeholder: "",
+			Rule:        "None",
+		}
+		application.SigninItems = append(application.SigninItems, signinItem)
+		signinItem = &SigninItem{
+			Name:        "Password",
+			Visible:     true,
+			Label:       "\n<style>\n  .login-password {\n  }\n<style>\n",
+			Placeholder: "",
+			Rule:        "None",
+		}
+		application.SigninItems = append(application.SigninItems, signinItem)
+		signinItem = &SigninItem{
+			Name:        "Agreement",
+			Visible:     true,
+			Label:       "\n<style>\n  .login-agreement {\n  }\n<style>\n",
+			Placeholder: "",
+			Rule:        "None",
+		}
+		application.SigninItems = append(application.SigninItems, signinItem)
+		signinItem = &SigninItem{
+			Name:        "Forgot password?",
+			Visible:     true,
+			Label:       "\n<style>\n  .login-forget-password {\n    display: inline-flex;\n    justify-content: space-between;\n    width: 320px;\n    margin-bottom: 25px;\n  }\n<style>\n",
+			Placeholder: "",
+			Rule:        "None",
+		}
+		application.SigninItems = append(application.SigninItems, signinItem)
+		signinItem = &SigninItem{
+			Name:        "Login button",
+			Visible:     true,
+			Label:       "\n<style>\n  .login-button-box {\n    margin-bottom: 5px;\n  }\n  .login-button {\n    width: 100%;\n  }\n<style>\n",
+			Placeholder: "",
+			Rule:        "None",
+		}
+		application.SigninItems = append(application.SigninItems, signinItem)
+		signinItem = &SigninItem{
+			Name:        "Signup link",
+			Visible:     true,
+			Label:       "\n<style>\n  .login-signup-link {\n    margin-bottom: 24px;\n    display: flex;\n    justify-content: end;\n}\n<style>\n",
+			Placeholder: "",
+			Rule:        "None",
+		}
+		application.SigninItems = append(application.SigninItems, signinItem)
+		signinItem = &SigninItem{
+			Name:        "Providers",
+			Visible:     true,
+			Label:       "\n<style>\n  .provider-img {\n      width: 30px;\n      margin: 5px;\n  }\n  .provider-big-img {\n      margin-bottom: 10px;\n  }\n</style>\n",
+			Placeholder: "",
+			Rule:        "None",
+		}
+		application.SigninItems = append(application.SigninItems, signinItem)
+	}
+	return
+}
+
 func extendApplicationWithSigninMethods(application *Application) (err error) {
 	if len(application.SigninMethods) == 0 {
 		if application.EnablePassword {
@ -240,6 +345,10 @@ func getApplication(owner string, name string) (*Application, error) {
 		if err != nil {
 			return nil, err
 		}
+		err = extendApplicationWithSigninItems(&application)
+		if err != nil {
+			return nil, err
+		}

 		return &application, nil
 	} else {
@ -270,6 +379,11 @@ func GetApplicationByOrganizationName(organization string) (*Application, error)
 			return nil, err
 		}

+		err = extendApplicationWithSigninItems(&application)
+		if err != nil {
+			return nil, err
+		}
+
 		return &application, nil
 	} else {
 		return nil, nil
@ -322,6 +436,11 @@ func GetApplicationByClientId(clientId string) (*Application, error) {
 			return nil, err
 		}

+		err = extendApplicationWithSigninItems(&application)
+		if err != nil {
+			return nil, err
+		}
+
 		return &application, nil
 	} else {
 		return nil, nil
--- a/object/application_item.go
+++ b/object/application_item.go
@ -38,12 +38,38 @@ func (application *Application) GetProviderByCategory(category string) (*Provide
 	return nil, nil
 }

-func (application *Application) GetEmailProvider() (*Provider, error) {
-	return application.GetProviderByCategory("Email")
+func (application *Application) GetProviderByCategoryAndRule(category string, method string) (*Provider, error) {
+	providers, err := GetProviders(application.Organization)
+	if err != nil {
+		return nil, err
+	}
+
+	m := map[string]*Provider{}
+	for _, provider := range providers {
+		if provider.Category != category {
+			continue
+		}
+
+		m[provider.Name] = provider
+	}
+
+	for _, providerItem := range application.Providers {
+		if providerItem.Rule == method || providerItem.Rule == "all" {
+			if provider, ok := m[providerItem.Name]; ok {
+				return provider, nil
+			}
+		}
+	}
+
+	return nil, nil
 }

-func (application *Application) GetSmsProvider() (*Provider, error) {
-	return application.GetProviderByCategory("SMS")
+func (application *Application) GetEmailProvider(method string) (*Provider, error) {
+	return application.GetProviderByCategoryAndRule("Email", method)
+}
+
+func (application *Application) GetSmsProvider(method string) (*Provider, error) {
+	return application.GetProviderByCategoryAndRule("SMS", method)
 }

 func (application *Application) GetStorageProvider() (*Provider, error) {
--- a/object/init_data.go
+++ b/object/init_data.go
@ -35,6 +35,11 @@ type InitData struct {
 	Syncers       []*Syncer       `json:"syncers"`
 	Tokens        []*Token        `json:"tokens"`
 	Webhooks      []*Webhook      `json:"webhooks"`
+	Groups        []*Group        `json:"groups"`
+	Adapters      []*Adapter      `json:"adapters"`
+	Enforcers     []*Enforcer     `json:"enforcers"`
+	Plans         []*Plan         `json:"plans"`
+	Pricings      []*Pricing      `json:"pricings"`
 }

 func InitFromFile() {
@ -94,6 +99,21 @@ func InitFromFile() {
 		for _, webhook := range initData.Webhooks {
 			initDefinedWebhook(webhook)
 		}
+		for _, group := range initData.Groups {
+			initDefinedGroup(group)
+		}
+		for _, adapter := range initData.Adapters {
+			initDefinedAdapter(adapter)
+		}
+		for _, enforcer := range initData.Enforcers {
+			initDefinedEnforcer(enforcer)
+		}
+		for _, plan := range initData.Plans {
+			initDefinedPlan(plan)
+		}
+		for _, pricing := range initData.Pricings {
+			initDefinedPricing(pricing)
+		}
 	}
 }

@ -120,6 +140,11 @@ func readInitDataFromFile(filePath string) (*InitData, error) {
 		Syncers:       []*Syncer{},
 		Tokens:        []*Token{},
 		Webhooks:      []*Webhook{},
+		Groups:        []*Group{},
+		Adapters:      []*Adapter{},
+		Enforcers:     []*Enforcer{},
+		Plans:         []*Plan{},
+		Pricings:      []*Pricing{},
 	}
 	err := util.JsonToStruct(s, data)
 	if err != nil {
@ -190,7 +215,16 @@ func readInitDataFromFile(filePath string) (*InitData, error) {
 			webhook.Headers = []*Header{}
 		}
 	}
-
+	for _, plan := range data.Plans {
+		if plan.PaymentProviders == nil {
+			plan.PaymentProviders = []string{}
+		}
+	}
+	for _, pricing := range data.Pricings {
+		if pricing.Plans == nil {
+			pricing.Plans = []string{}
+		}
+	}
 	return data, nil
 }

@ -434,3 +468,78 @@ func initDefinedWebhook(webhook *Webhook) {
 		panic(err)
 	}
 }
+
+func initDefinedGroup(group *Group) {
+	existed, err := getGroup(group.Owner, group.Name)
+	if err != nil {
+		panic(err)
+	}
+	if existed != nil {
+		return
+	}
+	group.CreatedTime = util.GetCurrentTime()
+	_, err = AddGroup(group)
+	if err != nil {
+		panic(err)
+	}
+}
+
+func initDefinedAdapter(adapter *Adapter) {
+	existed, err := getAdapter(adapter.Owner, adapter.Name)
+	if err != nil {
+		panic(err)
+	}
+	if existed != nil {
+		return
+	}
+	adapter.CreatedTime = util.GetCurrentTime()
+	_, err = AddAdapter(adapter)
+	if err != nil {
+		panic(err)
+	}
+}
+
+func initDefinedEnforcer(enforcer *Enforcer) {
+	existed, err := getEnforcer(enforcer.Owner, enforcer.Name)
+	if err != nil {
+		panic(err)
+	}
+	if existed != nil {
+		return
+	}
+	enforcer.CreatedTime = util.GetCurrentTime()
+	_, err = AddEnforcer(enforcer)
+	if err != nil {
+		panic(err)
+	}
+}
+
+func initDefinedPlan(plan *Plan) {
+	existed, err := getPlan(plan.Owner, plan.Name)
+	if err != nil {
+		panic(err)
+	}
+	if existed != nil {
+		return
+	}
+	plan.CreatedTime = util.GetCurrentTime()
+	_, err = AddPlan(plan)
+	if err != nil {
+		panic(err)
+	}
+}
+
+func initDefinedPricing(pricing *Pricing) {
+	existed, err := getPlan(pricing.Owner, pricing.Name)
+	if err != nil {
+		panic(err)
+	}
+	if existed != nil {
+		return
+	}
+	pricing.CreatedTime = util.GetCurrentTime()
+	_, err = AddPricing(pricing)
+	if err != nil {
+		panic(err)
+	}
+}
--- a/object/init_data_dump.go
+++ b/object/init_data_dump.go
@ -96,6 +96,31 @@ func writeInitDataToFile(filePath string) error {
 		return err
 	}

+	groups, err := GetGroups("")
+	if err != nil {
+		return err
+	}
+
+	adapters, err := GetAdapters("")
+	if err != nil {
+		return err
+	}
+
+	enforcers, err := GetEnforcers("")
+	if err != nil {
+		return err
+	}
+
+	plans, err := GetPlans("")
+	if err != nil {
+		return err
+	}
+
+	pricings, err := GetPricings("")
+	if err != nil {
+		return err
+	}
+
 	data := &InitData{
 		Organizations: organizations,
 		Applications:  applications,
@ -112,6 +137,11 @@ func writeInitDataToFile(filePath string) error {
 		Syncers:       syncers,
 		Tokens:        tokens,
 		Webhooks:      webhooks,
+		Groups:        groups,
+		Adapters:      adapters,
+		Enforcers:     enforcers,
+		Plans:         plans,
+		Pricings:      pricings,
 	}

 	text := util.StructToJsonFormatted(data)
--- a/object/mfa_sms.go
+++ b/object/mfa_sms.go
@ -36,9 +36,14 @@ func (mfa *SmsMfa) SetupVerify(passCode string) error {
 		mfa.Secret, _ = util.GetE164Number(mfa.Secret, mfa.CountryCode)
 	}

-	if result := CheckVerificationCode(mfa.Secret, passCode, "en"); result.Code != VerificationSuccess {
+	result, err := CheckVerificationCode(mfa.Secret, passCode, "en")
+	if err != nil {
+		return err
+	}
+	if result.Code != VerificationSuccess {
 		return errors.New(result.Msg)
 	}
+
 	return nil
 }

@ -52,21 +57,10 @@ func (mfa *SmsMfa) Enable(user *User) error {

 	if mfa.MfaType == SmsType {
 		user.MfaPhoneEnabled = true
-		columns = append(columns, "mfa_phone_enabled")
-
-		if user.Phone == "" {
-			user.Phone = mfa.Secret
-			user.CountryCode = mfa.CountryCode
-			columns = append(columns, "phone", "country_code")
-		}
+		columns = append(columns, "mfa_phone_enabled", "phone", "country_code")
 	} else if mfa.MfaType == EmailType {
 		user.MfaEmailEnabled = true
-		columns = append(columns, "mfa_email_enabled")
-
-		if user.Email == "" {
-			user.Email = mfa.Secret
-			columns = append(columns, "email")
-		}
+		columns = append(columns, "mfa_email_enabled", "email")
 	}

 	_, err := UpdateUser(user.GetId(), user, columns, false)
@ -81,9 +75,15 @@ func (mfa *SmsMfa) Verify(passCode string) error {
 	if !util.IsEmailValid(mfa.Secret) {
 		mfa.Secret, _ = util.GetE164Number(mfa.Secret, mfa.CountryCode)
 	}
-	if result := CheckVerificationCode(mfa.Secret, passCode, "en"); result.Code != VerificationSuccess {
+
+	result, err := CheckVerificationCode(mfa.Secret, passCode, "en")
+	if err != nil {
+		return err
+	}
+	if result.Code != VerificationSuccess {
 		return errors.New(result.Msg)
 	}
+
 	return nil
 }

--- a/object/organization.go
+++ b/object/organization.go
@ -31,6 +31,7 @@ type AccountItem struct {
 	Visible    bool   `json:"visible"`
 	ViewRule   string `json:"viewRule"`
 	ModifyRule string `json:"modifyRule"`
+	Regex      string `json:"regex"`
 }

 type ThemeData struct {
@ -342,6 +343,11 @@ func GetDefaultApplication(id string) (*Application, error) {
 		return nil, err
 	}

+	err = extendApplicationWithSigninItems(defaultApplication)
+	if err != nil {
+		return nil, err
+	}
+
 	return defaultApplication, nil
 }

@ -453,6 +459,16 @@ func organizationChangeTrigger(oldName string, newName string) error {
 		return err
 	}

+	record := new(Record)
+	record.Owner = newName
+	record.Organization = newName
+	_, err = session.Where("organization=?", oldName).Update(record)
+	if err != nil {
+		if err.Error() != "no columns found to be updated" {
+			return err
+		}
+	}
+
 	resource := new(Resource)
 	resource.Owner = newName
 	_, err = session.Where("owner=?", oldName).Update(resource)
--- a/object/ormer.go
+++ b/object/ormer.go
@ -23,6 +23,8 @@ import (
 	"runtime"
 	"strings"

+	"github.com/casvisor/casvisor-go-sdk/casvisorsdk"
+
 	"github.com/beego/beego"
 	"github.com/casdoor/casdoor/conf"
 	"github.com/casdoor/casdoor/util"
@ -30,8 +32,9 @@ import (
 	_ "github.com/denisenkom/go-mssqldb" // db = mssql
 	_ "github.com/go-sql-driver/mysql"   // db = mysql
 	_ "github.com/lib/pq"                // db = postgres
-	"github.com/xorm-io/core"
 	"github.com/xorm-io/xorm"
+	"github.com/xorm-io/xorm/core"
+	"github.com/xorm-io/xorm/names"
 	_ "modernc.org/sqlite" // db = sqlite
 )

@ -96,7 +99,7 @@ func InitAdapter() {
 	}

 	tableNamePrefix := conf.GetConfigString("tableNamePrefix")
-	tbMapper := core.NewPrefixMapper(core.SnakeMapper{}, tableNamePrefix)
+	tbMapper := names.NewPrefixMapper(names.SnakeMapper{}, tableNamePrefix)
 	ormer.Engine.SetTableMapper(tbMapper)
 }

@ -116,6 +119,7 @@ type Ormer struct {
 	driverName     string
 	dataSourceName string
 	dbName         string
+	Db             *sql.DB
 	Engine         *xorm.Engine
 }

@ -125,6 +129,13 @@ func finalizer(a *Ormer) {
 	if err != nil {
 		panic(err)
 	}
+
+	if a.Db != nil {
+		err = a.Db.Close()
+		if err != nil {
+			panic(err)
+		}
+	}
 }

 // NewAdapter is the constructor for Ormer.
@ -146,6 +157,26 @@ func NewAdapter(driverName string, dataSourceName string, dbName string) (*Ormer
 	return a, nil
 }

+// NewAdapterFromdb is the constructor for Ormer.
+func NewAdapterFromDb(driverName string, dataSourceName string, dbName string, db *sql.DB) (*Ormer, error) {
+	a := &Ormer{}
+	a.driverName = driverName
+	a.dataSourceName = dataSourceName
+	a.dbName = dbName
+	a.Db = db
+
+	// Open the DB, create it if not existed.
+	err := a.openFromDb(a.Db)
+	if err != nil {
+		return nil, err
+	}
+
+	// Call the destructor when the object is released.
+	runtime.SetFinalizer(a, finalizer)
+
+	return a, nil
+}
+
 func refineDataSourceNameForPostgres(dataSourceName string) string {
 	reg := regexp.MustCompile(`dbname=[^ ]+\s*`)
 	return reg.ReplaceAllString(dataSourceName, "")
@ -224,6 +255,30 @@ func (a *Ormer) open() error {
 	return nil
 }

+func (a *Ormer) openFromDb(db *sql.DB) error {
+	dataSourceName := a.dataSourceName + a.dbName
+	if a.driverName != "mysql" {
+		dataSourceName = a.dataSourceName
+	}
+
+	xormDb := core.FromDB(db)
+
+	engine, err := xorm.NewEngineWithDB(a.driverName, dataSourceName, xormDb)
+	if err != nil {
+		return err
+	}
+
+	if a.driverName == "postgres" {
+		schema := util.GetValueFromDataSourceName("search_path", dataSourceName)
+		if schema != "" {
+			engine.SetSchema(schema)
+		}
+	}
+
+	a.Engine = engine
+	return nil
+}
+
 func (a *Ormer) close() {
 	_ = a.Engine.Close()
 	a.Engine = nil
@ -338,6 +393,11 @@ func (a *Ormer) createTable() {
 		panic(err)
 	}

+	err = a.Engine.Sync2(new(casvisorsdk.Record))
+	if err != nil {
+		panic(err)
+	}
+
 	err = a.Engine.Sync2(new(Webhook))
 	if err != nil {
 		panic(err)
--- a/object/provider.go
+++ b/object/provider.go
@ -312,8 +312,6 @@ func GetPaymentProvider(p *Provider) (pp.PaymentProvider, error) {
 	} else {
 		return nil, fmt.Errorf("the payment provider type: %s is not supported", p.Type)
 	}
-
-	return nil, nil
 }

 func (p *Provider) GetId() string {
--- a/object/record.go
+++ b/object/record.go
@ -82,7 +82,12 @@ func AddRecord(record *casvisorsdk.Record) bool {
 	}

 	if casvisorsdk.GetClient() == nil {
-		return false
+		affected, err := ormer.Engine.Insert(record)
+		if err != nil {
+			panic(err)
+		}
+
+		return affected != 0
 	}

 	affected, err := casvisorsdk.AddRecord(record)
@ -93,6 +98,42 @@ func AddRecord(record *casvisorsdk.Record) bool {
 	return affected
 }

+func GetRecordCount(field, value string, filterRecord *casvisorsdk.Record) (int64, error) {
+	session := GetSession("", -1, -1, field, value, "", "")
+	return session.Count(filterRecord)
+}
+
+func GetRecords() ([]*casvisorsdk.Record, error) {
+	records := []*casvisorsdk.Record{}
+	err := ormer.Engine.Desc("id").Find(&records)
+	if err != nil {
+		return records, err
+	}
+
+	return records, nil
+}
+
+func GetPaginationRecords(offset, limit int, field, value, sortField, sortOrder string, filterRecord *casvisorsdk.Record) ([]*casvisorsdk.Record, error) {
+	records := []*casvisorsdk.Record{}
+	session := GetSession("", offset, limit, field, value, sortField, sortOrder)
+	err := session.Find(&records, filterRecord)
+	if err != nil {
+		return records, err
+	}
+
+	return records, nil
+}
+
+func GetRecordsByField(record *casvisorsdk.Record) ([]*casvisorsdk.Record, error) {
+	records := []*casvisorsdk.Record{}
+	err := ormer.Engine.Find(&records, record)
+	if err != nil {
+		return records, err
+	}
+
+	return records, nil
+}
+
 func getFilteredWebhooks(webhooks []*Webhook, action string) []*Webhook {
 	res := []*Webhook{}
 	for _, webhook := range webhooks {
@ -116,7 +157,7 @@ func getFilteredWebhooks(webhooks []*Webhook, action string) []*Webhook {
 }

 func SendWebhooks(record *casvisorsdk.Record) error {
-	webhooks, err := getWebhooksByOrganization(record.Organization)
+	webhooks, err := getWebhooksByOrganization("")
 	if err != nil {
 		return err
 	}
--- a/object/record_casvisor.go
+++ b/object/record_casvisor.go
@ -27,7 +27,7 @@ func getCasvisorApplication() *Application {
 	}

 	for _, application := range applications {
-		if strings.Contains(strings.ToLower(application.Name), "casvisor") {
+		if strings.Contains(strings.ToLower(application.Name), "casvisor-my") {
 			return application
 		}
 	}
--- a/object/syncer.go
+++ b/object/syncer.go
@ -39,11 +39,17 @@ type Syncer struct {
 	Type         string `xorm:"varchar(100)" json:"type"`
 	DatabaseType string `xorm:"varchar(100)" json:"databaseType"`
 	SslMode      string `xorm:"varchar(100)" json:"sslMode"`
+	SshType      string `xorm:"varchar(100)" json:"sshType"`

 	Host             string         `xorm:"varchar(100)" json:"host"`
 	Port             int            `json:"port"`
 	User             string         `xorm:"varchar(100)" json:"user"`
 	Password         string         `xorm:"varchar(150)" json:"password"`
+	SshHost          string         `xorm:"varchar(100)" json:"sshHost"`
+	SshPort          int            `json:"sshPort"`
+	SshUser          string         `xorm:"varchar(100)" json:"sshUser"`
+	SshPassword      string         `xorm:"varchar(150)" json:"sshPassword"`
+	Cert             string         `xorm:"varchar(100)" json:"cert"`
 	Database         string         `xorm:"varchar(100)" json:"database"`
 	Table            string         `xorm:"varchar(100)" json:"table"`
 	TableColumns     []*TableColumn `xorm:"mediumtext" json:"tableColumns"`
@ -279,3 +285,25 @@ func RunSyncer(syncer *Syncer) error {

 	return syncer.syncUsers()
 }
+
+func TestSyncerDb(syncer Syncer) error {
+	oldSyncer, err := getSyncer(syncer.Owner, syncer.Name)
+	if err != nil {
+		return err
+	}
+
+	if syncer.Password == "***" {
+		syncer.Password = oldSyncer.Password
+	}
+
+	err = syncer.initAdapter()
+	if err != nil {
+		return err
+	}
+
+	err = syncer.Ormer.Engine.Ping()
+	if err != nil {
+		return err
+	}
+	return nil
+}
--- a/object/syncer_user.go
+++ b/object/syncer_user.go
@ -15,12 +15,17 @@
 package object

 import (
+	"context"
 	"database/sql"
+	"database/sql/driver"
 	"fmt"
 	"strings"
 	"time"

+	"golang.org/x/crypto/ssh"
+
 	"github.com/casdoor/casdoor/util"
+	"github.com/go-sql-driver/mysql"
 )

 type OriginalUser = User
@ -124,6 +129,19 @@ func (syncer *Syncer) calculateHash(user *OriginalUser) string {
 	return util.GetMd5Hash(s)
 }

+type dsnConnector struct {
+	dsn    string
+	driver driver.Driver
+}
+
+func (t dsnConnector) Connect(ctx context.Context) (driver.Conn, error) {
+	return t.driver.Open(t.dsn)
+}
+
+func (t dsnConnector) Driver() driver.Driver {
+	return t.driver
+}
+
 func (syncer *Syncer) initAdapter() error {
 	if syncer.Ormer != nil {
 		return nil
@ -142,12 +160,38 @@ func (syncer *Syncer) initAdapter() error {
 		dataSourceName = fmt.Sprintf("%s:%s@tcp(%s:%d)/", syncer.User, syncer.Password, syncer.Host, syncer.Port)
 	}

+	var db *sql.DB
+	var err error
+
+	if syncer.SshType != "" && (syncer.DatabaseType == "mysql" || syncer.DatabaseType == "postgres" || syncer.DatabaseType == "mssql") {
+		var dial *ssh.Client
+		if syncer.SshType == "password" {
+			dial, err = DialWithPassword(syncer.SshUser, syncer.SshPassword, syncer.SshHost, syncer.SshPort)
+		} else {
+			dial, err = DialWithCert(syncer.SshUser, syncer.Owner+"/"+syncer.Cert, syncer.SshHost, syncer.SshPort)
+		}
+		if err != nil {
+			return err
+		}
+
+		if syncer.DatabaseType == "mysql" {
+			dataSourceName = fmt.Sprintf("%s:%s@%s(%s:%d)/", syncer.User, syncer.Password, syncer.Owner+syncer.Name, syncer.Host, syncer.Port)
+			mysql.RegisterDialContext(syncer.Owner+syncer.Name, (&ViaSSHDialer{Client: dial, Context: nil}).MysqlDial)
+		} else if syncer.DatabaseType == "postgres" || syncer.DatabaseType == "mssql" {
+			db = sql.OpenDB(dsnConnector{dsn: dataSourceName, driver: &ViaSSHDialer{Client: dial, Context: nil, DatabaseType: syncer.DatabaseType}})
+		}
+	}
+
 	if !isCloudIntranet {
 		dataSourceName = strings.ReplaceAll(dataSourceName, "dbi.", "db.")
 	}

-	var err error
-	syncer.Ormer, err = NewAdapter(syncer.DatabaseType, dataSourceName, syncer.Database)
+	if db != nil {
+		syncer.Ormer, err = NewAdapterFromDb(syncer.DatabaseType, dataSourceName, syncer.Database, db)
+	} else {
+		syncer.Ormer, err = NewAdapter(syncer.DatabaseType, dataSourceName, syncer.Database)
+	}
+
 	return err
 }

--- a/object/token.go
+++ b/object/token.go
@ -681,7 +681,7 @@ func GetAuthorizationCodeToken(application *Application, clientSecret string, co
 // GetPasswordToken
 // Resource Owner Password Credentials flow
 func GetPasswordToken(application *Application, username string, password string, scope string, host string) (*Token, *TokenError, error) {
-	user, err := getUser(application.Organization, username)
+	user, err := GetUserByFields(application.Organization, username)
 	if err != nil {
 		return nil, nil, err
 	}
--- a/object/user.go
+++ b/object/user.go
@ -15,7 +15,9 @@
 package object

 import (
+	"encoding/json"
 	"fmt"
+	"reflect"
 	"strconv"
 	"strings"

@ -221,6 +223,26 @@ type ManagedAccount struct {
 	SigninUrl   string `xorm:"varchar(200)" json:"signinUrl"`
 }

+func GetUserFieldStringValue(user *User, fieldName string) (bool, string, error) {
+	val := reflect.ValueOf(*user)
+	fieldValue := val.FieldByName(fieldName)
+
+	if !fieldValue.IsValid() {
+		return false, "", nil
+	}
+
+	if fieldValue.Kind() == reflect.String {
+		return true, fieldValue.String(), nil
+	}
+
+	marshalValue, err := json.Marshal(fieldValue.Interface())
+	if err != nil {
+		return false, "", err
+	}
+
+	return true, string(marshalValue), nil
+}
+
 func GetGlobalUserCount(field, value string) (int64, error) {
 	session := GetSession("", -1, -1, field, value, "", "")
 	return session.Count(&User{})
@ -793,6 +815,13 @@ func AddUser(user *User) (bool, error) {
 	}
 	user.Ranking = int(count + 1)

+	if user.Groups != nil && len(user.Groups) > 0 {
+		_, err = userEnforcer.UpdateGroupsForUser(user.GetId(), user.Groups)
+		if err != nil {
+			return false, err
+		}
+	}
+
 	affected, err := ormer.Engine.Insert(user)
 	if err != nil {
 		return false, err
@ -822,6 +851,13 @@ func AddUsers(users []*User) (bool, error) {
 		if err != nil {
 			return false, err
 		}
+
+		if user.Groups != nil && len(user.Groups) > 0 {
+			_, err = userEnforcer.UpdateGroupsForUser(user.GetId(), user.Groups)
+			if err != nil {
+				return false, err
+			}
+		}
 	}

 	affected, err := ormer.Engine.Insert(users)
@ -985,6 +1021,10 @@ func userChangeTrigger(oldName string, newName string) error {
 	}
 	for _, permission := range permissions {
 		for j, u := range permission.Users {
+			if u == "*" {
+				continue
+			}
+
 			// u = organization/username
 			owner, name := util.GetOwnerAndNameFromId(u)
 			if name == oldName {
--- a/object/user_enforcer.go
+++ b/object/user_enforcer.go
@ -1,10 +1,12 @@
 package object

 import (
+	errors2 "errors"
 	"fmt"

-	"github.com/casbin/casbin/v2"
 	"github.com/casbin/casbin/v2/errors"
+
+	"github.com/casbin/casbin/v2"
 	"github.com/casdoor/casdoor/util"
 )

@ -87,7 +89,7 @@ func (e *UserGroupEnforcer) GetAllUsersByGroup(group string) ([]string, error) {

 	users, err := e.enforcer.GetUsersForRole(GetGroupWithPrefix(group))
 	if err != nil {
-		if err == errors.ErrNameNotFound {
+		if errors2.Is(err, errors.ErrNameNotFound) {
 			return []string{}, nil
 		}
 		return nil, err
--- a/object/user_util.go
+++ b/object/user_util.go
@ -18,8 +18,11 @@ import (
 	"encoding/json"
 	"fmt"
 	"reflect"
+	"regexp"
 	"strings"

+	"github.com/casdoor/casdoor/i18n"
+
 	jsoniter "github.com/json-iterator/go"

 	"github.com/casdoor/casdoor/idp"
@ -328,6 +331,31 @@ func CheckPermissionForUpdateUser(oldUser, newUser *User, isAdmin bool, lang str
 		itemsChanged = append(itemsChanged, item)
 	}

+	if oldUser.Gender != newUser.Gender {
+		item := GetAccountItemByName("Gender", organization)
+		itemsChanged = append(itemsChanged, item)
+	}
+
+	if oldUser.Birthday != newUser.Birthday {
+		item := GetAccountItemByName("Birthday", organization)
+		itemsChanged = append(itemsChanged, item)
+	}
+
+	if oldUser.Education != newUser.Education {
+		item := GetAccountItemByName("Education", organization)
+		itemsChanged = append(itemsChanged, item)
+	}
+
+	if oldUser.IdCard != newUser.IdCard {
+		item := GetAccountItemByName("ID card", organization)
+		itemsChanged = append(itemsChanged, item)
+	}
+
+	if oldUser.IdCardType != newUser.IdCardType {
+		item := GetAccountItemByName("ID card type", organization)
+		itemsChanged = append(itemsChanged, item)
+	}
+
 	oldUserPropertiesJson, _ := json.Marshal(oldUser.Properties)
 	newUserPropertiesJson, _ := json.Marshal(newUser.Properties)
 	if string(oldUserPropertiesJson) != string(newUserPropertiesJson) {
@ -372,10 +400,33 @@ func CheckPermissionForUpdateUser(oldUser, newUser *User, isAdmin bool, lang str
 		itemsChanged = append(itemsChanged, item)
 	}

-	for i := range itemsChanged {
-		if pass, err := CheckAccountItemModifyRule(itemsChanged[i], isAdmin, lang); !pass {
+	for _, accountItem := range itemsChanged {
+
+		if pass, err := CheckAccountItemModifyRule(accountItem, isAdmin, lang); !pass {
 			return pass, err
 		}
+
+		exist, userValue, err := GetUserFieldStringValue(newUser, util.SpaceToCamel(accountItem.Name))
+		if err != nil {
+			return false, err.Error()
+		}
+
+		if !exist {
+			continue
+		}
+
+		if accountItem.Regex == "" {
+			continue
+		}
+		regexSignupItem, err := regexp.Compile(accountItem.Regex)
+		if err != nil {
+			return false, err.Error()
+		}
+
+		matched := regexSignupItem.MatchString(userValue)
+		if !matched {
+			return false, fmt.Sprintf(i18n.Translate(lang, "check:The value \"%s\" for account field \"%s\" doesn't match the account item regex"), userValue, accountItem.Name)
+		}
 	}
 	return true, ""
 }
--- a/object/verification.go
+++ b/object/verification.go
@ -66,6 +66,7 @@ func IsAllowSend(user *User, remoteAddr, recordType string) error {
 	if user != nil {
 		record.User = user.GetId()
 	}
+
 	has, err := ormer.Engine.Desc("created_time").Get(&record)
 	if err != nil {
 		return err
@ -94,15 +95,18 @@ func SendVerificationCodeToEmail(organization *Organization, user *User, provide
 		content = strings.Replace(content, "%{user.friendlyName}", user.GetFriendlyName(), 1)
 	}

-	if err := IsAllowSend(user, remoteAddr, provider.Category); err != nil {
+	err := IsAllowSend(user, remoteAddr, provider.Category)
+	if err != nil {
 		return err
 	}

-	if err := SendEmail(provider, title, content, dest, sender); err != nil {
+	err = SendEmail(provider, title, content, dest, sender)
+	if err != nil {
 		return err
 	}

-	if err := AddToVerificationRecord(user, provider, remoteAddr, provider.Category, dest, code); err != nil {
+	err = AddToVerificationRecord(user, provider, remoteAddr, provider.Category, dest, code)
+	if err != nil {
 		return err
 	}

@ -110,7 +114,8 @@ func SendVerificationCodeToEmail(organization *Organization, user *User, provide
 }

 func SendVerificationCodeToPhone(organization *Organization, user *User, provider *Provider, remoteAddr string, dest string) error {
-	if err := IsAllowSend(user, remoteAddr, provider.Category); err != nil {
+	err := IsAllowSend(user, remoteAddr, provider.Category)
+	if err != nil {
 		return err
 	}

@ -119,11 +124,13 @@ func SendVerificationCodeToPhone(organization *Organization, user *User, provide
 		code = organization.MasterVerificationCode
 	}

-	if err := SendSms(provider, code, dest); err != nil {
+	err = SendSms(provider, code, dest)
+	if err != nil {
 		return err
 	}

-	if err := AddToVerificationRecord(user, provider, remoteAddr, provider.Category, dest, code); err != nil {
+	err = AddToVerificationRecord(user, provider, remoteAddr, provider.Category, dest, code)
+	if err != nil {
 		return err
 	}

@ -158,6 +165,7 @@ func AddToVerificationRecord(user *User, provider *Provider, remoteAddr, recordT
 func getVerificationRecord(dest string) (*VerificationRecord, error) {
 	var record VerificationRecord
 	record.Receiver = dest
+
 	has, err := ormer.Engine.Desc("time").Where("is_used = false").Get(&record)
 	if err != nil {
 		return nil, err
@ -165,34 +173,34 @@ func getVerificationRecord(dest string) (*VerificationRecord, error) {
 	if !has {
 		return nil, nil
 	}
+
 	return &record, nil
 }

-func CheckVerificationCode(dest string, code string, lang string) *VerifyResult {
+func CheckVerificationCode(dest string, code string, lang string) (*VerifyResult, error) {
 	record, err := getVerificationRecord(dest)
 	if err != nil {
-		panic(err)
+		return nil, err
 	}
-
 	if record == nil {
-		return &VerifyResult{noRecordError, i18n.Translate(lang, "verification:Code has not been sent yet!")}
+		return &VerifyResult{noRecordError, i18n.Translate(lang, "verification:Code has not been sent yet!")}, nil
 	}

 	timeout, err := conf.GetConfigInt64("verificationCodeTimeout")
 	if err != nil {
-		panic(err)
+		return nil, err
 	}

 	now := time.Now().Unix()
 	if now-record.Time > timeout*60 {
-		return &VerifyResult{timeoutError, fmt.Sprintf(i18n.Translate(lang, "verification:You should verify your code in %d min!"), timeout)}
+		return &VerifyResult{timeoutError, fmt.Sprintf(i18n.Translate(lang, "verification:You should verify your code in %d min!"), timeout)}, nil
 	}

 	if record.Code != code {
-		return &VerifyResult{wrongCodeError, i18n.Translate(lang, "verification:Wrong verification code!")}
+		return &VerifyResult{wrongCodeError, i18n.Translate(lang, "verification:Wrong verification code!")}, nil
 	}

-	return &VerifyResult{VerificationSuccess, ""}
+	return &VerifyResult{VerificationSuccess, ""}, nil
 }

 func DisableVerificationCode(dest string) error {
@ -213,7 +221,11 @@ func CheckSigninCode(user *User, dest, code, lang string) error {
 		return err
 	}

-	result := CheckVerificationCode(dest, code, lang)
+	result, err := CheckVerificationCode(dest, code, lang)
+	if err != nil {
+		return err
+	}
+
 	switch result.Code {
 	case VerificationSuccess:
 		return resetUserSigninErrorTimes(user)
--- a/object/viaSSHDialer.go
+++ b/object/viaSSHDialer.go
@ -0,0 +1,116 @@
+// Copyright 2024 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package object
+
+import (
+	"context"
+	"database/sql/driver"
+	"fmt"
+	"net"
+	"time"
+
+	mssql "github.com/denisenkom/go-mssqldb"
+
+	"github.com/lib/pq"
+	"golang.org/x/crypto/ssh"
+)
+
+type ViaSSHDialer struct {
+	Client       *ssh.Client
+	Context      *context.Context
+	DatabaseType string
+}
+
+func (v *ViaSSHDialer) MysqlDial(ctx context.Context, addr string) (net.Conn, error) {
+	return v.Client.Dial("tcp", addr)
+}
+
+func (v *ViaSSHDialer) Open(s string) (_ driver.Conn, err error) {
+	if v.DatabaseType == "mssql" {
+		c, err := mssql.NewConnector(s)
+		if err != nil {
+			return nil, err
+		}
+		c.Dialer = v
+		return c.Connect(context.Background())
+	} else if v.DatabaseType == "postgres" {
+		return pq.DialOpen(v, s)
+	}
+	return nil, nil
+}
+
+func (v *ViaSSHDialer) Dial(network, address string) (net.Conn, error) {
+	return v.Client.Dial(network, address)
+}
+
+func (v *ViaSSHDialer) DialContext(ctx context.Context, network string, addr string) (net.Conn, error) {
+	return v.Client.DialContext(ctx, network, addr)
+}
+
+func (v *ViaSSHDialer) DialTimeout(network, address string, timeout time.Duration) (net.Conn, error) {
+	return v.Client.Dial(network, address)
+}
+
+func DialWithPassword(SshUser string, SshPassword string, SshHost string, SshPort int) (*ssh.Client, error) {
+	address := fmt.Sprintf("%s:%d", SshHost, SshPort)
+	config := &ssh.ClientConfig{
+		User: SshUser,
+		Auth: []ssh.AuthMethod{
+			ssh.Password(SshPassword),
+		},
+		HostKeyCallback: ssh.InsecureIgnoreHostKey(),
+	}
+
+	return ssh.Dial("tcp", address, config)
+}
+
+func DialWithCert(SshUser string, CertId string, SshHost string, SshPort int) (*ssh.Client, error) {
+	address := fmt.Sprintf("%s:%d", SshHost, SshPort)
+	config := &ssh.ClientConfig{
+		User:            SshUser,
+		HostKeyCallback: ssh.InsecureIgnoreHostKey(),
+	}
+
+	cert, err := GetCert(CertId)
+	if err != nil {
+		return nil, err
+	}
+
+	signer, err := ssh.ParsePrivateKey([]byte(cert.PrivateKey))
+	if err != nil {
+		return nil, err
+	}
+	config.Auth = []ssh.AuthMethod{
+		ssh.PublicKeys(signer),
+	}
+	return ssh.Dial("tcp", address, config)
+}
+
+func DialWithPrivateKey(SshUser string, PrivateKey []byte, SshHost string, SshPort int) (*ssh.Client, error) {
+	address := fmt.Sprintf("%s:%d", SshHost, SshPort)
+	config := &ssh.ClientConfig{
+		User:            SshUser,
+		HostKeyCallback: ssh.InsecureIgnoreHostKey(),
+	}
+
+	signer, err := ssh.ParsePrivateKey(PrivateKey)
+	if err != nil {
+		return nil, err
+	}
+	config.Auth = []ssh.AuthMethod{
+		ssh.PublicKeys(signer),
+	}
+	return ssh.Dial("tcp", address, config)
+}
--- a/routers/authz_filter.go
+++ b/routers/authz_filter.go
@ -73,10 +73,12 @@ func getObject(ctx *context.Context) (string, string) {
 			}
 		}

-		// query == "?id=built-in/admin"
-		id := ctx.Input.Query("id")
-		if id != "" {
-			return util.GetOwnerAndNameFromIdNoCheck(id)
+		if !(strings.HasPrefix(ctx.Request.URL.Path, "/api/get-") && strings.HasSuffix(ctx.Request.URL.Path, "s")) {
+			// query == "?id=built-in/admin"
+			id := ctx.Input.Query("id")
+			if id != "" {
+				return util.GetOwnerAndNameFromIdNoCheck(id)
+			}
 		}

 		owner := ctx.Input.Query("owner")
--- a/routers/router.go
+++ b/routers/router.go
@ -233,6 +233,7 @@ func initAPI() {
 	beego.Router("/api/add-syncer", &controllers.ApiController{}, "POST:AddSyncer")
 	beego.Router("/api/delete-syncer", &controllers.ApiController{}, "POST:DeleteSyncer")
 	beego.Router("/api/run-syncer", &controllers.ApiController{}, "GET:RunSyncer")
+	beego.Router("/api/test-syncer-db", &controllers.ApiController{}, "POST:TestSyncerDb")

 	beego.Router("/api/get-webhooks", &controllers.ApiController{}, "GET:GetWebhooks")
 	beego.Router("/api/get-webhook", &controllers.ApiController{}, "GET:GetWebhook")
@ -261,6 +262,10 @@ func initAPI() {
 	beego.Router("/api/login/oauth/refresh_token", &controllers.ApiController{}, "POST:RefreshToken")
 	beego.Router("/api/login/oauth/introspect", &controllers.ApiController{}, "POST:IntrospectToken")

+	beego.Router("/api/get-records", &controllers.ApiController{}, "GET:GetRecords")
+	beego.Router("/api/get-records-filter", &controllers.ApiController{}, "POST:GetRecordsByFilter")
+	beego.Router("/api/add-record", &controllers.ApiController{}, "POST:AddRecord")
+
 	beego.Router("/api/send-email", &controllers.ApiController{}, "POST:SendEmail")
 	beego.Router("/api/send-sms", &controllers.ApiController{}, "POST:SendSms")
 	beego.Router("/api/send-notification", &controllers.ApiController{}, "POST:SendNotification")
--- a/util/string.go
+++ b/util/string.go
@ -113,6 +113,15 @@ func SnakeToCamel(snake string) string {
 	return strings.Join(words, "")
 }

+func SpaceToCamel(name string) string {
+	words := strings.Split(name, " ")
+	for i := range words {
+		words[i] = strings.ToLower(words[i])
+		words[i] = strings.Title(words[i])
+	}
+	return strings.Join(words, "")
+}
+
 func GetOwnerAndNameFromId(id string) (string, string) {
 	tokens := strings.Split(id, "/")
 	if len(tokens) != 2 {
--- a/util/validation.go
+++ b/util/validation.go
@ -34,7 +34,7 @@ func init() {
 	rePhone, _ = regexp.Compile(`(\d{3})\d*(\d{4})`)
 	ReWhiteSpace, _ = regexp.Compile(`\s`)
 	ReFieldWhiteList, _ = regexp.Compile(`^[A-Za-z0-9]+$`)
-	ReUserName, _ = regexp.Compile("^[a-zA-Z0-9]+((?:-[a-zA-Z0-9]+)|(?:_[a-zA-Z0-9]+))*$")
+	ReUserName, _ = regexp.Compile("^[a-zA-Z0-9]+([-._][a-zA-Z0-9]+)*$")
 }

 func IsEmailValid(email string) bool {
--- a/web/src/App.js
+++ b/web/src/App.js
@ -95,6 +95,7 @@ import OpenTour from "./common/OpenTour";
 const {Header, Footer, Content} = Layout;

 import {setTwoToneColor} from "@ant-design/icons";
+import RecordListPage from "./RecordListPage";

 setTwoToneColor("rgb(87,52,211)");

@ -466,7 +467,8 @@ class App extends Component {

      res.push(Setting.getItem(<Link style={{color: "black"}} to="/sessions">{i18next.t("general:Logging & Auditing")}</Link>, "/logs", <WalletTwoTone />, [
        Setting.getItem(<Link to="/sessions">{i18next.t("general:Sessions")}</Link>, "/sessions"),
-        Setting.getItem(<a target="_blank" rel="noreferrer" href={Conf.CasvisorUrl}>{i18next.t("general:Records")}</a>, "/records"),
+        Conf.CasvisorUrl ? Setting.getItem(<a target="_blank" rel="noreferrer" href={Conf.CasvisorUrl}>{i18next.t("general:Records")}</a>, "/records")
+          : Setting.getItem(<Link to="/records">{i18next.t("general:Records")}</Link>, "/records"),
        Setting.getItem(<Link to="/tokens">{i18next.t("general:Tokens")}</Link>, "/tokens"),
      ]));

@ -527,6 +529,7 @@ class App extends Component {
        <Route exact path="/applications/:organizationName/:applicationName" render={(props) => this.renderLoginIfNotLoggedIn(<ApplicationEditPage account={this.state.account} {...props} />)} />
        <Route exact path="/providers" render={(props) => this.renderLoginIfNotLoggedIn(<ProviderListPage account={this.state.account} {...props} />)} />
        <Route exact path="/providers/:organizationName/:providerName" render={(props) => this.renderLoginIfNotLoggedIn(<ProviderEditPage account={this.state.account} {...props} />)} />
+        <Route exact path="/records" render={(props) => this.renderLoginIfNotLoggedIn(<RecordListPage account={this.state.account} {...props} />)} />
        <Route exact path="/resources" render={(props) => this.renderLoginIfNotLoggedIn(<ResourceListPage account={this.state.account} {...props} />)} />
        <Route exact path="/certs" render={(props) => this.renderLoginIfNotLoggedIn(<CertListPage account={this.state.account} {...props} />)} />
        <Route exact path="/certs/:organizationName/:certName" render={(props) => this.renderLoginIfNotLoggedIn(<CertEditPage account={this.state.account} {...props} />)} />
@ -718,7 +721,6 @@ class App extends Component {
        window.location.pathname.startsWith("/prompt") ||
        window.location.pathname.startsWith("/result") ||
        window.location.pathname.startsWith("/cas") ||
-        window.location.pathname.startsWith("/auto-signup") ||
        window.location.pathname.startsWith("/select-plan") ||
        window.location.pathname.startsWith("/buy-plan") ||
        window.location.pathname.startsWith("/qrcode") ;
--- a/web/src/ApplicationEditPage.js
+++ b/web/src/ApplicationEditPage.js
@ -36,6 +36,7 @@ import ThemeEditor from "./common/theme/ThemeEditor";

 import {Controlled as CodeMirror} from "react-codemirror2";
 import "codemirror/lib/codemirror.css";
+import SigninTable from "./table/SigninTable";

 require("codemirror/theme/material-darker.css");
 require("codemirror/mode/htmlmixed/htmlmixed");
@ -864,6 +865,46 @@ class ApplicationEditPage extends React.Component {
            }
          </Col>
        </Row>
+        <Row style={{marginTop: "20px"}} >
+          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+            {Setting.getLabel(i18next.t("application:Header HTML"), i18next.t("application:Header HTML - Tooltip"))} :
+          </Col>
+          <Col span={22} >
+            <Popover placement="right" content={
+              <div style={{width: "900px", height: "300px"}} >
+                <CodeMirror
+                  value={this.state.application.headerHtml}
+                  options={{mode: "htmlmixed", theme: "material-darker"}}
+                  onBeforeChange={(editor, data, value) => {
+                    this.updateApplicationField("headerHtml", value);
+                  }}
+                />
+              </div>
+            } title={i18next.t("application:Header HTML - Edit")} trigger="click">
+              <Input value={this.state.application.headerHtml} style={{marginBottom: "10px"}} onChange={e => {
+                this.updateApplicationField("headerHtml", e.target.value);
+              }} />
+            </Popover>
+          </Col>
+        </Row>
+        {
+          <React.Fragment>
+            <Row style={{marginTop: "20px"}} >
+              <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+                {Setting.getLabel(i18next.t("application:Signin items"), i18next.t("application:Signin items - Tooltip"))} :
+              </Col>
+              <Col span={22} >
+                <SigninTable
+                  title={i18next.t("application:Signin items")}
+                  table={this.state.application.signinItems}
+                  onUpdateTable={(value) => {
+                    this.updateApplicationField("signinItems", value);
+                  }}
+                />
+              </Col>
+            </Row>
+          </React.Fragment>
+        }
        {
          !this.state.application.enableSignUp ? null : (
            <React.Fragment>
--- a/web/src/ApplicationListPage.js
+++ b/web/src/ApplicationListPage.js
@ -61,6 +61,7 @@ class ApplicationListPage extends BaseListPage {
        {name: "Phone", visible: true, required: true, rule: "None"},
        {name: "Agreement", visible: true, required: true, rule: "None"},
      ],
+      grantTypes: ["authorization_code", "password", "client_credentials", "token", "id_token", "refresh_token"],
      cert: "cert-built-in",
      redirectUris: ["http://localhost:9000/callback"],
      tokenFormat: "JWT",
--- a/web/src/Conf.js
+++ b/web/src/Conf.js
@ -14,7 +14,7 @@

 export const DefaultApplication = "app-built-in";

-export const CasvisorUrl = "https://github.com/casbin/casvisor";
+export const CasvisorUrl = "";

 export const ShowGithubCorner = false;
 export const IsDemoMode = false;
--- a/web/src/EntryPage.js
+++ b/web/src/EntryPage.js
@ -32,6 +32,7 @@ import {authConfig} from "./auth/Auth";
 import ProductBuyPage from "./ProductBuyPage";
 import PaymentResultPage from "./PaymentResultPage";
 import QrCodePage from "./QrCodePage";
+import CustomHead from "./basic/CustomHead";

 class EntryPage extends React.Component {
  constructor(props) {
@ -66,7 +67,6 @@ class EntryPage extends React.Component {
      this.setState({
        application: application,
      });
-
      const themeData = application !== null ? Setting.getThemeData(application.organizationObj, application) : Conf.ThemeDefault;
      this.props.updataThemeData(themeData);
    };
@ -82,7 +82,6 @@ class EntryPage extends React.Component {
            Setting.showMessage("error", res.msg);
            return;
          }
-
          const application = res.data;
          const themeData = application !== null ? Setting.getThemeData(application.organizationObj, application) : Conf.ThemeDefault;
          this.props.updataThemeData(themeData);
@ -90,33 +89,35 @@ class EntryPage extends React.Component {
    };

    return (
-      <div className="loginBackground"
-        style={{backgroundImage: Setting.inIframe() || Setting.isMobile() ? null : `url(${this.state.application?.formBackgroundUrl})`}}>
-        <Spin size="large" spinning={this.state.application === undefined && this.state.pricing === undefined} tip={i18next.t("login:Loading")}
-          style={{margin: "0 auto"}} />
-        <Switch>
-          <Route exact path="/signup" render={(props) => this.renderHomeIfLoggedIn(<SignupPage {...this.props} application={this.state.application} applicationName={authConfig.appName} onUpdateApplication={onUpdateApplication} {...props} />)} />
-          <Route exact path="/signup/:applicationName" render={(props) => this.renderHomeIfLoggedIn(<SignupPage {...this.props} application={this.state.application} onUpdateApplication={onUpdateApplication} {...props} />)} />
-          <Route exact path="/login" render={(props) => this.renderHomeIfLoggedIn(<SelfLoginPage {...this.props} application={this.state.application} onUpdateApplication={onUpdateApplication} {...props} />)} />
-          <Route exact path="/login/:owner" render={(props) => this.renderHomeIfLoggedIn(<SelfLoginPage {...this.props} application={this.state.application} onUpdateApplication={onUpdateApplication} {...props} />)} />
-          <Route exact path="/auto-signup/oauth/authorize" render={(props) => <LoginPage {...this.props} application={this.state.application} type={"code"} mode={"signup"} onUpdateApplication={onUpdateApplication}{...props} />} />
-          <Route exact path="/signup/oauth/authorize" render={(props) => <SignupPage {...this.props} application={this.state.application} onUpdateApplication={onUpdateApplication} {...props} />} />
-          <Route exact path="/login/oauth/authorize" render={(props) => <LoginPage {...this.props} application={this.state.application} type={"code"} mode={"signin"} onUpdateApplication={onUpdateApplication} {...props} />} />
-          <Route exact path="/login/saml/authorize/:owner/:applicationName" render={(props) => <LoginPage {...this.props} application={this.state.application} type={"saml"} mode={"signin"} onUpdateApplication={onUpdateApplication} {...props} />} />
-          <Route exact path="/forget" render={(props) => this.renderHomeIfLoggedIn(<SelfForgetPage {...this.props} application={this.state.application} onUpdateApplication={onUpdateApplication} {...props} />)} />
-          <Route exact path="/forget/:applicationName" render={(props) => this.renderHomeIfLoggedIn(<ForgetPage {...this.props} application={this.state.application} onUpdateApplication={onUpdateApplication} {...props} />)} />
-          <Route exact path="/prompt" render={(props) => this.renderLoginIfNotLoggedIn(<PromptPage {...this.props} application={this.state.application} onUpdateApplication={onUpdateApplication} {...props} />)} />
-          <Route exact path="/prompt/:applicationName" render={(props) => this.renderLoginIfNotLoggedIn(<PromptPage {...this.props} application={this.state.application} onUpdateApplication={onUpdateApplication} {...props} />)} />
-          <Route exact path="/result" render={(props) => this.renderHomeIfLoggedIn(<ResultPage {...this.props} application={this.state.application} onUpdateApplication={onUpdateApplication} {...props} />)} />
-          <Route exact path="/result/:applicationName" render={(props) => this.renderHomeIfLoggedIn(<ResultPage {...this.props} application={this.state.application} onUpdateApplication={onUpdateApplication} {...props} />)} />
-          <Route exact path="/cas/:owner/:casApplicationName/logout" render={(props) => this.renderHomeIfLoggedIn(<CasLogout {...this.props} application={this.state.application} onUpdateApplication={onUpdateApplication} {...props} />)} />
-          <Route exact path="/cas/:owner/:casApplicationName/login" render={(props) => {return (<LoginPage {...this.props} application={this.state.application} type={"cas"} mode={"signin"} onUpdateApplication={onUpdateApplication} {...props} />);}} />
-          <Route exact path="/select-plan/:owner/:pricingName" render={(props) => <PricingPage {...this.props} pricing={this.state.pricing} onUpdatePricing={onUpdatePricing} {...props} />} />
-          <Route exact path="/buy-plan/:owner/:pricingName" render={(props) => <ProductBuyPage {...this.props} pricing={this.state.pricing} onUpdatePricing={onUpdatePricing} {...props} />} />
-          <Route exact path="/buy-plan/:owner/:pricingName/result" render={(props) => <PaymentResultPage {...this.props} pricing={this.state.pricing} onUpdatePricing={onUpdatePricing} {...props} />} />
-          <Route exact path="/qrcode/:owner/:paymentName" render={(props) => <QrCodePage {...this.props} onUpdateApplication={onUpdateApplication} {...props} />} />
-        </Switch>
-      </div>
+      <React.Fragment>
+        <CustomHead headerHtml={this.state.application?.headerHtml} />
+        <div className="loginBackground"
+          style={{backgroundImage: Setting.inIframe() || Setting.isMobile() ? null : `url(${this.state.application?.formBackgroundUrl})`}}>
+          <Spin size="large" spinning={this.state.application === undefined && this.state.pricing === undefined} tip={i18next.t("login:Loading")}
+            style={{margin: "0 auto"}} />
+          <Switch>
+            <Route exact path="/signup" render={(props) => this.renderHomeIfLoggedIn(<SignupPage {...this.props} application={this.state.application} applicationName={authConfig.appName} onUpdateApplication={onUpdateApplication} {...props} />)} />
+            <Route exact path="/signup/:applicationName" render={(props) => this.renderHomeIfLoggedIn(<SignupPage {...this.props} application={this.state.application} onUpdateApplication={onUpdateApplication} {...props} />)} />
+            <Route exact path="/login" render={(props) => this.renderHomeIfLoggedIn(<SelfLoginPage {...this.props} application={this.state.application} onUpdateApplication={onUpdateApplication} {...props} />)} />
+            <Route exact path="/login/:owner" render={(props) => this.renderHomeIfLoggedIn(<SelfLoginPage {...this.props} application={this.state.application} onUpdateApplication={onUpdateApplication} {...props} />)} />
+            <Route exact path="/signup/oauth/authorize" render={(props) => <SignupPage {...this.props} application={this.state.application} onUpdateApplication={onUpdateApplication} {...props} />} />
+            <Route exact path="/login/oauth/authorize" render={(props) => <LoginPage {...this.props} application={this.state.application} type={"code"} mode={"signin"} onUpdateApplication={onUpdateApplication} {...props} />} />
+            <Route exact path="/login/saml/authorize/:owner/:applicationName" render={(props) => <LoginPage {...this.props} application={this.state.application} type={"saml"} mode={"signin"} onUpdateApplication={onUpdateApplication} {...props} />} />
+            <Route exact path="/forget" render={(props) => this.renderHomeIfLoggedIn(<SelfForgetPage {...this.props} application={this.state.application} onUpdateApplication={onUpdateApplication} {...props} />)} />
+            <Route exact path="/forget/:applicationName" render={(props) => this.renderHomeIfLoggedIn(<ForgetPage {...this.props} application={this.state.application} onUpdateApplication={onUpdateApplication} {...props} />)} />
+            <Route exact path="/prompt" render={(props) => this.renderLoginIfNotLoggedIn(<PromptPage {...this.props} application={this.state.application} onUpdateApplication={onUpdateApplication} {...props} />)} />
+            <Route exact path="/prompt/:applicationName" render={(props) => this.renderLoginIfNotLoggedIn(<PromptPage {...this.props} application={this.state.application} onUpdateApplication={onUpdateApplication} {...props} />)} />
+            <Route exact path="/result" render={(props) => this.renderHomeIfLoggedIn(<ResultPage {...this.props} application={this.state.application} onUpdateApplication={onUpdateApplication} {...props} />)} />
+            <Route exact path="/result/:applicationName" render={(props) => this.renderHomeIfLoggedIn(<ResultPage {...this.props} application={this.state.application} onUpdateApplication={onUpdateApplication} {...props} />)} />
+            <Route exact path="/cas/:owner/:casApplicationName/logout" render={(props) => this.renderHomeIfLoggedIn(<CasLogout {...this.props} application={this.state.application} onUpdateApplication={onUpdateApplication} {...props} />)} />
+            <Route exact path="/cas/:owner/:casApplicationName/login" render={(props) => {return (<LoginPage {...this.props} application={this.state.application} type={"cas"} mode={"signin"} onUpdateApplication={onUpdateApplication} {...props} />);}} />
+            <Route exact path="/select-plan/:owner/:pricingName" render={(props) => <PricingPage {...this.props} pricing={this.state.pricing} onUpdatePricing={onUpdatePricing} {...props} />} />
+            <Route exact path="/buy-plan/:owner/:pricingName" render={(props) => <ProductBuyPage {...this.props} pricing={this.state.pricing} onUpdatePricing={onUpdatePricing} {...props} />} />
+            <Route exact path="/buy-plan/:owner/:pricingName/result" render={(props) => <PaymentResultPage {...this.props} pricing={this.state.pricing} onUpdatePricing={onUpdatePricing} {...props} />} />
+            <Route exact path="/qrcode/:owner/:paymentName" render={(props) => <QrCodePage {...this.props} onUpdateApplication={onUpdateApplication} {...props} />} />
+          </Switch>
+        </div>
+      </React.Fragment>
    );
  }
 }
--- a/web/src/ProviderEditPage.js
+++ b/web/src/ProviderEditPage.js
@ -13,7 +13,7 @@
 // limitations under the License.

 import React from "react";
-import {Button, Card, Checkbox, Col, Input, InputNumber, Row, Select, Switch} from "antd";
+import {Button, Card, Checkbox, Col, Input, InputNumber, Radio, Row, Select, Switch} from "antd";
 import {LinkOutlined} from "@ant-design/icons";
 import * as ProviderBackend from "./backend/ProviderBackend";
 import * as OrganizationBackend from "./backend/OrganizationBackend";
@ -118,7 +118,23 @@ class ProviderEditPage extends React.Component {
      provider["cert"] = "";
      this.getCerts(value);
    }
+
    provider[key] = value;
+
+    if (provider["type"] === "WeChat") {
+      if (!provider["clientId"]) {
+        provider["signName"] = "media";
+        provider["disableSsl"] = true;
+      }
+      if (!provider["clientId2"]) {
+        provider["signName"] = "open";
+        provider["disableSsl"] = false;
+      }
+      if (!provider["disableSsl"]) {
+        provider["signName"] = "open";
+      }
+    }
+
    this.setState({
      provider: provider,
    });
@ -757,24 +773,40 @@ class ProviderEditPage extends React.Component {
        {
          this.state.provider.type !== "WeChat" ? null : (
            <React.Fragment>
+              <Row style={{marginTop: "20px"}} >
+                <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+                  {Setting.getLabel(i18next.t("provider:Use WeChat Media Platform in PC"), i18next.t("provider:Use WeChat Media Platform in PC - Tooltip"))} :
+                </Col>
+                <Col span={1} >
+                  <Switch disabled={!this.state.provider.clientId} checked={this.state.provider.disableSsl} onChange={checked => {
+                    this.updateProviderField("disableSsl", checked);
+                  }} />
+                </Col>
+              </Row>
              <Row style={{marginTop: "20px"}} >
                <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
                  {Setting.getLabel(i18next.t("token:Access token"), i18next.t("token:Access token - Tooltip"))} :
                </Col>
                <Col span={22} >
-                  <Input value={this.state.provider.content} onChange={e => {
+                  <Input value={this.state.provider.content} disabled={!this.state.provider.disableSsl || !this.state.provider.clientId2} onChange={e => {
                    this.updateProviderField("content", e.target.value);
                  }} />
                </Col>
              </Row>
              <Row style={{marginTop: "20px"}} >
                <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
-                  {Setting.getLabel(i18next.t("provider:Enable QR code"), i18next.t("provider:Enable QR code - Tooltip"))} :
+                  {Setting.getLabel(i18next.t("provider:Follow-up action"), i18next.t("provider:Follow-up action - Tooltip"))} :
                </Col>
-                <Col span={1} >
-                  <Switch checked={this.state.provider.disableSsl} onChange={checked => {
-                    this.updateProviderField("disableSsl", checked);
-                  }} />
+                <Col>
+                  <Radio.Group value={this.state.provider.signName}
+                    disabled={!this.state.provider.disableSsl || !this.state.provider.clientId || !this.state.provider.clientId2}
+                    buttonStyle="solid"
+                    onChange={e => {
+                      this.updateProviderField("signName", e.target.value);
+                    }}>
+                    <Radio.Button value="open">{i18next.t("provider:Use WeChat Open Platform to login")}</Radio.Button>
+                    <Radio.Button value="media">{i18next.t("provider:Use WeChat Media Platform to login")}</Radio.Button>
+                  </Radio.Group>
                </Col>
              </Row>
            </React.Fragment>
@ -844,7 +876,7 @@ class ProviderEditPage extends React.Component {
                </Col>
              </Row>
            )}
-            {["Custom HTTP SMS", "MinIO", "Google Cloud Storage", "Qiniu Cloud Kodo", "Synology"].includes(this.state.provider.type) ? null : (
+            {["Custom HTTP SMS", "Google Cloud Storage", "Qiniu Cloud Kodo", "Synology"].includes(this.state.provider.type) ? null : (
              <Row style={{marginTop: "20px"}} >
                <Col style={{marginTop: "5px"}} span={2}>
                  {Setting.getLabel(i18next.t("provider:Domain"), i18next.t("provider:Domain - Tooltip"))} :
--- a/web/src/RecordListPage.js
+++ b/web/src/RecordListPage.js
@ -0,0 +1,239 @@
+// Copyright 2021 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+import React from "react";
+import {Link} from "react-router-dom";
+import {Switch, Table} from "antd";
+import * as Setting from "./Setting";
+import * as RecordBackend from "./backend/RecordBackend";
+import i18next from "i18next";
+import moment from "moment";
+import BaseListPage from "./BaseListPage";
+
+class RecordListPage extends BaseListPage {
+  UNSAFE_componentWillMount() {
+    this.state.pagination.pageSize = 20;
+    const {pagination} = this.state;
+    this.fetch({pagination});
+  }
+
+  newRecord() {
+    return {
+      owner: "built-in",
+      name: "1234",
+      id: "1234",
+      clientIp: "::1",
+      timestamp: moment().format(),
+      organization: "built-in",
+      username: "admin",
+      requestUri: "/api/get-account",
+      action: "login",
+      isTriggered: false,
+    };
+  }
+
+  renderTable(records) {
+    let columns = [
+      {
+        title: i18next.t("general:Name"),
+        dataIndex: "name",
+        key: "name",
+        width: "320px",
+        sorter: true,
+        ...this.getColumnSearchProps("name"),
+      },
+      {
+        title: i18next.t("general:ID"),
+        dataIndex: "id",
+        key: "id",
+        width: "90px",
+        sorter: true,
+        ...this.getColumnSearchProps("id"),
+      },
+      {
+        title: i18next.t("general:Client IP"),
+        dataIndex: "clientIp",
+        key: "clientIp",
+        width: "150px",
+        sorter: true,
+        ...this.getColumnSearchProps("clientIp"),
+        render: (text, record, index) => {
+          return (
+            <a target="_blank" rel="noreferrer" href={`https://db-ip.com/${text}`}>
+              {text}
+            </a>
+          );
+        },
+      },
+      {
+        title: i18next.t("general:Timestamp"),
+        dataIndex: "createdTime",
+        key: "createdTime",
+        width: "180px",
+        sorter: true,
+        render: (text, record, index) => {
+          return Setting.getFormattedDate(text);
+        },
+      },
+      {
+        title: i18next.t("general:Organization"),
+        dataIndex: "organization",
+        key: "organization",
+        width: "110px",
+        sorter: true,
+        ...this.getColumnSearchProps("organization"),
+        render: (text, record, index) => {
+          return (
+            <Link to={`/organizations/${text}`}>
+              {text}
+            </Link>
+          );
+        },
+      },
+      {
+        title: i18next.t("general:User"),
+        dataIndex: "user",
+        key: "user",
+        width: "120px",
+        sorter: true,
+        ...this.getColumnSearchProps("user"),
+        render: (text, record, index) => {
+          return (
+            <Link to={`/users/${record.organization}/${record.user}`}>
+              {text}
+            </Link>
+          );
+        },
+      },
+      {
+        title: i18next.t("general:Method"),
+        dataIndex: "method",
+        key: "method",
+        width: "110px",
+        sorter: true,
+        filterMultiple: false,
+        filters: [
+          {text: "GET", value: "GET"},
+          {text: "HEAD", value: "HEAD"},
+          {text: "POST", value: "POST"},
+          {text: "PUT", value: "PUT"},
+          {text: "DELETE", value: "DELETE"},
+          {text: "CONNECT", value: "CONNECT"},
+          {text: "OPTIONS", value: "OPTIONS"},
+          {text: "TRACE", value: "TRACE"},
+          {text: "PATCH", value: "PATCH"},
+        ],
+      },
+      {
+        title: i18next.t("general:Request URI"),
+        dataIndex: "requestUri",
+        key: "requestUri",
+        // width: '300px',
+        sorter: true,
+        ...this.getColumnSearchProps("requestUri"),
+      },
+      {
+        title: i18next.t("general:Action"),
+        dataIndex: "action",
+        key: "action",
+        width: "200px",
+        sorter: true,
+        ...this.getColumnSearchProps("action"),
+        fixed: (Setting.isMobile()) ? "false" : "right",
+        render: (text, record, index) => {
+          return text;
+        },
+      },
+      {
+        title: i18next.t("record:Is triggered"),
+        dataIndex: "isTriggered",
+        key: "isTriggered",
+        width: "140px",
+        sorter: true,
+        fixed: (Setting.isMobile()) ? "false" : "right",
+        render: (text, record, index) => {
+          if (!["signup", "login", "logout", "update-user"].includes(record.action)) {
+            return null;
+          }
+
+          return (
+            <Switch disabled checkedChildren="ON" unCheckedChildren="OFF" checked={text} />
+          );
+        },
+      },
+    ];
+
+    if (Setting.isLocalAdminUser(this.props.account)) {
+      columns = columns.filter(column => column.key !== "name");
+    }
+
+    const paginationProps = {
+      total: this.state.pagination.total,
+      pageSize: this.state.pagination.pageSize,
+      showQuickJumper: true,
+      showSizeChanger: true,
+      showTotal: () => i18next.t("general:{total} in total").replace("{total}", this.state.pagination.total),
+    };
+
+    return (
+      <div>
+        <Table scroll={{x: "max-content"}} columns={columns} dataSource={records} rowKey="id" size="middle" bordered pagination={paginationProps}
+          title={() => (
+            <div>
+              {i18next.t("general:Records")}&nbsp;&nbsp;&nbsp;&nbsp;
+            </div>
+          )}
+          loading={this.state.loading}
+          onChange={this.handleTableChange}
+        />
+      </div>
+    );
+  }
+
+  fetch = (params = {}) => {
+    let field = params.searchedColumn, value = params.searchText;
+    const sortField = params.sortField, sortOrder = params.sortOrder;
+    if (params.method !== undefined && params.method !== null) {
+      field = "method";
+      value = params.method;
+    }
+    this.setState({loading: true});
+    RecordBackend.getRecords(Setting.isDefaultOrganizationSelected(this.props.account) ? "" : Setting.getRequestOrganization(this.props.account), params.pagination.current, params.pagination.pageSize, field, value, sortField, sortOrder)
+      .then((res) => {
+        this.setState({
+          loading: false,
+        });
+        if (res.status === "ok") {
+          this.setState({
+            data: res.data,
+            pagination: {
+              ...params.pagination,
+              total: res.data2,
+            },
+            searchText: params.searchText,
+            searchedColumn: params.searchedColumn,
+          });
+        } else {
+          if (res.data.includes("Please login first")) {
+            this.setState({
+              loading: false,
+              isAuthorized: false,
+            });
+          }
+        }
+      });
+  };
+}
+
+export default RecordListPage;
--- a/web/src/Setting.js
+++ b/web/src/Setting.js
@ -1164,8 +1164,8 @@ export function getLoginLink(application) {
  let url;
  if (application === null) {
    url = null;
-  } else if (!isPasswordEnabled(application) && window.location.pathname.includes("/auto-signup/oauth/authorize")) {
-    url = window.location.href.replace("/auto-signup/oauth/authorize", "/login/oauth/authorize");
+  } else if (window.location.pathname.includes("/signup/oauth/authorize")) {
+    url = window.location.href.replace("/signup/oauth/authorize", "/login/oauth/authorize");
  } else if (authConfig.appName === application.name) {
    url = "/login";
  } else if (application.signinUrl === "") {
@ -1176,11 +1176,6 @@ export function getLoginLink(application) {
  return url;
 }

-export function renderLoginLink(application, text) {
-  const url = getLoginLink(application);
-  return renderLink(url, text, null);
-}
-
 export function redirectToLoginPage(application, history) {
  const loginLink = getLoginLink(application);
  if (loginLink.startsWith("http://") || loginLink.startsWith("https://")) {
@ -1205,7 +1200,7 @@ function renderLink(url, text, onClick) {
    );
  } else if (url.startsWith("http")) {
    return (
-      <a target="_blank" rel="noopener noreferrer" style={{float: "right"}} href={url} onClick={() => {
+      <a style={{float: "right"}} href={url} onClick={() => {
        if (onClick !== null) {
          onClick();
        }
@ -1220,8 +1215,8 @@ export function renderSignupLink(application, text) {
  let url;
  if (application === null) {
    url = null;
-  } else if (!isPasswordEnabled(application) && window.location.pathname.includes("/login/oauth/authorize")) {
-    url = window.location.href.replace("/login/oauth/authorize", "/auto-signup/oauth/authorize");
+  } else if (window.location.pathname.includes("/login/oauth/authorize")) {
+    url = window.location.href.replace("/login/oauth/authorize", "/signup/oauth/authorize");
  } else if (authConfig.appName === application.name) {
    url = "/signup";
  } else {
@ -1253,7 +1248,11 @@ export function renderForgetLink(application, text) {
    }
  }

-  return renderLink(url, text, null);
+  const storeSigninUrl = () => {
+    sessionStorage.setItem("signinUrl", window.location.href);
+  };
+
+  return renderLink(url, text, storeSigninUrl);
 }

 export function renderHelmet(application) {
--- a/web/src/SyncerEditPage.js
+++ b/web/src/SyncerEditPage.js
@ -13,7 +13,7 @@
 // limitations under the License.

 import React from "react";
-import {Button, Card, Col, Input, InputNumber, Row, Select, Switch} from "antd";
+import {Button, Card, Col, Input, InputNumber, Radio, Row, Select, Switch} from "antd";
 import {LinkOutlined} from "@ant-design/icons";
 import * as SyncerBackend from "./backend/SyncerBackend";
 import * as OrganizationBackend from "./backend/OrganizationBackend";
@ -23,6 +23,7 @@ import SyncerTableColumnTable from "./table/SyncerTableColumnTable";

 import {Controlled as CodeMirror} from "react-codemirror2";
 import "codemirror/lib/codemirror.css";
+import * as CertBackend from "./backend/CertBackend";
 require("codemirror/theme/material-darker.css");
 require("codemirror/mode/javascript/javascript");

@ -32,11 +33,13 @@ class SyncerEditPage extends React.Component {
  constructor(props) {
    super(props);
    this.state = {
+      certs: [],
      classes: props,
      syncerName: props.match.params.syncerName,
      syncer: null,
      organizations: [],
      mode: props.location.mode !== undefined ? props.location.mode : "edit",
+      testDbLoading: false,
    };
  }

@ -64,12 +67,24 @@ class SyncerEditPage extends React.Component {
      });
  }

+  getCerts(owner) {
+    CertBackend.getCerts(owner)
+      .then((res) => {
+        this.setState({
+          certs: res.data || [],
+        });
+      });
+  }
+
  getOrganizations() {
    OrganizationBackend.getOrganizations("admin")
      .then((res) => {
        this.setState({
          organizations: res.data || [],
        });
+        if (res.data) {
+          this.getCerts(`${res.data.owner}/${res.data.name}`);
+        }
      });
  }

@ -228,7 +243,7 @@ class SyncerEditPage extends React.Component {
              });
            })}>
              {
-                ["Database", "LDAP", "Keycloak"]
+                ["Database", "Keycloak"]
                  .map((item, index) => <Option key={index} value={item}>{item}</Option>)
              }
            </Select>
@ -317,7 +332,7 @@ class SyncerEditPage extends React.Component {
            {Setting.getLabel(i18next.t("general:Password"), i18next.t("general:Password - Tooltip"))} :
          </Col>
          <Col span={22} >
-            <Input value={this.state.syncer.password} onChange={e => {
+            <Input.Password value={this.state.syncer.password} onChange={e => {
              this.updateSyncerField("password", e.target.value);
            }} />
          </Col>
@ -332,6 +347,88 @@ class SyncerEditPage extends React.Component {
            }} />
          </Col>
        </Row>
+        {
+          this.state.syncer.databaseType === "mysql" || this.state.syncer.databaseType === "mssql" || this.state.syncer.databaseType === "postgres" ? (
+            <Row style={{marginTop: "20px"}} >
+              <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+                {Setting.getLabel(i18next.t("general:SSH type"), i18next.t("general:SSH type - Tooltip"))} :
+              </Col>
+              <Col span={22} >
+                <Radio.Group value={this.state.syncer.sshType} buttonStyle="solid" onChange={e => {
+                  this.updateSyncerField("sshType", e.target.value);
+                }}>
+                  <Radio.Button value="">{i18next.t("general:None")}</Radio.Button>
+                  <Radio.Button value="password">{i18next.t("general:Password")}</Radio.Button>
+                  <Radio.Button value="cert">{i18next.t("general:Cert")}</Radio.Button>
+                </Radio.Group>
+              </Col>
+            </Row>
+          ) : null
+        }
+        {
+          this.state.syncer.sshType && this.state.syncer.databaseType === "mysql" || this.state.syncer.databaseType === "mssql" || this.state.syncer.databaseType === "postgres" ? (
+            <React.Fragment>
+              <Row style={{marginTop: "20px"}} >
+                <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+                  {Setting.getLabel(i18next.t("syncer:SSH host"), i18next.t("provider:Host - Tooltip"))} :
+                </Col>
+                <Col span={22} >
+                  <Input prefix={<LinkOutlined />} value={this.state.syncer.sshHost} onChange={e => {
+                    this.updateSyncerField("sshHost", e.target.value);
+                  }} />
+                </Col>
+              </Row>
+              <Row style={{marginTop: "20px"}} >
+                <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+                  {Setting.getLabel(i18next.t("syncer:SSH port"), i18next.t("provider:Port - Tooltip"))} :
+                </Col>
+                <Col span={22} >
+                  <InputNumber value={this.state.syncer.sshPort} onChange={value => {
+                    this.updateSyncerField("sshPort", value);
+                  }} />
+                </Col>
+              </Row>
+              <Row style={{marginTop: "20px"}} >
+                <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+                  {Setting.getLabel(i18next.t("syncer:SSH user"), i18next.t("general:User - Tooltip"))} :
+                </Col>
+                <Col span={22} >
+                  <Input value={this.state.syncer.sshUser} onChange={e => {
+                    this.updateSyncerField("sshUser", e.target.value);
+                  }} />
+                </Col>
+              </Row>
+              {
+                this.state.syncer.sshType === "password" && (this.state.syncer.databaseType === "mysql" || this.state.syncer.databaseType === "mssql" || this.state.syncer.databaseType === "postgres") ?
+                  (
+                    <Row style={{marginTop: "20px"}} >
+                      <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+                        {Setting.getLabel(i18next.t("syncer:SSH password"), i18next.t("general:Password - Tooltip"))} :
+                      </Col>
+                      <Col span={22} >
+                        <Input.Password value={this.state.syncer.sshPassword} onChange={e => {
+                          this.updateSyncerField("ssh " + "sshPassword", e.target.value);
+                        }} />
+                      </Col>
+                    </Row>
+                  ) : (
+                    <Row style={{marginTop: "20px"}} >
+                      <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+                        {Setting.getLabel(i18next.t("general:SSH cert"), i18next.t("general:Cert - Tooltip"))} :
+                      </Col>
+                      <Col span={22} >
+                        <Select virtual={false} style={{width: "100%"}} value={this.state.syncer.cert} onChange={(value => {this.updateSyncerField("cert", value);})}>
+                          {
+                            this.state?.certs.map((cert, index) => <Option key={index} value={cert.name}>{cert.name}</Option>)
+                          }
+                        </Select>
+                      </Col>
+                    </Row>
+                  )
+              }
+            </React.Fragment>
+          ) : null
+        }
        <Row style={{marginTop: "20px"}} >
          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
            {Setting.getLabel(i18next.t("syncer:Table"), i18next.t("syncer:Table - Tooltip"))} :
@ -343,6 +440,31 @@ class SyncerEditPage extends React.Component {
              }} />
          </Col>
        </Row>
+        <Row style={{marginTop: "20px"}} >
+          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+            {Setting.getLabel(i18next.t("provider:DB test"), i18next.t("provider:DB test - Tooltip"))} :
+          </Col>
+          <Col span={2} >
+            <Button type={"primary"} loading={this.state.testDbLoading} onClick={() => {
+              this.setState({testDbLoading: true});
+              SyncerBackend.testSyncerDb(this.state.syncer)
+                .then((res) => {
+                  if (res.status === "ok") {
+                    this.setState({testDbLoading: false});
+                    Setting.showMessage("success", i18next.t("syncer:Connect successfully"));
+                  } else {
+                    this.setState({testDbLoading: false});
+                    Setting.showMessage("error", i18next.t("syncer:Failed to connect") + ": " + res.msg);
+                  }
+                })
+                .catch(error => {
+                  this.setState({testDbLoading: false});
+                  Setting.showMessage("error", `${i18next.t("general:Failed to connect to server")}: ${error}`);
+                });
+            }
+            }>{i18next.t("syncer:Test DB Connection")}</Button>
+          </Col>
+        </Row>
        <Row style={{marginTop: "20px"}} >
          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
            {Setting.getLabel(i18next.t("syncer:Table columns"), i18next.t("syncer:Table columns - Tooltip"))} :
--- a/web/src/UserEditPage.js
+++ b/web/src/UserEditPage.js
@ -13,7 +13,7 @@
 // limitations under the License.

 import React from "react";
-import {Button, Card, Col, Input, InputNumber, List, Result, Row, Select, Space, Spin, Switch, Tag} from "antd";
+import {Button, Card, Col, Form, Input, InputNumber, List, Result, Row, Select, Space, Spin, Switch, Tag} from "antd";
 import {withRouter} from "react-router-dom";
 import {TotpMfaType} from "./auth/MfaSetupPage";
 import * as GroupBackend from "./backend/GroupBackend";
@ -1016,17 +1016,27 @@ class UserEditPage extends React.Component {
          </div>
        )
      } style={(Setting.isMobile()) ? {margin: "5px"} : {}} type="inner">
-        {
-          this.getUserOrganization()?.accountItems?.map(accountItem => {
-            return (
-              <React.Fragment key={accountItem.name}>
-                {
-                  this.renderAccountItem(accountItem)
-                }
-              </React.Fragment>
-            );
-          })
-        }
+        <Form>
+          {
+            this.getUserOrganization()?.accountItems?.map(accountItem => {
+              return (
+                <React.Fragment key={accountItem.name}>
+                  <Form.Item name={accountItem.name}
+                    validateTrigger="onChange"
+                    rules={[
+                      {
+                        pattern: accountItem.regex ? new RegExp(accountItem.regex, "g") : null,
+                        message: i18next.t("user:This field value doesn't match the pattern rule"),
+                      },
+                    ]}
+                    style={{margin: 0}}>
+                    {this.renderAccountItem(accountItem)}
+                  </Form.Item>
+                </React.Fragment>
+              );
+            })
+          }
+        </Form>
      </Card>
    );
  }
--- a/web/src/auth/ForgetPage.js
+++ b/web/src/auth/ForgetPage.js
@ -47,6 +47,7 @@ class ForgetPage extends React.Component {

    this.form = React.createRef();
  }
+
  componentDidMount() {
    if (this.getApplicationObj() === undefined) {
      if (this.state.applicationName !== undefined) {
@ -153,7 +154,12 @@ class ForgetPage extends React.Component {
    values.userOwner = this.getApplicationObj()?.organizationObj.name;
    UserBackend.setPassword(values.userOwner, values.username, "", values?.newPassword, this.state.code).then(res => {
      if (res.status === "ok") {
-        Setting.redirectToLoginPage(this.getApplicationObj(), this.props.history);
+        const linkInStorage = sessionStorage.getItem("signinUrl");
+        if (linkInStorage !== null && linkInStorage !== "") {
+          Setting.goToLink(linkInStorage);
+        } else {
+          Setting.redirectToLoginPage(this.getApplicationObj(), this.props.history);
+        }
      } else {
        Setting.showMessage("error", res.msg);
      }
--- a/web/src/auth/LoginPage.js
+++ b/web/src/auth/LoginPage.js
@ -13,7 +13,7 @@
 // limitations under the License.

 import React from "react";
-import {Button, Checkbox, Col, Form, Input, Result, Row, Spin, Tabs} from "antd";
+import {Button, Checkbox, Col, Form, Input, Result, Spin, Tabs} from "antd";
 import {ArrowLeftOutlined, LockOutlined, UserOutlined} from "@ant-design/icons";
 import {withRouter} from "react-router-dom";
 import * as UserWebauthnBackend from "../backend/UserWebauthnBackend";
@ -32,11 +32,11 @@ import i18next from "i18next";
 import CustomGithubCorner from "../common/CustomGithubCorner";
 import {SendCodeInput} from "../common/SendCodeInput";
 import LanguageSelect from "../common/select/LanguageSelect";
-import {CaptchaModal} from "../common/modal/CaptchaModal";
-import {CaptchaRule} from "../common/modal/CaptchaModal";
+import {CaptchaModal, CaptchaRule} from "../common/modal/CaptchaModal";
 import RedirectForm from "../common/RedirectForm";
 import {MfaAuthVerifyForm, NextMfa, RequiredMfa} from "./mfa/MfaAuthVerifyForm";
 import {GoogleOneTapLoginVirtualButton} from "./GoogleLoginButton";
+
 class LoginPage extends React.Component {
  constructor(props) {
    super(props);
@ -494,6 +494,200 @@ class LoginPage extends React.Component {
    return null;
  }

+  renderFormItem(application, signinItem) {
+    if (!signinItem.visible && signinItem.name !== "Forgot password?") {
+      return null;
+    }
+
+    if (signinItem.name === "Logo") {
+      return (
+        <div className="login-logo-box">
+          <div dangerouslySetInnerHTML={{__html: signinItem.label}} />
+          {
+            Setting.renderHelmet(application)
+          }
+          {
+            Setting.renderLogo(application)
+          }
+        </div>
+      );
+    } else if (signinItem.name === "Back button") {
+      return (
+        <div>
+          <div dangerouslySetInnerHTML={{__html: signinItem.label}} />
+          {
+            this.renderBackButton()
+          }
+        </div>
+      );
+    } else if (signinItem.name === "Languages") {
+      return (
+        <div className="login-languages">
+          <div dangerouslySetInnerHTML={{__html: signinItem.label}} />
+          <LanguageSelect languages={application.organizationObj.languages} />
+        </div>
+      );
+    } else if (signinItem.name === "Signin methods") {
+      return (
+        <div>
+          <div dangerouslySetInnerHTML={{__html: signinItem.label}} />
+          {this.renderMethodChoiceBox()}
+        </div>
+      )
+      ;
+    } else if (signinItem.name === "Username") {
+      return (
+        <div className="login-username">
+          <div dangerouslySetInnerHTML={{__html: signinItem.label}} />
+          <Form.Item
+            name="username"
+            rules={[
+              {
+                required: true,
+                message: () => {
+                  switch (this.state.loginMethod) {
+                  case "verificationCodeEmail":
+                    return i18next.t("login:Please input your Email!");
+                  case "verificationCodePhone":
+                    return i18next.t("login:Please input your Phone!");
+                  case "ldap":
+                    return i18next.t("login:Please input your LDAP username!");
+                  default:
+                    return i18next.t("login:Please input your Email or Phone!");
+                  }
+                },
+              },
+              {
+                validator: (_, value) => {
+                  if (value === "") {
+                    return Promise.resolve();
+                  }
+
+                  if (this.state.loginMethod === "verificationCode") {
+                    if (!Setting.isValidEmail(value) && !Setting.isValidPhone(value)) {
+                      this.setState({validEmailOrPhone: false});
+                      return Promise.reject(i18next.t("login:The input is not valid Email or phone number!"));
+                    }
+
+                    if (Setting.isValidEmail(value)) {
+                      this.setState({validEmail: true});
+                    } else {
+                      this.setState({validEmail: false});
+                    }
+                  } else if (this.state.loginMethod === "verificationCodeEmail") {
+                    if (!Setting.isValidEmail(value)) {
+                      this.setState({validEmail: false});
+                      this.setState({validEmailOrPhone: false});
+                      return Promise.reject(i18next.t("login:The input is not valid Email!"));
+                    } else {
+                      this.setState({validEmail: true});
+                    }
+                  } else if (this.state.loginMethod === "verificationCodePhone") {
+                    if (!Setting.isValidPhone(value)) {
+                      this.setState({validEmailOrPhone: false});
+                      return Promise.reject(i18next.t("login:The input is not valid phone number!"));
+                    }
+                  }
+
+                  this.setState({validEmailOrPhone: true});
+                  return Promise.resolve();
+                },
+              },
+            ]}
+          >
+
+            <Input
+              id="input"
+              prefix={<UserOutlined className="site-form-item-icon" />}
+              placeholder={this.getPlaceholder()}
+              onChange={e => {
+                this.setState({
+                  username: e.target.value,
+                });
+              }}
+            />
+          </Form.Item>
+        </div>
+      );
+    } else if (signinItem.name === "Password") {
+      return (
+        <div>
+          <div dangerouslySetInnerHTML={{__html: signinItem.label}} />
+          {this.renderPasswordOrCodeInput()}
+        </div>
+      );
+    } else if (signinItem.name === "Forgot password?") {
+      return (
+        <div>
+          <div dangerouslySetInnerHTML={{__html: signinItem.label}} />
+          <div className="login-forget-password">
+            <Form.Item name="autoSignin" valuePropName="checked" noStyle>
+              <Checkbox style={{float: "left"}}>
+                {i18next.t("login:Auto sign in")}
+              </Checkbox>
+            </Form.Item>
+            {
+              signinItem.visible ? Setting.renderForgetLink(application, i18next.t("login:Forgot password?")) : null
+            }
+          </div>
+        </div>
+      );
+    } else if (signinItem.name === "Agreement") {
+      return AgreementModal.isAgreementRequired(application) ? AgreementModal.renderAgreementFormItem(application, true, {}, this) : null;
+    } else if (signinItem.name === "Login button") {
+      return (
+        <Form.Item className="login-button-box">
+          <div dangerouslySetInnerHTML={{__html: signinItem.label}} />
+          <Button
+            type="primary"
+            htmlType="submit"
+            className="login-button"
+          >
+            {
+              this.state.loginMethod === "webAuthn" ? i18next.t("login:Sign in with WebAuthn") :
+                i18next.t("login:Sign In")
+            }
+          </Button>
+          {
+            this.renderCaptchaModal(application)
+          }
+        </Form.Item>
+      );
+    } else if (signinItem.name === "Providers") {
+      const showForm = Setting.isPasswordEnabled(application) || Setting.isCodeSigninEnabled(application) || Setting.isWebAuthnEnabled(application) || Setting.isLdapEnabled(application);
+      if (signinItem.rule === "None" || signinItem.rule === "") {
+        signinItem.rule = showForm ? "small" : "big";
+      }
+
+      return (
+        <div>
+          <div dangerouslySetInnerHTML={{__html: signinItem.label}} />
+          <Form.Item>
+            {
+              application.providers.filter(providerItem => this.isProviderVisible(providerItem)).map(providerItem => {
+                return ProviderButton.renderProviderLogo(providerItem.provider, application, null, null, signinItem.rule, this.props.location);
+              })
+            }
+            {
+              this.renderOtherFormProvider(application)
+            }
+          </Form.Item>
+        </div>
+      );
+    } else if (signinItem.name.startsWith("Text ") || signinItem?.isCustom) {
+      return (
+        <div dangerouslySetInnerHTML={{__html: signinItem.label}} />
+      );
+    } else if (signinItem.name === "Signup link") {
+      return (
+        <div style={{width: "100%"}} className="login-signup-link">
+          <div dangerouslySetInnerHTML={{__html: signinItem.label}} />
+          {this.renderFooter(application)}
+        </div>
+      );
+    }
+  }
+
  renderForm(application) {
    if (this.state.msg !== null) {
      return Util.renderMessage(this.state.msg);
@ -569,116 +763,10 @@ class LoginPage extends React.Component {
            ]}
          >
          </Form.Item>
-          {this.renderMethodChoiceBox()}
-          <Row style={{minHeight: 130, alignItems: "center"}}>
-            <Col span={24}>
-              <Form.Item
-                name="username"
-                rules={[
-                  {
-                    required: true,
-                    message: () => {
-                      switch (this.state.loginMethod) {
-                      case "verificationCodeEmail": return i18next.t("login:Please input your Email!");
-                      case "verificationCodePhone": return i18next.t("login:Please input your Phone!");
-                      case "ldap": return i18next.t("login:Please input your LDAP username!");
-                      default: return i18next.t("login:Please input your Email or Phone!");
-                      }
-                    },
-                  },
-                  {
-                    validator: (_, value) => {
-                      if (value === "") {
-                        return Promise.resolve();
-                      }

-                      if (this.state.loginMethod === "verificationCode") {
-                        if (!Setting.isValidEmail(value) && !Setting.isValidPhone(value)) {
-                          this.setState({validEmailOrPhone: false});
-                          return Promise.reject(i18next.t("login:The input is not valid Email or phone number!"));
-                        }
-
-                        if (Setting.isValidEmail(value)) {
-                          this.setState({validEmail: true});
-                        } else {
-                          this.setState({validEmail: false});
-                        }
-                      } else if (this.state.loginMethod === "verificationCodeEmail") {
-                        if (!Setting.isValidEmail(value)) {
-                          this.setState({validEmail: false});
-                          this.setState({validEmailOrPhone: false});
-                          return Promise.reject(i18next.t("login:The input is not valid Email!"));
-                        } else {
-                          this.setState({validEmail: true});
-                        }
-                      } else if (this.state.loginMethod === "verificationCodePhone") {
-                        if (!Setting.isValidPhone(value)) {
-                          this.setState({validEmailOrPhone: false});
-                          return Promise.reject(i18next.t("login:The input is not valid phone number!"));
-                        }
-                      }
-
-                      this.setState({validEmailOrPhone: true});
-                      return Promise.resolve();
-                    },
-                  },
-                ]}
-              >
-                <Input
-                  id="input"
-                  prefix={<UserOutlined className="site-form-item-icon" />}
-                  placeholder={this.getPlaceholder()}
-                  onChange={e => {
-                    this.setState({
-                      username: e.target.value,
-                    });
-                  }}
-                />
-              </Form.Item>
-            </Col>
-            {
-              this.renderPasswordOrCodeInput()
-            }
-          </Row>
-          <div style={{display: "inline-flex", justifyContent: "space-between", width: "320px", marginBottom: AgreementModal.isAgreementRequired(application) ? "5px" : "25px"}}>
-            <Form.Item name="autoSignin" valuePropName="checked" noStyle>
-              <Checkbox style={{float: "left"}}>
-                {i18next.t("login:Auto sign in")}
-              </Checkbox>
-            </Form.Item>
-            {
-              Setting.renderForgetLink(application, i18next.t("login:Forgot password?"))
-            }
-          </div>
-          {AgreementModal.isAgreementRequired(application) ? AgreementModal.renderAgreementFormItem(application, true, {}, this) : null}
-          <Form.Item>
-            <Button
-              type="primary"
-              htmlType="submit"
-              style={{width: "100%", marginBottom: "5px"}}
-            >
-              {
-                this.state.loginMethod === "webAuthn" ? i18next.t("login:Sign in with WebAuthn") :
-                  i18next.t("login:Sign In")
-              }
-            </Button>
-            {
-              this.renderCaptchaModal(application)
-            }
-            {
-              this.renderFooter(application)
-            }
-          </Form.Item>
-          <Form.Item>
-            {
-              application.providers.filter(providerItem => this.isProviderVisible(providerItem)).map(providerItem => {
-                return ProviderButton.renderProviderLogo(providerItem.provider, application, 30, 5, "small", this.props.location);
-              })
-            }
-            {
-              this.renderOtherFormProvider(application)
-            }
-          </Form.Item>
+          {
+            application.signinItems?.map(signinItem => this.renderFormItem(application, signinItem))
+          }
        </Form>
      );
    } else {
@ -695,19 +783,8 @@ class LoginPage extends React.Component {
          </div>
          <br />
          {
-            application.providers?.filter(providerItem => this.isProviderVisible(providerItem)).map(providerItem => {
-              return ProviderButton.renderProviderLogo(providerItem.provider, application, 40, 10, "big", this.props.location);
-            })
+            application?.signinItems.map(signinItem => signinItem.name === "Providers" || signinItem.name === "Signup link" ? this.renderFormItem(application, signinItem) : null)
          }
-          {
-            this.renderOtherFormProvider(application)
-          }
-          <div>
-            <br />
-            {
-              this.renderFooter(application)
-            }
-          </div>
        </div>
      );
    }
@ -760,7 +837,7 @@ class LoginPage extends React.Component {

  renderFooter(application) {
    return (
-      <span style={{float: "right"}}>
+      <div>
        {
          !application.enableSignUp ? null : (
            <React.Fragment>
@ -771,7 +848,7 @@ class LoginPage extends React.Component {
            </React.Fragment>
          )
        }
-      </span>
+      </div>
    );
  }

@ -889,33 +966,37 @@ class LoginPage extends React.Component {
    if (this.state.loginMethod === "password" || this.state.loginMethod === "ldap") {
      return (
        <Col span={24}>
-          <Form.Item
-            name="password"
-            rules={[{required: true, message: i18next.t("login:Please input your password!")}]}
-          >
-            <Input.Password
-              prefix={<LockOutlined className="site-form-item-icon" />}
-              type="password"
-              placeholder={i18next.t("general:Password")}
-              disabled={this.state.loginMethod === "password" ? !Setting.isPasswordEnabled(application) : !Setting.isLdapEnabled(application)}
-            />
-          </Form.Item>
+          <div className="login-password">
+            <Form.Item
+              name="password"
+              rules={[{required: true, message: i18next.t("login:Please input your password!")}]}
+            >
+              <Input.Password
+                prefix={<LockOutlined className="site-form-item-icon" />}
+                type="password"
+                placeholder={i18next.t("general:Password")}
+                disabled={this.state.loginMethod === "password" ? !Setting.isPasswordEnabled(application) : !Setting.isLdapEnabled(application)}
+              />
+            </Form.Item>
+          </div>
        </Col>
      );
    } else if (this.state.loginMethod?.includes("verificationCode")) {
      return (
        <Col span={24}>
-          <Form.Item
-            name="code"
-            rules={[{required: true, message: i18next.t("login:Please input your code!")}]}
-          >
-            <SendCodeInput
-              disabled={this.state.username?.length === 0 || !this.state.validEmailOrPhone}
-              method={"login"}
-              onButtonClickArgs={[this.state.username, this.state.validEmail ? "email" : "phone", Setting.getApplicationName(application)]}
-              application={application}
-            />
-          </Form.Item>
+          <div className="login-password">
+            <Form.Item
+              name="code"
+              rules={[{required: true, message: i18next.t("login:Please input your code!")}]}
+            >
+              <SendCodeInput
+                disabled={this.state.username?.length === 0 || !this.state.validEmailOrPhone}
+                method={"login"}
+                onButtonClickArgs={[this.state.username, this.state.validEmail ? "email" : "phone", Setting.getApplicationName(application)]}
+                application={application}
+              />
+            </Form.Item>
+          </div>
        </Col>
      );
    } else {
@ -952,7 +1033,7 @@ class LoginPage extends React.Component {
    if (items.length > 1) {
      return (
        <div>
-          <Tabs items={items} size={"small"} defaultActiveKey={this.getDefaultLoginMethod(application)} onChange={(key) => {
+          <Tabs className="signin-methods" items={items} size={"small"} defaultActiveKey={this.getDefaultLoginMethod(application)} onChange={(key) => {
            this.setState({loginMethod: key});
          }} centered>
          </Tabs>
@ -1047,10 +1128,10 @@ class LoginPage extends React.Component {
  }

  renderBackButton() {
-    if (this.state.orgChoiceMode === "None") {
+    if (this.state.orgChoiceMode === "None" || this.props.preview === "auto") {
      return (
        <Button type="text" size="large" icon={<ArrowLeftOutlined />}
-          style={{top: "65px", left: "15px", position: "absolute"}}
+          className="back-button"
          onClick={() => history.back()}>
        </Button>
      );
@ -1099,16 +1180,6 @@ class LoginPage extends React.Component {
            <div className="login-form">
              <div>
                <div>
-                  {
-                    Setting.renderHelmet(application)
-                  }
-                  {
-                    Setting.renderLogo(application)
-                  }
-                  {
-                    this.renderBackButton()
-                  }
-                  <LanguageSelect languages={application.organizationObj.languages} style={{top: "55px", right: "5px", position: "absolute"}} />
                  {
                    this.renderLoginPanel(application)
                  }
--- a/web/src/auth/Provider.js
+++ b/web/src/auth/Provider.js
@ -377,7 +377,7 @@ export function getProviderLogoWidget(provider) {
  }
 }

-export function getAuthUrl(application, provider, method) {
+export function getAuthUrl(application, provider, method, code) {
  if (application === null || provider === null) {
    return "";
  }
@ -418,6 +418,9 @@ export function getAuthUrl(application, provider, method) {
    if (navigator.userAgent.includes("MicroMessenger")) {
      return `${authInfo[provider.type].mpEndpoint}?appid=${provider.clientId2}&redirect_uri=${redirectUri}&state=${state}&scope=${authInfo[provider.type].mpScope}&response_type=code#wechat_redirect`;
    } else {
+      if (provider.clientId2 && provider?.disableSsl && provider?.signName === "media") {
+        return `${window.location.origin}/callback?state=${state}&code=${"wechat_oa:" + code}`;
+      }
      return `${endpoint}?appid=${provider.clientId}&redirect_uri=${redirectUri}&scope=${scope}&response_type=code&state=${state}#wechat_redirect`;
    }
  } else if (provider.type === "WeCom") {
--- a/web/src/auth/ProviderButton.js
+++ b/web/src/auth/ProviderButton.js
@ -159,26 +159,26 @@ export function renderProviderLogo(provider, application, width, margin, size, l
        };
        return (
          <a key={provider.displayName} >
-            <img width={width} height={width} src={getProviderLogoURL(provider)} alt={provider.displayName} style={{margin: margin}} onClick={info} />
+            <img width={width} height={width} src={getProviderLogoURL(provider)} alt={provider.displayName} className="provider-img" style={{margin: margin}} onClick={info} />
          </a>
        );
      } else {
        return (
          <a key={provider.displayName} href={Provider.getAuthUrl(application, provider, "signup")}>
-            <img width={width} height={width} src={getProviderLogoURL(provider)} alt={provider.displayName} style={{margin: margin}} />
+            <img width={width} height={width} src={getProviderLogoURL(provider)} alt={provider.displayName} className="provider-img" style={{margin: margin}} />
          </a>
        );
      }
    } else if (provider.category === "SAML") {
      return (
        <a key={provider.displayName} onClick={() => goToSamlUrl(provider, location)}>
-          <img width={width} height={width} src={getProviderLogoURL(provider)} alt={provider.displayName} style={{margin: margin}} />
+          <img width={width} height={width} src={getProviderLogoURL(provider)} alt={provider.displayName} className="provider-img" style={{margin: margin}} />
        </a>
      );
    } else if (provider.category === "Web3") {
      return (
        <a key={provider.displayName} onClick={() => goToWeb3Url(application, provider, "signup")}>
-          <img width={width} height={width} src={getProviderLogoURL(provider)} alt={provider.displayName} style={{margin: margin}} />
+          <img width={width} height={width} src={getProviderLogoURL(provider)} alt={provider.displayName} className="provider-img" style={{margin: margin}} />
        </a>
      );
    }
@ -193,7 +193,7 @@ export function renderProviderLogo(provider, application, width, margin, size, l
      return (
        <a key={provider.displayName} href={Provider.getAuthUrl(application, provider, "signup")} style={customAStyle}>
          <button style={customButtonStyle}>
-            <img width={26} src={getProviderLogoURL(provider)} alt={provider.displayName} style={customImgStyle} />
+            <img width={26} src={getProviderLogoURL(provider)} alt={provider.displayName} className="provider-img" style={customImgStyle} />
            <span style={customSpanStyle}>{text}</span>
          </button>
        </a>
@ -202,7 +202,7 @@ export function renderProviderLogo(provider, application, width, margin, size, l
      return (
        <a key={provider.displayName} onClick={() => goToSamlUrl(provider, location)} style={customAStyle}>
          <button style={customButtonStyle}>
-            <img width={26} src={getProviderLogoURL(provider)} alt={provider.displayName} style={customImgStyle} />
+            <img width={26} src={getProviderLogoURL(provider)} alt={provider.displayName} className="provider-img" style={customImgStyle} />
            <span style={customSpanStyle}>{text}</span>
          </button>
        </a>
@ -212,7 +212,7 @@ export function renderProviderLogo(provider, application, width, margin, size, l
    // big button, for disable password signin
    if (provider.category === "SAML") {
      return (
-        <div key={provider.displayName} style={{marginBottom: "10px"}}>
+        <div key={provider.displayName} className="provider-big-img">
          <a onClick={() => goToSamlUrl(provider, location)}>
            {
              getSigninButton(provider)
@ -222,7 +222,7 @@ export function renderProviderLogo(provider, application, width, margin, size, l
      );
    } else if (provider.category === "Web3") {
      return (
-        <div key={provider.displayName} style={{marginBottom: "10px"}}>
+        <div key={provider.displayName} className="provider-big-img">
          <a onClick={() => goToWeb3Url(application, provider, "signup")}>
            {
              getSigninButton(provider)
@ -232,7 +232,7 @@ export function renderProviderLogo(provider, application, width, margin, size, l
      );
    } else {
      return (
-        <div key={provider.displayName} style={{marginBottom: "10px"}}>
+        <div key={provider.displayName} className="provider-big-img">
          <a href={Provider.getAuthUrl(application, provider, "signup")}>
            {
              getSigninButton(provider)
--- a/web/src/auth/Util.js
+++ b/web/src/auth/Util.js
@ -192,7 +192,8 @@ export function getEvent(application, provider, ticket) {
  getWechatMessageEvent(ticket)
    .then(res => {
      if (res.data === "SCAN" || res.data === "subscribe") {
-        Setting.goToLink(Provider.getAuthUrl(application, provider, "signup"));
+        const code = res?.data2;
+        Setting.goToLink(Provider.getAuthUrl(application, provider, "signup", code));
      }
    });
 }
--- a/web/src/backend/RecordBackend.js
+++ b/web/src/backend/RecordBackend.js
@ -0,0 +1,25 @@
+// Copyright 2021 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+import * as Setting from "../Setting";
+
+export function getRecords(organizationName, page, pageSize, field = "", value = "", sortField = "", sortOrder = "") {
+  return fetch(`${Setting.ServerUrl}/api/get-records?organizationName=${organizationName}&pageSize=${pageSize}&p=${page}&field=${field}&value=${value}&sortField=${sortField}&sortOrder=${sortOrder}`, {
+    method: "GET",
+    credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
+  }).then(res => res.json());
+}
--- a/web/src/backend/SyncerBackend.js
+++ b/web/src/backend/SyncerBackend.js
@ -58,6 +58,18 @@ export function addSyncer(syncer) {
  }).then(res => res.json());
 }

+export function testSyncerDb(syncer) {
+  const newSyncer = Setting.deepCopy(syncer);
+  return fetch(`${Setting.ServerUrl}/api/test-syncer-db`, {
+    method: "POST",
+    credentials: "include",
+    body: JSON.stringify(newSyncer),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
+  }).then(res => res.json());
+}
+
 export function deleteSyncer(syncer) {
  const newSyncer = Setting.deepCopy(syncer);
  return fetch(`${Setting.ServerUrl}/api/delete-syncer`, {
--- a/web/src/basic/CustomHead.js
+++ b/web/src/basic/CustomHead.js
@ -0,0 +1,40 @@
+// Copyright 2024 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+import {useEffect} from "react";
+
+function CustomHead(props) {
+  useEffect(() => {
+    const suffix = new Date().getTime().toString();
+
+    if (!props.headerHtml) {return;}
+    const node = document.createElement("div");
+    node.innerHTML = props.headerHtml;
+
+    node.childNodes.forEach(el => {
+      el.setAttribute("app-custom-head" + suffix, "");
+      document.head.appendChild(el);
+    });
+
+    return () => {
+      for (const el of document.head.children) {
+        if (el.getAttribute("app-custom-head" + suffix) !== null) {
+          document.head.removeChild(el);
+        }
+      }
+    };
+  });
+}
+
+export default CustomHead;
--- a/web/src/common/modal/AgreementModal.js
+++ b/web/src/common/modal/AgreementModal.js
@ -81,6 +81,7 @@ export function renderAgreementFormItem(application, required, layout, ths) {
      name="agreement"
      key="agreement"
      valuePropName="checked"
+      className="login-agreement"
      rules={[
        {
          required: required,
--- a/web/src/locales/ar/data.json
+++ b/web/src/locales/ar/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "When a logged-in session exists in Casdoor, it is automatically used for application-side login",
    "Background URL": "Background URL",
    "Background URL - Tooltip": "URL of the background image used in the login page",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "Center",
    "Copy SAML metadata URL": "Copy SAML metadata URL",
    "Copy prompt page URL": "Copy prompt page URL",
@ -60,6 +62,9 @@
    "Form position - Tooltip": "Location of the signup, signin and forget password forms",
    "Grant types": "Grant types",
    "Grant types - Tooltip": "Select which grant types are allowed in the OAuth protocol",
+    "Header HTML": "Header HTML",
+    "Header HTML - Edit": "Header HTML - Edit",
+    "Header HTML - Tooltip": "Custom the head tag of your application entry page",
    "Incremental": "Incremental",
    "Input": "Input",
    "Invitation code": "Invitation code",
@ -95,11 +100,14 @@
    "Sign Up Error": "Sign Up Error",
    "Signin": "Signin",
    "Signin (Default True)": "Signin (Default True)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Signin session",
    "Signup items": "Signup items",
    "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "The application does not allow to sign up new account",
    "Token expire": "Token expire",
@ -169,6 +177,7 @@
    "Adapter - Tooltip": "Table name of the policy store",
    "Adapters": "Adapters",
    "Add": "Add",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "Affiliation URL",
    "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
@ -190,6 +199,7 @@
    "Cert - Tooltip": "The public key certificate that needs to be verified by the client SDK corresponding to this application",
    "Certs": "Certs",
    "Click to Upload": "Click to Upload",
+    "Client IP": "Client IP",
    "Close": "Close",
    "Confirm": "Confirm",
    "Copied to clipboard successfully": "Copied to clipboard successfully",
@ -307,6 +317,7 @@
    "Providers - Tooltip": "Providers to be configured, including 3rd-party login, object storage, verification code, etc.",
    "Real name": "Real name",
    "Records": "Records",
+    "Request URI": "Request URI",
    "Resources": "Resources",
    "Role": "Role",
    "Role - Tooltip": "Role - Tooltip",
@ -316,6 +327,9 @@
    "Root cert - Tooltip": "Root cert - Tooltip",
    "SAML attributes": "SAML attributes",
    "SAML attributes - Tooltip": "SAML attributes - Tooltip",
+    "SSH cert": "SSH cert",
+    "SSH type": "SSH type",
+    "SSH type - Tooltip": "The auth type of SSH connection",
    "Save": "Save",
    "Save & Exit": "Save & Exit",
    "Session ID": "Session ID",
@ -327,6 +341,7 @@
    "Signup URL - Tooltip": "Custom URL for the registration page. If not set, the default Casdoor registration page will be used. When set, the registration links on various Casdoor pages will redirect to this URL",
    "Signup application": "Signup application",
    "Signup application - Tooltip": "Which application the user registered through when they signed up",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Sorry, the page you visited does not exist.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Sorry, the user you visited does not exist or you are not authorized to access this user.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "Sorry, you do not have permission to access this page or logged in status invalid.",
@ -350,6 +365,7 @@
    "System Info": "System Info",
    "There was a problem signing you in..": "There was a problem signing you in..",
    "This is a read-only demo site!": "This is a read-only demo site!",
+    "Timestamp": "Timestamp",
    "Tokens": "Tokens",
    "Type": "Type",
    "Type - Tooltip": "Type - Tooltip",
@ -431,6 +447,7 @@
  },
  "login": {
    "Auto sign in": "Auto sign in",
+    "Back button": "Back button",
    "Continue with": "Continue with",
    "Email": "Email",
    "Email or phone": "Email or phone",
@ -441,6 +458,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Loading",
    "Logging out...": "Logging out...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "No account?",
    "Or sign in with another account": "Or sign in with another account",
@ -725,11 +743,11 @@
    "Email content - Tooltip": "Content of the Email",
    "Email title": "Email title",
    "Email title - Tooltip": "Title of the email",
-    "Enable QR code": "Enable QR code",
-    "Enable QR code - Tooltip": "Whether to allow scanning QR code to login",
    "Endpoint": "Endpoint",
    "Endpoint (Intranet)": "Endpoint (Intranet)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "Email address of \"From\"",
    "From name": "From name",
@ -835,6 +853,10 @@
    "Token URL - Tooltip": "Token URL",
    "Type": "Type",
    "Type - Tooltip": "Select a type",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
@ -845,6 +867,9 @@
    "Wallets - Tooltip": "Wallets - Tooltip",
    "admin (Shared)": "admin (Shared)"
  },
+  "record": {
+    "Is triggered": "Is triggered"
+  },
  "resource": {
    "Copy Link": "Copy Link",
    "File name": "File name",
@ -945,6 +970,10 @@
    "Is read-only": "Is read-only",
    "Is read-only - Tooltip": "Is read-only - Tooltip",
    "New Syncer": "New Syncer",
+    "SSH host": "SSH host",
+    "SSH password": "SSH password",
+    "SSH port": "SSH port",
+    "SSH user": "SSH user",
    "SSL mode": "SSL mode",
    "SSL mode - Tooltip": "SSL mode - Tooltip",
    "Sync interval": "Sync interval",
@ -1085,6 +1114,7 @@
    "The password must have at least 6 characters": "The password must have at least 6 characters",
    "The password must have at least 8 characters": "The password must have at least 8 characters",
    "The password must not contain any repeated characters": "The password must not contain any repeated characters",
+    "This field value doesn't match the pattern rule": "This field value doesn't match the pattern rule",
    "Title": "Title",
    "Title - Tooltip": "Position in the affiliation",
    "Two passwords you typed do not match.": "Two passwords you typed do not match.",
--- a/web/src/locales/de/data.json
+++ b/web/src/locales/de/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "Wenn eine angemeldete Session in Casdoor vorhanden ist, wird diese automatisch für die Anmeldung auf Anwendungsebene verwendet",
    "Background URL": "Background-URL",
    "Background URL - Tooltip": "URL des Hintergrundbildes, das auf der Anmeldeseite angezeigt wird",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "Zentrum",
    "Copy SAML metadata URL": "SAML-Metadaten-URL kopieren",
    "Copy prompt page URL": "URL der Prompt-Seite kopieren",
@ -60,6 +62,9 @@
    "Form position - Tooltip": "Position der Anmelde-, Registrierungs- und Passwort-vergessen-Formulare",
    "Grant types": "Grant-Typen",
    "Grant types - Tooltip": "Wählen Sie aus, welche Grant-Typen im OAuth-Protokoll zulässig sind",
+    "Header HTML": "Header HTML",
+    "Header HTML - Edit": "Header HTML - Edit",
+    "Header HTML - Tooltip": "Custom the head tag of your application entry page",
    "Incremental": "Incremental",
    "Input": "Input",
    "Invitation code": "Invitation code",
@ -95,11 +100,14 @@
    "Sign Up Error": "Registrierungsfehler",
    "Signin": "Signin",
    "Signin (Default True)": "Signin (Default True)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Anmeldesession",
    "Signup items": "Registrierungs Items",
    "Signup items - Tooltip": "Items, die Benutzer ausfüllen müssen, wenn sie neue Konten registrieren",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "Die Anwendung erlaubt es nicht, ein neues Konto zu registrieren",
    "Token expire": "Token läuft ab",
@ -169,6 +177,7 @@
    "Adapter - Tooltip": "Tabellenname des Policy Stores",
    "Adapters": "Adapter",
    "Add": "Hinzufügen",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "Zugehörigkeits-URL",
    "Affiliation URL - Tooltip": "Die Homepage-URL für die Zugehörigkeit",
@ -190,6 +199,7 @@
    "Cert - Tooltip": "Das Public-Key-Zertifikat, das vom Client-SDK, das mit dieser Anwendung korrespondiert, verifiziert werden muss",
    "Certs": "Zertifikate",
    "Click to Upload": "Klicken Sie zum Hochladen",
+    "Client IP": "Client IP",
    "Close": "Schließen",
    "Confirm": "Confirm",
    "Copied to clipboard successfully": "Copied to clipboard successfully",
@ -307,6 +317,7 @@
    "Providers - Tooltip": "Provider, die konfiguriert werden müssen, einschließlich Drittanbieter-Logins, Objektspeicherung, Verifizierungscode usw.",
    "Real name": "Echter Name",
    "Records": "Datensätze",
+    "Request URI": "Request URI",
    "Resources": "Ressourcen",
    "Role": "Role",
    "Role - Tooltip": "Role - Tooltip",
@ -316,6 +327,9 @@
    "Root cert - Tooltip": "Root cert - Tooltip",
    "SAML attributes": "SAML attributes",
    "SAML attributes - Tooltip": "SAML attributes - Tooltip",
+    "SSH cert": "SSH cert",
+    "SSH type": "SSH type",
+    "SSH type - Tooltip": "The auth type of SSH connection",
    "Save": "Speichern",
    "Save & Exit": "Speichern und verlassen",
    "Session ID": "Session-ID",
@ -327,6 +341,7 @@
    "Signup URL - Tooltip": "Benutzerdefinierte URL für die Registrierungsseite. Wenn nicht festgelegt, wird die standardmäßige Casdoor-Registrierungsseite verwendet. Wenn sie festgelegt wird, werden die Registrierungslinks auf verschiedenen Casdoor-Seiten auf diese URL umgeleitet",
    "Signup application": "Anmeldeanwendung",
    "Signup application - Tooltip": "Durch welche Anwendung hat sich der Benutzer angemeldet, als er sich registriert hat?",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Entschuldigung, die von Ihnen besuchte Seite existiert nicht.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Entschuldigung, der von Ihnen besuchte Benutzer existiert nicht oder Sie sind nicht autorisiert, auf diesen Benutzer zuzugreifen.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "Es tut uns leid, aber Sie haben keine Berechtigung, auf diese Seite zuzugreifen, oder Sie sind nicht angemeldet.",
@ -350,6 +365,7 @@
    "System Info": "Systeminformationen",
    "There was a problem signing you in..": "There was a problem signing you in..",
    "This is a read-only demo site!": "Dies ist eine schreibgeschützte Demo-Seite!",
+    "Timestamp": "Timestamp",
    "Tokens": "Token",
    "Type": "Type",
    "Type - Tooltip": "Type - Tooltip",
@ -431,6 +447,7 @@
  },
  "login": {
    "Auto sign in": "Automatische Anmeldung",
+    "Back button": "Back button",
    "Continue with": "Weitermachen mit",
    "Email": "Email",
    "Email or phone": "E-Mail oder Telefon",
@ -441,6 +458,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Laden",
    "Logging out...": "Ausloggen...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "Kein Konto?",
    "Or sign in with another account": "Oder mit einem anderen Konto anmelden",
@ -725,11 +743,11 @@
    "Email content - Tooltip": "Inhalt der E-Mail",
    "Email title": "Email-Titel",
    "Email title - Tooltip": "Betreff der E-Mail",
-    "Enable QR code": "QR-Code aktivieren",
-    "Enable QR code - Tooltip": "Ob das Scannen von QR-Codes zum Einloggen aktiviert werden soll",
    "Endpoint": "Endpunkt",
    "Endpoint (Intranet)": "Endpunkt (Intranet)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "From address - Tooltip",
    "From name": "From name",
@ -835,6 +853,10 @@
    "Token URL - Tooltip": "Token-URL",
    "Type": "Typ",
    "Type - Tooltip": "Wählen Sie einen Typ aus",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
@ -845,6 +867,9 @@
    "Wallets - Tooltip": "Wallets - Tooltip",
    "admin (Shared)": "admin (Gemeinsam)"
  },
+  "record": {
+    "Is triggered": "Is triggered"
+  },
  "resource": {
    "Copy Link": "Kopiere den Link",
    "File name": "Dateiname",
@ -945,6 +970,10 @@
    "Is read-only": "Is read-only",
    "Is read-only - Tooltip": "Is read-only - Tooltip",
    "New Syncer": "Neuer Syncer",
+    "SSH host": "SSH host",
+    "SSH password": "SSH password",
+    "SSH port": "SSH port",
+    "SSH user": "SSH user",
    "SSL mode": "SSL mode",
    "SSL mode - Tooltip": "SSL mode - Tooltip",
    "Sync interval": "Synchronisierungsintervall",
@ -1085,6 +1114,7 @@
    "The password must have at least 6 characters": "The password must have at least 6 characters",
    "The password must have at least 8 characters": "The password must have at least 8 characters",
    "The password must not contain any repeated characters": "The password must not contain any repeated characters",
+    "This field value doesn't match the pattern rule": "This field value doesn't match the pattern rule",
    "Title": "Titel",
    "Title - Tooltip": "Position in der Zugehörigkeit",
    "Two passwords you typed do not match.": "Zwei von Ihnen eingegebene Passwörter stimmen nicht überein.",
--- a/web/src/locales/en/data.json
+++ b/web/src/locales/en/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "When a logged-in session exists in Casdoor, it is automatically used for application-side login",
    "Background URL": "Background URL",
    "Background URL - Tooltip": "URL of the background image used in the login page",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "Center",
    "Copy SAML metadata URL": "Copy SAML metadata URL",
    "Copy prompt page URL": "Copy prompt page URL",
@ -60,6 +62,9 @@
    "Form position - Tooltip": "Location of the signup, signin and forget password forms",
    "Grant types": "Grant types",
    "Grant types - Tooltip": "Select which grant types are allowed in the OAuth protocol",
+    "Header HTML": "Header HTML",
+    "Header HTML - Edit": "Header HTML - Edit",
+    "Header HTML - Tooltip": "Custom the head tag of your application entry page",
    "Incremental": "Incremental",
    "Input": "Input",
    "Invitation code": "Invitation code",
@ -95,11 +100,14 @@
    "Sign Up Error": "Sign Up Error",
    "Signin": "Signin",
    "Signin (Default True)": "Signin (Default True)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Items for users to fill in when signing up",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Signin session",
    "Signup items": "Signup items",
    "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "The application does not allow to sign up new account",
    "Token expire": "Token expire",
@ -169,6 +177,7 @@
    "Adapter - Tooltip": "Table name of the policy store",
    "Adapters": "Adapters",
    "Add": "Add",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "Affiliation URL",
    "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
@ -190,6 +199,7 @@
    "Cert - Tooltip": "The public key certificate that needs to be verified by the client SDK corresponding to this application",
    "Certs": "Certs",
    "Click to Upload": "Click to Upload",
+    "Client IP": "Client IP",
    "Close": "Close",
    "Confirm": "Confirm",
    "Copied to clipboard successfully": "Copied to clipboard successfully",
@ -307,6 +317,7 @@
    "Providers - Tooltip": "Providers to be configured, including 3rd-party login, object storage, verification code, etc.",
    "Real name": "Real name",
    "Records": "Records",
+    "Request URI": "Request URI",
    "Resources": "Resources",
    "Role": "Role",
    "Role - Tooltip": "Role - Tooltip",
@ -316,6 +327,9 @@
    "Root cert - Tooltip": "Root cert - Tooltip",
    "SAML attributes": "SAML attributes",
    "SAML attributes - Tooltip": "SAML attributes - Tooltip",
+    "SSH cert": "SSH cert",
+    "SSH type": "SSH type",
+    "SSH type - Tooltip": "The auth type of SSH connection",
    "Save": "Save",
    "Save & Exit": "Save & Exit",
    "Session ID": "Session ID",
@ -327,6 +341,7 @@
    "Signup URL - Tooltip": "Custom URL for the registration page. If not set, the default Casdoor registration page will be used. When set, the registration links on various Casdoor pages will redirect to this URL",
    "Signup application": "Signup application",
    "Signup application - Tooltip": "Which application the user registered through when they signed up",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Sorry, the page you visited does not exist.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Sorry, the user you visited does not exist or you are not authorized to access this user.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "Sorry, you do not have permission to access this page or logged in status invalid.",
@ -350,6 +365,7 @@
    "System Info": "System Info",
    "There was a problem signing you in..": "There was a problem signing you in..",
    "This is a read-only demo site!": "This is a read-only demo site!",
+    "Timestamp": "Timestamp",
    "Tokens": "Tokens",
    "Type": "Type",
    "Type - Tooltip": "Type - Tooltip",
@ -431,6 +447,7 @@
  },
  "login": {
    "Auto sign in": "Auto sign in",
+    "Back button": "Back button",
    "Continue with": "Continue with",
    "Email": "Email",
    "Email or phone": "Email or phone",
@ -441,6 +458,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Loading",
    "Logging out...": "Logging out...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "No account?",
    "Or sign in with another account": "Or sign in with another account",
@ -725,11 +743,11 @@
    "Email content - Tooltip": "Content of the Email",
    "Email title": "Email title",
    "Email title - Tooltip": "Title of the email",
-    "Enable QR code": "Enable QR code",
-    "Enable QR code - Tooltip": "Whether to allow scanning QR code to login",
    "Endpoint": "Endpoint",
    "Endpoint (Intranet)": "Endpoint (Intranet)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "Email address of \"From\"",
    "From name": "From name",
@ -835,6 +853,10 @@
    "Token URL - Tooltip": "Token URL",
    "Type": "Type",
    "Type - Tooltip": "Select a type",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow",
    "User mapping": "User mapping",
@ -845,6 +867,9 @@
    "Wallets - Tooltip": "Wallets - Tooltip",
    "admin (Shared)": "admin (Shared)"
  },
+  "record": {
+    "Is triggered": "Is triggered"
+  },
  "resource": {
    "Copy Link": "Copy Link",
    "File name": "File name",
@ -945,6 +970,10 @@
    "Is read-only": "Is read-only",
    "Is read-only - Tooltip": "Is read-only - Tooltip",
    "New Syncer": "New Syncer",
+    "SSH host": "SSH host",
+    "SSH password": "SSH password",
+    "SSH port": "SSH port",
+    "SSH user": "SSH user",
    "SSL mode": "SSL mode",
    "SSL mode - Tooltip": "The SSL mode used when connecting to the database",
    "Sync interval": "Sync interval",
@ -1085,6 +1114,7 @@
    "The password must have at least 6 characters": "The password must have at least 6 characters",
    "The password must have at least 8 characters": "The password must have at least 8 characters",
    "The password must not contain any repeated characters": "The password must not contain any repeated characters",
+    "This field value doesn't match the pattern rule": "This field value doesn't match the pattern rule",
    "Title": "Title",
    "Title - Tooltip": "Position in the affiliation",
    "Two passwords you typed do not match.": "Two passwords you typed do not match.",
--- a/web/src/locales/es/data.json
+++ b/web/src/locales/es/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "Cuando existe una sesión iniciada en Casdoor, se utiliza automáticamente para el inicio de sesión del lado de la aplicación",
    "Background URL": "URL de fondo",
    "Background URL - Tooltip": "URL de la imagen de fondo utilizada en la página de inicio de sesión",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "Centro",
    "Copy SAML metadata URL": "Copia la URL de metadatos SAML",
    "Copy prompt page URL": "Copiar URL de la página del prompt",
@ -60,6 +62,9 @@
    "Form position - Tooltip": "Ubicación de los formularios de registro, inicio de sesión y olvido de contraseña",
    "Grant types": "Tipos de subvenciones",
    "Grant types - Tooltip": "Selecciona cuáles tipos de subvenciones están permitidas en el protocolo OAuth",
+    "Header HTML": "Header HTML",
+    "Header HTML - Edit": "Header HTML - Edit",
+    "Header HTML - Tooltip": "Custom the head tag of your application entry page",
    "Incremental": "Incremental",
    "Input": "Input",
    "Invitation code": "Invitation code",
@ -95,11 +100,14 @@
    "Sign Up Error": "Error de registro",
    "Signin": "Signin",
    "Signin (Default True)": "Signin (Default True)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Sesión de inicio de sesión",
    "Signup items": "Artículos de registro",
    "Signup items - Tooltip": "Elementos para que los usuarios los completen al registrar nuevas cuentas",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "La aplicación no permite registrarse una cuenta nueva",
    "Token expire": "Token expirado",
@ -169,6 +177,7 @@
    "Adapter - Tooltip": "Nombre de la tabla de la tienda de políticas",
    "Adapters": "Adaptadores",
    "Add": "Añadir",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "URL de afiliación",
    "Affiliation URL - Tooltip": "La URL de la página de inicio para la afiliación",
@ -190,6 +199,7 @@
    "Cert - Tooltip": "El certificado de clave pública que necesita ser verificado por el SDK del cliente correspondiente a esta aplicación",
    "Certs": "Certificaciones",
    "Click to Upload": "Haz clic para cargar",
+    "Client IP": "Client IP",
    "Close": "Cerca",
    "Confirm": "Confirm",
    "Copied to clipboard successfully": "Copied to clipboard successfully",
@ -307,6 +317,7 @@
    "Providers - Tooltip": "Proveedores a configurar, incluyendo inicio de sesión de terceros, almacenamiento de objetos, código de verificación, etc.",
    "Real name": "Nombre real",
    "Records": "Registros",
+    "Request URI": "Request URI",
    "Resources": "Recursos",
    "Role": "Role",
    "Role - Tooltip": "Role - Tooltip",
@ -316,6 +327,9 @@
    "Root cert - Tooltip": "Root cert - Tooltip",
    "SAML attributes": "SAML attributes",
    "SAML attributes - Tooltip": "SAML attributes - Tooltip",
+    "SSH cert": "SSH cert",
+    "SSH type": "SSH type",
+    "SSH type - Tooltip": "The auth type of SSH connection",
    "Save": "Guardar",
    "Save & Exit": "Guardar y salir",
    "Session ID": "ID de sesión",
@ -327,6 +341,7 @@
    "Signup URL - Tooltip": "URL personalizado para la página de registro. Si no se establece, se usará la página de registro predeterminada de Casdoor. Cuando se establece, los enlaces de registro en varias páginas de Casdoor redirigirán a esta URL",
    "Signup application": "Solicitud de registro",
    "Signup application - Tooltip": "¿A través de qué aplicación se registró el usuario cuando se inscribió?",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Lo siento, la página que visitaste no existe.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Lo siento, el usuario que visitaste no existe o no estás autorizado a acceder a este usuario.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "Lo siento, no tiene permiso para acceder a esta página o su estado de inicio de sesión es inválido.",
@ -350,6 +365,7 @@
    "System Info": "Información del Sistema",
    "There was a problem signing you in..": "There was a problem signing you in..",
    "This is a read-only demo site!": "¡Este es un sitio de demostración solo de lectura!",
+    "Timestamp": "Timestamp",
    "Tokens": "Tokens",
    "Type": "Type",
    "Type - Tooltip": "Type - Tooltip",
@ -431,6 +447,7 @@
  },
  "login": {
    "Auto sign in": "Inicio de sesión automático",
+    "Back button": "Back button",
    "Continue with": "Continúe con",
    "Email": "Email",
    "Email or phone": "Correo electrónico o teléfono",
@ -441,6 +458,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Cargando",
    "Logging out...": "Cerrando sesión...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "¿No tienes cuenta?",
    "Or sign in with another account": "O inicia sesión con otra cuenta",
@ -725,11 +743,11 @@
    "Email content - Tooltip": "Contenido del correo electrónico",
    "Email title": "Título del correo electrónico",
    "Email title - Tooltip": "Título del correo electrónico",
-    "Enable QR code": "Habilitar código QR",
-    "Enable QR code - Tooltip": "Si permitir el escaneo de códigos QR para acceder",
    "Endpoint": "Punto final",
    "Endpoint (Intranet)": "Punto final (intranet)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "From address - Tooltip",
    "From name": "From name",
@ -835,6 +853,10 @@
    "Token URL - Tooltip": "URL de token",
    "Type": "Tipo",
    "Type - Tooltip": "Seleccionar un tipo",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
@ -845,6 +867,9 @@
    "Wallets - Tooltip": "Wallets - Tooltip",
    "admin (Shared)": "administrador (compartido)"
  },
+  "record": {
+    "Is triggered": "Is triggered"
+  },
  "resource": {
    "Copy Link": "Copiar enlace",
    "File name": "Nombre del archivo",
@ -945,6 +970,10 @@
    "Is read-only": "Is read-only",
    "Is read-only - Tooltip": "Is read-only - Tooltip",
    "New Syncer": "Nuevo Syncer",
+    "SSH host": "SSH host",
+    "SSH password": "SSH password",
+    "SSH port": "SSH port",
+    "SSH user": "SSH user",
    "SSL mode": "SSL mode",
    "SSL mode - Tooltip": "SSL mode - Tooltip",
    "Sync interval": "Intervalo de sincronización",
@ -1085,6 +1114,7 @@
    "The password must have at least 6 characters": "The password must have at least 6 characters",
    "The password must have at least 8 characters": "The password must have at least 8 characters",
    "The password must not contain any repeated characters": "The password must not contain any repeated characters",
+    "This field value doesn't match the pattern rule": "This field value doesn't match the pattern rule",
    "Title": "Título",
    "Title - Tooltip": "Posición en la afiliación",
    "Two passwords you typed do not match.": "Dos contraseñas que has escrito no coinciden.",
--- a/web/src/locales/fa/data.json
+++ b/web/src/locales/fa/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "When a logged-in session exists in Casdoor, it is automatically used for application-side login",
    "Background URL": "Background URL",
    "Background URL - Tooltip": "URL of the background image used in the login page",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "Center",
    "Copy SAML metadata URL": "Copy SAML metadata URL",
    "Copy prompt page URL": "Copy prompt page URL",
@ -60,6 +62,9 @@
    "Form position - Tooltip": "Location of the signup, signin and forget password forms",
    "Grant types": "Grant types",
    "Grant types - Tooltip": "Select which grant types are allowed in the OAuth protocol",
+    "Header HTML": "Header HTML",
+    "Header HTML - Edit": "Header HTML - Edit",
+    "Header HTML - Tooltip": "Custom the head tag of your application entry page",
    "Incremental": "Incremental",
    "Input": "Input",
    "Invitation code": "Invitation code",
@ -95,11 +100,14 @@
    "Sign Up Error": "Sign Up Error",
    "Signin": "Signin",
    "Signin (Default True)": "Signin (Default True)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Signin session",
    "Signup items": "Signup items",
    "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "The application does not allow to sign up new account",
    "Token expire": "Token expire",
@ -169,6 +177,7 @@
    "Adapter - Tooltip": "Table name of the policy store",
    "Adapters": "Adapters",
    "Add": "Add",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "Affiliation URL",
    "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
@ -190,6 +199,7 @@
    "Cert - Tooltip": "The public key certificate that needs to be verified by the client SDK corresponding to this application",
    "Certs": "Certs",
    "Click to Upload": "Click to Upload",
+    "Client IP": "Client IP",
    "Close": "Close",
    "Confirm": "Confirm",
    "Copied to clipboard successfully": "Copied to clipboard successfully",
@ -307,6 +317,7 @@
    "Providers - Tooltip": "Providers to be configured, including 3rd-party login, object storage, verification code, etc.",
    "Real name": "Real name",
    "Records": "Records",
+    "Request URI": "Request URI",
    "Resources": "Resources",
    "Role": "Role",
    "Role - Tooltip": "Role - Tooltip",
@ -316,6 +327,9 @@
    "Root cert - Tooltip": "Root cert - Tooltip",
    "SAML attributes": "SAML attributes",
    "SAML attributes - Tooltip": "SAML attributes - Tooltip",
+    "SSH cert": "SSH cert",
+    "SSH type": "SSH type",
+    "SSH type - Tooltip": "The auth type of SSH connection",
    "Save": "Save",
    "Save & Exit": "Save & Exit",
    "Session ID": "Session ID",
@ -327,6 +341,7 @@
    "Signup URL - Tooltip": "Custom URL for the registration page. If not set, the default Casdoor registration page will be used. When set, the registration links on various Casdoor pages will redirect to this URL",
    "Signup application": "Signup application",
    "Signup application - Tooltip": "Which application the user registered through when they signed up",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Sorry, the page you visited does not exist.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Sorry, the user you visited does not exist or you are not authorized to access this user.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "Sorry, you do not have permission to access this page or logged in status invalid.",
@ -350,6 +365,7 @@
    "System Info": "System Info",
    "There was a problem signing you in..": "There was a problem signing you in..",
    "This is a read-only demo site!": "This is a read-only demo site!",
+    "Timestamp": "Timestamp",
    "Tokens": "Tokens",
    "Type": "Type",
    "Type - Tooltip": "Type - Tooltip",
@ -431,6 +447,7 @@
  },
  "login": {
    "Auto sign in": "Auto sign in",
+    "Back button": "Back button",
    "Continue with": "Continue with",
    "Email": "Email",
    "Email or phone": "Email or phone",
@ -441,6 +458,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Loading",
    "Logging out...": "Logging out...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "No account?",
    "Or sign in with another account": "Or sign in with another account",
@ -725,11 +743,11 @@
    "Email content - Tooltip": "Content of the Email",
    "Email title": "Email title",
    "Email title - Tooltip": "Title of the email",
-    "Enable QR code": "Enable QR code",
-    "Enable QR code - Tooltip": "Whether to allow scanning QR code to login",
    "Endpoint": "Endpoint",
    "Endpoint (Intranet)": "Endpoint (Intranet)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "Email address of \"From\"",
    "From name": "From name",
@ -835,6 +853,10 @@
    "Token URL - Tooltip": "Token URL",
    "Type": "Type",
    "Type - Tooltip": "Select a type",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
@ -845,6 +867,9 @@
    "Wallets - Tooltip": "Wallets - Tooltip",
    "admin (Shared)": "admin (Shared)"
  },
+  "record": {
+    "Is triggered": "Is triggered"
+  },
  "resource": {
    "Copy Link": "Copy Link",
    "File name": "File name",
@ -945,6 +970,10 @@
    "Is read-only": "Is read-only",
    "Is read-only - Tooltip": "Is read-only - Tooltip",
    "New Syncer": "New Syncer",
+    "SSH host": "SSH host",
+    "SSH password": "SSH password",
+    "SSH port": "SSH port",
+    "SSH user": "SSH user",
    "SSL mode": "SSL mode",
    "SSL mode - Tooltip": "SSL mode - Tooltip",
    "Sync interval": "Sync interval",
@ -1085,6 +1114,7 @@
    "The password must have at least 6 characters": "The password must have at least 6 characters",
    "The password must have at least 8 characters": "The password must have at least 8 characters",
    "The password must not contain any repeated characters": "The password must not contain any repeated characters",
+    "This field value doesn't match the pattern rule": "This field value doesn't match the pattern rule",
    "Title": "Title",
    "Title - Tooltip": "Position in the affiliation",
    "Two passwords you typed do not match.": "Two passwords you typed do not match.",
--- a/web/src/locales/fi/data.json
+++ b/web/src/locales/fi/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "When a logged-in session exists in Casdoor, it is automatically used for application-side login",
    "Background URL": "Background URL",
    "Background URL - Tooltip": "URL of the background image used in the login page",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "Center",
    "Copy SAML metadata URL": "Copy SAML metadata URL",
    "Copy prompt page URL": "Copy prompt page URL",
@ -60,6 +62,9 @@
    "Form position - Tooltip": "Location of the signup, signin and forget password forms",
    "Grant types": "Grant types",
    "Grant types - Tooltip": "Select which grant types are allowed in the OAuth protocol",
+    "Header HTML": "Header HTML",
+    "Header HTML - Edit": "Header HTML - Edit",
+    "Header HTML - Tooltip": "Custom the head tag of your application entry page",
    "Incremental": "Incremental",
    "Input": "Input",
    "Invitation code": "Invitation code",
@ -95,11 +100,14 @@
    "Sign Up Error": "Sign Up Error",
    "Signin": "Signin",
    "Signin (Default True)": "Signin (Default True)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Signin session",
    "Signup items": "Signup items",
    "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "The application does not allow to sign up new account",
    "Token expire": "Token expire",
@ -169,6 +177,7 @@
    "Adapter - Tooltip": "Table name of the policy store",
    "Adapters": "Adapters",
    "Add": "Add",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "Affiliation URL",
    "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
@ -190,6 +199,7 @@
    "Cert - Tooltip": "The public key certificate that needs to be verified by the client SDK corresponding to this application",
    "Certs": "Certs",
    "Click to Upload": "Click to Upload",
+    "Client IP": "Client IP",
    "Close": "Close",
    "Confirm": "Confirm",
    "Copied to clipboard successfully": "Copied to clipboard successfully",
@ -307,6 +317,7 @@
    "Providers - Tooltip": "Providers to be configured, including 3rd-party login, object storage, verification code, etc.",
    "Real name": "Real name",
    "Records": "Records",
+    "Request URI": "Request URI",
    "Resources": "Resources",
    "Role": "Role",
    "Role - Tooltip": "Role - Tooltip",
@ -316,6 +327,9 @@
    "Root cert - Tooltip": "Root cert - Tooltip",
    "SAML attributes": "SAML attributes",
    "SAML attributes - Tooltip": "SAML attributes - Tooltip",
+    "SSH cert": "SSH cert",
+    "SSH type": "SSH type",
+    "SSH type - Tooltip": "The auth type of SSH connection",
    "Save": "Save",
    "Save & Exit": "Save & Exit",
    "Session ID": "Session ID",
@ -327,6 +341,7 @@
    "Signup URL - Tooltip": "Custom URL for the registration page. If not set, the default Casdoor registration page will be used. When set, the registration links on various Casdoor pages will redirect to this URL",
    "Signup application": "Signup application",
    "Signup application - Tooltip": "Which application the user registered through when they signed up",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Sorry, the page you visited does not exist.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Sorry, the user you visited does not exist or you are not authorized to access this user.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "Sorry, you do not have permission to access this page or logged in status invalid.",
@ -350,6 +365,7 @@
    "System Info": "System Info",
    "There was a problem signing you in..": "There was a problem signing you in..",
    "This is a read-only demo site!": "This is a read-only demo site!",
+    "Timestamp": "Timestamp",
    "Tokens": "Tokens",
    "Type": "Type",
    "Type - Tooltip": "Type - Tooltip",
@ -431,6 +447,7 @@
  },
  "login": {
    "Auto sign in": "Auto sign in",
+    "Back button": "Back button",
    "Continue with": "Continue with",
    "Email": "Email",
    "Email or phone": "Email or phone",
@ -441,6 +458,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Loading",
    "Logging out...": "Logging out...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "No account?",
    "Or sign in with another account": "Or sign in with another account",
@ -725,11 +743,11 @@
    "Email content - Tooltip": "Content of the Email",
    "Email title": "Email title",
    "Email title - Tooltip": "Title of the email",
-    "Enable QR code": "Enable QR code",
-    "Enable QR code - Tooltip": "Whether to allow scanning QR code to login",
    "Endpoint": "Endpoint",
    "Endpoint (Intranet)": "Endpoint (Intranet)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "Email address of \"From\"",
    "From name": "From name",
@ -835,6 +853,10 @@
    "Token URL - Tooltip": "Token URL",
    "Type": "Type",
    "Type - Tooltip": "Select a type",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
@ -845,6 +867,9 @@
    "Wallets - Tooltip": "Wallets - Tooltip",
    "admin (Shared)": "admin (Shared)"
  },
+  "record": {
+    "Is triggered": "Is triggered"
+  },
  "resource": {
    "Copy Link": "Copy Link",
    "File name": "File name",
@ -945,6 +970,10 @@
    "Is read-only": "Is read-only",
    "Is read-only - Tooltip": "Is read-only - Tooltip",
    "New Syncer": "New Syncer",
+    "SSH host": "SSH host",
+    "SSH password": "SSH password",
+    "SSH port": "SSH port",
+    "SSH user": "SSH user",
    "SSL mode": "SSL mode",
    "SSL mode - Tooltip": "SSL mode - Tooltip",
    "Sync interval": "Sync interval",
@ -1085,6 +1114,7 @@
    "The password must have at least 6 characters": "The password must have at least 6 characters",
    "The password must have at least 8 characters": "The password must have at least 8 characters",
    "The password must not contain any repeated characters": "The password must not contain any repeated characters",
+    "This field value doesn't match the pattern rule": "This field value doesn't match the pattern rule",
    "Title": "Title",
    "Title - Tooltip": "Position in the affiliation",
    "Two passwords you typed do not match.": "Two passwords you typed do not match.",
--- a/web/src/locales/fr/data.json
+++ b/web/src/locales/fr/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "Lorsqu'une session connectée existe dans Casdoor, elle est automatiquement utilisée pour la connexion côté application",
    "Background URL": "URL de fond",
    "Background URL - Tooltip": "L'URL de l'image d'arrière-plan utilisée sur la page de connexion",
+    "Big icon": "Big icon",
    "Binding providers": "Fournisseurs liés",
+    "CSS style": "CSS style",
    "Center": "Centré",
    "Copy SAML metadata URL": "Copiez l'URL de métadonnées SAML",
    "Copy prompt page URL": "Copier l'URL de la page de l'invite",
@ -60,6 +62,9 @@
    "Form position - Tooltip": "Emplacement des formulaires d'inscription, de connexion et de récupération de mot de passe",
    "Grant types": "Types d'autorisation",
    "Grant types - Tooltip": "Sélectionnez les types d'autorisations autorisés dans le protocole OAuth",
+    "Header HTML": "Header HTML",
+    "Header HTML - Edit": "Header HTML - Edit",
+    "Header HTML - Tooltip": "Custom the head tag of your application entry page",
    "Incremental": "Incrémentale",
    "Input": "Saisie",
    "Invitation code": "Code d'invitation",
@ -95,11 +100,14 @@
    "Sign Up Error": "Erreur d'inscription",
    "Signin": "Connexion",
    "Signin (Default True)": "Connexion (Vrai par défaut)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Session de connexion",
    "Signup items": "Champs d'inscription",
    "Signup items - Tooltip": "Champs à remplir lors de l'enregistrement de nouveaux comptes",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Seuls les comptes ayant leur étiquette listée dans les étiquettes de l'application peuvent se connecter",
    "The application does not allow to sign up new account": "L'application ne permet pas de créer un nouveau compte",
    "Token expire": "Expiration du jeton",
@ -169,6 +177,7 @@
    "Adapter - Tooltip": "Nom de la table du magasin de règle",
    "Adapters": "Adaptateurs",
    "Add": "Ajouter",
+    "Add custom item": "Add custom item",
    "Admin": "Administration",
    "Affiliation URL": "URL d'affiliation",
    "Affiliation URL - Tooltip": "URL du site web de l'affiliation",
@ -190,6 +199,7 @@
    "Cert - Tooltip": "La clé publique du certificat qui doit être vérifiée par le kit de développement client correspondant à cette application",
    "Certs": "Certificats",
    "Click to Upload": "Cliquer pour télécharger",
+    "Client IP": "Client IP",
    "Close": "Fermer",
    "Confirm": "Confirmer",
    "Copied to clipboard successfully": "Copied to clipboard successfully",
@ -307,6 +317,7 @@
    "Providers - Tooltip": "Les fournisseurs à configurer, tels que la connexion via un service tiers, le stockage d'objets, le code de vérification, etc.",
    "Real name": "Nom complet",
    "Records": "Enregistrements",
+    "Request URI": "Request URI",
    "Resources": "Ressources",
    "Role": "Rôle",
    "Role - Tooltip": "Rôle - Infobulle",
@ -316,6 +327,9 @@
    "Root cert - Tooltip": "Root cert - Tooltip",
    "SAML attributes": "SAML attributes",
    "SAML attributes - Tooltip": "SAML attributes - Tooltip",
+    "SSH cert": "SSH cert",
+    "SSH type": "SSH type",
+    "SSH type - Tooltip": "The auth type of SSH connection",
    "Save": "Enregistrer",
    "Save & Exit": "Enregistrer et quitter",
    "Session ID": "Identifiant de session",
@ -327,6 +341,7 @@
    "Signup URL - Tooltip": "URL personnalisée pour la page d'inscription. Si elle n'est pas définie, la page d'inscription par défaut de Casdoor utilisée. Lorsqu'elle est définie, les liens d'inscription sur les différentes pages de Casdoor redirigeront vers cette URL",
    "Signup application": "Application d'inscription",
    "Signup application - Tooltip": "L'application utilisée lors de la création du compte",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Désolé, la page que vous avez visitée n'existe pas.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Désolé, le compte que vous avez visité n'existe pas ou vous n'êtes pas autorisé à accéder à ce compte.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "Désolé, vous n'avez pas la permission d'accéder à cette page ou votre statut de connexion est invalide.",
@ -350,6 +365,7 @@
    "System Info": "Informations système",
    "There was a problem signing you in..": "Un problème est survenu lors de votre connexion..",
    "This is a read-only demo site!": "Ceci est un site de démonstration en lecture seule !",
+    "Timestamp": "Timestamp",
    "Tokens": "Jetons",
    "Type": "Type",
    "Type - Tooltip": "Type - Infobulle",
@ -431,6 +447,7 @@
  },
  "login": {
    "Auto sign in": "Connexion automatique",
+    "Back button": "Back button",
    "Continue with": "Continuer avec",
    "Email": "Email",
    "Email or phone": "Email ou téléphone",
@ -441,6 +458,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Chargement",
    "Logging out...": "Déconnexion...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "Le plugin MetaMask n'a pas été détecté",
    "No account?": "Pas de compte ?",
    "Or sign in with another account": "Ou connectez-vous avec un autre compte",
@ -725,11 +743,11 @@
    "Email content - Tooltip": "Contenu de l'e-mail",
    "Email title": "Titre de l'email",
    "Email title - Tooltip": "Titre de l'email",
-    "Enable QR code": "Activer le code QR",
-    "Enable QR code - Tooltip": "Permettre de scanner un QR code pour se connecter",
    "Endpoint": "Endpoint",
    "Endpoint (Intranet)": "Endpoint (intranet)",
    "Endpoint - Tooltip": "Endpoint - Infobulle",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "Adresse de l'expéditeur",
    "From address - Tooltip": "L'adresse e-mail affichée comme expéditeur dans les e-mails envoyés",
    "From name": "Nom de l'expéditeur",
@ -835,6 +853,10 @@
    "Token URL - Tooltip": "URL de jeton",
    "Type": "Type de texte",
    "Type - Tooltip": "Sélectionnez un type",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "Association de compte",
@ -845,6 +867,9 @@
    "Wallets - Tooltip": "Portefeuille - Infobulle",
    "admin (Shared)": "admin (Partagé)"
  },
+  "record": {
+    "Is triggered": "Is triggered"
+  },
  "resource": {
    "Copy Link": "Copier le lien",
    "File name": "Nom de fichier",
@ -945,6 +970,10 @@
    "Is read-only": "Est en lecture seule",
    "Is read-only - Tooltip": "En lecture seule - Infobulle",
    "New Syncer": "Nouveau synchroniseur",
+    "SSH host": "SSH host",
+    "SSH password": "SSH password",
+    "SSH port": "SSH port",
+    "SSH user": "SSH user",
    "SSL mode": "SSL mode",
    "SSL mode - Tooltip": "SSL mode - Tooltip",
    "Sync interval": "Intervalle de synchronisation",
@ -1085,6 +1114,7 @@
    "The password must have at least 6 characters": "Le mot de passe doit contenir moins 6 caractères",
    "The password must have at least 8 characters": "Le mot de passe doit contenir moins 8 caractères",
    "The password must not contain any repeated characters": "Le mot de passe ne doit pas contenir de caractères répétés",
+    "This field value doesn't match the pattern rule": "This field value doesn't match the pattern rule",
    "Title": "Poste",
    "Title - Tooltip": "Fonction dans l'affiliation",
    "Two passwords you typed do not match.": "Le mot de passe et la confirmation du mot de passe ne correspondent pas.",
--- a/web/src/locales/he/data.json
+++ b/web/src/locales/he/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "When a logged-in session exists in Casdoor, it is automatically used for application-side login",
    "Background URL": "Background URL",
    "Background URL - Tooltip": "URL of the background image used in the login page",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "Center",
    "Copy SAML metadata URL": "Copy SAML metadata URL",
    "Copy prompt page URL": "Copy prompt page URL",
@ -60,6 +62,9 @@
    "Form position - Tooltip": "Location of the signup, signin and forget password forms",
    "Grant types": "Grant types",
    "Grant types - Tooltip": "Select which grant types are allowed in the OAuth protocol",
+    "Header HTML": "Header HTML",
+    "Header HTML - Edit": "Header HTML - Edit",
+    "Header HTML - Tooltip": "Custom the head tag of your application entry page",
    "Incremental": "Incremental",
    "Input": "Input",
    "Invitation code": "Invitation code",
@ -95,11 +100,14 @@
    "Sign Up Error": "Sign Up Error",
    "Signin": "Signin",
    "Signin (Default True)": "Signin (Default True)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Signin session",
    "Signup items": "Signup items",
    "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "The application does not allow to sign up new account",
    "Token expire": "Token expire",
@ -169,6 +177,7 @@
    "Adapter - Tooltip": "Table name of the policy store",
    "Adapters": "Adapters",
    "Add": "Add",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "Affiliation URL",
    "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
@ -190,6 +199,7 @@
    "Cert - Tooltip": "The public key certificate that needs to be verified by the client SDK corresponding to this application",
    "Certs": "Certs",
    "Click to Upload": "Click to Upload",
+    "Client IP": "Client IP",
    "Close": "Close",
    "Confirm": "Confirm",
    "Copied to clipboard successfully": "Copied to clipboard successfully",
@ -307,6 +317,7 @@
    "Providers - Tooltip": "Providers to be configured, including 3rd-party login, object storage, verification code, etc.",
    "Real name": "Real name",
    "Records": "Records",
+    "Request URI": "Request URI",
    "Resources": "Resources",
    "Role": "Role",
    "Role - Tooltip": "Role - Tooltip",
@ -316,6 +327,9 @@
    "Root cert - Tooltip": "Root cert - Tooltip",
    "SAML attributes": "SAML attributes",
    "SAML attributes - Tooltip": "SAML attributes - Tooltip",
+    "SSH cert": "SSH cert",
+    "SSH type": "SSH type",
+    "SSH type - Tooltip": "The auth type of SSH connection",
    "Save": "Save",
    "Save & Exit": "Save & Exit",
    "Session ID": "Session ID",
@ -327,6 +341,7 @@
    "Signup URL - Tooltip": "Custom URL for the registration page. If not set, the default Casdoor registration page will be used. When set, the registration links on various Casdoor pages will redirect to this URL",
    "Signup application": "Signup application",
    "Signup application - Tooltip": "Which application the user registered through when they signed up",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Sorry, the page you visited does not exist.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Sorry, the user you visited does not exist or you are not authorized to access this user.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "Sorry, you do not have permission to access this page or logged in status invalid.",
@ -350,6 +365,7 @@
    "System Info": "System Info",
    "There was a problem signing you in..": "There was a problem signing you in..",
    "This is a read-only demo site!": "This is a read-only demo site!",
+    "Timestamp": "Timestamp",
    "Tokens": "Tokens",
    "Type": "Type",
    "Type - Tooltip": "Type - Tooltip",
@ -431,6 +447,7 @@
  },
  "login": {
    "Auto sign in": "Auto sign in",
+    "Back button": "Back button",
    "Continue with": "Continue with",
    "Email": "Email",
    "Email or phone": "Email or phone",
@ -441,6 +458,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Loading",
    "Logging out...": "Logging out...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "No account?",
    "Or sign in with another account": "Or sign in with another account",
@ -725,11 +743,11 @@
    "Email content - Tooltip": "Content of the Email",
    "Email title": "Email title",
    "Email title - Tooltip": "Title of the email",
-    "Enable QR code": "Enable QR code",
-    "Enable QR code - Tooltip": "Whether to allow scanning QR code to login",
    "Endpoint": "Endpoint",
    "Endpoint (Intranet)": "Endpoint (Intranet)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "Email address of \"From\"",
    "From name": "From name",
@ -835,6 +853,10 @@
    "Token URL - Tooltip": "Token URL",
    "Type": "Type",
    "Type - Tooltip": "Select a type",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
@ -845,6 +867,9 @@
    "Wallets - Tooltip": "Wallets - Tooltip",
    "admin (Shared)": "admin (Shared)"
  },
+  "record": {
+    "Is triggered": "Is triggered"
+  },
  "resource": {
    "Copy Link": "Copy Link",
    "File name": "File name",
@ -945,6 +970,10 @@
    "Is read-only": "Is read-only",
    "Is read-only - Tooltip": "Is read-only - Tooltip",
    "New Syncer": "New Syncer",
+    "SSH host": "SSH host",
+    "SSH password": "SSH password",
+    "SSH port": "SSH port",
+    "SSH user": "SSH user",
    "SSL mode": "SSL mode",
    "SSL mode - Tooltip": "SSL mode - Tooltip",
    "Sync interval": "Sync interval",
@ -1085,6 +1114,7 @@
    "The password must have at least 6 characters": "The password must have at least 6 characters",
    "The password must have at least 8 characters": "The password must have at least 8 characters",
    "The password must not contain any repeated characters": "The password must not contain any repeated characters",
+    "This field value doesn't match the pattern rule": "This field value doesn't match the pattern rule",
    "Title": "Title",
    "Title - Tooltip": "Position in the affiliation",
    "Two passwords you typed do not match.": "Two passwords you typed do not match.",
--- a/web/src/locales/id/data.json
+++ b/web/src/locales/id/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "Ketika sesi masuk yang terdaftar ada di Casdoor, secara otomatis digunakan untuk masuk ke sisi aplikasi",
    "Background URL": "URL latar belakang",
    "Background URL - Tooltip": "URL dari gambar latar belakang yang digunakan di halaman login",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "pusat",
    "Copy SAML metadata URL": "Salin URL metadata SAML",
    "Copy prompt page URL": "Salin URL halaman prompt",
@ -60,6 +62,9 @@
    "Form position - Tooltip": "Tempat pendaftaran, masuk, dan lupa kata sandi",
    "Grant types": "Jenis-jenis hibah",
    "Grant types - Tooltip": "Pilih jenis hibah apa yang diperbolehkan dalam protokol OAuth",
+    "Header HTML": "Header HTML",
+    "Header HTML - Edit": "Header HTML - Edit",
+    "Header HTML - Tooltip": "Custom the head tag of your application entry page",
    "Incremental": "Incremental",
    "Input": "Input",
    "Invitation code": "Invitation code",
@ -95,11 +100,14 @@
    "Sign Up Error": "Kesalahan Pendaftaran",
    "Signin": "Signin",
    "Signin (Default True)": "Signin (Default True)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Sesi masuk",
    "Signup items": "Item pendaftaran",
    "Signup items - Tooltip": "Item-item yang harus diisi pengguna saat mendaftar untuk akun baru",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "Aplikasi tidak memperbolehkan untuk mendaftar akun baru",
    "Token expire": "Token kadaluarsa",
@ -169,6 +177,7 @@
    "Adapter - Tooltip": "Nama tabel dari penyimpanan kebijakan",
    "Adapters": "Adaptor",
    "Add": "Tambahkan",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "URL Afiliasi",
    "Affiliation URL - Tooltip": "URL halaman depan untuk afiliasi",
@ -190,6 +199,7 @@
    "Cert - Tooltip": "Sertifikat kunci publik yang perlu diverifikasi oleh SDK klien yang sesuai dengan aplikasi ini",
    "Certs": "Sertifikat",
    "Click to Upload": "Klik untuk Mengunggah",
+    "Client IP": "Client IP",
    "Close": "Tutup",
    "Confirm": "Confirm",
    "Copied to clipboard successfully": "Copied to clipboard successfully",
@ -307,6 +317,7 @@
    "Providers - Tooltip": "Penyedia harus dikonfigurasi, termasuk login pihak ketiga, penyimpanan objek, kode verifikasi, dan lain-lain.",
    "Real name": "Nama asli",
    "Records": "Catatan",
+    "Request URI": "Request URI",
    "Resources": "Sumber daya",
    "Role": "Role",
    "Role - Tooltip": "Role - Tooltip",
@ -316,6 +327,9 @@
    "Root cert - Tooltip": "Root cert - Tooltip",
    "SAML attributes": "SAML attributes",
    "SAML attributes - Tooltip": "SAML attributes - Tooltip",
+    "SSH cert": "SSH cert",
+    "SSH type": "SSH type",
+    "SSH type - Tooltip": "The auth type of SSH connection",
    "Save": "Menyimpan",
    "Save & Exit": "Simpan & Keluar",
    "Session ID": "ID sesi",
@ -327,6 +341,7 @@
    "Signup URL - Tooltip": "URL kustom untuk halaman pendaftaran. Jika tidak diatur, halaman pendaftaran Casdoor default akan digunakan. Ketika diatur, tautan pendaftaran pada berbagai halaman Casdoor akan dialihkan ke URL ini",
    "Signup application": "Pendaftaran aplikasi",
    "Signup application - Tooltip": "Melalui aplikasi mana pengguna mendaftar saat mereka mendaftar",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Maaf, halaman yang Anda kunjungi tidak ada.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Maaf, pengguna yang Anda kunjungi tidak ada atau Anda tidak diizinkan untuk mengakses pengguna ini.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "Maaf, Anda tidak memiliki izin untuk mengakses halaman ini atau status masuk tidak valid.",
@ -350,6 +365,7 @@
    "System Info": "Informasi Sistem",
    "There was a problem signing you in..": "There was a problem signing you in..",
    "This is a read-only demo site!": "Ini adalah situs demo hanya untuk dibaca saja!",
+    "Timestamp": "Timestamp",
    "Tokens": "Token-token",
    "Type": "Type",
    "Type - Tooltip": "Type - Tooltip",
@ -431,6 +447,7 @@
  },
  "login": {
    "Auto sign in": "Masuk otomatis",
+    "Back button": "Back button",
    "Continue with": "Lanjutkan dengan",
    "Email": "Email",
    "Email or phone": "Email atau telepon",
@ -441,6 +458,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Memuat",
    "Logging out...": "Keluar...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "Tidak memiliki akun?",
    "Or sign in with another account": "Atau masuk dengan akun lain",
@ -725,11 +743,11 @@
    "Email content - Tooltip": "Isi Email",
    "Email title": "Judul Email",
    "Email title - Tooltip": "Judul email",
-    "Enable QR code": "Aktifkan kode QR",
-    "Enable QR code - Tooltip": "Apakah diizinkan untuk memindai kode QR untuk masuk?",
    "Endpoint": "Titik akhir",
    "Endpoint (Intranet)": "Titik Akhir (Intranet)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "From address - Tooltip",
    "From name": "From name",
@ -835,6 +853,10 @@
    "Token URL - Tooltip": "Token URL: URL Token",
    "Type": "Jenis",
    "Type - Tooltip": "Pilih tipe",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
@ -845,6 +867,9 @@
    "Wallets - Tooltip": "Wallets - Tooltip",
    "admin (Shared)": "Admin (Berbagi)"
  },
+  "record": {
+    "Is triggered": "Is triggered"
+  },
  "resource": {
    "Copy Link": "Salin Tautan",
    "File name": "Nama file",
@ -945,6 +970,10 @@
    "Is read-only": "Is read-only",
    "Is read-only - Tooltip": "Is read-only - Tooltip",
    "New Syncer": "Sinkronisasi Baru",
+    "SSH host": "SSH host",
+    "SSH password": "SSH password",
+    "SSH port": "SSH port",
+    "SSH user": "SSH user",
    "SSL mode": "SSL mode",
    "SSL mode - Tooltip": "SSL mode - Tooltip",
    "Sync interval": "Interval sinkronisasi",
@ -1085,6 +1114,7 @@
    "The password must have at least 6 characters": "The password must have at least 6 characters",
    "The password must have at least 8 characters": "The password must have at least 8 characters",
    "The password must not contain any repeated characters": "The password must not contain any repeated characters",
+    "This field value doesn't match the pattern rule": "This field value doesn't match the pattern rule",
    "Title": "Judul",
    "Title - Tooltip": "Posisi dalam afiliasi",
    "Two passwords you typed do not match.": "Dua password yang Anda ketikkan tidak cocok.",
--- a/web/src/locales/it/data.json
+++ b/web/src/locales/it/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "Quando una sessione esiste in Casdoor, viene utilizzata automaticamente per il login lato applicazione",
    "Background URL": "Background URL",
    "Background URL - Tooltip": "URL of the background image used in the login page",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "Center",
    "Copy SAML metadata URL": "Copy SAML metadata URL",
    "Copy prompt page URL": "Copy prompt page URL",
@ -60,6 +62,9 @@
    "Form position - Tooltip": "Location of the signup, signin and forget password forms",
    "Grant types": "Grant types",
    "Grant types - Tooltip": "Select which grant types are allowed in the OAuth protocol",
+    "Header HTML": "Header HTML",
+    "Header HTML - Edit": "Header HTML - Edit",
+    "Header HTML - Tooltip": "Custom the head tag of your application entry page",
    "Incremental": "Incremental",
    "Input": "Input",
    "Invitation code": "Invitation code",
@ -95,11 +100,14 @@
    "Sign Up Error": "Sign Up Error",
    "Signin": "Signin",
    "Signin (Default True)": "Signin (Default True)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Signin session",
    "Signup items": "Signup items",
    "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "The application does not allow to sign up new account",
    "Token expire": "Token expire",
@ -169,6 +177,7 @@
    "Adapter - Tooltip": "Table name of the policy store",
    "Adapters": "Adapters",
    "Add": "Add",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "Affiliation URL",
    "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
@ -190,6 +199,7 @@
    "Cert - Tooltip": "The public key certificate that needs to be verified by the client SDK corresponding to this application",
    "Certs": "Certs",
    "Click to Upload": "Click to Upload",
+    "Client IP": "Client IP",
    "Close": "Close",
    "Confirm": "Confirm",
    "Copied to clipboard successfully": "Copied to clipboard successfully",
@ -307,6 +317,7 @@
    "Providers - Tooltip": "Providers to be configured, including 3rd-party login, object storage, verification code, etc.",
    "Real name": "Real name",
    "Records": "Records",
+    "Request URI": "Request URI",
    "Resources": "Resources",
    "Role": "Role",
    "Role - Tooltip": "Role - Tooltip",
@ -316,6 +327,9 @@
    "Root cert - Tooltip": "Root cert - Tooltip",
    "SAML attributes": "SAML attributes",
    "SAML attributes - Tooltip": "SAML attributes - Tooltip",
+    "SSH cert": "SSH cert",
+    "SSH type": "SSH type",
+    "SSH type - Tooltip": "The auth type of SSH connection",
    "Save": "Save",
    "Save & Exit": "Save & Exit",
    "Session ID": "Session ID",
@ -327,6 +341,7 @@
    "Signup URL - Tooltip": "Custom URL for the registration page. If not set, the default Casdoor registration page will be used. When set, the registration links on various Casdoor pages will redirect to this URL",
    "Signup application": "Signup application",
    "Signup application - Tooltip": "Which application the user registered through when they signed up",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Sorry, the page you visited does not exist.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Sorry, the user you visited does not exist or you are not authorized to access this user.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "Sorry, you do not have permission to access this page or logged in status invalid.",
@ -350,6 +365,7 @@
    "System Info": "System Info",
    "There was a problem signing you in..": "There was a problem signing you in..",
    "This is a read-only demo site!": "This is a read-only demo site!",
+    "Timestamp": "Timestamp",
    "Tokens": "Tokens",
    "Type": "Type",
    "Type - Tooltip": "Type - Tooltip",
@ -431,6 +447,7 @@
  },
  "login": {
    "Auto sign in": "Auto sign in",
+    "Back button": "Back button",
    "Continue with": "Continue with",
    "Email": "Email",
    "Email or phone": "Email or phone",
@ -441,6 +458,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Loading",
    "Logging out...": "Logging out...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "No account?",
    "Or sign in with another account": "Or sign in with another account",
@ -725,11 +743,11 @@
    "Email content - Tooltip": "Content of the Email",
    "Email title": "Email title",
    "Email title - Tooltip": "Title of the email",
-    "Enable QR code": "Enable QR code",
-    "Enable QR code - Tooltip": "Whether to allow scanning QR code to login",
    "Endpoint": "Endpoint",
    "Endpoint (Intranet)": "Endpoint (Intranet)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "Email address of \"From\"",
    "From name": "From name",
@ -835,6 +853,10 @@
    "Token URL - Tooltip": "Token URL",
    "Type": "Type",
    "Type - Tooltip": "Select a type",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
@ -845,6 +867,9 @@
    "Wallets - Tooltip": "Wallets - Tooltip",
    "admin (Shared)": "admin (Shared)"
  },
+  "record": {
+    "Is triggered": "Is triggered"
+  },
  "resource": {
    "Copy Link": "Copy Link",
    "File name": "File name",
@ -945,6 +970,10 @@
    "Is read-only": "Is read-only",
    "Is read-only - Tooltip": "Is read-only - Tooltip",
    "New Syncer": "New Syncer",
+    "SSH host": "SSH host",
+    "SSH password": "SSH password",
+    "SSH port": "SSH port",
+    "SSH user": "SSH user",
    "SSL mode": "SSL mode",
    "SSL mode - Tooltip": "SSL mode - Tooltip",
    "Sync interval": "Sync interval",
@ -1085,6 +1114,7 @@
    "The password must have at least 6 characters": "The password must have at least 6 characters",
    "The password must have at least 8 characters": "The password must have at least 8 characters",
    "The password must not contain any repeated characters": "The password must not contain any repeated characters",
+    "This field value doesn't match the pattern rule": "This field value doesn't match the pattern rule",
    "Title": "Title",
    "Title - Tooltip": "Position in the affiliation",
    "Two passwords you typed do not match.": "Two passwords you typed do not match.",
--- a/web/src/locales/ja/data.json
+++ b/web/src/locales/ja/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "Casdoorにログインセッションが存在する場合、アプリケーション側のログインに自動的に使用されます",
    "Background URL": "背景URL",
    "Background URL - Tooltip": "ログインページで使用される背景画像のURL",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "センター",
    "Copy SAML metadata URL": "SAMLメタデータのURLをコピーしてください",
    "Copy prompt page URL": "プロンプトページのURLをコピーしてください",
@ -60,6 +62,9 @@
    "Form position - Tooltip": "登録、ログイン、パスワード忘れフォームの位置",
    "Grant types": "グラント種類",
    "Grant types - Tooltip": "OAuthプロトコルで許可されているグラントタイプを選択してください",
+    "Header HTML": "Header HTML",
+    "Header HTML - Edit": "Header HTML - Edit",
+    "Header HTML - Tooltip": "Custom the head tag of your application entry page",
    "Incremental": "Incremental",
    "Input": "Input",
    "Invitation code": "Invitation code",
@ -95,11 +100,14 @@
    "Sign Up Error": "サインアップエラー",
    "Signin": "Signin",
    "Signin (Default True)": "Signin (Default True)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "サインインセッション",
    "Signup items": "サインアップアイテム",
    "Signup items - Tooltip": "新しいアカウントを登録する際にユーザーが入力するアイテム",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "アプリケーションでは新しいアカウントの登録ができません",
    "Token expire": "トークンの有効期限が切れました",
@ -169,6 +177,7 @@
    "Adapter - Tooltip": "ポリシー・ストアのテーブル名",
    "Adapters": "アダプター",
    "Add": "追加",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "所属するURL",
    "Affiliation URL - Tooltip": "所属先のホームページURL",
@ -190,6 +199,7 @@
    "Cert - Tooltip": "このアプリケーションに対応するクライアントSDKによって検証する必要がある公開鍵証明書",
    "Certs": "証明書",
    "Click to Upload": "アップロードするにはクリックしてください",
+    "Client IP": "Client IP",
    "Close": "閉じる",
    "Confirm": "Confirm",
    "Copied to clipboard successfully": "Copied to clipboard successfully",
@ -307,6 +317,7 @@
    "Providers - Tooltip": "設定するプロバイダーには、サードパーティのログイン、オブジェクトストレージ、検証コードなどが含まれます。",
    "Real name": "本名",
    "Records": "記録",
+    "Request URI": "Request URI",
    "Resources": "リソース",
    "Role": "Role",
    "Role - Tooltip": "Role - Tooltip",
@ -316,6 +327,9 @@
    "Root cert - Tooltip": "Root cert - Tooltip",
    "SAML attributes": "SAML attributes",
    "SAML attributes - Tooltip": "SAML attributes - Tooltip",
+    "SSH cert": "SSH cert",
+    "SSH type": "SSH type",
+    "SSH type - Tooltip": "The auth type of SSH connection",
    "Save": "保存",
    "Save & Exit": "保存して終了",
    "Session ID": "セッションID",
@ -327,6 +341,7 @@
    "Signup URL - Tooltip": "登録ページのカスタムURL。設定されていない場合、デフォルトのCasdoor登録ページが使用されます。設定された場合、Casdoorのさまざまなページの登録リンクはこのURLにリダイレクトされます",
    "Signup application": "サインアップ申請書",
    "Signup application - Tooltip": "ユーザーが登録した際に、どのアプリケーションを使用しましたか？",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "申し訳ありませんが、ご訪問いただいたページは存在しません。",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "すみません、あなたが訪問したユーザーは存在しないか、またはそのユーザーにアクセスする権限がありません。",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "申し訳ありませんが、このページにアクセスする権限がありません、またはログイン状態が無効です。",
@ -350,6 +365,7 @@
    "System Info": "システム情報",
    "There was a problem signing you in..": "There was a problem signing you in..",
    "This is a read-only demo site!": "これは読み取り専用のデモサイトです！",
+    "Timestamp": "Timestamp",
    "Tokens": "トークン",
    "Type": "Type",
    "Type - Tooltip": "Type - Tooltip",
@ -431,6 +447,7 @@
  },
  "login": {
    "Auto sign in": "自動サインイン",
+    "Back button": "Back button",
    "Continue with": "続ける",
    "Email": "Email",
    "Email or phone": "メールまたは電話",
@ -441,6 +458,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "ローディング",
    "Logging out...": "ログアウト中...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "アカウントがありませんか？",
    "Or sign in with another account": "別のアカウントでサインインする",
@ -725,11 +743,11 @@
    "Email content - Tooltip": "メールの内容",
    "Email title": "電子メールのタイトル",
    "Email title - Tooltip": "メールのタイトル",
-    "Enable QR code": "QRコードを有効にする",
-    "Enable QR code - Tooltip": "ログインするためにQRコードをスキャンすることを許可するかどうか",
    "Endpoint": "エンドポイント",
    "Endpoint (Intranet)": "エンドポイント（イントラネット）",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "From address - Tooltip",
    "From name": "From name",
@ -835,6 +853,10 @@
    "Token URL - Tooltip": "トークンURL",
    "Type": "タイプ",
    "Type - Tooltip": "タイプを選択してください",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
@ -845,6 +867,9 @@
    "Wallets - Tooltip": "Wallets - Tooltip",
    "admin (Shared)": "管理者（共有）"
  },
+  "record": {
+    "Is triggered": "Is triggered"
+  },
  "resource": {
    "Copy Link": "コピー リンク",
    "File name": "ファイル名",
@ -945,6 +970,10 @@
    "Is read-only": "Is read-only",
    "Is read-only - Tooltip": "Is read-only - Tooltip",
    "New Syncer": "新しいシンクロナイザー",
+    "SSH host": "SSH host",
+    "SSH password": "SSH password",
+    "SSH port": "SSH port",
+    "SSH user": "SSH user",
    "SSL mode": "SSL mode",
    "SSL mode - Tooltip": "SSL mode - Tooltip",
    "Sync interval": "同期の間隔",
@ -1085,6 +1114,7 @@
    "The password must have at least 6 characters": "The password must have at least 6 characters",
    "The password must have at least 8 characters": "The password must have at least 8 characters",
    "The password must not contain any repeated characters": "The password must not contain any repeated characters",
+    "This field value doesn't match the pattern rule": "This field value doesn't match the pattern rule",
    "Title": "タイトル",
    "Title - Tooltip": "所属のポジション",
    "Two passwords you typed do not match.": "2つのパスワードが一致しません。",
--- a/web/src/locales/kk/data.json
+++ b/web/src/locales/kk/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "When a logged-in session exists in Casdoor, it is automatically used for application-side login",
    "Background URL": "Background URL",
    "Background URL - Tooltip": "URL of the background image used in the login page",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "Center",
    "Copy SAML metadata URL": "Copy SAML metadata URL",
    "Copy prompt page URL": "Copy prompt page URL",
@ -60,6 +62,9 @@
    "Form position - Tooltip": "Location of the signup, signin and forget password forms",
    "Grant types": "Grant types",
    "Grant types - Tooltip": "Select which grant types are allowed in the OAuth protocol",
+    "Header HTML": "Header HTML",
+    "Header HTML - Edit": "Header HTML - Edit",
+    "Header HTML - Tooltip": "Custom the head tag of your application entry page",
    "Incremental": "Incremental",
    "Input": "Input",
    "Invitation code": "Invitation code",
@ -95,11 +100,14 @@
    "Sign Up Error": "Sign Up Error",
    "Signin": "Signin",
    "Signin (Default True)": "Signin (Default True)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Signin session",
    "Signup items": "Signup items",
    "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "The application does not allow to sign up new account",
    "Token expire": "Token expire",
@ -169,6 +177,7 @@
    "Adapter - Tooltip": "Table name of the policy store",
    "Adapters": "Adapters",
    "Add": "Add",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "Affiliation URL",
    "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
@ -190,6 +199,7 @@
    "Cert - Tooltip": "The public key certificate that needs to be verified by the client SDK corresponding to this application",
    "Certs": "Certs",
    "Click to Upload": "Click to Upload",
+    "Client IP": "Client IP",
    "Close": "Close",
    "Confirm": "Confirm",
    "Copied to clipboard successfully": "Copied to clipboard successfully",
@ -307,6 +317,7 @@
    "Providers - Tooltip": "Providers to be configured, including 3rd-party login, object storage, verification code, etc.",
    "Real name": "Real name",
    "Records": "Records",
+    "Request URI": "Request URI",
    "Resources": "Resources",
    "Role": "Role",
    "Role - Tooltip": "Role - Tooltip",
@ -316,6 +327,9 @@
    "Root cert - Tooltip": "Root cert - Tooltip",
    "SAML attributes": "SAML attributes",
    "SAML attributes - Tooltip": "SAML attributes - Tooltip",
+    "SSH cert": "SSH cert",
+    "SSH type": "SSH type",
+    "SSH type - Tooltip": "The auth type of SSH connection",
    "Save": "Save",
    "Save & Exit": "Save & Exit",
    "Session ID": "Session ID",
@ -327,6 +341,7 @@
    "Signup URL - Tooltip": "Custom URL for the registration page. If not set, the default Casdoor registration page will be used. When set, the registration links on various Casdoor pages will redirect to this URL",
    "Signup application": "Signup application",
    "Signup application - Tooltip": "Which application the user registered through when they signed up",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Sorry, the page you visited does not exist.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Sorry, the user you visited does not exist or you are not authorized to access this user.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "Sorry, you do not have permission to access this page or logged in status invalid.",
@ -350,6 +365,7 @@
    "System Info": "System Info",
    "There was a problem signing you in..": "There was a problem signing you in..",
    "This is a read-only demo site!": "This is a read-only demo site!",
+    "Timestamp": "Timestamp",
    "Tokens": "Tokens",
    "Type": "Type",
    "Type - Tooltip": "Type - Tooltip",
@ -431,6 +447,7 @@
  },
  "login": {
    "Auto sign in": "Auto sign in",
+    "Back button": "Back button",
    "Continue with": "Continue with",
    "Email": "Email",
    "Email or phone": "Email or phone",
@ -441,6 +458,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Loading",
    "Logging out...": "Logging out...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "No account?",
    "Or sign in with another account": "Or sign in with another account",
@ -725,11 +743,11 @@
    "Email content - Tooltip": "Content of the Email",
    "Email title": "Email title",
    "Email title - Tooltip": "Title of the email",
-    "Enable QR code": "Enable QR code",
-    "Enable QR code - Tooltip": "Whether to allow scanning QR code to login",
    "Endpoint": "Endpoint",
    "Endpoint (Intranet)": "Endpoint (Intranet)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "Email address of \"From\"",
    "From name": "From name",
@ -835,6 +853,10 @@
    "Token URL - Tooltip": "Token URL",
    "Type": "Type",
    "Type - Tooltip": "Select a type",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
@ -845,6 +867,9 @@
    "Wallets - Tooltip": "Wallets - Tooltip",
    "admin (Shared)": "admin (Shared)"
  },
+  "record": {
+    "Is triggered": "Is triggered"
+  },
  "resource": {
    "Copy Link": "Copy Link",
    "File name": "File name",
@ -945,6 +970,10 @@
    "Is read-only": "Is read-only",
    "Is read-only - Tooltip": "Is read-only - Tooltip",
    "New Syncer": "New Syncer",
+    "SSH host": "SSH host",
+    "SSH password": "SSH password",
+    "SSH port": "SSH port",
+    "SSH user": "SSH user",
    "SSL mode": "SSL mode",
    "SSL mode - Tooltip": "SSL mode - Tooltip",
    "Sync interval": "Sync interval",
@ -1085,6 +1114,7 @@
    "The password must have at least 6 characters": "The password must have at least 6 characters",
    "The password must have at least 8 characters": "The password must have at least 8 characters",
    "The password must not contain any repeated characters": "The password must not contain any repeated characters",
+    "This field value doesn't match the pattern rule": "This field value doesn't match the pattern rule",
    "Title": "Title",
    "Title - Tooltip": "Position in the affiliation",
    "Two passwords you typed do not match.": "Two passwords you typed do not match.",
--- a/web/src/locales/ko/data.json
+++ b/web/src/locales/ko/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "카스도어에 로그인된 세션이 존재할 때, 애플리케이션 쪽 로그인에 자동으로 사용됩니다",
    "Background URL": "배경 URL",
    "Background URL - Tooltip": "로그인 페이지에서 사용된 배경 이미지의 URL",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "중앙",
    "Copy SAML metadata URL": "SAML 메타데이터 URL 복사",
    "Copy prompt page URL": "프롬프트 페이지 URL을 복사하세요",
@ -60,6 +62,9 @@
    "Form position - Tooltip": "가입, 로그인 및 비밀번호 재설정 양식의 위치",
    "Grant types": "Grant types: 부여 유형",
    "Grant types - Tooltip": "OAuth 프로토콜에서 허용되는 그란트 유형을 선택하십시오",
+    "Header HTML": "Header HTML",
+    "Header HTML - Edit": "Header HTML - Edit",
+    "Header HTML - Tooltip": "Custom the head tag of your application entry page",
    "Incremental": "Incremental",
    "Input": "Input",
    "Invitation code": "Invitation code",
@ -95,11 +100,14 @@
    "Sign Up Error": "가입 오류",
    "Signin": "Signin",
    "Signin (Default True)": "Signin (Default True)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "로그인 세션",
    "Signup items": "가입 항목",
    "Signup items - Tooltip": "새로운 계정 등록시 사용자가 작성해야하는 항목들",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "이 어플리케이션은 새 계정 등록을 허용하지 않습니다",
    "Token expire": "토큰 만료",
@ -169,6 +177,7 @@
    "Adapter - Tooltip": "정책 저장소의 테이블 이름",
    "Adapters": "어댑터",
    "Add": "추가하다",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "소속 URL",
    "Affiliation URL - Tooltip": "소속 홈페이지 URL",
@ -190,6 +199,7 @@
    "Cert - Tooltip": "이 응용 프로그램에 해당하는 클라이언트 SDK에서 확인해야 하는 공개 키 인증서",
    "Certs": "증명서",
    "Click to Upload": "클릭하여 업로드하세요",
+    "Client IP": "Client IP",
    "Close": "닫다",
    "Confirm": "Confirm",
    "Copied to clipboard successfully": "Copied to clipboard successfully",
@ -235,7 +245,7 @@
    "Found some texts still not translated? Please help us translate at": "아직 번역되지 않은 텍스트가 있나요? 번역에 도움을 주실 수 있나요?",
    "Go to enable": "Go to enable",
    "Go to writable demo site?": "쓰기 가능한 데모 사이트로 이동하시겠습니까?",
-    "Groups": "Groups",
+    "Groups": "그룹",
    "Groups - Tooltip": "Groups - Tooltip",
    "Home": "집",
    "Home - Tooltip": "어플리케이션 홈 페이지",
@ -272,9 +282,9 @@
    "None": "None",
    "OAuth providers": "OAuth 공급자",
    "OK": "예",
-    "Organization": "조직화",
+    "Organization": "조직",
    "Organization - Tooltip": "각 사용자와 애플리케이션은 테넌트나 사용자 풀과 유사한 개념으로, 조직에 속합니다",
-    "Organizations": "조직들",
+    "Organizations": "조직",
    "Password": "비밀번호",
    "Password - Tooltip": "비밀번호가 올바른지 확인하세요",
    "Password complexity options": "Password complexity options",
@ -307,6 +317,7 @@
    "Providers - Tooltip": "공급 업체는 구성되어야합니다. 3rd-party 로그인, 객체 저장소, 검증 코드 등을 포함합니다.",
    "Real name": "실명",
    "Records": "기록",
+    "Request URI": "Request URI",
    "Resources": "자원",
    "Role": "Role",
    "Role - Tooltip": "Role - Tooltip",
@ -316,6 +327,9 @@
    "Root cert - Tooltip": "Root cert - Tooltip",
    "SAML attributes": "SAML attributes",
    "SAML attributes - Tooltip": "SAML attributes - Tooltip",
+    "SSH cert": "SSH cert",
+    "SSH type": "SSH type",
+    "SSH type - Tooltip": "The auth type of SSH connection",
    "Save": "저장하다",
    "Save & Exit": "저장하고 종료하기",
    "Session ID": "세션 ID",
@ -327,6 +341,7 @@
    "Signup URL - Tooltip": "등록 페이지를 위한 사용자 정의 URL입니다. 설정되지 않은 경우 기본 Casdoor 등록 페이지가 사용됩니다. 설정하면 Casdoor의 다양한 페이지에서 등록 링크가 이 URL로 리디렉션됩니다",
    "Signup application": "가입 양식",
    "Signup application - Tooltip": "사용자가 가입할 때 등록한 어플리케이션은 무엇인가요?",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "죄송합니다. 방문하신 페이지는 존재하지 않습니다.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "죄송합니다. 방문하신 사용자가 존재하지 않거나 사용자에게 접근할 권한이 없습니다.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "죄송합니다. 이 페이지에 접근할 권한이 없거나 로그인 상태가 유효하지 않습니다.",
@ -350,6 +365,7 @@
    "System Info": "시스템 정보",
    "There was a problem signing you in..": "There was a problem signing you in..",
    "This is a read-only demo site!": "이것은 읽기 전용 데모 사이트입니다!",
+    "Timestamp": "Timestamp",
    "Tokens": "토큰",
    "Type": "Type",
    "Type - Tooltip": "Type - Tooltip",
@ -363,7 +379,7 @@
    "User containers": "사용자 풀",
    "User type": "사용자 유형",
    "User type - Tooltip": "사용자가 속한 태그는 기본적으로 \"보통 사용자\"로 설정됩니다",
-    "Users": "사용자들",
+    "Users": "사용자",
    "Users under all organizations": "모든 조직의 사용자",
    "Webhooks": "Webhooks",
    "You can only select one physical group": "You can only select one physical group",
@ -431,6 +447,7 @@
  },
  "login": {
    "Auto sign in": "자동 로그인",
+    "Back button": "Back button",
    "Continue with": "계속하다",
    "Email": "Email",
    "Email or phone": "이메일 또는 전화",
@ -441,6 +458,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "로딩 중입니다",
    "Logging out...": "로그아웃 중...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "계정이 없나요?",
    "Or sign in with another account": "다른 계정으로 로그인하세요",
@ -525,7 +543,7 @@
    "Is profile public - Tooltip": "닫힌 후에는 전역 관리자 또는 동일한 조직의 사용자만 사용자 프로필 페이지에 액세스할 수 있습니다",
    "Modify rule": "규칙 수정",
    "New Organization": "새로운 조직",
-    "Optional": "Optional",
+    "Optional": "선택사항",
    "Prompt": "Prompt",
    "Required": "Required",
    "Soft deletion": "소프트 삭제",
@ -725,11 +743,11 @@
    "Email content - Tooltip": "이메일 내용",
    "Email title": "이메일 제목",
    "Email title - Tooltip": "이메일 제목",
-    "Enable QR code": "QR 코드 활성화",
-    "Enable QR code - Tooltip": "QR 코드를 스캔해서 로그인할 수 있는지 여부",
    "Endpoint": "엔드포인트",
    "Endpoint (Intranet)": "엔드포인트 (Intranet)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "From address - Tooltip",
    "From name": "From name",
@ -835,6 +853,10 @@
    "Token URL - Tooltip": "토큰 URL",
    "Type": "타입",
    "Type - Tooltip": "유형을 선택하세요",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
@ -845,6 +867,9 @@
    "Wallets - Tooltip": "Wallets - Tooltip",
    "admin (Shared)": "관리자 (공유)"
  },
+  "record": {
+    "Is triggered": "Is triggered"
+  },
  "resource": {
    "Copy Link": "링크 복사하기",
    "File name": "파일 이름",
@ -858,7 +883,7 @@
    "New Role": "새로운 역할",
    "Sub domains": "하위 도메인",
    "Sub domains - Tooltip": "현재 역할에 포함된 도메인",
-    "Sub groups": "Sub groups",
+    "Sub groups": "하위 그룹",
    "Sub groups - Tooltip": "Sub groups - Tooltip",
    "Sub roles": "서브 역할",
    "Sub roles - Tooltip": "현재 역할에 포함된 역할",
@ -945,6 +970,10 @@
    "Is read-only": "Is read-only",
    "Is read-only - Tooltip": "Is read-only - Tooltip",
    "New Syncer": "신규 싱크어",
+    "SSH host": "SSH host",
+    "SSH password": "SSH password",
+    "SSH port": "SSH port",
+    "SSH user": "SSH user",
    "SSL mode": "SSL mode",
    "SSL mode - Tooltip": "SSL mode - Tooltip",
    "Sync interval": "동기화 간격",
@ -1085,6 +1114,7 @@
    "The password must have at least 6 characters": "The password must have at least 6 characters",
    "The password must have at least 8 characters": "The password must have at least 8 characters",
    "The password must not contain any repeated characters": "The password must not contain any repeated characters",
+    "This field value doesn't match the pattern rule": "This field value doesn't match the pattern rule",
    "Title": "제목",
    "Title - Tooltip": "소속 내 직위",
    "Two passwords you typed do not match.": "두 개의 비밀번호가 일치하지 않습니다.",
--- a/web/src/locales/ms/data.json
+++ b/web/src/locales/ms/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "When a logged-in session exists in Casdoor, it is automatically used for application-side login",
    "Background URL": "Background URL",
    "Background URL - Tooltip": "URL of the background image used in the login page",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "Center",
    "Copy SAML metadata URL": "Copy SAML metadata URL",
    "Copy prompt page URL": "Copy prompt page URL",
@ -60,6 +62,9 @@
    "Form position - Tooltip": "Location of the signup, signin and forget password forms",
    "Grant types": "Grant types",
    "Grant types - Tooltip": "Select which grant types are allowed in the OAuth protocol",
+    "Header HTML": "Header HTML",
+    "Header HTML - Edit": "Header HTML - Edit",
+    "Header HTML - Tooltip": "Custom the head tag of your application entry page",
    "Incremental": "Incremental",
    "Input": "Input",
    "Invitation code": "Invitation code",
@ -95,11 +100,14 @@
    "Sign Up Error": "Sign Up Error",
    "Signin": "Signin",
    "Signin (Default True)": "Signin (Default True)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Signin session",
    "Signup items": "Signup items",
    "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "The application does not allow to sign up new account",
    "Token expire": "Token expire",
@ -169,6 +177,7 @@
    "Adapter - Tooltip": "Table name of the policy store",
    "Adapters": "Adapters",
    "Add": "Add",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "Affiliation URL",
    "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
@ -190,6 +199,7 @@
    "Cert - Tooltip": "The public key certificate that needs to be verified by the client SDK corresponding to this application",
    "Certs": "Certs",
    "Click to Upload": "Click to Upload",
+    "Client IP": "Client IP",
    "Close": "Close",
    "Confirm": "Confirm",
    "Copied to clipboard successfully": "Copied to clipboard successfully",
@ -307,6 +317,7 @@
    "Providers - Tooltip": "Providers to be configured, including 3rd-party login, object storage, verification code, etc.",
    "Real name": "Real name",
    "Records": "Records",
+    "Request URI": "Request URI",
    "Resources": "Resources",
    "Role": "Role",
    "Role - Tooltip": "Role - Tooltip",
@ -316,6 +327,9 @@
    "Root cert - Tooltip": "Root cert - Tooltip",
    "SAML attributes": "SAML attributes",
    "SAML attributes - Tooltip": "SAML attributes - Tooltip",
+    "SSH cert": "SSH cert",
+    "SSH type": "SSH type",
+    "SSH type - Tooltip": "The auth type of SSH connection",
    "Save": "Save",
    "Save & Exit": "Save & Exit",
    "Session ID": "Session ID",
@ -327,6 +341,7 @@
    "Signup URL - Tooltip": "Custom URL for the registration page. If not set, the default Casdoor registration page will be used. When set, the registration links on various Casdoor pages will redirect to this URL",
    "Signup application": "Signup application",
    "Signup application - Tooltip": "Which application the user registered through when they signed up",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Sorry, the page you visited does not exist.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Sorry, the user you visited does not exist or you are not authorized to access this user.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "Sorry, you do not have permission to access this page or logged in status invalid.",
@ -350,6 +365,7 @@
    "System Info": "System Info",
    "There was a problem signing you in..": "There was a problem signing you in..",
    "This is a read-only demo site!": "This is a read-only demo site!",
+    "Timestamp": "Timestamp",
    "Tokens": "Tokens",
    "Type": "Type",
    "Type - Tooltip": "Type - Tooltip",
@ -431,6 +447,7 @@
  },
  "login": {
    "Auto sign in": "Auto sign in",
+    "Back button": "Back button",
    "Continue with": "Continue with",
    "Email": "Email",
    "Email or phone": "Email or phone",
@ -441,6 +458,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Loading",
    "Logging out...": "Logging out...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "No account?",
    "Or sign in with another account": "Or sign in with another account",
@ -725,11 +743,11 @@
    "Email content - Tooltip": "Content of the Email",
    "Email title": "Email title",
    "Email title - Tooltip": "Title of the email",
-    "Enable QR code": "Enable QR code",
-    "Enable QR code - Tooltip": "Whether to allow scanning QR code to login",
    "Endpoint": "Endpoint",
    "Endpoint (Intranet)": "Endpoint (Intranet)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "Email address of \"From\"",
    "From name": "From name",
@ -835,6 +853,10 @@
    "Token URL - Tooltip": "Token URL",
    "Type": "Type",
    "Type - Tooltip": "Select a type",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
@ -845,6 +867,9 @@
    "Wallets - Tooltip": "Wallets - Tooltip",
    "admin (Shared)": "admin (Shared)"
  },
+  "record": {
+    "Is triggered": "Is triggered"
+  },
  "resource": {
    "Copy Link": "Copy Link",
    "File name": "File name",
@ -945,6 +970,10 @@
    "Is read-only": "Is read-only",
    "Is read-only - Tooltip": "Is read-only - Tooltip",
    "New Syncer": "New Syncer",
+    "SSH host": "SSH host",
+    "SSH password": "SSH password",
+    "SSH port": "SSH port",
+    "SSH user": "SSH user",
    "SSL mode": "SSL mode",
    "SSL mode - Tooltip": "SSL mode - Tooltip",
    "Sync interval": "Sync interval",
@ -1085,6 +1114,7 @@
    "The password must have at least 6 characters": "The password must have at least 6 characters",
    "The password must have at least 8 characters": "The password must have at least 8 characters",
    "The password must not contain any repeated characters": "The password must not contain any repeated characters",
+    "This field value doesn't match the pattern rule": "This field value doesn't match the pattern rule",
    "Title": "Title",
    "Title - Tooltip": "Position in the affiliation",
    "Two passwords you typed do not match.": "Two passwords you typed do not match.",
--- a/web/src/locales/nl/data.json
+++ b/web/src/locales/nl/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "When a logged-in session exists in Casdoor, it is automatically used for application-side login",
    "Background URL": "Background URL",
    "Background URL - Tooltip": "URL of the background image used in the login page",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "Center",
    "Copy SAML metadata URL": "Copy SAML metadata URL",
    "Copy prompt page URL": "Copy prompt page URL",
@ -60,6 +62,9 @@
    "Form position - Tooltip": "Location of the signup, signin and forget password forms",
    "Grant types": "Grant types",
    "Grant types - Tooltip": "Select which grant types are allowed in the OAuth protocol",
+    "Header HTML": "Header HTML",
+    "Header HTML - Edit": "Header HTML - Edit",
+    "Header HTML - Tooltip": "Custom the head tag of your application entry page",
    "Incremental": "Incremental",
    "Input": "Input",
    "Invitation code": "Invitation code",
@ -95,11 +100,14 @@
    "Sign Up Error": "Sign Up Error",
    "Signin": "Signin",
    "Signin (Default True)": "Signin (Default True)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Signin session",
    "Signup items": "Signup items",
    "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "The application does not allow to sign up new account",
    "Token expire": "Token expire",
@ -169,6 +177,7 @@
    "Adapter - Tooltip": "Table name of the policy store",
    "Adapters": "Adapters",
    "Add": "Add",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "Affiliation URL",
    "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
@ -190,6 +199,7 @@
    "Cert - Tooltip": "The public key certificate that needs to be verified by the client SDK corresponding to this application",
    "Certs": "Certs",
    "Click to Upload": "Click to Upload",
+    "Client IP": "Client IP",
    "Close": "Close",
    "Confirm": "Confirm",
    "Copied to clipboard successfully": "Copied to clipboard successfully",
@ -307,6 +317,7 @@
    "Providers - Tooltip": "Providers to be configured, including 3rd-party login, object storage, verification code, etc.",
    "Real name": "Real name",
    "Records": "Records",
+    "Request URI": "Request URI",
    "Resources": "Resources",
    "Role": "Role",
    "Role - Tooltip": "Role - Tooltip",
@ -316,6 +327,9 @@
    "Root cert - Tooltip": "Root cert - Tooltip",
    "SAML attributes": "SAML attributes",
    "SAML attributes - Tooltip": "SAML attributes - Tooltip",
+    "SSH cert": "SSH cert",
+    "SSH type": "SSH type",
+    "SSH type - Tooltip": "The auth type of SSH connection",
    "Save": "Save",
    "Save & Exit": "Save & Exit",
    "Session ID": "Session ID",
@ -327,6 +341,7 @@
    "Signup URL - Tooltip": "Custom URL for the registration page. If not set, the default Casdoor registration page will be used. When set, the registration links on various Casdoor pages will redirect to this URL",
    "Signup application": "Signup application",
    "Signup application - Tooltip": "Which application the user registered through when they signed up",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Sorry, the page you visited does not exist.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Sorry, the user you visited does not exist or you are not authorized to access this user.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "Sorry, you do not have permission to access this page or logged in status invalid.",
@ -350,6 +365,7 @@
    "System Info": "System Info",
    "There was a problem signing you in..": "There was a problem signing you in..",
    "This is a read-only demo site!": "This is a read-only demo site!",
+    "Timestamp": "Timestamp",
    "Tokens": "Tokens",
    "Type": "Type",
    "Type - Tooltip": "Type - Tooltip",
@ -431,6 +447,7 @@
  },
  "login": {
    "Auto sign in": "Auto sign in",
+    "Back button": "Back button",
    "Continue with": "Continue with",
    "Email": "Email",
    "Email or phone": "Email or phone",
@ -441,6 +458,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Loading",
    "Logging out...": "Logging out...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "No account?",
    "Or sign in with another account": "Or sign in with another account",
@ -725,11 +743,11 @@
    "Email content - Tooltip": "Content of the Email",
    "Email title": "Email title",
    "Email title - Tooltip": "Title of the email",
-    "Enable QR code": "Enable QR code",
-    "Enable QR code - Tooltip": "Whether to allow scanning QR code to login",
    "Endpoint": "Endpoint",
    "Endpoint (Intranet)": "Endpoint (Intranet)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "Email address of \"From\"",
    "From name": "From name",
@ -835,6 +853,10 @@
    "Token URL - Tooltip": "Token URL",
    "Type": "Type",
    "Type - Tooltip": "Select a type",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
@ -845,6 +867,9 @@
    "Wallets - Tooltip": "Wallets - Tooltip",
    "admin (Shared)": "admin (Shared)"
  },
+  "record": {
+    "Is triggered": "Is triggered"
+  },
  "resource": {
    "Copy Link": "Copy Link",
    "File name": "File name",
@ -945,6 +970,10 @@
    "Is read-only": "Is read-only",
    "Is read-only - Tooltip": "Is read-only - Tooltip",
    "New Syncer": "New Syncer",
+    "SSH host": "SSH host",
+    "SSH password": "SSH password",
+    "SSH port": "SSH port",
+    "SSH user": "SSH user",
    "SSL mode": "SSL mode",
    "SSL mode - Tooltip": "SSL mode - Tooltip",
    "Sync interval": "Sync interval",
@ -1085,6 +1114,7 @@
    "The password must have at least 6 characters": "The password must have at least 6 characters",
    "The password must have at least 8 characters": "The password must have at least 8 characters",
    "The password must not contain any repeated characters": "The password must not contain any repeated characters",
+    "This field value doesn't match the pattern rule": "This field value doesn't match the pattern rule",
    "Title": "Title",
    "Title - Tooltip": "Position in the affiliation",
    "Two passwords you typed do not match.": "Two passwords you typed do not match.",
--- a/web/src/locales/pl/data.json
+++ b/web/src/locales/pl/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "When a logged-in session exists in Casdoor, it is automatically used for application-side login",
    "Background URL": "Background URL",
    "Background URL - Tooltip": "URL of the background image used in the login page",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "Center",
    "Copy SAML metadata URL": "Copy SAML metadata URL",
    "Copy prompt page URL": "Copy prompt page URL",
@ -60,6 +62,9 @@
    "Form position - Tooltip": "Location of the signup, signin and forget password forms",
    "Grant types": "Grant types",
    "Grant types - Tooltip": "Select which grant types are allowed in the OAuth protocol",
+    "Header HTML": "Header HTML",
+    "Header HTML - Edit": "Header HTML - Edit",
+    "Header HTML - Tooltip": "Custom the head tag of your application entry page",
    "Incremental": "Incremental",
    "Input": "Input",
    "Invitation code": "Invitation code",
@ -95,11 +100,14 @@
    "Sign Up Error": "Sign Up Error",
    "Signin": "Signin",
    "Signin (Default True)": "Signin (Default True)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Signin session",
    "Signup items": "Signup items",
    "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "The application does not allow to sign up new account",
    "Token expire": "Token expire",
@ -169,6 +177,7 @@
    "Adapter - Tooltip": "Table name of the policy store",
    "Adapters": "Adapters",
    "Add": "Add",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "Affiliation URL",
    "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
@ -190,6 +199,7 @@
    "Cert - Tooltip": "The public key certificate that needs to be verified by the client SDK corresponding to this application",
    "Certs": "Certs",
    "Click to Upload": "Click to Upload",
+    "Client IP": "Client IP",
    "Close": "Close",
    "Confirm": "Confirm",
    "Copied to clipboard successfully": "Copied to clipboard successfully",
@ -307,6 +317,7 @@
    "Providers - Tooltip": "Providers to be configured, including 3rd-party login, object storage, verification code, etc.",
    "Real name": "Real name",
    "Records": "Records",
+    "Request URI": "Request URI",
    "Resources": "Resources",
    "Role": "Role",
    "Role - Tooltip": "Role - Tooltip",
@ -316,6 +327,9 @@
    "Root cert - Tooltip": "Root cert - Tooltip",
    "SAML attributes": "SAML attributes",
    "SAML attributes - Tooltip": "SAML attributes - Tooltip",
+    "SSH cert": "SSH cert",
+    "SSH type": "SSH type",
+    "SSH type - Tooltip": "The auth type of SSH connection",
    "Save": "Save",
    "Save & Exit": "Save & Exit",
    "Session ID": "Session ID",
@ -327,6 +341,7 @@
    "Signup URL - Tooltip": "Custom URL for the registration page. If not set, the default Casdoor registration page will be used. When set, the registration links on various Casdoor pages will redirect to this URL",
    "Signup application": "Signup application",
    "Signup application - Tooltip": "Which application the user registered through when they signed up",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Sorry, the page you visited does not exist.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Sorry, the user you visited does not exist or you are not authorized to access this user.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "Sorry, you do not have permission to access this page or logged in status invalid.",
@ -350,6 +365,7 @@
    "System Info": "System Info",
    "There was a problem signing you in..": "There was a problem signing you in..",
    "This is a read-only demo site!": "This is a read-only demo site!",
+    "Timestamp": "Timestamp",
    "Tokens": "Tokens",
    "Type": "Type",
    "Type - Tooltip": "Type - Tooltip",
@ -431,6 +447,7 @@
  },
  "login": {
    "Auto sign in": "Auto sign in",
+    "Back button": "Back button",
    "Continue with": "Continue with",
    "Email": "Email",
    "Email or phone": "Email or phone",
@ -441,6 +458,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Loading",
    "Logging out...": "Logging out...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "No account?",
    "Or sign in with another account": "Or sign in with another account",
@ -725,11 +743,11 @@
    "Email content - Tooltip": "Content of the Email",
    "Email title": "Email title",
    "Email title - Tooltip": "Title of the email",
-    "Enable QR code": "Enable QR code",
-    "Enable QR code - Tooltip": "Whether to allow scanning QR code to login",
    "Endpoint": "Endpoint",
    "Endpoint (Intranet)": "Endpoint (Intranet)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "Email address of \"From\"",
    "From name": "From name",
@ -835,6 +853,10 @@
    "Token URL - Tooltip": "Token URL",
    "Type": "Type",
    "Type - Tooltip": "Select a type",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
@ -845,6 +867,9 @@
    "Wallets - Tooltip": "Wallets - Tooltip",
    "admin (Shared)": "admin (Shared)"
  },
+  "record": {
+    "Is triggered": "Is triggered"
+  },
  "resource": {
    "Copy Link": "Copy Link",
    "File name": "File name",
@ -945,6 +970,10 @@
    "Is read-only": "Is read-only",
    "Is read-only - Tooltip": "Is read-only - Tooltip",
    "New Syncer": "New Syncer",
+    "SSH host": "SSH host",
+    "SSH password": "SSH password",
+    "SSH port": "SSH port",
+    "SSH user": "SSH user",
    "SSL mode": "SSL mode",
    "SSL mode - Tooltip": "SSL mode - Tooltip",
    "Sync interval": "Sync interval",
@ -1085,6 +1114,7 @@
    "The password must have at least 6 characters": "The password must have at least 6 characters",
    "The password must have at least 8 characters": "The password must have at least 8 characters",
    "The password must not contain any repeated characters": "The password must not contain any repeated characters",
+    "This field value doesn't match the pattern rule": "This field value doesn't match the pattern rule",
    "Title": "Title",
    "Title - Tooltip": "Position in the affiliation",
    "Two passwords you typed do not match.": "Two passwords you typed do not match.",
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
hsluoyz	488f48a714	Revert "feat: use i18next-resources-to-backend to lazy load i18n (#2738 )" This reverts commit `dc3131c683`.	2024-02-23 23:38:15 +08:00
DacongDA	dc3131c683	feat: use i18next-resources-to-backend to lazy load i18n (#2738 ) * feat: use i18next-resources-to-backend to lazy load i18n file * feat: change source in yarn.lock	2024-02-23 22:35:59 +08:00
zhuying1999	042a8d0ad6	feat: add rule for SMS and Email provider (#2733 ) * add phonecoderule * feat:add phone code rule * feat: add email rule * fix: merge	2024-02-23 00:09:37 +08:00
DacongDA	44abfb3430	feat: support custom header HTML in entry pages (#2731 )	2024-02-22 17:56:47 +08:00
Yang Luo	53b8424a1f	feat: fix JSON typo in init_data.json template	2024-02-21 17:33:08 +08:00
DacongDA	23c2ba3a2b	feat: support ssh key/pem file in DB syncer (#2727 ) * feat: support connect database with ssh tunnel in syncer * feat: improve i18n translate * feat: improve code format and i18n	2024-02-21 17:27:37 +08:00
许懿赫	3a9ffedce4	feat: support phone and Email in /api/login/oauth/access_token API (#2725 ) Phone Number supports for /api/login/oauth/access_token as username ✅ Closes: #2724	2024-02-21 17:27:24 +08:00
Yang Luo	03f005389f	feat: fix organizationChangeTrigger() and userChangeTrigger() bugs	2024-02-21 01:14:32 +08:00
Yang Luo	69a8346d05	Remove "/auto-signup/oauth/authorize" path introduced in PR: #896	2024-02-20 17:40:39 +08:00
Yang Luo	546512a0ea	Fix getCasvisorApplication()	2024-02-20 13:45:03 +08:00
DacongDA	c4a307b9ec	feat: add built-in "Records" pages back (#2720 )	2024-02-20 13:28:29 +08:00
DacongDA	d731c3c934	feat: add regex support for account item (#2714 ) * feat: add regex support for account item * feat: use reflect to process user field * fix: fix lint problem * feat: improve code format and fix reflect error	2024-02-17 15:24:36 +08:00
Yang Luo	4a68dd65cd	Fix typo in renderFormItem()	2024-02-16 10:13:50 +08:00
Yang Luo	d59148890e	Improve error handling for CheckVerificationCode()	2024-02-16 08:53:56 +08:00
Yang Luo	7f52755e32	feat: improve error messages	2024-02-16 01:13:34 +08:00
Yang Luo	eaa6f50085	Add initial value for grantTypes	2024-02-15 23:18:23 +08:00
Yaodong Yu	f35a5f9a47	feat: fix issue that admin cannot enable MFA for user (#2702 )	2024-02-14 23:29:04 +08:00
Yang Luo	7481b229a4	feat: show domain field for MinIO storage provider	2024-02-14 13:54:17 +08:00
Yang Luo	39e485ae82	Fix SigninTable issue	2024-02-14 12:20:03 +08:00
Yang Luo	764c64e67c	Fix SigninTable CSS	2024-02-14 12:10:30 +08:00
Yang Luo	e755a7331d	Fix renderLink()	2024-02-14 09:45:21 +08:00
hsluoyz	6d9d595f86	fix: Revert "fix: fix display bug in SigninTable" (#2700 ) This reverts commit `d52058d2ae`.	2024-02-14 09:44:42 +08:00
DacongDA	d52058d2ae	fix: fix display bug in SigninTable (#2698 ) * fix: fix display bug in SigninTable * fix: fix code bug * feat: improve code format * feat: improve code format	2024-02-14 09:26:51 +08:00
Yang Luo	bcfbfc6947	Support "signinUrl" in forget page	2024-02-14 02:36:52 +08:00
Yang Luo	75699c4a26	feat: improve code in getObject()	2024-02-13 23:50:21 +08:00
DacongDA	3e8bfb52a8	feat: add signin items table (#2695 ) * feat: add signin items table * fix:unable to login * feat: improve code format * fix: fix display err on signup link * feat: improve display of sign up link	2024-02-13 23:12:40 +08:00
Yaodong Yu	bbbd857a45	fix: fix bug that failed to run initApi adapter in docker (#2696 )	2024-02-13 23:12:25 +08:00
Andrey	498900df76	feat: allow dot in the username (like john.smith) (#2692 )	2024-02-12 20:52:17 +08:00
Dmitri Aleksandrov	7e3c1a6581	fix: improve goth code (#2693 ) Signed-off-by: Dmitrii Aleksandrov <goodmobiledevices@gmail.com>	2024-02-12 20:51:58 +08:00
github-actions[bot]	6e28043dba	refactor: New Crowdin translations (#2648 ) * refactor: New Crowdin translations by Github Action * refactor: New Crowdin Backend translations by Github Action --------- Co-authored-by: Crowdin Bot <support+bot@crowdin.com>	2024-02-12 18:54:31 +08:00
Yang Luo	cb200687dc	feat: fix GetUserByUserId() API crash issue	2024-02-12 18:51:55 +08:00
Lars Lehtonen	23bb0ee450	feat: fix error handling in AdfsIdProvider (#2687 )	2024-02-10 15:38:38 +08:00
Yang Luo	117259dfc5	ci: fix repo name in CI	2024-02-10 15:38:17 +08:00
DacongDA	e71d0476f0	feat: support data initialization for groups, adapters, enforcers, plans and pricings (#2685 )	2024-02-08 20:46:40 +08:00
Yang Luo	b5d26767b2	docs: improve README	2024-02-08 00:02:31 +08:00
DacongDA	5c4e22288e	feat: improve error handling and code format (#2682 ) * feat: improve error process and code format * feat: improve error process and code format	2024-02-07 20:55:33 +08:00
Satinder Singh	3ac4be64b8	fix: error msg for invalid org & app names in signup (#2679 )	2024-02-07 08:53:50 +08:00
DacongDA	97db54b6b9	feat: full support for wechat official account login (#2677 ) * feat: full support for wechat official account login * feat: improve provider edit page * fix: improve i18n format	2024-02-07 00:00:10 +08:00
Yang Luo	3a19d4c7c8	fix: do not filter webhooks by org	2024-02-06 20:33:11 +08:00