Interface text settings

Multilanguage support

The Blitz Identity Provider web interface supports multi-language. Two languages are provided by default - Russian and English.

By default, the interface is displayed to the user in the language that corresponds to their system language in the OS and their preferred language in the browser. In this case, you can switch the language by changing the primary input language (the language in which web pages are displayed) in the browser you are using. For example, to change the language in the Chrome browser, follow the steps:

• go to the browser settings (chrome://settings/);

• select Show additional settings;

• click on the Change language preferences button;

• move the desired language to the first place in the list.

To change the language in Firefox browser, you need to follow the steps:

• go to the browser settings (about:preferences);

• select the General section of the settings;

• in the Language subsection, press the Select button;

• move the desired language to the first position in the list:

Additionally, it is possible to configure the language using the blitz.conf configuration file. To do this, edit the language setting section blitz.prod.local.idp.lang with the following parameters:

• languages - list of available languages. The first language in the list is considered to be the default language;

• portal-lang-cookie - name (name) and setting domain (domain) of the cookie with the current portal language (optional). If a portal cookie is set, the language change in Blitz Identity Provider is stored in the specified cookie;

• ignore-browser - whether or not the browser language ignore mode is turned off;

• lang-variants – list of identifiers for special sets of strings for individual applications.

The example of configuration file excerpt:

"lang" : {
  "ignore-browser" : true,
  "languages" : [
    "ru",
    "en"
  ],
  "lang-variants": ["special1", "special2"],
  "portal-lang-cookie" : {
    "domain" : "domain.com",
    "name" : "blitzlng"
  }
}

Thus, for example, if the use of the English interface language is not required, it can be removed from the languages parameter.

Web interface texts

Blitz Identity Provider allows you to change text strings used in the system interface. To do this, you need to edit the messages file located in the /custom_messages/ directory by adding a string like “parameter=value”, where parameter is the text string identifier and value is the required text.

All text strings used by Blitz Identity Provider by default are saved in the messages.zip archive included with the software.

For example, the following string is responsible for the text in the registration form that contains URL to the User agreement:

reg.page.reg.action.agreement=Нажимая на&nbsp;кнопку &laquo;Зарегистрироваться&raquo; вы&nbsp;соглашаетесь с&nbsp;<a href="{0}" target="_blank">условиями использования</a>

The file must be saved in UTF-8 encoding in order to display correctly.

If you need to change the English language, add the messages.en file to the specified directory and change the necessary files in it.

If you want to use the @ character in texts, you must enter it twice.

Email and SMS templates

Email templates are text strings saved in the same way as regular strings in the web interface. They are modified in the same way.

The unified format of message codes is used, which has the following form:

message.$[группа_сообщений].$[тип_сообщения].$[вариация].$[канал].$[часть]

Following message groups are used:

• notif - for notifications;

• reg - for interaction with the user during registration;

• recovery - for interaction with the user when restoring access;

• auth - for interaction with the user during authentication;

• profile - for interaction with the user in the User profile;

• api - for interaction with the user when using API.

Message types from different groups:

notif

login_unknown_device

User notification about the login from unknown device.

Parameters:

• device - code of the device

• device.msg - name of the device computed with msg(audit.device.$[device]) string

• browser - user browser

• user session attributes

• ua.name - device name

• app.id - application identifier

• app.name - application name

• ip – IP-address

• ip.country - country

• ip.state - region

• ip.city - city

• ip.lat - latitude

• ip.lng - longitude

• ip.radius - radius of the neighborhood

• device.type - device type

• device.mkey - collected key for messages, formation rule: s"$deviceType.$osName.$osVer"

• os.name - operating system name

• os.ver - operating system version

• os.mkey - collected key for messages, formation rule: s”$osName.$osVer”

• event.time is the time of the event (in unixtime).

You can use the following formatting features in a message template:

• $[<ATTR>&dic(<MSG_KEY_PREFIX>,<PARAM_SUBSTITUTION>)] - get value from string;

• $[<ATTR>&formatUnixTime(dd MMMM YYYYY year,ru,GMT)] - date and time formatting, where dd MMMM YYYYY - template in SimpleDateFormat format, ru - locale (optional), GMT - timezone (optional)

link_social_network

User notification about linking to social network.

Parameters:

• f p.humanReadableName - name of the external identity provider

• user attributes

change_pwd

User notification about password change.

Parameters:

User attributes

changed_pwd_to_object

User notification about password change in dependent account.

Parameters:

Attributes of the dependent account with obj prefix.

access_recovery

User notification about password recovery

Parameters:

User attributes

access_recovery_by_object

User notification about password recovery in dependent account.

Parameters:

Attributes of the dependent account with obj prefix.

set_2factor_auth

User notification of the assignment of the second authentication factor.

Parameters:

• method - authentication method code

• method.msg - authentication method name computed by the msg(message.method .name.$[method]) string

• user attributes

granted_access_to

Subject notification about granted access to the object.

Parameters:

• blitz_right - access rights code

• subject attributes

• object attributes with the obj. prefix

granted_access_on

Object notification about granted access to it.

Parameters:

• blitz_right - access rights code

• subject attributes

• object attributes with the obj. prefix

revoked_access_to

Subject notification about revoked access to the object.

Parameters:

• blitz_right - access rights code

• subject attributes

• object attributes with the obj. prefix

revoked_access_on

Object notification about revoked access to it.

Parameters:

• blitz_right - access rights code

• subject attributes

• object attributes with the obj. prefix

on_registration

User notification about registration of their account.

Parameters:

• _entryPoint_ - registration channel

• _appId_ – application

• _requesterId_ – application

• user attributes

Example line:

message.notif.login_unknown_device.email.body=Уважаемый пользователь!<br><br>Мы обнаружили, что вы вошли в систему с нового устройства $[event.time&formatUnixTime(dd MMMM YYYY г.,ru,GMT)]:<br>$[device.mkey&dic(dics.devices,os.ver)], браузер $[ua.name&dic(dics.browsers)]<br>Если вы не совершали это действие, обратитесь к администратору.

reg

vrf_code

Sending contact confirmation code during registration.

Parameters:

• code – confirmation code

• link– confirmation link (only for email channel)

• req.ip – IP-address

• req.userAgent - userAgent of the user

• cfg.domain - domain

• user attributes from the registration context with the prefix attrs.

set_pwd_link

Sending the link to change password during registration (only for email channel).

Parameters:

• link - link to password change page

• req.ip – IP-address

• req.userAgent - userAgent of the user

• cfg.domain - domain

• user attributes from the registration context with the prefix attrs.

generated_pwd

Sending the assigned registration password (only for SMS channel).

Parameters:

• pwd - generated password

• req.ip – IP-address

• req.userAgent - userAgent of the user

• cfg.domain - domain attributes of the user from the registration context with the prefix attrs.

recovery

vrf_code

Sending contact confirmation code during recovery.

Parameters:

• code – confirmation code

• link– confirmation link (only for email channel)

auth

vrf_code

Sending mobile number confirmation code (channels: SMS/push).

Parameters:

code – confirmation code

profile

vrf_code

Sending confirmation code if it was changed in Personal account.

Parameters:

• attr.msg - name of the attribute in the profile form

• attr – attribute code

• link– confirmation link (only for email channel)

• code – confirmation code

api

vrf_code

Variations:

• $attr.$rpId – separately for current application and attribute

• $attr - separately for this attribute

Sending contact confirmation code via API

Parameters:

• code – confirmation code

• link– confirmation link (only for email channel)

• attr.value - new contact (e-mail or cell phone)

• attr – contact attribute code

Variations allow you to specify variations in addition to the basic message template (for example, a separate template by application). The presence of a variation is checked by the basic template with the message text (body'' part). If the variation of the main template is described in the system, all other templates (``email.subject, email.from, push.title) will be applied with the same variation. If there are multiple variations, they will be checked in some specified order (usually from more detail to less detail). If there are no variations, the base template will be used. In most cases there are no variations.

The following channels are available:

• sms - sending messages by SMS. There are no parts for this channel;

• email - sending messages by email. Parts for this channel:

  • subject - subject;

  • body - main content;

  • from - sender (optional);

• push - sending push notifications. Parts for this channel:

  • title - subject;

  • body - main content.

Example keys for login_unknown_device messages type:

• message.notif.login_unknown_device.email.subject - subject of the email message;

• message.notif.login_unknown_device.email.body - text of the email message;

• message.notif.login_unknown_device.email.from - sender of the email message;

• message.notif.login_unknown_device.sms - SMS text.

Login button logos through external providers

In Blitz Identity Provider, you can change the logos displayed on the login buttons using external identity providers (social media) on the login page and the external identity provider bind buttons in your personal account.

To customize, you must create lines in the custom_messages directory in the messages file whose names correspond to the following patterns:

• for the login page is meth-logo.${type}.${name}

• for personal account - social-icon.${type}.${name}

${type} specifies the type of external identity provider, ${name} specifies the name of the identity provider. The values are taken from the settings.

The string values specify the <icon class> names assigned to buttons.

Example lines:

social-icon.saml.demo-idp=saml-demo
social-icon.esia.esia_1=esia
meth-logo.saml.demo-idp=meth-saml-demo
meth-logo.esia=meth-esia

Device and browser names

In Blitz Identity Provider you can customize the names of devices (operating systems) and browsers with exact version. To do this, you need to create lines in the custom_messages directory in the messages file whose names correspond to the following patterns:

• for browsers - dics.browsers.<name>. The following browsers are supported for substitution into <name>: Firefox, Opera, Chrome, Safari, IE, Edge, Yandex, Sputnik, unknown. The text of the string receives the browser version as a substitution string {0}.

• for devices (operating systems) - dics.devices.<typ>.<os>.<ver>. As <typ> you can specify: kindle, mobile, tablet, iphone, windowsPhone, pc, ipad, playStation, unknown. As <os> you can specify: Android, iOS, WindowsPhone, Windows, macOS, Linux, ChromeOS, unknown. If no private string is defined for <os> and <ver>, the more general string is taken. The operating system version is passed into the string text as a {0} substitution string.

Example lines:

dics.browsers.Firefox=Firefox Browser {0}
dics.browsers.Opera=Opera {0}
dics.browsers.Chrome=Google Chrome {0}
dics.browsers.Safari=Safari {0}
dics.browsers.IE=Internet Explorer
dics.browsers.Edge=Microsoft Edge {0}
dics.browsers.Yandex=Яндекс.Браузер {0}
dics.browsers.Sputnik=Спутник
dics.devices.mobile=Мобильное устройство
dics.devices.mobile.Android=Android
dics.devices.mobile.Android.10=Android 10
dics.devices.mobile.Android.9=Android 9
dics.devices.tablet=Планшет
dics.devices.iphone=iPhone
dics.devices.iphone.iOS.14=iPhone (iOS {0})
dics.devices.pc.macOS=macOS {0}
dics.devices.pc.macOS.13=macOS Ventura {0}
dics.devices.pc.macOS.12=macOS Monterey {0}
dics.devices.pc.macOS.11=macOS Big Sur {0}
dics.devices.pc.macOS.10.15=macOS Catalina {0}
dics.devices.pc.macOS.10.14=macOS Mojave {0}
dics.devices.pc.macOS.10.13=macOS High Sierra {0}
dics.devices.pc.macOS.10.12=macOS Sierra {0}
dics.devices.pc.Windows.8=Windows 8
dics.devices.pc.Windows.10=Windows 10
dics.devices.pc.Windows.11=Windows 11

Messages for different applications

It is possible to modify all text messages and templates in order to use specific texts/templates for different applications. For example, you can brand emails sent during registration on different websites connected to the same Blitz Identity Provider installation, or provide a link to download different resource rules.

To bind a set of templates to a specific application, follow the steps:

1. Create a text file copy that should be used only for this application. To do this, create a text file messages.ru-special1 (messages.en-special1) in the custom_messages/ directory for this application, in which special1 is a sequence of 5-8 characters (both numbers and letters of the Latin alphabet are allowed).

2. Edit the messages.ru-special1 (messages.en-special1) file to add application-specific strings. All other strings will be taken from the default string database.

3. Edit the blitz.conf file as follows:

   • in the blitz.prod.local.idp.apps section of the file, find the application ID that should use the created template file;

   • add a parameter to the application settings in the ”lang-variant” : “special1” format, in which special1 is the character sequence used to label the template.

   Example:

   "demo-application" : {
       "domain" : "http://testdomain.ru",
       "lang-variant" : "special1",
       "name" : "test",
       "oauth" : {
           "autoConsent" : false,
           "clientSecret" : "1234567890",
           "defaultScopes" : [],
           "enabled" : true,
           "redirectUriPrefixes" : [
               "http://localhost"
           ]
       },
       "theme" : "default"
   }
   

4. In the blitz.prod.local.idp.lang -> lang-variant setting, register all character sequences used to label various applications (special1, special2).

After that, a specially created message file will be used when logging into this application.

Auxiliary application messages (pipes)

In Blitz Identity Provider, you can configure the messages of the helper application that issues the security key (Passkey, WebAuthn, FIDO2) at user login. You can configure different message texts depending on the user’s devices (operating systems). To do this, create strings in the custom_messages directory in the messages file whose names correspond to the following patterns:

• pipes.conf.webAuthn.addKey.<message-path>.<device-type>.<os>;

• login.outside.flow.error.internal.webAuthn.addKey.<device-type>.<os>.

As <message-path> the string name is specified (see example below). The <device-type> specifies the device type: mobile, tablet, iphone, pc, ipad. As <os> you can specify: Android, iOS, Windows, macOS, Linux, ChromeOS. If no private string is defined for <device-type> and <os>, the more general string is taken.

Example lines:

pipes.conf.webAuthn.addKey.page.title.pc.macOS=Вход по Touch ID
pipes.conf.webAuthn.addKey.head.title.pc.macOS=Вход по Touch ID
pipes.conf.webAuthn.addKey.info.pc.macOS=Использовать Touch ID или пароль компьютера Mac для входа в приложения?
pipes.conf.webAuthn.addKey.finishInfo.pc.macOS=Вход по Touch ID для учетной записи настроен. Нажмите кнопку "Продолжить"
pipes.conf.webAuthn.addKey.name.pc.macOS=Touch ID на Mac
login.outside.flow.error.internal.webAuthn.addKey.pc.macOS=Произошла ошибка при настройке входа по Touch ID на Mac

pipes.conf.webAuthn.addKey.page.title.pc.Windows=Вход через Windows Hello
pipes.conf.webAuthn.addKey.head.title.pc.Windows=Вход через Windows Hello
pipes.conf.webAuthn.addKey.info.pc.Windows=Использовать PIN-код компьютера, распознавание лица или отпечатка пальца для входа в приложения?
pipes.conf.webAuthn.addKey.finishInfo.pc.Windows=Вход через Windows Hello для учетной записи настроен. Нажмите кнопку "Продолжить"
pipes.conf.webAuthn.addKey.name.pc.Windows=Windows Hello
login.outside.flow.error.internal.webAuthn.addKey.pc.Windows=Произошла ошибка при настройке входа через Windows Hello

pipes.conf.webAuthn.addKey.page.title.iphone.iOS=Вход по Face ID
pipes.conf.webAuthn.addKey.head.title.iphone.iOS=Вход по Face ID
pipes.conf.webAuthn.addKey.info.iphone.iOS=Использовать Face ID или Touch ID телефона для входа в приложения?
pipes.conf.webAuthn.addKey.finishInfo.iphone.iOS=Вход через Face ID для учетной записи настроен. Нажмите кнопку "Продолжить"
pipes.conf.webAuthn.addKey.name.iphone.iOS=Face ID на iPhone
login.outside.flow.error.internal.webAuthn.addKey.iphone.iOS=Произошла ошибка при настройке входа через Face ID

pipes.conf.webAuthn.addKey.page.title.ipad.iOS=Вход по Touch ID
pipes.conf.webAuthn.addKey.head.title.ipad.iOS=Вход по Touch ID
pipes.conf.webAuthn.addKey.info.ipad.iOS=Использовать Touch ID планшета для входа в приложения?
pipes.conf.webAuthn.addKey.finishInfo.ipad.iOS=Вход через Touch ID для учетной записи настроен. Нажмите кнопку "Продолжить"
pipes.conf.webAuthn.addKey.name.ipad.iOS=Touch ID на iPad
login.outside.flow.error.internal.webAuthn.addKey.ipad.iOS=Произошла ошибка при настройке входа через Touch ID

pipes.conf.webAuthn.addKey.page.title.mobile.Android=Вход по распознаванию лица или отпечатка пальца
pipes.conf.webAuthn.addKey.head.title.mobile.Android=Вход по распознаванию лица или отпечатка пальца
pipes.conf.webAuthn.addKey.info.mobile.Android=Использовать распознавание лица или отпечатка пальца для входа в приложения?
pipes.conf.webAuthn.addKey.finishInfo.mobile.Android=Вход через распознавание лица или отпечатка пальца для учетной записи настроен. Нажмите кнопку "Продолжить"
pipes.conf.webAuthn.addKey.name.mobile.Android=Smart Lock на Android
login.outside.flow.error.internal.webAuthn.addKey.mobile.Android=Произошла ошибка при настройке входа через через распознавание лица или отпечатка пальца

pipes.conf.webAuthn.addKey.page.title=Вход по ключу безопасности
pipes.conf.webAuthn.addKey.head.title=Вход по ключу безопасности
pipes.conf.webAuthn.addKey.info=Использовать ключ безопасности FIDO2 для входа в приложения?
pipes.conf.webAuthn.addKey.finishInfo=Вход через ключ безопасности для учетной записи настроен. Нажмите кнопку "Продолжить"
pipes.conf.webAuthn.addKey.name=FIDO2

In Blitz Identity Provider, you can configure texts for an auxiliary application that shows a message to the user while login to the application. To do this, define in the custom_messages directory in the messages file the strings for the customized blitz.prod.local.idp.built-in-pipes.info applications with their {id} of the helper application.

Example lines:

pipes.info.head.title.{id} - название вкладки
pipes.info.page.title.{id} - заголовок вспомогательного приложения
pipes.info.message.{id} - текст сообщения
pipes.info.read.{id} - название кнопки (для вспомогательных приложений с типом "news")
pipes.info.agree.{id} - название 1-й кнопки (для вспомогательных приложений с типом "agreement")
pipes.info.disagree.{id} - название 2-й кнопки (для вспомогательных приложений с типом "agreement")

You can customize texts in the Blitz Identity Provider for a helper application that asks the user to select a value from a list at user’s login and stores the result of the selection in an account attribute. To do this, define in the custom_messages directory in the messages file the strings for the configured blitz.prod.local.idp.built-in-pipes.choice applications with their {id} of the helper application.

Example lines:

pipes.choice.head.title.{id} - название вкладки
pipes.choice.page.title.{id} - заголовок вспомогательного приложения
pipes.choice.info.{id} - текст информации под заголовком
pipes.choice.button.{id}.{choiceId} – текст на кнопке выбора
pipes.choice.skip – текст на кнопке пропуска

You can customize texts in Blitz Identity Provider for an auxiliary application that asks the user to enter an attribute value at application login. To do this, define lines in the custom_messages directory in the messages file that correspond to the following pattern - pipes.act.attr. <message-path>.common.<attr-name>. The string name is specified as <message-path> (see below for an example). The attribute name is specified as <attr-name>.

Example strings (in case the family_name attribute is filled):

pipes.act.attr.page.title.common.family_name=Подтверждение фамилии
pipes.act.attr.head.title.common.family_name=Подтверждение фамилии
pipes.act.attr.info.confirm.common.family_name=В учетной записи указана ваша фамилия?<br>Проверьте и нажмите кнопку <b>Подтвердить</b>.
pipes.act.attr.info.enter.common.family_name=В учетной записи не указана фамилия.<br>Введите и нажмите кнопку <b>Подтвердить</b>.
pipes.act.attr.label.common.family_name=Фамилия
pipes.act.attr.msg.required.msg.common.surname=Введите фамилию