OpenIddictResources.resx

<?xml version="1.0" encoding="utf-8"?>
<root>
  <!-- 
    Microsoft ResX Schema 
    
    Version 2.0
    
    The primary goals of this format is to allow a simple XML format 
    that is mostly human readable. The generation and parsing of the 
    various data types are done through the TypeConverter classes 
    associated with the data types.
    
    Example:
    
    ... ado.net/XML headers & schema ...
    <resheader name="resmimetype">text/microsoft-resx</resheader>
    <resheader name="version">2.0</resheader>
    <resheader name="reader">System.Resources.ResXResourceReader, System.Windows.Forms, ...</resheader>
    <resheader name="writer">System.Resources.ResXResourceWriter, System.Windows.Forms, ...</resheader>
    <data name="Name1"><value>this is my long string</value><comment>this is a comment</comment></data>
    <data name="Color1" type="System.Drawing.Color, System.Drawing">Blue</data>
    <data name="Bitmap1" mimetype="application/x-microsoft.net.object.binary.base64">
        <value>[base64 mime encoded serialized .NET Framework object]</value>
    </data>
    <data name="Icon1" type="System.Drawing.Icon, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64">
        <value>[base64 mime encoded string representing a byte array form of the .NET Framework object]</value>
        <comment>This is a comment</comment>
    </data>
                
    There are any number of "resheader" rows that contain simple 
    name/value pairs.
    
    Each data row contains a name, and value. The row also contains a 
    type or mimetype. Type corresponds to a .NET class that support 
    text/value conversion through the TypeConverter architecture. 
    Classes that don't support this are serialized and stored with the 
    mimetype set.
    
    The mimetype is used for serialized objects, and tells the 
    ResXResourceReader how to depersist the object. This is currently not 
    extensible. For a given mimetype the value must be set accordingly:
    
    Note - application/x-microsoft.net.object.binary.base64 is the format 
    that the ResXResourceWriter will generate, however the reader can 
    read any of the formats listed below.
    
    mimetype: application/x-microsoft.net.object.binary.base64
    value   : The object must be serialized with 
            : System.Runtime.Serialization.Formatters.Binary.BinaryFormatter
            : and then encoded with base64 encoding.
    
    mimetype: application/x-microsoft.net.object.soap.base64
    value   : The object must be serialized with 
            : System.Runtime.Serialization.Formatters.Soap.SoapFormatter
            : and then encoded with base64 encoding.

    mimetype: application/x-microsoft.net.object.bytearray.base64
    value   : The object must be serialized into a byte array 
            : using a System.ComponentModel.TypeConverter
            : and then encoded with base64 encoding.
    -->
  <xsd:schema id="root" xmlns="" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:msdata="urn:schemas-microsoft-com:xml-msdata">
    <xsd:import namespace="http://www.w3.org/XML/1998/namespace" />
    <xsd:element name="root" msdata:IsDataSet="true">
      <xsd:complexType>
        <xsd:choice maxOccurs="unbounded">
          <xsd:element name="metadata">
            <xsd:complexType>
              <xsd:sequence>
                <xsd:element name="value" type="xsd:string" minOccurs="0" />
              </xsd:sequence>
              <xsd:attribute name="name" use="required" type="xsd:string" />
              <xsd:attribute name="type" type="xsd:string" />
              <xsd:attribute name="mimetype" type="xsd:string" />
              <xsd:attribute ref="xml:space" />
            </xsd:complexType>
          </xsd:element>
          <xsd:element name="assembly">
            <xsd:complexType>
              <xsd:attribute name="alias" type="xsd:string" />
              <xsd:attribute name="name" type="xsd:string" />
            </xsd:complexType>
          </xsd:element>
          <xsd:element name="data">
            <xsd:complexType>
              <xsd:sequence>
                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
                <xsd:element name="comment" type="xsd:string" minOccurs="0" msdata:Ordinal="2" />
              </xsd:sequence>
              <xsd:attribute name="name" type="xsd:string" use="required" msdata:Ordinal="1" />
              <xsd:attribute name="type" type="xsd:string" msdata:Ordinal="3" />
              <xsd:attribute name="mimetype" type="xsd:string" msdata:Ordinal="4" />
              <xsd:attribute ref="xml:space" />
            </xsd:complexType>
          </xsd:element>
          <xsd:element name="resheader">
            <xsd:complexType>
              <xsd:sequence>
                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
              </xsd:sequence>
              <xsd:attribute name="name" type="xsd:string" use="required" />
            </xsd:complexType>
          </xsd:element>
        </xsd:choice>
      </xsd:complexType>
    </xsd:element>
  </xsd:schema>
  <resheader name="resmimetype">
    <value>text/microsoft-resx</value>
  </resheader>
  <resheader name="version">
    <value>2.0</value>
  </resheader>
  <resheader name="reader">
    <value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
  </resheader>
  <resheader name="writer">
    <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
  </resheader>
  <data name="ID0002" xml:space="preserve">
    <value>An identity cannot be extracted from this request.
This generally indicates that the OpenIddict server stack was asked to authenticate a request for an endpoint it doesn't manage.
To validate tokens received by custom API endpoints, the OpenIddict validation handler (e.g OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme or OpenIddictValidationOwinDefaults.AuthenticationType) must be used instead.</value>
  </data>
  <data name="ID0003" xml:space="preserve">
    <value>The token type is not supported.</value>
  </data>
  <data name="ID0004" xml:space="preserve">
    <value>The deserialized principal doesn't contain the mandatory 'oi_tkn_typ' claim.
When implementing custom token deserialization, a 'oi_tkn_typ' claim containing the type of the token being processed must be added to the security principal.</value>
  </data>
  <data name="ID0005" xml:space="preserve">
    <value>The type of token associated with the deserialized principal ({0}) doesn't match one of the expected token types ({1}).</value>
  </data>
  <data name="ID0006" xml:space="preserve">
    <value>A challenge response cannot be returned from this endpoint.</value>
  </data>
  <data name="ID0007" xml:space="preserve">
    <value>The authentication context cannot be found.</value>
  </data>
  <data name="ID0008" xml:space="preserve">
    <value>The device code identifier cannot be extracted from the principal.</value>
  </data>
  <data name="ID0009" xml:space="preserve">
    <value>The token identifier cannot be extracted from the principal.</value>
  </data>
  <data name="ID0010" xml:space="preserve">
    <value>A sign-in response cannot be returned from this endpoint.</value>
  </data>
  <data name="ID0011" xml:space="preserve">
    <value>The specified principal is null or doesn't contain a claims-based identity.
Make sure that 'ClaimsPrincipal.Identity' is not null.</value>
  </data>
  <data name="ID0012" xml:space="preserve">
    <value>The specified principal contains an authenticated identity, which is not valid when the sign-in operation is triggered from the device authorization or pushed authorization endpoints.
Make sure that 'ClaimsPrincipal.Identity.AuthenticationType' is null and that 'ClaimsPrincipal.Identity.IsAuthenticated' returns 'false'.</value>
  </data>
  <data name="ID0013" xml:space="preserve">
    <value>The specified principal contains a subject claim, which is not valid when the sign-in operation is triggered from the device authorization or pushed authorization endpoints.</value>
  </data>
  <data name="ID0014" xml:space="preserve">
    <value>The specified principal doesn't contain a valid/authenticated identity.
Make sure that 'ClaimsPrincipal.Identity.AuthenticationType' is not null and that 'ClaimsPrincipal.Identity.IsAuthenticated' returns 'true'.</value>
  </data>
  <data name="ID0015" xml:space="preserve">
    <value>The specified principal was rejected because the mandatory subject claim was missing.</value>
  </data>
  <data name="ID0016" xml:space="preserve">
    <value>The core services must be registered when enabling the OpenIddict server feature.
To register the OpenIddict core services, reference the 'OpenIddict.Core' package and call 'services.AddOpenIddict().AddCore()' from 'ConfigureServices'.
Alternatively, you can disable the built-in database-based server features by enabling the degraded mode with 'services.AddOpenIddict().AddServer().EnableDegradedMode()'.</value>
  </data>
  <data name="ID0017" xml:space="preserve">
    <value>The application entry cannot be found in the database.</value>
  </data>
  <data name="ID0018" xml:space="preserve">
    <value>An unknown error occurred while creating an authorization entry.</value>
  </data>
  <data name="ID0019" xml:space="preserve">
    <value>An unknown error occurred while creating a token entry.</value>
  </data>
  <data name="ID0020" xml:space="preserve">
    <value>A token entry cannot be created from a null principal or from a principal containing a null or invalid identity.</value>
  </data>
  <data name="ID0021" xml:space="preserve">
    <value>The token entry cannot be found in the database.</value>
  </data>
  <data name="ID0022" xml:space="preserve">
    <value>A token cannot be created from a null principal.</value>
  </data>
  <data name="ID0023" xml:space="preserve">
    <value>The issuer must be a non-null, non-empty absolute URI.</value>
  </data>
  <data name="ID0024" xml:space="preserve">
    <value>A sign-out response cannot be returned from this endpoint.</value>
  </data>
  <data name="ID0025" xml:space="preserve">
    <value>The token type cannot be resolved.</value>
  </data>
  <data name="ID0026" xml:space="preserve">
    <value>The payload associated with a reference token cannot be retrieved.
This may indicate that the token entry was corrupted.</value>
  </data>
  <data name="ID0027" xml:space="preserve">
    <value>The authorization request was not correctly extracted.
To extract authorization requests, create a class implementing 'IOpenIddictServerHandler&lt;ExtractAuthorizationRequestContext&gt;' and register it using 'services.AddOpenIddict().AddServer().AddEventHandler()'.</value>
  </data>
  <data name="ID0028" xml:space="preserve">
    <value>The request cannot be validated because no redirect_uri was specified.</value>
  </data>
  <data name="ID0029" xml:space="preserve">
    <value>The authorization request was not handled.
To handle authorization requests in a controller, create a custom action with the same route as the authorization endpoint and enable the pass-through mode in the server ASP.NET Core or OWIN options using 'services.AddOpenIddict().AddServer().UseAspNetCore().EnableAuthorizationEndpointPassthrough()'.
Alternatively, create a class implementing 'IOpenIddictServerHandler&lt;HandleAuthorizationRequestContext&gt;' and register it using 'services.AddOpenIddict().AddServer().AddEventHandler()'.</value>
  </data>
  <data name="ID0030" xml:space="preserve">
    <value>The authorization response was not correctly applied.
To apply authorization responses, create a class implementing 'IOpenIddictServerHandler&lt;ApplyAuthorizationResponseContext&gt;' and register it using 'services.AddOpenIddict().AddServer().AddEventHandler()'.</value>
  </data>
  <data name="ID0031" xml:space="preserve">
    <value>The device authorization request was not correctly extracted.
To extract device authorization requests, create a class implementing 'IOpenIddictServerHandler&lt;ExtractDeviceAuthorizationRequestContext&gt;' and register it using 'services.AddOpenIddict().AddServer().AddEventHandler()'.</value>
  </data>
  <data name="ID0032" xml:space="preserve">
    <value>The client application details cannot be found in the database.</value>
  </data>
  <data name="ID0033" xml:space="preserve">
    <value>The device authorization response was not correctly applied.
To apply device authorization responses, create a class implementing 'IOpenIddictServerHandler&lt;ApplyDeviceAuthorizationResponseContext&gt;' and register it using 'services.AddOpenIddict().AddServer().AddEventHandler()'.</value>
  </data>
  <data name="ID0034" xml:space="preserve">
    <value>The end-user verification request was not correctly extracted.
To extract end-user verification requests, create a class implementing 'IOpenIddictServerHandler&lt;ExtractEndUserVerificationRequestContext&gt;' and register it using 'services.AddOpenIddict().AddServer().AddEventHandler()'.</value>
  </data>
  <data name="ID0035" xml:space="preserve">
    <value>The end-user verification request was not handled.
To handle end-user verification requests in a controller, create a custom action with the same route as the end-user verification endpoint and enable the pass-through mode in the server ASP.NET Core or OWIN options using 'services.AddOpenIddict().AddServer().UseAspNetCore().EnableVerificationEndpointPassthrough()'.
Alternatively, create a class implementing 'IOpenIddictServerHandler&lt;HandleEndUserVerificationRequestContext&gt;' and register it using 'services.AddOpenIddict().AddServer().AddEventHandler()'.</value>
  </data>
  <data name="ID0036" xml:space="preserve">
    <value>The end-user verification response was not correctly applied.
To apply end-user verification responses, create a class implementing 'IOpenIddictServerHandler&lt;ApplyEndUserVerificationResponseContext&gt;' and register it using 'services.AddOpenIddict().AddServer().AddEventHandler()'.</value>
  </data>
  <data name="ID0037" xml:space="preserve">
    <value>The configuration request was not correctly extracted.
To extract configuration requests, create a class implementing 'IOpenIddictServerHandler&lt;ExtractConfigurationRequestContext&gt;' and register it using 'services.AddOpenIddict().AddServer().AddEventHandler()'.</value>
  </data>
  <data name="ID0038" xml:space="preserve">
    <value>The JSON Web Key Set request was not correctly extracted.
To extract configuration requests, create a class implementing 'IOpenIddictServerHandler&lt;ExtractJsonWebKeySetRequestContext&gt;' and register it using 'services.AddOpenIddict().AddServer().AddEventHandler()'.</value>
  </data>
  <data name="ID0039" xml:space="preserve">
    <value>The JSON Web Key Set response was not correctly applied.
To apply JSON Web Key Set responses, create a class implementing 'IOpenIddictServerHandler&lt;ApplyJsonWebKeySetResponseContext&gt;' and register it using 'services.AddOpenIddict().AddServer().AddEventHandler()'.</value>
  </data>
  <data name="ID0040" xml:space="preserve">
    <value>The token request was not correctly extracted.
To extract token requests, create a class implementing 'IOpenIddictServerHandler&lt;ExtractTokenRequestContext&gt;' and register it using 'services.AddOpenIddict().AddServer().AddEventHandler()'.</value>
  </data>
  <data name="ID0041" xml:space="preserve">
    <value>The token request was not handled.
To handle token requests in a controller, create a custom action with the same route as the token endpoint and enable the pass-through mode in the server ASP.NET Core or OWIN options using 'services.AddOpenIddict().AddServer().UseAspNetCore().EnableTokenEndpointPassthrough()'.
Alternatively, create a class implementing 'IOpenIddictServerHandler&lt;HandleTokenRequestContext&gt;' and register it using 'services.AddOpenIddict().AddServer().AddEventHandler()'.</value>
  </data>
  <data name="ID0042" xml:space="preserve">
    <value>The token response was not correctly applied.
To apply token responses, create a class implementing 'IOpenIddictServerHandler&lt;ApplyTokenResponseContext&gt;' and register it using 'services.AddOpenIddict().AddServer().AddEventHandler()'.</value>
  </data>
  <data name="ID0043" xml:space="preserve">
    <value>The presenters list cannot be extracted from the authorization code.</value>
  </data>
  <data name="ID0044" xml:space="preserve">
    <value>The presenters list cannot be extracted from the device code.</value>
  </data>
  <data name="ID0045" xml:space="preserve">
    <value>The specified code challenge method is not supported.</value>
  </data>
  <data name="ID0046" xml:space="preserve">
    <value>The introspection request was not correctly extracted.
To extract introspection requests, create a class implementing 'IOpenIddictServerHandler&lt;ExtractIntrospectionRequestContext&gt;' and register it using 'services.AddOpenIddict().AddServer().AddEventHandler()'.</value>
  </data>
  <data name="ID0047" xml:space="preserve">
    <value>The introspection response was not correctly applied.
To apply introspection responses, create a class implementing 'IOpenIddictServerHandler&lt;ApplyIntrospectionResponseContext&gt;' and register it using 'services.AddOpenIddict().AddServer().AddEventHandler()'.</value>
  </data>
  <data name="ID0048" xml:space="preserve">
    <value>The revocation request was not correctly extracted.
To extract revocation requests, create a class implementing 'IOpenIddictServerHandler&lt;ExtractRevocationRequestContext&gt;' and register it using 'services.AddOpenIddict().AddServer().AddEventHandler()'.</value>
  </data>
  <data name="ID0049" xml:space="preserve">
    <value>The revocation response was not correctly applied.
To apply revocation responses, create a class implementing 'IOpenIddictServerHandler&lt;ApplyRevocationResponseContext&gt;' and register it using 'services.AddOpenIddict().AddServer().AddEventHandler()'.</value>
  </data>
  <data name="ID0050" xml:space="preserve">
    <value>The end session request was not correctly extracted.
To extract end session requests, create a class implementing 'IOpenIddictServerHandler&lt;ExtractEndSessionRequestContext&gt;' and register it using 'services.AddOpenIddict().AddServer().AddEventHandler()'.</value>
  </data>
  <data name="ID0051" xml:space="preserve">
    <value>The end session request was not handled.
To handle end session requests in a controller, create a custom controller action with the same route as the end session endpoint and enable the pass-through mode in the server ASP.NET Core or OWIN options using 'services.AddOpenIddict().AddServer().UseAspNetCore().EnableLogoutEndpointPassthrough()'.
Alternatively, create a class implementing 'IOpenIddictServerHandler&lt;HandleEndSessionRequestContext&gt;' and register it using 'services.AddOpenIddict().AddServer().AddEventHandler()'.</value>
  </data>
  <data name="ID0052" xml:space="preserve">
    <value>The end session response was not correctly applied.
To apply end session responses, create a class implementing 'IOpenIddictServerHandler&lt;ApplyEndSessionResponseContext&gt;' and register it using 'services.AddOpenIddict().AddServer().AddEventHandler()'.</value>
  </data>
  <data name="ID0053" xml:space="preserve">
    <value>The userinfo request was not correctly extracted.
To extract userinfo requests, create a class implementing 'IOpenIddictServerHandler&lt;ExtractUserInfoRequestContext&gt;' and register it using 'services.AddOpenIddict().AddServer().AddEventHandler()'.</value>
  </data>
  <data name="ID0054" xml:space="preserve">
    <value>The userinfo response was not correctly applied.
To apply userinfo responses, create a class implementing 'IOpenIddictServerHandler&lt;ApplyUserInfoResponseContext&gt;' and register it using 'services.AddOpenIddict().AddServer().AddEventHandler()'.</value>
  </data>
  <data name="ID0055" xml:space="preserve">
    <value>The asymmetric encryption key doesn't contain the required private key.</value>
  </data>
  <data name="ID0056" xml:space="preserve">
    <value>An encryption algorithm cannot be automatically inferred from the encrypting key.
Consider using 'options.AddEncryptionCredentials(EncryptingCredentials)' instead.</value>
  </data>
  <data name="ID0057" xml:space="preserve">
    <value>The algorithm cannot be null or empty.</value>
  </data>
  <data name="ID0058" xml:space="preserve">
    <value>The specified algorithm is not supported.</value>
  </data>
  <data name="ID0059" xml:space="preserve">
    <value>An unspecified error occurred while trying to change the key size of a System.Security.Cryptography.RSA instance of type '{0}'.</value>
  </data>
  <data name="ID0060" xml:space="preserve">
    <value>The specified certificate is not a key encryption certificate.</value>
  </data>
  <data name="ID0061" xml:space="preserve">
    <value>The specified certificate doesn't contain the required private key.</value>
  </data>
  <data name="ID0062" xml:space="preserve">
    <value>The resource cannot be null or empty.</value>
  </data>
  <data name="ID0064" xml:space="preserve">
    <value>The certificate was not found in the specified assembly.</value>
  </data>
  <data name="ID0065" xml:space="preserve">
    <value>The thumbprint cannot be null or empty.</value>
  </data>
  <data name="ID0066" xml:space="preserve">
    <value>The certificate corresponding to the specified thumbprint was not found.</value>
  </data>
  <data name="ID0067" xml:space="preserve">
    <value>The asymmetric signing key doesn't contain the required private key.</value>
  </data>
  <data name="ID0068" xml:space="preserve">
    <value>A signature algorithm cannot be automatically inferred from the signing key.
Consider using 'options.AddSigningCredentials(SigningCredentials)' instead.</value>
  </data>
  <data name="ID0069" xml:space="preserve">
    <value>ECDSA signing keys are not supported on this platform.</value>
  </data>
  <data name="ID0070" xml:space="preserve">
    <value>The specified certificate is not a signing certificate.</value>
  </data>
  <data name="ID0071" xml:space="preserve">
    <value>The grant type cannot be null or empty.</value>
  </data>
  <data name="ID0072" xml:space="preserve">
    <value>Endpoint URIs must be valid URIs.</value>
  </data>
  <data name="ID0075" xml:space="preserve">
    <value>The security token handler cannot be null.</value>
  </data>
  <data name="ID0076" xml:space="preserve">
    <value>At least one OAuth 2.0/OpenID Connect flow must be enabled.</value>
  </data>
  <data name="ID0077" xml:space="preserve">
    <value>The authorization endpoint must be enabled to use the authorization code and implicit flows.</value>
  </data>
  <data name="ID0078" xml:space="preserve">
    <value>The device authorization endpoint must be enabled to use the device authorization flow.</value>
  </data>
  <data name="ID0079" xml:space="preserve">
    <value>The token endpoint must be enabled to use the authorization code, client credentials, device, password and refresh token flows.</value>
  </data>
  <data name="ID0080" xml:space="preserve">
    <value>The end-user verification endpoint must be enabled to use the device authorization flow.</value>
  </data>
  <data name="ID0081" xml:space="preserve">
    <value>Endpoint URIs cannot start with '{0}'.</value>
  </data>
  <data name="ID0082" xml:space="preserve">
    <value>Dependency injection support must be enabled in Quartz.NET when using the OpenIddict integration.
To enable DI support, call 'services.AddQuartz(options =&gt; options.UseMicrosoftDependencyInjectionJobFactory())' or 'services.AddQuartz(options =&gt; options.UseMicrosoftDependencyInjectionScopedJobFactory())'.</value>
  </data>
  <data name="ID0083" xml:space="preserve">
    <value>Reference tokens cannot be used when disabling token storage.</value>
  </data>
  <data name="ID0084" xml:space="preserve">
    <value>The device grant must be allowed when enabling the device authorization endpoint.</value>
  </data>
  <data name="ID0085" xml:space="preserve">
    <value>At least one encryption key must be registered in the OpenIddict server options.
Consider registering a certificate using 'services.AddOpenIddict().AddServer().AddEncryptionCertificate()' or 'services.AddOpenIddict().AddServer().AddDevelopmentEncryptionCertificate()' or call 'services.AddOpenIddict().AddServer().AddEphemeralEncryptionKey()' to use an ephemeral key.</value>
  </data>
  <data name="ID0086" xml:space="preserve">
    <value>At least one asymmetric signing key must be registered in the OpenIddict server options.
Consider registering a certificate using 'services.AddOpenIddict().AddServer().AddSigningCertificate()' or 'services.AddOpenIddict().AddServer().AddDevelopmentSigningCertificate()' or call 'services.AddOpenIddict().AddServer().AddEphemeralSigningKey()' to use an ephemeral key.</value>
  </data>
  <data name="ID0087" xml:space="preserve">
    <value>When using X.509 encryption credentials, at least one of the registered certificates must be valid.
To use key rollover, register both the new certificate and the old one in the credentials collection.</value>
  </data>
  <data name="ID0088" xml:space="preserve">
    <value>When using X.509 signing credentials, at least one of the registered certificates must be valid.
To use key rollover, register both the new certificate and the old one in the credentials collection.</value>
  </data>
  <data name="ID0089" xml:space="preserve">
    <value>No custom authorization request validation handler was found. When enabling the degraded mode, a custom 'IOpenIddictServerHandler&lt;ValidateAuthorizationRequestContext&gt;' must be implemented to validate authorization requests (e.g to ensure the client_id and redirect_uri are valid).</value>
  </data>
  <data name="ID0090" xml:space="preserve">
    <value>No custom device authorization request validation handler was found. When enabling the degraded mode, a custom 'IOpenIddictServerHandler&lt;ValidateDeviceAuthorizationRequestContext&gt;' (or 'IOpenIddictServerHandler&lt;ProcessAuthenticationContext&gt;') must be implemented to validate device authorization requests (e.g to ensure the client_id and client_secret are valid).</value>
  </data>
  <data name="ID0091" xml:space="preserve">
    <value>No custom introspection request validation handler was found. When enabling the degraded mode, a custom 'IOpenIddictServerHandler&lt;ValidateIntrospectionRequestContext&gt;' (or 'IOpenIddictServerHandler&lt;ProcessAuthenticationContext&gt;') must be implemented to validate introspection requests (e.g to ensure the client_id and client_secret are valid).</value>
  </data>
  <data name="ID0092" xml:space="preserve">
    <value>No custom end session request validation handler was found. When enabling the degraded mode, a custom 'IOpenIddictServerHandler&lt;ValidateEndSessionRequestContext&gt;' must be implemented to validate end session requests (e.g to ensure the post_logout_redirect_uri is valid).</value>
  </data>
  <data name="ID0093" xml:space="preserve">
    <value>No custom revocation request validation handler was found. When enabling the degraded mode, a custom 'IOpenIddictServerHandler&lt;ValidateRevocationRequestContext&gt;' (or 'IOpenIddictServerHandler&lt;ProcessAuthenticationContext&gt;') must be implemented to validate revocation requests (e.g to ensure the client_id and client_secret are valid).</value>
  </data>
  <data name="ID0094" xml:space="preserve">
    <value>No custom token request validation handler was found. When enabling the degraded mode, a custom 'IOpenIddictServerHandler&lt;ValidateTokenRequestContext&gt;' (or 'IOpenIddictServerHandler&lt;ProcessAuthenticationContext&gt;') must be implemented to validate token requests (e.g to ensure the client_id and client_secret are valid).</value>
  </data>
  <data name="ID0095" xml:space="preserve">
    <value>No custom end-user verification request validation handler was found. When enabling the degraded mode, a custom 'IOpenIddictServerHandler&lt;ValidateEndUserVerificationRequestContext&gt;' must be implemented to validate verification requests (e.g to ensure the user_code is valid).</value>
  </data>
  <data name="ID0096" xml:space="preserve">
    <value>No custom token validation handler was found. When enabling the degraded mode, a custom 'IOpenIddictServerHandler&lt;ValidateTokenContext&gt;' must be implemented to handle device and user codes (e.g by retrieving them from a database).</value>
  </data>
  <data name="ID0097" xml:space="preserve">
    <value>No custom token generation handler was found. When enabling the degraded mode, a custom 'IOpenIddictServerHandler&lt;GenerateTokenContext&gt;' must be implemented to handle device and user codes (e.g by storing them in a database).</value>
  </data>
  <data name="ID0098" xml:space="preserve">
    <value>The event handler of type '{0}' couldn't be resolved.
This may indicate that it was not properly registered in the dependency injection container. To register an event handler, use 'services.AddOpenIddict().AddServer().AddEventHandler()'.</value>
  </data>
  <data name="ID0099" xml:space="preserve">
    <value>The event handler filter of type '{0}' couldn't be resolved.
This may indicate that it was not properly registered in the dependency injection container.</value>
  </data>
  <data name="ID0100" xml:space="preserve">
    <value>The redirect_uri cannot be null or empty.</value>
  </data>
  <data name="ID0101" xml:space="preserve">
    <value>The authorization request cannot be validated because a different redirect_uri was specified by the client application.</value>
  </data>
  <data name="ID0102" xml:space="preserve">
    <value>The post_logout_redirect_uri cannot be null or empty.</value>
  </data>
  <data name="ID0103" xml:space="preserve">
    <value>The end session request cannot be validated because a different post_logout_redirect_uri was specified by the client application.</value>
  </data>
  <data name="ID0104" xml:space="preserve">
    <value>The specified service type is not valid.</value>
  </data>
  <data name="ID0105" xml:space="preserve">
    <value>No service descriptor was set.</value>
  </data>
  <data name="ID0106" xml:space="preserve">
    <value>The property name cannot be null or empty.</value>
  </data>
  <data name="ID0107" xml:space="preserve">
    <value>The realm cannot be null or empty.</value>
  </data>
  <data name="ID0108" xml:space="preserve">
    <value>The OpenIddict ASP.NET Core server handler cannot be registered as an authentication scheme.
This may indicate that an instance of another handler was registered with the same scheme.</value>
  </data>
  <data name="ID0109" xml:space="preserve">
    <value>The OpenIddict ASP.NET Core server handler cannot be used as the default scheme handler.
Make sure that neither DefaultAuthenticateScheme, DefaultChallengeScheme, DefaultForbidScheme, DefaultSignInScheme, DefaultSignOutScheme nor DefaultScheme point to an instance of the OpenIddict ASP.NET Core server handler.</value>
  </data>
  <data name="ID0110" xml:space="preserve">
    <value>The error pass-through mode cannot be used when the status code pages integration is enabled.</value>
  </data>
  <data name="ID0111" xml:space="preserve">
    <value>The OpenID Connect response was not correctly processed.
This may indicate that the event handler responsible for processing OpenID Connect responses was not registered or was explicitly removed from the handlers list.</value>
  </data>
  <data name="ID0112" xml:space="preserve">
    <value>An error occurred while retrieving the OpenIddict server context. On ASP.NET Core, this may indicate that the authentication middleware was not registered early enough in the request pipeline. Make sure that 'app.UseAuthentication()' is registered before 'app.UseAuthorization()' and 'app.UseEndpoints()' (or 'app.UseMvc()') and try again.</value>
  </data>
  <data name="ID0113" xml:space="preserve">
    <value>An error occurred while authenticating the current request.</value>
  </data>
  <data name="ID0114" xml:space="preserve">
    <value>The ASP.NET Core HTTP request cannot be resolved.</value>
  </data>
  <data name="ID0115" xml:space="preserve">
    <value>Only strings, booleans, integers, arrays of strings and instances of type 'OpenIddictParameter', 'JsonElement' or derived from 'JsonNode' can be returned as custom parameters.</value>
  </data>
  <data name="ID0119" xml:space="preserve">
    <value>The OpenIddict OWIN server handler cannot be used as an active authentication handler.
Make sure that 'OpenIddictServerOwinOptions.AuthenticationMode' is not set to 'Active'.</value>
  </data>
  <data name="ID0120" xml:space="preserve">
    <value>The OWIN request cannot be resolved.</value>
  </data>
  <data name="ID0121" xml:space="preserve">
    <value>No service provider was found in the OWIN context.
For the OpenIddict server services to work correctly, a per-request 'IServiceProvider' must be attached to the OWIN environment with the dictionary key 'System.IServiceProvider'.
Note: when using a dependency injection container supporting middleware resolution (like Autofac), the 'app.UseOpenIddictServer()' extension MUST NOT be called.</value>
  </data>
  <data name="ID0122" xml:space="preserve">
    <value>The OpenIddict server services cannot be resolved from the DI container.
To register the server services, use 'services.AddOpenIddict().AddServer()'.</value>
  </data>
  <data name="ID0123" xml:space="preserve">
    <value>Audiences cannot be null or empty.</value>
  </data>
  <data name="ID0124" xml:space="preserve">
    <value>The client identifier cannot be null or empty.</value>
  </data>
  <data name="ID0125" xml:space="preserve">
    <value>The client secret cannot be null or empty.</value>
  </data>
  <data name="ID0126" xml:space="preserve">
    <value>The issuer cannot be null or empty.</value>
  </data>
  <data name="ID0127" xml:space="preserve">
    <value>The base URI or request URI cannot be retrieved from the request context or are not valid absolute URIs.</value>
  </data>
  <data name="ID0128" xml:space="preserve">
    <value>An OAuth 2.0/OpenID Connect server configuration or an issuer URI must be registered.
To use a local OpenIddict server, reference the 'OpenIddict.Validation.ServerIntegration' package and call 'services.AddOpenIddict().AddValidation().UseLocalServer()' to import the server settings.
To use a remote server, reference the 'OpenIddict.Validation.SystemNetHttp' package and call 'services.AddOpenIddict().AddValidation().UseSystemNetHttp()' and 'services.AddOpenIddict().AddValidation().SetIssuer()' to use server discovery.
Alternatively, you can register a static server configuration by calling 'services.AddOpenIddict().AddValidation().SetConfiguration()'.</value>
  </data>
  <data name="ID0129" xml:space="preserve">
    <value>An introspection client must be registered when using introspection.
Reference the 'OpenIddict.Validation.SystemNetHttp' package and call 'services.AddOpenIddict().AddValidation().UseSystemNetHttp()' to register the default System.Net.Http-based integration.</value>
  </data>
  <data name="ID0130" xml:space="preserve">
    <value>The issuer or the configuration endpoint URI must be set when using introspection.</value>
  </data>
  <data name="ID0131" xml:space="preserve">
    <value>The client identifier cannot be null or empty when using introspection.</value>
  </data>
  <data name="ID0132" xml:space="preserve">
    <value>The client secret cannot be null or empty when using introspection. Alternatively, one or multiple signing credentials can be registered and used to produce client assertions if the authorization server supports this client authentication method.</value>
  </data>
  <data name="ID0133" xml:space="preserve">
    <value>Authorization entry validation cannot be enabled when using introspection.</value>
  </data>
  <data name="ID0134" xml:space="preserve">
    <value>Token entry validation cannot be enabled when using introspection.</value>
  </data>
  <data name="ID0135" xml:space="preserve">
    <value>A discovery client must be registered when using server discovery.
Reference the 'OpenIddict.Validation.SystemNetHttp' package and call 'services.AddOpenIddict().AddValidation().UseSystemNetHttp()' to register the default System.Net.Http-based integration.</value>
  </data>
  <data name="ID0136" xml:space="preserve">
    <value>The issuer must be a valid absolute URI.</value>
  </data>
  <data name="ID0137" xml:space="preserve">
    <value>The issuer cannot contain a fragment or a query string.</value>
  </data>
  <data name="ID0138" xml:space="preserve">
    <value>The event handler of type '{0}' couldn't be resolved.
This may indicate that it was not properly registered in the dependency injection container. To register an event handler, use 'services.AddOpenIddict().AddValidation().AddEventHandler()'.</value>
  </data>
  <data name="ID0139" xml:space="preserve">
    <value>The core services must be registered when enabling token entry validation.
To register the OpenIddict core services, reference the 'OpenIddict.Core' package and call 'services.AddOpenIddict().AddCore()' from 'ConfigureServices'.</value>
  </data>
  <data name="ID0140" xml:space="preserve">
    <value>An unknown error occurred while retrieving the server configuration.</value>
  </data>
  <data name="ID0141" xml:space="preserve">
    <value>An unknown error occurred while introspecting the access token.</value>
  </data>
  <data name="ID0142" xml:space="preserve">
    <value>The core services must be registered when enabling authorization entry validation.
To register the OpenIddict core services, reference the 'OpenIddict.Core' package and call 'services.AddOpenIddict().AddCore()' from 'ConfigureServices'.</value>
  </data>
  <data name="ID0143" xml:space="preserve">
    <value>The URI cannot be null or empty.</value>
  </data>
  <data name="ID0144" xml:space="preserve">
    <value>The URI must be a valid absolute URI.</value>
  </data>
  <data name="ID0145" xml:space="preserve">
    <value>The server configuration couldn't be retrieved.</value>
  </data>
  <data name="ID0146" xml:space="preserve">
    <value>The JSON Web Key Set URI couldn't be resolved from the provider metadata.</value>
  </data>
  <data name="ID0147" xml:space="preserve">
    <value>The server JSON Web Key set couldn't be retrieved.</value>
  </data>
  <data name="ID0148" xml:space="preserve">
    <value>An error occurred while preparing the configuration request.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0149" xml:space="preserve">
    <value>An error occurred while sending the configuration request.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0150" xml:space="preserve">
    <value>An error occurred while extracting the configuration response.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0151" xml:space="preserve">
    <value>An error occurred while handling the configuration response.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0152" xml:space="preserve">
    <value>An error occurred while preparing the JSON Web Key Set request.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0153" xml:space="preserve">
    <value>An error occurred while sending the JSON Web Key Set request.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0154" xml:space="preserve">
    <value>An error occurred while extracting the JSON Web Key Set response.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0155" xml:space="preserve">
    <value>An error occurred while handling the JSON Web Key Set response.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0156" xml:space="preserve">
    <value>The token cannot be null or empty.</value>
  </data>
  <data name="ID0157" xml:space="preserve">
    <value>An unknown error occurred while introspecting the token.</value>
  </data>
  <data name="ID0158" xml:space="preserve">
    <value>An error occurred while preparing the introspection request.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0159" xml:space="preserve">
    <value>An error occurred while sending the introspection request.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0160" xml:space="preserve">
    <value>An error occurred while extracting the introspection response.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0161" xml:space="preserve">
    <value>An error occurred while handling the introspection response.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0162" xml:space="preserve">
    <value>The access token cannot be null or empty.</value>
  </data>
  <data name="ID0163" xml:space="preserve">
    <value>An error occurred while validating the access token.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0164" xml:space="preserve">
    <value>The OpenIddict ASP.NET Core validation handler cannot be registered as an authentication scheme.
This may indicate that an instance of another handler was registered with the same scheme.</value>
  </data>
  <data name="ID0165" xml:space="preserve">
    <value>The OpenIddict ASP.NET Core validation handler cannot be used as the default sign-in/sign-out handler.
Make sure that neither DefaultSignInScheme nor DefaultSignOutScheme point to an instance of the OpenIddict ASP.NET Core validation handler.</value>
  </data>
  <data name="ID0166" xml:space="preserve">
    <value>An error occurred while retrieving the OpenIddict validation context. On ASP.NET Core, this may indicate that the authentication middleware was not registered early enough in the request pipeline. Make sure that 'app.UseAuthentication()' is registered before 'app.UseAuthorization()' and 'app.UseEndpoints()' (or 'app.UseMvc()') and try again.</value>
  </data>
  <data name="ID0167" xml:space="preserve">
    <value>Generic token validation is not supported by the validation handler.</value>
  </data>
  <data name="ID0168" xml:space="preserve">
    <value>No service provider was found in the OWIN context.
For the OpenIddict validation services to work correctly, a per-request 'IServiceProvider' must be attached to the OWIN environment with the dictionary key 'System.IServiceProvider'.
Note: when using a dependency injection container supporting middleware resolution (like Autofac), the 'app.UseOpenIddictValidation()' extension MUST NOT be called.</value>
  </data>
  <data name="ID0169" xml:space="preserve">
    <value>The OpenIddict validation services cannot be resolved from the DI container.
To register the validation services, use 'services.AddOpenIddict().AddValidation()'.</value>
  </data>
  <data name="ID0170" xml:space="preserve">
    <value>The local server integration can only be used with direct validation.</value>
  </data>
  <data name="ID0171" xml:space="preserve">
    <value>Authorization entry validation cannot be enabled when authorization storage is disabled in the OpenIddict server options.</value>
  </data>
  <data name="ID0172" xml:space="preserve">
    <value>Token entry validation cannot be enabled when token storage is disabled in the OpenIddict server options.</value>
  </data>
  <data name="ID0173" xml:space="preserve">
    <value>The System.Net.Http request cannot be resolved.</value>
  </data>
  <data name="ID0174" xml:space="preserve">
    <value>An unknown error occurred while creating a System.Net.Http client.</value>
  </data>
  <data name="ID0175" xml:space="preserve">
    <value>An unknown error occurred while sending a System.Net.Http request.</value>
  </data>
  <data name="ID0176" xml:space="preserve">
    <value>The specified type is not supported.</value>
  </data>
  <data name="ID0177" xml:space="preserve">
    <value>The value cannot be null or empty.</value>
  </data>
  <data name="ID0178" xml:space="preserve">
    <value>The prompt cannot be null or empty.</value>
  </data>
  <data name="ID0179" xml:space="preserve">
    <value>The response type cannot be null or empty.</value>
  </data>
  <data name="ID0180" xml:space="preserve">
    <value>The scope cannot be null or empty.</value>
  </data>
  <data name="ID0181" xml:space="preserve">
    <value>The destination cannot be null or empty.</value>
  </data>
  <data name="ID0182" xml:space="preserve">
    <value>Destinations cannot be null or empty.</value>
  </data>
  <data name="ID0183" xml:space="preserve">
    <value>Conflicting destinations for the claim '{0}' were specified.</value>
  </data>
  <data name="ID0184" xml:space="preserve">
    <value>The claim type cannot be null or empty.</value>
  </data>
  <data name="ID0185" xml:space="preserve">
    <value>The claim value is not a supported JSON node.</value>
  </data>
  <data name="ID0186" xml:space="preserve">
    <value>The audience cannot be null or empty.</value>
  </data>
  <data name="ID0187" xml:space="preserve">
    <value>The presenter cannot be null or empty.</value>
  </data>
  <data name="ID0188" xml:space="preserve">
    <value>The token type cannot be null or empty.</value>
  </data>
  <data name="ID0189" xml:space="preserve">
    <value>The specified JSON element is not an object.</value>
  </data>
  <data name="ID0190" xml:space="preserve">
    <value>The parameter name cannot be null or empty.</value>
  </data>
  <data name="ID0191" xml:space="preserve">
    <value>A parameter with the same name already exists.</value>
  </data>
  <data name="ID0192" xml:space="preserve">
    <value>The item name cannot be null or empty.</value>
  </data>
  <data name="ID0193" xml:space="preserve">
    <value>The item index cannot be negative.</value>
  </data>
  <data name="ID0194" xml:space="preserve">
    <value>The specified '{0}' setting is not valid.</value>
  </data>
  <data name="ID0195" xml:space="preserve">
    <value>The identifier cannot be null or empty.</value>
  </data>
  <data name="ID0196" xml:space="preserve">
    <value>The application identifier cannot be extracted.</value>
  </data>
  <data name="ID0197" xml:space="preserve">
    <value>An error occurred while creating an expiration signal.</value>
  </data>
  <data name="ID0198" xml:space="preserve">
    <value>The subject cannot be null or empty.</value>
  </data>
  <data name="ID0199" xml:space="preserve">
    <value>The status cannot be null or empty.</value>
  </data>
  <data name="ID0200" xml:space="preserve">
    <value>The type cannot be null or empty.</value>
  </data>
  <data name="ID0201" xml:space="preserve">
    <value>The authorization identifier cannot be extracted.</value>
  </data>
  <data name="ID0202" xml:space="preserve">
    <value>The scope name cannot be null or empty.</value>
  </data>
  <data name="ID0203" xml:space="preserve">
    <value>Scope names cannot be null or empty.</value>
  </data>
  <data name="ID0204" xml:space="preserve">
    <value>The scope identifier cannot be extracted.</value>
  </data>
  <data name="ID0205" xml:space="preserve">
    <value>The token identifier cannot be extracted.</value>
  </data>
  <data name="ID0206" xml:space="preserve">
    <value>The client secret hash cannot be set on the application entity.</value>
  </data>
  <data name="ID0207" xml:space="preserve">
    <value>One or more validation error(s) occurred while trying to create a new application:</value>
  </data>
  <data name="ID0208" xml:space="preserve">
    <value>An error occurred while trying to create a new application.</value>
  </data>
  <data name="ID0209" xml:space="preserve">
    <value>The client type cannot be null or empty.</value>
  </data>
  <data name="ID0210" xml:space="preserve">
    <value>The consent type cannot be null or empty.</value>
  </data>
  <data name="ID0211" xml:space="preserve">
    <value>The permission name cannot be null or empty.</value>
  </data>
  <data name="ID0212" xml:space="preserve">
    <value>The requirement name cannot be null or empty.</value>
  </data>
  <data name="ID0213" xml:space="preserve">
    <value>Callback URIs cannot be null or empty.</value>
  </data>
  <data name="ID0214" xml:space="preserve">
    <value>Callback URIs must be valid absolute URIs.</value>
  </data>
  <data name="ID0215" xml:space="preserve">
    <value>One or more validation error(s) occurred while trying to update an existing application:</value>
  </data>
  <data name="ID0216" xml:space="preserve">
    <value>The secret cannot be null or empty.</value>
  </data>
  <data name="ID0217" xml:space="preserve">
    <value>The specified hash algorithm is not valid.</value>
  </data>
  <data name="ID0218" xml:space="preserve">
    <value>The comparand cannot be null or empty.</value>
  </data>
  <data name="ID0219" xml:space="preserve">
    <value>One or more validation error(s) occurred while trying to create a new authorization:</value>
  </data>
  <data name="ID0220" xml:space="preserve">
    <value>An error occurred while trying to create a new authorization.</value>
  </data>
  <data name="ID0221" xml:space="preserve">
    <value>One or more validation error(s) occurred while trying to update an existing authorization:</value>
  </data>
  <data name="ID0222" xml:space="preserve">
    <value>One or more validation error(s) occurred while trying to create a new scope:</value>
  </data>
  <data name="ID0223" xml:space="preserve">
    <value>An error occurred while trying to create a new scope.</value>
  </data>
  <data name="ID0224" xml:space="preserve">
    <value>One or more validation error(s) occurred while trying to update an existing scope:</value>
  </data>
  <data name="ID0225" xml:space="preserve">
    <value>One or more validation error(s) occurred while trying to create a new token:</value>
  </data>
  <data name="ID0226" xml:space="preserve">
    <value>An error occurred while trying to create a new token.</value>
  </data>
  <data name="ID0227" xml:space="preserve">
    <value>One or more validation error(s) occurred while trying to update an existing token:</value>
  </data>
  <data name="ID0228" xml:space="preserve">
    <value>No application store has been registered in the dependency injection container.
To register the Entity Framework Core stores, reference the 'OpenIddict.EntityFrameworkCore' package and call 'services.AddOpenIddict().AddCore().UseEntityFrameworkCore()'.
To register a custom store, create an implementation of 'IOpenIddictApplicationStore' and use 'services.AddOpenIddict().AddCore().AddApplicationStore()' to add it to the DI container.</value>
  </data>
  <data name="ID0229" xml:space="preserve">
    <value>No authorization store has been registered in the dependency injection container.
To register the Entity Framework Core stores, reference the 'OpenIddict.EntityFrameworkCore' package and call 'services.AddOpenIddict().AddCore().UseEntityFrameworkCore()'.
To register a custom store, create an implementation of 'IOpenIddictAuthorizationStore' and use 'services.AddOpenIddict().AddCore().AddAuthorizationStore()' to add it to the DI container.</value>
  </data>
  <data name="ID0230" xml:space="preserve">
    <value>No scope store has been registered in the dependency injection container.
To register the Entity Framework Core stores, reference the 'OpenIddict.EntityFrameworkCore' package and call 'services.AddOpenIddict().AddCore().UseEntityFrameworkCore()'.
To register a custom store, create an implementation of 'IOpenIddictScopeStore' and use 'services.AddOpenIddict().AddCore().AddScopeStore()' to add it to the DI container.</value>
  </data>
  <data name="ID0231" xml:space="preserve">
    <value>No token store has been registered in the dependency injection container.
To register the Entity Framework Core stores, reference the 'OpenIddict.EntityFrameworkCore' package and call 'services.AddOpenIddict().AddCore().UseEntityFrameworkCore()'.
To register a custom store, create an implementation of 'IOpenIddictTokenStore' and use 'services.AddOpenIddict().AddCore().AddTokenStore()' to add it to the DI container.</value>
  </data>
  <data name="ID0232" xml:space="preserve">
    <value>The specified type is invalid.</value>
  </data>
  <data name="ID0233" xml:space="preserve">
    <value>The cache size cannot be less than 10.</value>
  </data>
  <data name="ID0234" xml:space="preserve">
    <value>The specified application type is not compatible with the Entity Framework 6.x stores.
When enabling the Entity Framework 6.x stores, make sure you use the built-in 'OpenIddictEntityFrameworkApplication' entity or a custom entity that inherits from the generic 'OpenIddictEntityFrameworkApplication' entity.</value>
  </data>
  <data name="ID0235" xml:space="preserve">
    <value>No Entity Framework 6.x context was specified in the OpenIddict options.
To configure the OpenIddict Entity Framework 6.x stores to use a specific 'DbContext', use 'options.UseEntityFramework().UseDbContext&lt;TContext&gt;()'.</value>
  </data>
  <data name="ID0236" xml:space="preserve">
    <value>The specified authorization type is not compatible with the Entity Framework 6.x stores.
When enabling the Entity Framework 6.x stores, make sure you use the built-in 'OpenIddictEntityFrameworkAuthorization' entity or a custom entity that inherits from the generic 'OpenIddictEntityFrameworkAuthorization' entity.</value>
  </data>
  <data name="ID0237" xml:space="preserve">
    <value>The specified scope type is not compatible with the Entity Framework 6.x stores.
When enabling the Entity Framework 6.x stores, make sure you use the built-in 'OpenIddictEntityFrameworkScope' entity or a custom entity that inherits from the generic 'OpenIddictEntityFrameworkScope' entity.</value>
  </data>
  <data name="ID0238" xml:space="preserve">
    <value>The specified token type is not compatible with the Entity Framework 6.x stores.
When enabling the Entity Framework 6.x stores, make sure you use the built-in 'OpenIddictEntityFrameworkToken' entity or a custom entity that inherits from the generic 'OpenIddictEntityFrameworkToken' entity.</value>
  </data>
  <data name="ID0239" xml:space="preserve">
    <value>The application was concurrently updated and cannot be persisted in its current state.
Reload the application from the database and retry the operation.</value>
  </data>
  <data name="ID0240" xml:space="preserve">
    <value>An error occurred while trying to create a new application instance.
Make sure that the application entity is not abstract and has a public parameterless constructor or create a custom application store that overrides 'InstantiateAsync()' to use a custom factory.</value>
  </data>
  <data name="ID0241" xml:space="preserve">
    <value>The authorization was concurrently updated and cannot be persisted in its current state.
Reload the authorization from the database and retry the operation.</value>
  </data>
  <data name="ID0242" xml:space="preserve">
    <value>An error occurred while trying to create a new authorization instance.
Make sure that the authorization entity is not abstract and has a public parameterless constructor or create a custom authorization store that overrides 'InstantiateAsync()' to use a custom factory.</value>
  </data>
  <data name="ID0243" xml:space="preserve">
    <value>An error occurred while pruning authorizations.</value>
  </data>
  <data name="ID0244" xml:space="preserve">
    <value>The application associated with the authorization cannot be found.</value>
  </data>
  <data name="ID0245" xml:space="preserve">
    <value>The scope was concurrently updated and cannot be persisted in its current state.
Reload the scope from the database and retry the operation.</value>
  </data>
  <data name="ID0246" xml:space="preserve">
    <value>An error occurred while trying to create a new scope instance.
Make sure that the scope entity is not abstract and has a public parameterless constructor or create a custom scope store that overrides 'InstantiateAsync()' to use a custom factory.</value>
  </data>
  <data name="ID0247" xml:space="preserve">
    <value>The token was concurrently updated and cannot be persisted in its current state.
Reload the token from the database and retry the operation.</value>
  </data>
  <data name="ID0248" xml:space="preserve">
    <value>An error occurred while trying to create a new token instance.
Make sure that the token entity is not abstract and has a public parameterless constructor or create a custom token store that overrides 'InstantiateAsync()' to use a custom factory.</value>
  </data>
  <data name="ID0249" xml:space="preserve">
    <value>An error occurred while pruning tokens.</value>
  </data>
  <data name="ID0250" xml:space="preserve">
    <value>The application associated with the token cannot be found.</value>
  </data>
  <data name="ID0251" xml:space="preserve">
    <value>The authorization associated with the token cannot be found.</value>
  </data>
  <data name="ID0252" xml:space="preserve">
    <value>The specified application type is not compatible with the Entity Framework Core stores.
When enabling the Entity Framework Core stores, make sure you use the built-in 'OpenIddictEntityFrameworkCoreApplication' entity or a custom entity that inherits from the generic 'OpenIddictEntityFrameworkCoreApplication' entity.</value>
  </data>
  <data name="ID0253" xml:space="preserve">
    <value>No Entity Framework Core context was specified in the OpenIddict options.
To configure the OpenIddict Entity Framework Core stores to use a specific 'DbContext', use 'options.UseEntityFrameworkCore().UseDbContext&lt;TContext&gt;()'.</value>
  </data>
  <data name="ID0254" xml:space="preserve">
    <value>The specified authorization type is not compatible with the Entity Framework Core stores.
When enabling the Entity Framework Core stores, make sure you use the built-in 'OpenIddictEntityFrameworkCoreAuthorization' entity or a custom entity that inherits from the generic 'OpenIddictEntityFrameworkCoreAuthorization' entity.</value>
  </data>
  <data name="ID0255" xml:space="preserve">
    <value>The specified scope type is not compatible with the Entity Framework Core stores.
When enabling the Entity Framework Core stores, make sure you use the built-in 'OpenIddictEntityFrameworkCoreScope' entity or a custom entity that inherits from the generic 'OpenIddictEntityFrameworkCoreScope' entity.</value>
  </data>
  <data name="ID0256" xml:space="preserve">
    <value>The specified token type is not compatible with the Entity Framework Core stores.
When enabling the Entity Framework Core stores, make sure you use the built-in 'OpenIddictEntityFrameworkCoreToken' entity or a custom entity that inherits from the generic 'OpenIddictEntityFrameworkCoreToken' entity.</value>
  </data>
  <data name="ID0257" xml:space="preserve">
    <value>The specified application type is not compatible with the MongoDB stores.
When enabling the MongoDB stores, make sure you use the built-in 'OpenIddictMongoDbApplication' entity or a custom entity that inherits from the 'OpenIddictMongoDbApplication' entity.</value>
  </data>
  <data name="ID0258" xml:space="preserve">
    <value>The specified authorization type is not compatible with the MongoDB stores.
When enabling the MongoDB stores, make sure you use the built-in 'OpenIddictMongoDbAuthorization' entity or a custom entity that inherits from the 'OpenIddictMongoDbAuthorization' entity.</value>
  </data>
  <data name="ID0259" xml:space="preserve">
    <value>The specified scope type is not compatible with the MongoDB stores.
When enabling the MongoDB stores, make sure you use the built-in 'OpenIddictMongoDbScope' entity or a custom entity that inherits from the 'OpenIddictMongoDbScope' entity.</value>
  </data>
  <data name="ID0260" xml:space="preserve">
    <value>The specified token type is not compatible with the MongoDB stores.
When enabling the MongoDB stores, make sure you use the built-in 'OpenIddictMongoDbToken' entity or a custom entity that inherits from the 'OpenIddictMongoDbToken' entity.</value>
  </data>
  <data name="ID0261" xml:space="preserve">
    <value>The collection name cannot be null or empty.</value>
  </data>
  <data name="ID0262" xml:space="preserve">
    <value>No suitable MongoDB database service can be found.
To configure the OpenIddict MongoDB stores to use a specific database, use 'services.AddOpenIddict().AddCore().UseMongoDb().UseDatabase()' or register an 'IMongoDatabase' in the dependency injection container in 'ConfigureServices()'.</value>
  </data>
  <data name="ID0263" xml:space="preserve">
    <value>The second parameter must be a generic type definition.</value>
  </data>
  <data name="ID0264" xml:space="preserve">
    <value>X.509 certificate generation is not supported on this platform.</value>
  </data>
  <data name="ID0265" xml:space="preserve">
    <value>The token details cannot be found in the database.</value>
  </data>
  <data name="ID0266" xml:space="preserve">
    <value>No suitable signing credentials could be found.</value>
  </data>
  <data name="ID0267" xml:space="preserve">
    <value>The signing credentials algorithm is not valid.</value>
  </data>
  <data name="ID0268" xml:space="preserve">
    <value>The code challenge method cannot be retrieved from the authorization code.</value>
  </data>
  <data name="ID0269" xml:space="preserve">
    <value>The token usage of the JWT token is not supported.</value>
  </data>
  <data name="ID0270" xml:space="preserve">
    <value>The type of the JWT token cannot be resolved or inferred.</value>
  </data>
  <data name="ID0271" xml:space="preserve">
    <value>The type of the JWT token doesn't match the expected type.</value>
  </data>
  <data name="ID0272" xml:space="preserve">
    <value>The configuration response was not correctly applied.
To apply configuration responses, create a class implementing 'IOpenIddictServerHandler&lt;ApplyConfigurationResponseContext&gt;' and register it using 'services.AddOpenIddict().AddServer().AddEventHandler()'.</value>
  </data>
  <data name="ID0273" xml:space="preserve">
    <value>No default application entity type was configured in the OpenIddict core options, which generally indicates that no application store was registered in the DI container.
To register the Entity Framework Core stores, reference the 'OpenIddict.EntityFrameworkCore' package and call 'services.AddOpenIddict().AddCore().UseEntityFrameworkCore()'.</value>
  </data>
  <data name="ID0274" xml:space="preserve">
    <value>No default authorization entity type was configured in the OpenIddict core options, which generally indicates that no authorization store was registered in the DI container.
To register the Entity Framework Core stores, reference the 'OpenIddict.EntityFrameworkCore' package and call 'services.AddOpenIddict().AddCore().UseEntityFrameworkCore()'.</value>
  </data>
  <data name="ID0275" xml:space="preserve">
    <value>No default scope entity type was configured in the OpenIddict core options, which generally indicates that no scope store was registered in the DI container.
To register the Entity Framework Core stores, reference the 'OpenIddict.EntityFrameworkCore' package and call 'services.AddOpenIddict().AddCore().UseEntityFrameworkCore()'.</value>
  </data>
  <data name="ID0276" xml:space="preserve">
    <value>No default token entity type was configured in the OpenIddict core options, which generally indicates that no token store was registered in the DI container.
To register the Entity Framework Core stores, reference the 'OpenIddict.EntityFrameworkCore' package and call 'services.AddOpenIddict().AddCore().UseEntityFrameworkCore()'.</value>
  </data>
  <data name="ID0277" xml:space="preserve">
    <value>The Entity Framework 6.x stores cannot be used with generic types.
Consider creating non-generic classes derived from the default entities for the application, authorization, scope and token entities.</value>
  </data>
  <data name="ID0278" xml:space="preserve">
    <value>The core services must be registered when enabling the OpenIddict Quartz.NET integration.
To register the OpenIddict core services, reference the 'OpenIddict.Core' package and call 'services.AddOpenIddict().AddCore()' from 'ConfigureServices'.</value>
  </data>
  <data name="ID0279" xml:space="preserve">
    <value>The maximum refire count cannot be negative.</value>
  </data>
  <data name="ID0280" xml:space="preserve">
    <value>The duration cannot be less than 10 minutes.</value>
  </data>
  <data name="ID0281" xml:space="preserve">
    <value>The authorization code grant must be enabled when adding a response type containing '{0}'.</value>
  </data>
  <data name="ID0282" xml:space="preserve">
    <value>The implicit grant must be enabled when adding a response type containing '{0}'.</value>
  </data>
  <data name="ID0283" xml:space="preserve">
    <value>Provided symmetric key was incorrect size. Expected {0} bits, received {1}.</value>
  </data>
  <data name="ID0284" xml:space="preserve">
    <value>The context type associated with the specified descriptor doesn't match the context type of this builder.</value>
  </data>
  <data name="ID0285" xml:space="preserve">
    <value>Endpoint URIs must be unique across endpoints.</value>
  </data>
  <data name="ID0286" xml:space="preserve">
    <value>The specified principal doesn't contain a valid claims-based identity.</value>
  </data>
  <data name="ID0287" xml:space="preserve">
    <value>The payload of this authentication ticket was serialized using an unsupported formatter version.</value>
  </data>
  <data name="ID0288" xml:space="preserve">
    <value>The OpenIddict ASP.NET Core client handler cannot be registered as an authentication scheme.
This may indicate that an instance of another handler was registered with the same scheme.</value>
  </data>
  <data name="ID0289" xml:space="preserve">
    <value>The OpenIddict ASP.NET Core client handler cannot be used as the default authentication/sign-in/sign-out handler.
Make sure that neither DefaultAuthenticateScheme, DefaultSignInScheme, DefaultSignOutScheme nor DefaultScheme point to an instance of the OpenIddict ASP.NET Core client handler.</value>
  </data>
  <data name="ID0290" xml:space="preserve">
    <value>An identity cannot be extracted from this request.
This generally indicates that the OpenIddict client stack was asked to validate a token for an invalid endpoint.
To validate tokens received by custom API endpoints, the OpenIddict validation handler (e.g OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme or OpenIddictValidationOwinDefaults.AuthenticationType) must be used instead.</value>
  </data>
  <data name="ID0291" xml:space="preserve">
    <value>The authorization server information cannot be extracted from the state principal.</value>
  </data>
  <data name="ID0292" xml:space="preserve">
    <value>The client registration corresponding to the specified issuer cannot be found in the client options.</value>
  </data>
  <data name="ID0293" xml:space="preserve">
    <value>The signing algorithm cannot be resolved from the specified frontchannel identity token.</value>
  </data>
  <data name="ID0294" xml:space="preserve">
    <value>The negotiated grant type cannot be resolved from the authentication context.</value>
  </data>
  <data name="ID0295" xml:space="preserve">
    <value>The signing algorithm cannot be resolved from the specified backchannel identity token.</value>
  </data>
  <data name="ID0296" xml:space="preserve">
    <value>The specified grant type is not supported.</value>
  </data>
  <data name="ID0297" xml:space="preserve">
    <value>No supported response type could be found in the server configuration, which typically indicates that the configuration is incomplete or that only non-interactive grants are supported by the authorization server.</value>
  </data>
  <data name="ID0298" xml:space="preserve">
    <value>A common grant type/response type combination supported by both the client and the server couldn't be negotiated automatically. Ensure at least one common flow is enabled in the client options. If the error persists, consider specifying a list of allowed grant type/response type combinations in the client registration and ensure the supported grant type/response type combinations listed in the authorization server configuration are appropriate.</value>
  </data>
  <data name="ID0299" xml:space="preserve">
    <value>A common response mode supported by both the client and the server couldn't be negotiated automatically. Ensure at least one common flow is enabled in the client options. If the error persists, consider specifying a list of allowed response modes in the client registration and ensure the supported response modes listed in the authorization server configuration are appropriate.</value>
  </data>
  <data name="ID0300" xml:space="preserve">
    <value>A redirection URI must be specified in the client registration or web provider options when using an interactive flow.</value>
  </data>
  <data name="ID0301" xml:space="preserve">
    <value>The '{0}' cannot be resolved from the authorization server configuration or doesn't represent a valid absolute URI, which may indicate this endpoint is not supported or is not enabled in the server configuration.</value>
  </data>
  <data name="ID0302" xml:space="preserve">
    <value>The redirection request was not correctly extracted.
To extract authorization requests, create a class implementing 'IOpenIddictClientHandler&lt;ExtractRedirectionRequestContext&gt;' and register it using 'services.AddOpenIddict().AddClient().AddEventHandler()'.</value>
  </data>
  <data name="ID0303" xml:space="preserve">
    <value>The redirection response was not correctly applied.
To apply redirection responses, create a class implementing 'IOpenIddictClientHandler&lt;ApplyRedirectionResponseContext&gt;' and register it using 'services.AddOpenIddict().AddClient().AddEventHandler()'.</value>
  </data>
  <data name="ID0304" xml:space="preserve">
    <value>No client registration was found in the client options. To add a registration, use 'services.AddOpenIddict().AddClient().AddRegistration()'.</value>
  </data>
  <data name="ID0305" xml:space="preserve">
    <value>No client registration information was specified. When multiple clients are registered, an issuer, a provider name or a client registration identifier must be specified in the challenge properties.</value>
  </data>
  <data name="ID0306" xml:space="preserve">
    <value>The specified issuer is not a valid or absolute URI.</value>
  </data>
  <data name="ID0307" xml:space="preserve">
    <value>The issuer extracted from the server configuration metadata doesn't match the expected value.</value>
  </data>
  <data name="ID0308" xml:space="preserve">
    <value>The specified list of valid token types is not valid.</value>
  </data>
  <data name="ID0309" xml:space="preserve">
    <value>A grant type must be specified when triggering authentication demands from endpoints that are not managed by the OpenIddict client stack. This error may also indicate that the redirection endpoint was not correctly enabled in the OpenIddict client options.</value>
  </data>
  <data name="ID0310" xml:space="preserve">
    <value>The specified grant type ({0}) cannot be used with this method.</value>
  </data>
  <data name="ID0311" xml:space="preserve">
    <value>A refresh token must be specified when using the refresh token grant.</value>
  </data>
  <data name="ID0312" xml:space="preserve">
    <value>The event handler of type '{0}' couldn't be resolved.
This may indicate that it was not properly registered in the dependency injection container. To register an event handler, use 'services.AddOpenIddict().AddClient().AddEventHandler()'.</value>
  </data>
  <data name="ID0313" xml:space="preserve">
    <value>A discovery client must be registered when using server discovery.
Reference the 'OpenIddict.Client.SystemNetHttp' package and call 'services.AddOpenIddict().AddClient().UseSystemNetHttp()' to register the default System.Net.Http-based integration.</value>
  </data>
  <data name="ID0314" xml:space="preserve">
    <value>The OpenIddict OWIN client handler cannot be used as an active authentication handler.
Make sure that 'OpenIddictClientOwinOptions.AuthenticationMode' is not set to 'Active'.</value>
  </data>
  <data name="ID0315" xml:space="preserve">
    <value>An error occurred while retrieving the OpenIddict client context. On ASP.NET Core, this may indicate that the authentication middleware was not registered early enough in the request pipeline. Make sure that 'app.UseAuthentication()' is registered before 'app.UseAuthorization()' and 'app.UseEndpoints()' (or 'app.UseMvc()') and try again.</value>
  </data>
  <data name="ID0316" xml:space="preserve">
    <value>No service provider was found in the OWIN context.
For the OpenIddict client services to work correctly, a per-request 'IServiceProvider' must be attached to the OWIN environment with the dictionary key 'System.IServiceProvider'.
Note: when using a dependency injection container supporting middleware resolution (like Autofac), the 'app.UseOpenIddictClient()' extension MUST NOT be called.</value>
  </data>
  <data name="ID0317" xml:space="preserve">
    <value>The OpenIddict client services cannot be resolved from the DI container.
To register the server services, use 'services.AddOpenIddict().AddClient()'.</value>
  </data>
  <data name="ID0318" xml:space="preserve">
    <value>The core services must be registered when enabling the OpenIddict client feature.
To register the OpenIddict core services, reference the 'OpenIddict.Core' package and call 'services.AddOpenIddict().AddCore()' from 'ConfigureServices'.
Alternatively, you can disable the token storage feature by calling 'services.AddOpenIddict().AddClient().DisableTokenStorage()'.</value>
  </data>
  <data name="ID0319" xml:space="preserve">
    <value>An error occurred while refreshing tokens.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0320" xml:space="preserve">
    <value>An error occurred while preparing the token request.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0321" xml:space="preserve">
    <value>An error occurred while sending the token request.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0322" xml:space="preserve">
    <value>An error occurred while extracting the token response.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0323" xml:space="preserve">
    <value>An error occurred while handling the token response.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0324" xml:space="preserve">
    <value>An error occurred while preparing the userinfo request.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0325" xml:space="preserve">
    <value>An error occurred while sending the userinfo request.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0326" xml:space="preserve">
    <value>An error occurred while extracting the userinfo response.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0327" xml:space="preserve">
    <value>An error occurred while handling the userinfo response.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0330" xml:space="preserve">
    <value>The provider name cannot be null or empty.</value>
  </data>
  <data name="ID0331" xml:space="preserve">
    <value>The type of the settings instance attached to the '{0}' provider doesn't match the expected type.</value>
  </data>
  <data name="ID0332" xml:space="preserve">
    <value>The mandatory '{0}' setting required by the {1} provider integration must be set.</value>
  </data>
  <data name="ID0333" xml:space="preserve">
    <value>The '{0}' provider settings cannot be resolved from the client registration. Make sure the provider was correctly registered using 'services.AddOpenIddict().AddClient().UseWebProviders().Add{0}()'.</value>
  </data>
  <data name="ID0334" xml:space="preserve">
    <value>The '{0}' node cannot be extracted from the response or is not of the expected type.</value>
  </data>
  <data name="ID0335" xml:space="preserve">
    <value>The username cannot be null or empty.</value>
  </data>
  <data name="ID0336" xml:space="preserve">
    <value>The password cannot be null or empty.</value>
  </data>
  <data name="ID0337" xml:space="preserve">
    <value>A username must be specified when using the resource owner password credentials grant.</value>
  </data>
  <data name="ID0338" xml:space="preserve">
    <value>A password must be specified when using the resource owner password credentials grant.</value>
  </data>
  <data name="ID0339" xml:space="preserve">
    <value>The request forgery protection claim cannot be resolved from the state token.</value>
  </data>
  <data name="ID0340" xml:space="preserve">
    <value>The endpoint type associated with the state token cannot be resolved.</value>
  </data>
  <data name="ID0342" xml:space="preserve">
    <value>The same issuer cannot be used in multiple client registrations.</value>
  </data>
  <data name="ID0343" xml:space="preserve">
    <value>The request forgery protection claim cannot be resolved from the context.</value>
  </data>
  <data name="ID0345" xml:space="preserve">
    <value>The product name cannot be null or empty.</value>
  </data>
  <data name="ID0346" xml:space="preserve">
    <value>The PEM-encoded key cannot be empty.</value>
  </data>
  <data name="ID0347" xml:space="preserve">
    <value>The same registration identifier cannot be used in multiple client registrations. When multiple client registrations use the same issuer or the same provider name, an explicit identifier must be attached to each client registration. To attach a registration identifier, set 'OpenIddictClientRegistration.RegistrationId' (for a custom client registration) or use 'options.Add[Provider](options =&gt; options.SetRegistrationId())' (for a web provider integration).</value>
  </data>
  <data name="ID0348" xml:space="preserve">
    <value>The specified client registration identifier doesn't match the identifier of the resolved client registration.</value>
  </data>
  <data name="ID0349" xml:space="preserve">
    <value>The specified provider name doesn't match the provider name associated with the resolved client registration.</value>
  </data>
  <data name="ID0350" xml:space="preserve">
    <value>The '{0}' setting required by the {1} provider integration must be a valid absolute URI.</value>
  </data>
  <data name="ID0351" xml:space="preserve">
    <value>The '{0}' instance returned by CryptoConfig.CreateFromName() is not suitable for the requested operation. When registering a custom implementation of a cryptographic algorithm, make sure it inherits from the correct base type and uses the correct name (e.g "OpenIddict RSA Cryptographic Provider" implementations must derive from System.Security.Cryptography.RSA).</value>
  </data>
  <data name="ID0352" xml:space="preserve">
    <value>The nonce cannot be resolved from the context.</value>
  </data>
  <data name="ID0354" xml:space="preserve">
    <value>The nonce cannot be resolved from the state token.</value>
  </data>
  <data name="ID0355" xml:space="preserve">
    <value>No issuer was specified in the authentication context.</value>
  </data>
  <data name="ID0356" xml:space="preserve">
    <value>The redirection endpoint must be enabled to use the authorization code and implicit flows.</value>
  </data>
  <data name="ID0357" xml:space="preserve">
    <value>At least one encryption key must be registered in the OpenIddict client options when using interactive login or logout flows.
Consider registering a certificate using 'services.AddOpenIddict().AddClient().AddEncryptionCertificate()' or 'services.AddOpenIddict().AddClient().AddDevelopmentEncryptionCertificate()' or call 'services.AddOpenIddict().AddClient().AddEphemeralEncryptionKey()' to use an ephemeral key.</value>
  </data>
  <data name="ID0358" xml:space="preserve">
    <value>At least one signing key must be registered in the OpenIddict client options when enabling using interactive login or logout flows.
Consider registering a certificate using 'services.AddOpenIddict().AddClient().AddSigningCertificate()' or 'services.AddOpenIddict().AddClient().AddDevelopmentSigningCertificate()' or call 'services.AddOpenIddict().AddClient().AddEphemeralSigningKey()' to use an ephemeral key.</value>
  </data>
  <data name="ID0359" xml:space="preserve">
    <value>The specified grant type ({0}) has not been enabled in the OpenIddict client options.</value>
  </data>
  <data name="ID0360" xml:space="preserve">
    <value>The client registration doesn't list any supported grant type, which typically indicates an invalid configuration. Ensure the 'OpenIddictClientRegistration.GrantTypes' collection contain at least one of the grant types enabled in the client options or leave it empty to allow OpenIddict to negotiate all the enabled grant types.</value>
  </data>
  <data name="ID0361" xml:space="preserve">
    <value>The client registration doesn't list any supported response type, which typically indicates an invalid configuration. Ensure the 'OpenIddictClientRegistration.ResponseTypes' collection contain at least one of the response types enabled in the client options or leave it empty to allow OpenIddict to negotiate all the enabled response types.</value>
  </data>
  <data name="ID0362" xml:space="preserve">
    <value>No response mode enabled in the client options could be found in the list of response modes allowed by the client registration, which typically indicates an invalid configuration. Ensure the 'OpenIddictClientRegistration.ResponseModes' collection contain at least one of the response modes enabled in the client options or leave it empty to allow OpenIddict to negotiate all the enabled response modes.</value>
  </data>
  <data name="ID0363" xml:space="preserve">
    <value>The specified grant type ({0}) is not listed as a supported grant type in the server configuration. If the error persists, ensure the supported grant types listed in the authorization server configuration are appropriate.</value>
  </data>
  <data name="ID0364" xml:space="preserve">
    <value>Challenge operations cannot be triggered from non-HTTPS endpoints when the transport security requirement is enforced. While not recommended (as HTTPS is required for SameSite=None cookies to work correctly in most browsers), the transport security requirement can be disabled in the ASP.NET Core or OWIN options via 'services.AddOpenIddict().AddClient().UseAspNetCore().DisableTransportSecurityRequirement()' or 'services.AddOpenIddict().AddClient().UseOwin().DisableTransportSecurityRequirement()'.</value>
  </data>
  <data name="ID0365" xml:space="preserve">
    <value>Sign-out operations cannot be triggered from non-HTTPS endpoints when the transport security requirement is enforced. While not recommended (as HTTPS is required for SameSite=None cookies to work correctly in most browsers), the transport security requirement can be disabled in the ASP.NET Core or OWIN options via 'services.AddOpenIddict().AddClient().UseAspNetCore().DisableTransportSecurityRequirement()' or 'services.AddOpenIddict().AddClient().UseOwin().DisableTransportSecurityRequirement()'.</value>
  </data>
  <data name="ID0366" xml:space="preserve">
    <value>The '{0}' parameter cannot be null or empty.</value>
  </data>
  <data name="ID0367" xml:space="preserve">
    <value>The device authorization flow cannot be enabled when token storage is disabled (unless the degraded mode is used).</value>
  </data>
  <data name="ID0368" xml:space="preserve">
    <value>The redirection request was not handled.
To handle redirection requests in a controller, create a custom action with the same route as the redirection endpoint and enable the pass-through mode in the server ASP.NET Core or OWIN options using 'services.AddOpenIddict().AddClient().UseAspNetCore().EnableRedirectionEndpointPassthrough()'.
Alternatively, create a class implementing 'IOpenIddictClientHandler&lt;HandleRedirectionRequestContext&gt;' and register it using 'services.AddOpenIddict().AddClient().AddEventHandler()'.</value>
  </data>
  <data name="ID0369" xml:space="preserve">
    <value>The post-logout redirection request was not correctly extracted.
To extract post-logout redirection requests, create a class implementing 'IOpenIddictClientHandler&lt;ExtractPostLogoutRedirectionRequestContext&gt;' and register it using 'services.AddOpenIddict().AddClient().AddEventHandler()'.</value>
  </data>
  <data name="ID0370" xml:space="preserve">
    <value>The post-logout redirection request was not handled.
To handle post-logout redirection requests in a controller, create a custom action with the same route as the post-logout redirection endpoint and enable the pass-through mode in the server ASP.NET Core or OWIN options using 'services.AddOpenIddict().AddClient().UseAspNetCore().EnablePostLogoutRedirectionEndpointPassthrough()'.
Alternatively, create a class implementing 'IOpenIddictClientHandler&lt;HandlePostLogoutRedirectionRequestContext&gt;' and register it using 'services.AddOpenIddict().AddClient().AddEventHandler()'.</value>
  </data>
  <data name="ID0371" xml:space="preserve">
    <value>The post-logout redirection response was not correctly applied.
To apply post-logout redirection responses, create a class implementing 'IOpenIddictClientHandler&lt;ApplyPostLogoutRedirectionResponseContext&gt;' and register it using 'services.AddOpenIddict().AddClient().AddEventHandler()'.</value>
  </data>
  <data name="ID0372" xml:space="preserve">
    <value>The System.Net.Http client cannot be resolved.</value>
  </data>
  <data name="ID0373" xml:space="preserve">
    <value>Only instances of type '{0}' can be used as primary HTTP handlers for the HTTP clients managed by OpenIddict.</value>
  </data>
  <data name="ID0374" xml:space="preserve">
    <value>An error occurred while authenticating the user.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0375" xml:space="preserve">
    <value>The protocol activation cannot be resolved or contains invalid data.</value>
  </data>
  <data name="ID0376" xml:space="preserve">
    <value>The identifier of the application instance that initiated the authentication process cannot be resolved from the state token.</value>
  </data>
  <data name="ID0377" xml:space="preserve">
    <value>Marshalling of authentication demands is not supported on ASP.NET Core and OWIN. To retrieve the authentication result, use 'IAuthenticationService.AuthenticateAsync()' or 'AuthenticationManager.AuthenticateAsync()'.</value>
  </data>
  <data name="ID0378" xml:space="preserve">
    <value>An error occurred while adding the challenge operation to the list of tracked demands, which may indicate a nonce collision. Make sure nonces are unique, contain enough entropy and are generated using a crypto-secure random number generator.</value>
  </data>
  <data name="ID0379" xml:space="preserve">
    <value>The specified nonce is already used to track another authentication operation.</value>
  </data>
  <data name="ID0380" xml:space="preserve">
    <value>An error occurred while marking the authentication operation as completed, which may indicate a nonce collision. Make sure nonces are unique, contain enough entropy and are generated using a crypto-secure random number generator.</value>
  </data>
  <data name="ID0381" xml:space="preserve">
    <value>An error occurred while removing the authentication operation from the list of tracked demands, which may indicate a nonce collision. Make sure nonces are unique, contain enough entropy and are generated using a crypto-secure random number generator.</value>
  </data>
  <data name="ID0382" xml:space="preserve">
    <value>An error occurred while marking the authentication operation as failed, which may indicate a nonce collision. Make sure nonces are unique, contain enough entropy and are generated using a crypto-secure random number generator.</value>
  </data>
  <data name="ID0383" xml:space="preserve">
    <value>An error occurred while waiting for the authentication operation to complete, which may indicate a nonce collision. Make sure nonces are unique, contain enough entropy and are generated using a crypto-secure random number generator.</value>
  </data>
  <data name="ID0384" xml:space="preserve">
    <value>An error occurred while trying to create an embedded web server on port {0}.</value>
  </data>
  <data name="ID0385" xml:space="preserve">
    <value>The default system browser couldn't be started. If the application executes inside a sandbox, make sure it is allowed to launch URIs or spawn new processes.</value>
  </data>
  <data name="ID0386" xml:space="preserve">
    <value>An application discriminator must be manually set in the OpenIddict client system integration options when no application name is provided by the .NET generic host. To set the application discriminator, call 'services.AddOpenIddict().AddClient().UseSystemIntegration().SetApplicationDiscriminator()'.</value>
  </data>
  <data name="ID0387" xml:space="preserve">
    <value>The type extracted from the inter-process notification ({0}) is unknown or invalid, which may indicate that different versions of the OpenIddict client are used for the same application.</value>
  </data>
  <data name="ID0388" xml:space="preserve">
    <value>The payload extracted from the inter-process notification is malformed, incomplete or was created by a different version of the OpenIddict client library.</value>
  </data>
  <data name="ID0389" xml:space="preserve">
    <value>The OpenIddict client system integration is not supported on this platform (only Android 21+, iOS 12.0+, Linux, Mac Catalyst 13.1+, macOS 10.15+ and Windows 7 are supported).</value>
  </data>
  <data name="ID0390" xml:space="preserve">
    <value>The HTTP listener context cannot be resolved or contains invalid data.</value>
  </data>
  <data name="ID0391" xml:space="preserve">
    <value>An error occurred while instantiating the embedded web server, which may indicate a permission issue.</value>
  </data>
  <data name="ID0392" xml:space="preserve">
    <value>The web authentication broker is only supported on UWP and requires running Windows 10 version 1709 (Fall Creators) or higher.</value>
  </data>
  <data name="ID0393" xml:space="preserve">
    <value>The platform callback cannot be resolved or contains invalid data.</value>
  </data>
  <data name="ID0394" xml:space="preserve">
    <value>The issuer attached to the static configuration must be the same as the one configured in the validation options.</value>
  </data>
  <data name="ID0395" xml:space="preserve">
    <value>The issuer attached to the static configuration must be the same as the one configured in the client registration.</value>
  </data>
  <data name="ID0396" xml:space="preserve">
    <value>A device code must be specified when using the device authorization code grant.</value>
  </data>
  <data name="ID0397" xml:space="preserve">
    <value>The client registration corresponding to the specified provider name cannot be found in the client options.</value>
  </data>
  <data name="ID0398" xml:space="preserve">
    <value>An error occurred while preparing the device authorization request.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0399" xml:space="preserve">
    <value>An error occurred while sending the device authorization request.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0400" xml:space="preserve">
    <value>An error occurred while extracting the device authorization response.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0401" xml:space="preserve">
    <value>An error occurred while handling the device authorization response.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0402" xml:space="preserve">
    <value>The grant type '{0}' is not supported by the ASP.NET Core and OWIN integrations.</value>
  </data>
  <data name="ID0403" xml:space="preserve">
    <value>This API is no longer supported and will be removed in a future version.</value>
  </data>
  <data name="ID0404" xml:space="preserve">
    <value>The specified issuer is used in multiple client registrations. To select a specific client registration, specify its identifier.</value>
  </data>
  <data name="ID0405" xml:space="preserve">
    <value>The issuer must be provided for custom client registrations and must be a valid absolute URI. If the client registration is expected to use a provider integration provided by the OpenIddict.Client.WebIntegration package, make sure the 'OpenIddictClientRegistration.ProviderType' property is correctly set.</value>
  </data>
  <data name="ID0406" xml:space="preserve">
    <value>The provider settings attached to the client registration are missing or of an incorrect type. When manually adding client registrations that depend on a web provider integration provided by OpenIddict.Client.WebIntegration, make sure the 'OpenIddictClientRegistration.ProviderSettings' property is populated with a instance of the correct provider settings.</value>
  </data>
  <data name="ID0407" xml:space="preserve">
    <value>The specified provider type is not valid or is not supported by this version of the OpenIddict.Client.WebIntegration package.</value>
  </data>
  <data name="ID0408" xml:space="preserve">
    <value>The specified issuer doesn't match the issuer associated with the resolved client registration.</value>
  </data>
  <data name="ID0409" xml:space="preserve">
    <value>The specified provider name is used in multiple client registrations. To select a specific client registration, specify its identifier.</value>
  </data>
  <data name="ID0410" xml:space="preserve">
    <value>The client registration corresponding to the specified identifier cannot be found in the client options.</value>
  </data>
  <data name="ID0411" xml:space="preserve">
    <value>The issuer couldn't be resolved from the provider configuration or is not a valid absolute URI. Make sure the OpenIddict.Client.WebIntegration package is referenced and 'options.UseWebProviders()' is correctly called.</value>
  </data>
  <data name="ID0412" xml:space="preserve">
    <value>The Shopify integration requires setting the shop name to be able to determine the location of the OAuth 2.0 endpoints. To dynamically set the shop name when triggering a challenge, add a ".shopify_shop_name" authentication property containing the shop name received by the installation endpoint or specified by the user. Alternatively, for scenarios where a single shop should be supported (e.g employees authentication), the shop name can be set statically in the Shopify provider settings.</value>
  </data>
  <data name="ID0413" xml:space="preserve">
    <value>The specified string is not a valid hexadecimal string.</value>
  </data>
  <data name="ID0414" xml:space="preserve">
    <value>The '{0}' authentication scheme already exists and cannot be registered as a forwarded authentication scheme by the OpenIddict client. Consider removing the conflicting authentication handler or use a different provider name. Alternatively, automatic authentication scheme forwarding can be disabled using 'services.AddOpenIddict().AddClient().UseAspNetCore().DisableAutomaticAuthenticationSchemeForwarding()'.</value>
  </data>
  <data name="ID0415" xml:space="preserve">
    <value>Multiple client registrations sharing the same provider name exist, which prevents registering an automatic forwarded authentication scheme with the name '{0}'. Consider using a unique provider name per client registration or disable automatic authentication scheme forwarding using 'services.AddOpenIddict().AddClient().UseAspNetCore().DisableAutomaticAuthenticationSchemeForwarding()'.</value>
  </data>
  <data name="ID0416" xml:space="preserve">
    <value>Multiple client registrations sharing the same provider name exist, which prevents registering an automatic forwarded authentication type with the name '{0}'. Consider using a unique provider name per client registration or disable automatic authentication type forwarding using 'services.AddOpenIddict().AddClient().UseOwin().DisableAutomaticAuthenticationTypeForwarding()'.</value>
  </data>
  <data name="ID0417" xml:space="preserve">
    <value>The authentication properties must not contain an '.issuer', '.provider_name' or '.registration_id' property when using a forwarded authentication scheme/type.</value>
  </data>
  <data name="ID0418" xml:space="preserve">
    <value>A client identifier must be specified in the client registration or web provider options when using 'response_type=none', the authorization code/hybrid/implicit flows or the device authorization flow.</value>
  </data>
  <data name="ID0419" xml:space="preserve">
    <value>At least one client authentication method must be configured when enabling the device authorization, introspection, revocation or token endpoints.</value>
  </data>
  <data name="ID0420" xml:space="preserve">
    <value>The '{0}' client assertion type must be configured when enabling the '{1}' client authentication method.</value>
  </data>
  <data name="ID0421" xml:space="preserve">
    <value>At least one subject type must be supported.</value>
  </data>
  <data name="ID0422" xml:space="preserve">
    <value>A configuration manager must be attached to the client registration to be able to resolve the server configuration.</value>
  </data>
  <data name="ID0423" xml:space="preserve">
    <value>Multiple claims of the same type are present in the identity or principal.</value>
  </data>
  <data name="ID0424" xml:space="preserve">
    <value>The '{0}' claim present in the specified principal is malformed or isn't of the expected type.</value>
  </data>
  <data name="ID0425" xml:space="preserve">
    <value>The specified principal contains an authenticated identity, which is not valid for this operation. Make sure that 'ClaimsPrincipal.Identity.AuthenticationType' is null and that 'ClaimsPrincipal.Identity.IsAuthenticated' returns 'false'.</value>
  </data>
  <data name="ID0426" xml:space="preserve">
    <value>The specified principal contains a subject claim, which is not valid for this operation.</value>
  </data>
  <data name="ID0427" xml:space="preserve">
    <value>The Amazon integration requires sending the user code to the token endpoint when using the device authorization code grant. For that, attach a ".user_code" authentication property containing the user code returned by the device authorization endpoint.</value>
  </data>
  <data name="ID0428" xml:space="preserve">
    <value>An error occurred while introspecting a token.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0429" xml:space="preserve">
    <value>An error occurred while revoking a token.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0430" xml:space="preserve">
    <value>An error occurred while preparing the revocation request.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0431" xml:space="preserve">
    <value>An error occurred while sending the revocation request.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0432" xml:space="preserve">
    <value>An error occurred while extracting the revocation response.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0433" xml:space="preserve">
    <value>An error occurred while handling the revocation response.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0434" xml:space="preserve">
    <value>An error occurred while signing the user out.</value>
  </data>
  <data name="ID0435" xml:space="preserve">
    <value>An error occurred while authenticating the client application.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0436" xml:space="preserve">
    <value>The specified charset contains a duplicate character.</value>
  </data>
  <data name="ID0437" xml:space="preserve">
    <value>The specified charset contains a character that cannot be represented as a single text element.</value>
  </data>
  <data name="ID0438" xml:space="preserve">
    <value>The specified charset contains non-ASCII characters. Characters outside the Basic Latin Unicode block are only supported on .NET 5.0 and higher.</value>
  </data>
  <data name="ID0439" xml:space="preserve">
    <value>The specified characters count is too low. Use a value equal to or higher than {0}.</value>
  </data>
  <data name="ID0440" xml:space="preserve">
    <value>The specified charset doesn't include enough characters. Ensure at least {0} characters are included in the charset.</value>
  </data>
  <data name="ID0441" xml:space="preserve">
    <value>The specified format string cannot contain a '{0}' character when it is included as an allowed character in the charset.</value>
  </data>
  <data name="ID0442" xml:space="preserve">
    <value>The client registration corresponding to the specified nonce could not be resolved, which may indicate an invalid authentication demand or an invalid configuration. When using interactive user authentication flows in desktop or mobile applications, make sure the system integration is registered by calling 'services.AddOpenIddict().AddClient().UseSystemIntegration()'. When using interactive user authentication flows in an ASP.NET Core or OWIN application, use the authentication APIs exposed by 'IAuthenticationService' or 'IAuthenticationManager' instead of the 'OpenIddictClientService' class.</value>
  </data>
  <data name="ID0443" xml:space="preserve">
    <value>The base URI could not be resolved from the context, which may indicate an invalid authentication demand or an invalid configuration. When using interactive user authentication flows in desktop or mobile applications, make sure the system integration is registered by calling 'services.AddOpenIddict().AddClient().UseSystemIntegration()'. When using interactive user authentication flows in an ASP.NET Core or OWIN application, use the authentication APIs exposed by 'IAuthenticationService' or 'IAuthenticationManager' instead of the 'OpenIddictClientService' class.</value>
  </data>
  <data name="ID0444" xml:space="preserve">
    <value>An explicit response type must be attached when specifying a specific grant type.</value>
  </data>
  <data name="ID0445" xml:space="preserve">
    <value>An explicit grant type must be attached when specifying a specific response type (except when using the special response_type=none value).</value>
  </data>
  <data name="ID0446" xml:space="preserve">
    <value>AS web authentication sessions are only supported on iOS 12.0 and higher.</value>
  </data>
  <data name="ID0447" xml:space="preserve">
    <value>The current UI window cannot be resolved.</value>
  </data>
  <data name="ID0448" xml:space="preserve">
    <value>An unknown error occurred while trying to start an AS web authentication session.</value>
  </data>
  <data name="ID0449" xml:space="preserve">
    <value>The generic version of the OpenIddict.Client.SystemIntegration package cannot be used on this platform. Make sure your application is referencing the correct version by using the appropriate OS-specific TFM (e.g on macOS, 'net8.0-macos10.15').</value>
  </data>
  <data name="ID0450" xml:space="preserve">
    <value>An HTTP redirect_uri or post_logout_redirect_uri cannot be used when using AS web authentication sessions. Make sure you're using a custom protocol scheme for all the callback URIs attached to the client registration. Alternatively, you can register an associated domain and use an HTTPS redirect_uri or post_logout_redirect_uri pointing to that domain (supported only on iOS 17.4+, Mac Catalyst 17.4+ and macOS 14.4+).</value>
  </data>
  <data name="ID0451" xml:space="preserve">
    <value>The Zoho integration requires sending the region of the server when using the client credentials or refresh token grants. For that, attach a ".location" authentication property containing the region to use.</value>
  </data>
  <data name="ID0452" xml:space="preserve">
    <value>Custom tabs intents are only supported on Android.</value>
  </data>
  <data name="ID0453" xml:space="preserve">
    <value>The specified intent doesn't contain a valid data URI.</value>
  </data>
  <data name="ID0454" xml:space="preserve">
    <value>The format of the specified certificate is not supported.</value>
  </data>
  <data name="ID0455" xml:space="preserve">
    <value>Registration identifiers cannot contain U+001E or U+001F characters.</value>
  </data>
  <data name="ID0456" xml:space="preserve">
    <value>The specified client authentication method/token binding methods combination is not valid.</value>
  </data>
  <data name="ID0457" xml:space="preserve">
    <value>The '{0}' parameter cannot contain null or empty values.</value>
  </data>
  <data name="ID0458" xml:space="preserve">
    <value>A token must be specified when using introspection.</value>
  </data>
  <data name="ID0459" xml:space="preserve">
    <value>A token must be specified when using revocation.</value>
  </data>
  <data name="ID0460" xml:space="preserve">
    <value>The authorization server requires using pushed authorization requests. Consider setting 'OpenIddictClientRegistration.DisablePushedAuthorizationRequests' to false to allow the OpenIddict client to use pushed authorization requests.</value>
  </data>
  <data name="ID0461" xml:space="preserve">
    <value>An error occurred while preparing the device authorization request.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0462" xml:space="preserve">
    <value>An error occurred while sending the device authorization request.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0463" xml:space="preserve">
    <value>An error occurred while extracting the device authorization response.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0464" xml:space="preserve">
    <value>An error occurred while handling the device authorization response.
  Error: {0}
  Error description: {1}
  Error URI: {2}</value>
  </data>
  <data name="ID0465" xml:space="preserve">
    <value>Authorization request caching and end session request caching cannot be used when disabling token storage.</value>
  </data>
  <data name="ID0466" xml:space="preserve">
    <value>No custom pushed authorization request validation handler was found. When enabling the degraded mode, a custom 'IOpenIddictServerHandler&lt;ValidatePushedAuthorizationRequestContext&gt;' (or 'IOpenIddictServerHandler&lt;ProcessAuthenticationContext&gt;') must be implemented to validate pushed authorization requests (e.g to ensure the client_id and client_secret are valid).</value>
  </data>
  <data name="ID0467" xml:space="preserve">
    <value>The VK ID integration requires sending the device identifier to the token and revocation endpoints. For that, attach a ".device_id" authentication property containing the device identifier returned by the authorization endpoint.</value>
  </data>
  <data name="ID0468" xml:space="preserve">
    <value>The pushed authorization request was not correctly extracted.
To extract pushed authorization requests, create a class implementing 'IOpenIddictServerHandler&lt;ExtractPushedAuthorizationRequestContext&gt;' and register it using 'services.AddOpenIddict().AddServer().AddEventHandler()'.</value>
  </data>
  <data name="ID0469" xml:space="preserve">
    <value>The pushed authorization response was not correctly applied.
To apply pushed authorization responses, create a class implementing 'IOpenIddictServerHandler&lt;ApplyPushedAuthorizationResponseContext&gt;' and register it using 'services.AddOpenIddict().AddServer().AddEventHandler()'.</value>
  </data>
  <data name="ID2000" xml:space="preserve">
    <value>The security token is missing.</value>
  </data>
  <data name="ID2001" xml:space="preserve">
    <value>The specified authorization code is invalid.</value>
  </data>
  <data name="ID2002" xml:space="preserve">
    <value>The specified device code is invalid.</value>
  </data>
  <data name="ID2003" xml:space="preserve">
    <value>The specified refresh token is invalid.</value>
  </data>
  <data name="ID2004" xml:space="preserve">
    <value>The specified token is invalid.</value>
  </data>
  <data name="ID2005" xml:space="preserve">
    <value>The specified token is not an authorization code.</value>
  </data>
  <data name="ID2006" xml:space="preserve">
    <value>The specified token is not an device code.</value>
  </data>
  <data name="ID2007" xml:space="preserve">
    <value>The specified token is not a refresh token.</value>
  </data>
  <data name="ID2008" xml:space="preserve">
    <value>The specified token is not an access token.</value>
  </data>
  <data name="ID2009" xml:space="preserve">
    <value>The specified identity token is invalid.</value>
  </data>
  <data name="ID2010" xml:space="preserve">
    <value>The specified authorization code has already been redeemed.</value>
  </data>
  <data name="ID2011" xml:space="preserve">
    <value>The specified device code has already been redeemed.</value>
  </data>
  <data name="ID2012" xml:space="preserve">
    <value>The specified refresh token has already been redeemed.</value>
  </data>
  <data name="ID2013" xml:space="preserve">
    <value>The specified token has already been redeemed.</value>
  </data>
  <data name="ID2014" xml:space="preserve">
    <value>The authorization has not been granted yet by the end user.</value>
  </data>
  <data name="ID2015" xml:space="preserve">
    <value>The authorization was denied by the end user.</value>
  </data>
  <data name="ID2016" xml:space="preserve">
    <value>The specified authorization code is no longer valid.</value>
  </data>
  <data name="ID2017" xml:space="preserve">
    <value>The specified device code is no longer valid.</value>
  </data>
  <data name="ID2018" xml:space="preserve">
    <value>The specified refresh token is no longer valid.</value>
  </data>
  <data name="ID2019" xml:space="preserve">
    <value>The specified token is no longer valid.</value>
  </data>
  <data name="ID2020" xml:space="preserve">
    <value>The authorization associated with the authorization code is no longer valid.</value>
  </data>
  <data name="ID2021" xml:space="preserve">
    <value>The authorization associated with the device code is no longer valid.</value>
  </data>
  <data name="ID2022" xml:space="preserve">
    <value>The authorization associated with the refresh token is no longer valid.</value>
  </data>
  <data name="ID2023" xml:space="preserve">
    <value>The authorization associated with the token is no longer valid.</value>
  </data>
  <data name="ID2024" xml:space="preserve">
    <value>The token request was rejected by the authentication server.</value>
  </data>
  <data name="ID2025" xml:space="preserve">
    <value>The user information access demand was rejected by the authentication server.</value>
  </data>
  <data name="ID2026" xml:space="preserve">
    <value>The specified user code is no longer valid.</value>
  </data>
  <data name="ID2027" xml:space="preserve">
    <value>The client application is not allowed to use the device authorization flow.</value>
  </data>
  <data name="ID2028" xml:space="preserve">
    <value>The '{0}' parameter is not supported.</value>
  </data>
  <data name="ID2029" xml:space="preserve">
    <value>The mandatory '{0}' parameter is missing.</value>
  </data>
  <data name="ID2030" xml:space="preserve">
    <value>The '{0}' parameter must be a valid absolute URI.</value>
  </data>
  <data name="ID2031" xml:space="preserve">
    <value>The '{0}' parameter must not include a fragment.</value>
  </data>
  <data name="ID2032" xml:space="preserve">
    <value>The specified '{0}' is not supported.</value>
  </data>
  <data name="ID2033" xml:space="preserve">
    <value>The specified '{0}'/'{1}' combination is invalid.</value>
  </data>
  <data name="ID2034" xml:space="preserve">
    <value>The mandatory '{0}' scope is missing.</value>
  </data>
  <data name="ID2035" xml:space="preserve">
    <value>The '{0}' scope is not allowed.</value>
  </data>
  <data name="ID2036" xml:space="preserve">
    <value>The client identifier cannot be null or empty.</value>
  </data>
  <data name="ID2037" xml:space="preserve">
    <value>The '{0}' parameter cannot be used without '{1}'.</value>
  </data>
  <data name="ID2038" xml:space="preserve">
    <value>The status cannot be null or empty.</value>
  </data>
  <data name="ID2039" xml:space="preserve">
    <value>Scopes cannot be null or empty.</value>
  </data>
  <data name="ID2040" xml:space="preserve">
    <value>The '{0}' and '{1}' parameters can only be used with a response type containing '{2}'.</value>
  </data>
  <data name="ID2041" xml:space="preserve">
    <value>The specified '{0}' is not allowed when using PKCE.</value>
  </data>
  <data name="ID2042" xml:space="preserve">
    <value>Scopes cannot contain spaces.</value>
  </data>
  <data name="ID2043" xml:space="preserve">
    <value>The specified '{0}' is not valid for this client application.</value>
  </data>
  <data name="ID2044" xml:space="preserve">
    <value>The scope name cannot be null or empty.</value>
  </data>
  <data name="ID2045" xml:space="preserve">
    <value>The scope name cannot contain spaces.</value>
  </data>
  <data name="ID2046" xml:space="preserve">
    <value>This client application is not allowed to use the authorization endpoint.</value>
  </data>
  <data name="ID2047" xml:space="preserve">
    <value>The client application is not allowed to use the authorization code flow.</value>
  </data>
  <data name="ID2048" xml:space="preserve">
    <value>The client application is not allowed to use the implicit flow.</value>
  </data>
  <data name="ID2049" xml:space="preserve">
    <value>The client application is not allowed to use the hybrid flow.</value>
  </data>
  <data name="ID2050" xml:space="preserve">
    <value>The client type cannot be null or empty.</value>
  </data>
  <data name="ID2051" xml:space="preserve">
    <value>This client application is not allowed to use the specified scope.</value>
  </data>
  <data name="ID2052" xml:space="preserve">
    <value>The specified '{0}' is invalid.</value>
  </data>
  <data name="ID2053" xml:space="preserve">
    <value>The '{0}' parameter is not valid for this client application.</value>
  </data>
  <data name="ID2054" xml:space="preserve">
    <value>The '{0}' parameter required for this client application is missing.</value>
  </data>
  <data name="ID2055" xml:space="preserve">
    <value>The specified client credentials are invalid.</value>
  </data>
  <data name="ID2056" xml:space="preserve">
    <value>This client application is not allowed to use the device authorization endpoint.</value>
  </data>
  <data name="ID2057" xml:space="preserve">
    <value>The '{0}' or '{1}' parameter must be specified when using the client credentials grant.</value>
  </data>
  <data name="ID2058" xml:space="preserve">
    <value>The '{0}' parameter is required when using the device code grant.</value>
  </data>
  <data name="ID2059" xml:space="preserve">
    <value>The mandatory '{0}' and/or '{1}' parameters are missing.</value>
  </data>
  <data name="ID2060" xml:space="preserve">
    <value>A scope with the same name already exists.</value>
  </data>
  <data name="ID2061" xml:space="preserve">
    <value>Callback URIs cannot be null or empty.</value>
  </data>
  <data name="ID2062" xml:space="preserve">
    <value>Callback URIs must be valid absolute URIs.</value>
  </data>
  <data name="ID2063" xml:space="preserve">
    <value>This client application is not allowed to use the token endpoint.</value>
  </data>
  <data name="ID2064" xml:space="preserve">
    <value>This client application is not allowed to use the specified grant type.</value>
  </data>
  <data name="ID2065" xml:space="preserve">
    <value>The client application is not allowed to use the '{0}' scope.</value>
  </data>
  <data name="ID2066" xml:space="preserve">
    <value>The specified authorization code cannot be used without sending a client identifier.</value>
  </data>
  <data name="ID2067" xml:space="preserve">
    <value>The specified device code cannot be used without sending a client identifier.</value>
  </data>
  <data name="ID2068" xml:space="preserve">
    <value>The specified refresh token cannot be used without sending a client identifier.</value>
  </data>
  <data name="ID2069" xml:space="preserve">
    <value>The specified authorization code cannot be used by this client application.</value>
  </data>
  <data name="ID2070" xml:space="preserve">
    <value>The specified device code cannot be used by this client application.</value>
  </data>
  <data name="ID2071" xml:space="preserve">
    <value>The specified refresh token cannot be used by this client application.</value>
  </data>
  <data name="ID2072" xml:space="preserve">
    <value>The specified '{0}' parameter doesn't match the client redirection URI the authorization code was initially sent to.</value>
  </data>
  <data name="ID2073" xml:space="preserve">
    <value>The '{0}' parameter cannot be used when no '{1}' was specified in the authorization request.</value>
  </data>
  <data name="ID2074" xml:space="preserve">
    <value>The '{0}' parameter is not valid in this context.</value>
  </data>
  <data name="ID2075" xml:space="preserve">
    <value>This client application is not allowed to use the introspection endpoint.</value>
  </data>
  <data name="ID2076" xml:space="preserve">
    <value>The specified token cannot be introspected.</value>
  </data>
  <data name="ID2077" xml:space="preserve">
    <value>The client application is not allowed to introspect the specified token.</value>
  </data>
  <data name="ID2078" xml:space="preserve">
    <value>This client application is not allowed to use the revocation endpoint.</value>
  </data>
  <data name="ID2079" xml:space="preserve">
    <value>This token cannot be revoked.</value>
  </data>
  <data name="ID2080" xml:space="preserve">
    <value>The client application is not allowed to revoke the specified token.</value>
  </data>
  <data name="ID2081" xml:space="preserve">
    <value>The mandatory '{0}' header is missing.</value>
  </data>
  <data name="ID2082" xml:space="preserve">
    <value>The specified '{0}' header is invalid.</value>
  </data>
  <data name="ID2083" xml:space="preserve">
    <value>This server only accepts HTTPS requests.</value>
  </data>
  <data name="ID2084" xml:space="preserve">
    <value>The specified HTTP method is not valid.</value>
  </data>
  <data name="ID2085" xml:space="preserve">
    <value>A token with the same reference identifier already exists.</value>
  </data>
  <data name="ID2086" xml:space="preserve">
    <value>The token type cannot be null or empty.</value>
  </data>
  <data name="ID2087" xml:space="preserve">
    <value>Multiple client credentials cannot be specified.</value>
  </data>
  <data name="ID2088" xml:space="preserve">
    <value>The issuer associated to the specified token is not valid.</value>
  </data>
  <data name="ID2089" xml:space="preserve">
    <value>The specified token is not of the expected type.</value>
  </data>
  <data name="ID2090" xml:space="preserve">
    <value>The signing key associated to the specified token was not found.</value>
  </data>
  <data name="ID2091" xml:space="preserve">
    <value>The signature associated to the specified token is not valid.</value>
  </data>
  <data name="ID2092" xml:space="preserve">
    <value>This resource server is currently unavailable.</value>
  </data>
  <data name="ID2093" xml:space="preserve">
    <value>The specified token doesn't contain any audience.</value>
  </data>
  <data name="ID2094" xml:space="preserve">
    <value>The specified token cannot be used with this resource server.</value>
  </data>
  <data name="ID2095" xml:space="preserve">
    <value>The user represented by the token is not allowed to perform the requested action.</value>
  </data>
  <data name="ID2096" xml:space="preserve">
    <value>No issuer could be found in the server configuration.</value>
  </data>
  <data name="ID2097" xml:space="preserve">
    <value>A server configuration containing an invalid issuer was returned.</value>
  </data>
  <data name="ID2098" xml:space="preserve">
    <value>The issuer returned in the server configuration doesn't match the value set in the validation options.</value>
  </data>
  <data name="ID2099" xml:space="preserve">
    <value>No JSON Web Key Set endpoint could be found in the server configuration.</value>
  </data>
  <data name="ID2100" xml:space="preserve">
    <value>A server configuration containing an invalid '{0}' URI was returned.</value>
  </data>
  <data name="ID2102" xml:space="preserve">
    <value>The JSON Web Key Set document didn't contain a valid '{0}' node with at least one key.</value>
  </data>
  <data name="ID2103" xml:space="preserve">
    <value>A JSON Web Key Set response containing an unsupported key was returned.</value>
  </data>
  <data name="ID2104" xml:space="preserve">
    <value>A JSON Web Key Set response containing an invalid key was returned.</value>
  </data>
  <data name="ID2105" xml:space="preserve">
    <value>The mandatory '{0}' parameter couldn't be found in the introspection response.</value>
  </data>
  <data name="ID2106" xml:space="preserve">
    <value>The token was rejected by the remote authentication server.</value>
  </data>
  <data name="ID2107" xml:space="preserve">
    <value>The '{0}' parameter is malformed or isn't of the expected type.</value>
  </data>
  <data name="ID2108" xml:space="preserve">
    <value>An introspection response containing a malformed issuer was returned.</value>
  </data>
  <data name="ID2109" xml:space="preserve">
    <value>The issuer returned in the introspection response is not valid.</value>
  </data>
  <data name="ID2110" xml:space="preserve">
    <value>The type of the introspected token doesn't match the expected type.</value>
  </data>
  <data name="ID2111" xml:space="preserve">
    <value>An application with the same client identifier already exists.</value>
  </data>
  <data name="ID2112" xml:space="preserve">
    <value>Only confidential or public applications are supported by the default application manager.</value>
  </data>
  <data name="ID2113" xml:space="preserve">
    <value>The client secret cannot be null or empty for a confidential application. Alternatively, a RSA or ECDSA key (with the key use "sig") can be added to the JSON Web Key Set attached to the application if the client authenticates using client assertions.</value>
  </data>
  <data name="ID2114" xml:space="preserve">
    <value>A client secret cannot be associated with a public application.</value>
  </data>
  <data name="ID2115" xml:space="preserve">
    <value>Callback URIs cannot contain a fragment.</value>
  </data>
  <data name="ID2116" xml:space="preserve">
    <value>The authorization type cannot be null or empty.</value>
  </data>
  <data name="ID2117" xml:space="preserve">
    <value>The specified authorization type is not supported by the default token manager.</value>
  </data>
  <data name="ID2118" xml:space="preserve">
    <value>The token usage returned by the authorization server is not supported.</value>
  </data>
  <data name="ID2119" xml:space="preserve">
    <value>The specified '{0}' parameter doesn't match the authorization server the authorization request was initially sent to.</value>
  </data>
  <data name="ID2120" xml:space="preserve">
    <value>The '{0}' parameter cannot be used when '{1}' is not supported by the authorization server.</value>
  </data>
  <data name="ID2121" xml:space="preserve">
    <value>The '{0}' claim extracted from the specified frontchannel identity token is malformed or isn't of the expected type.</value>
  </data>
  <data name="ID2122" xml:space="preserve">
    <value>The mandatory '{0}' claim cannot be found in the specified frontchannel identity token.</value>
  </data>
  <data name="ID2123" xml:space="preserve">
    <value>The specified frontchannel identity token cannot be used with this client application.</value>
  </data>
  <data name="ID2124" xml:space="preserve">
    <value>The '{0}' claim returned in the specified frontchannel identity token doesn't match the expected value.</value>
  </data>
  <data name="ID2125" xml:space="preserve">
    <value>The '{0}' claim extracted from the specified backchannel identity token is malformed or isn't of the expected type.</value>
  </data>
  <data name="ID2126" xml:space="preserve">
    <value>The mandatory '{0}' claim cannot be found in the specified backchannel identity token.</value>
  </data>
  <data name="ID2127" xml:space="preserve">
    <value>The specified backchannel identity token cannot be used with this client application.</value>
  </data>
  <data name="ID2128" xml:space="preserve">
    <value>The '{0}' claim returned in the specified backchannel identity token doesn't match the expected value.</value>
  </data>
  <data name="ID2129" xml:space="preserve">
    <value>No correlation cookie associated with the specified state can be found. Please try logging in again. If the error persists, please contact the website owner.</value>
  </data>
  <data name="ID2130" xml:space="preserve">
    <value>The specified state token is not valid in this context.</value>
  </data>
  <data name="ID2131" xml:space="preserve">
    <value>The '{0}' claim extracted from the specified userinfo response/token is malformed or isn't of the expected type.</value>
  </data>
  <data name="ID2132" xml:space="preserve">
    <value>The mandatory '{0}' claim cannot be found in the specified userinfo response/token.</value>
  </data>
  <data name="ID2133" xml:space="preserve">
    <value>The '{0}' claim returned in the specified userinfo response/token doesn't match the expected value.</value>
  </data>
  <data name="ID2134" xml:space="preserve">
    <value>Callback URIs cannot contain an "{0}" parameter.</value>
  </data>
  <data name="ID2135" xml:space="preserve">
    <value>The '{0}' parameter must not include a '{1}' component.</value>
  </data>
  <data name="ID2136" xml:space="preserve">
    <value>An error occurred while communicating with the remote HTTP server.</value>
  </data>
  <data name="ID2137" xml:space="preserve">
    <value>An invalid JSON response was returned by the remote HTTP server.</value>
  </data>
  <data name="ID2138" xml:space="preserve">
    <value>The current URI doesn't match the URI of the redirection endpoint selected during the initial authorization request.</value>
  </data>
  <data name="ID2139" xml:space="preserve">
    <value>The specified state token has already been redeemed.</value>
  </data>
  <data name="ID2140" xml:space="preserve">
    <value>This client application is not allowed to use the end session endpoint.</value>
  </data>
  <data name="ID2141" xml:space="preserve">
    <value>The client application is not allowed to use the specified identity token hint.</value>
  </data>
  <data name="ID2142" xml:space="preserve">
    <value>The specified '{0}' parameter is not suitable for the requested operation.</value>
  </data>
  <data name="ID2143" xml:space="preserve">
    <value>An unsupported content encoding was returned by the remote server.</value>
  </data>
  <data name="ID2144" xml:space="preserve">
    <value>The configuration request was rejected by the remote server.</value>
  </data>
  <data name="ID2145" xml:space="preserve">
    <value>The JSON Web Key Set request was rejected by the remote server.</value>
  </data>
  <data name="ID2146" xml:space="preserve">
    <value>The introspection request was rejected by the remote server.</value>
  </data>
  <data name="ID2147" xml:space="preserve">
    <value>The token request was rejected by the remote server.</value>
  </data>
  <data name="ID2148" xml:space="preserve">
    <value>The userinfo request was rejected by the remote server.</value>
  </data>
  <data name="ID2149" xml:space="preserve">
    <value>The authentication demand was denied by the user or by the identity provider.</value>
  </data>
  <data name="ID2150" xml:space="preserve">
    <value>The authentication demand was rejected due to a missing or invalid parameter.</value>
  </data>
  <data name="ID2151" xml:space="preserve">
    <value>The authentication demand was rejected due to an invalid scope.</value>
  </data>
  <data name="ID2152" xml:space="preserve">
    <value>The authentication demand was rejected due to a remote server error.</value>
  </data>
  <data name="ID2153" xml:space="preserve">
    <value>The authentication demand was rejected due to a transient error.</value>
  </data>
  <data name="ID2154" xml:space="preserve">
    <value>The authentication demand was rejected due to the use of an incorrect or unauthorized grant type.</value>
  </data>
  <data name="ID2155" xml:space="preserve">
    <value>The authentication demand was rejected due to an unsupported response type.</value>
  </data>
  <data name="ID2156" xml:space="preserve">
    <value>The authentication demand was rejected because the user didn't select a user account.</value>
  </data>
  <data name="ID2157" xml:space="preserve">
    <value>The authentication demand was rejected because user consent was required to proceed the request.</value>
  </data>
  <data name="ID2158" xml:space="preserve">
    <value>The authentication demand was rejected because user interaction was required to proceed the request.</value>
  </data>
  <data name="ID2159" xml:space="preserve">
    <value>The authentication demand was rejected because user (re-)authentication was required to proceed the request.</value>
  </data>
  <data name="ID2160" xml:space="preserve">
    <value>The authentication demand was rejected by the identity provider.</value>
  </data>
  <data name="ID2161" xml:space="preserve">
    <value>A generic {StatusCode} error was returned by the remote authorization server.</value>
  </data>
  <data name="ID2162" xml:space="preserve">
    <value>An unsupported response was returned by the remote authorization server.</value>
  </data>
  <data name="ID2163" xml:space="preserve">
    <value>The correlation cookie is invalid or malformed.</value>
  </data>
  <data name="ID2164" xml:space="preserve">
    <value>The request forgery protection is missing or doesn't contain the expected value.</value>
  </data>
  <data name="ID2165" xml:space="preserve">
    <value>The issuer returned in the server configuration doesn't match the value set in the client registration options.</value>
  </data>
  <data name="ID2166" xml:space="preserve">
    <value>The received authorization response is not valid for this instance of the application.</value>
  </data>
  <data name="ID2167" xml:space="preserve">
    <value>The device authorization request was rejected by the remote server.</value>
  </data>
  <data name="ID2168" xml:space="preserve">
    <value>The mandatory '{0}' parameter couldn't be found in the device authorization response.</value>
  </data>
  <data name="ID2169" xml:space="preserve">
    <value>The '{0}' parameter returned in the device authorization response is not valid absolute URI.</value>
  </data>
  <data name="ID2170" xml:space="preserve">
    <value>The remote authorization server is currently unavailable or returned an invalid configuration.</value>
  </data>
  <data name="ID2171" xml:space="preserve">
    <value>The '{0}' claim extracted from the specified client assertion is malformed or isn't of the expected type.</value>
  </data>
  <data name="ID2172" xml:space="preserve">
    <value>The mandatory '{0}' claim cannot be found in the specified client assertion.</value>
  </data>
  <data name="ID2173" xml:space="preserve">
    <value>The '{0}' claim returned in the specified client assertion doesn't match the expected value.</value>
  </data>
  <data name="ID2174" xml:space="preserve">
    <value>The '{0}' client authentication method is not supported.</value>
  </data>
  <data name="ID2175" xml:space="preserve">
    <value>The revocation request was rejected by the remote server.</value>
  </data>
  <data name="ID2176" xml:space="preserve">
    <value>The introspection response indicates the token is no longer valid.</value>
  </data>
  <data name="ID2177" xml:space="preserve">
    <value>The '{0}' parameter must be attached as a regular OAuth 2.0 parameter when using a request object or pushed authorization requests.</value>
  </data>
  <data name="ID2178" xml:space="preserve">
    <value>The '{0}' parameter doesn't match the value specified in the request object or pushed authorization request.</value>
  </data>
  <data name="ID2179" xml:space="preserve">
    <value>The pushed authorization request was rejected by the remote server.</value>
  </data>
  <data name="ID2180" xml:space="preserve">
    <value>The mandatory '{0}' parameter couldn't be found in the pushed authorization response.</value>
  </data>
  <data name="ID2181" xml:space="preserve">
    <value>The '{0}' parameter returned in the pushed authorization response is not valid absolute URI.</value>
  </data>
  <data name="ID2182" xml:space="preserve">
    <value>A '{0}' obtained from the pushed authorization request endpoint is required for this client application.</value>
  </data>
  <data name="ID2183" xml:space="preserve">
    <value>This client application is not allowed to use the authorization endpoint.</value>
  </data>
  <data name="ID4000" xml:space="preserve">
    <value>The '{0}' parameter shouldn't be null or empty at this point.</value>
  </data>
  <data name="ID4001" xml:space="preserve">
    <value>The separators collection shouldn't be null or empty.</value>
  </data>
  <data name="ID4002" xml:space="preserve">
    <value>The value string shouldn't be null or empty.</value>
  </data>
  <data name="ID4003" xml:space="preserve">
    <value>RSA.ExportParameters() shouldn't return invalid values.</value>
  </data>
  <data name="ID4004" xml:space="preserve">
    <value>ECDsa.ExportParameters() shouldn't return invalid values.</value>
  </data>
  <data name="ID4005" xml:space="preserve">
    <value>ECDsa.ExportParameters() shouldn't return an unnamed curve.</value>
  </data>
  <data name="ID4006" xml:space="preserve">
    <value>The principal and its attached identity shouldn't be null at this point.</value>
  </data>
  <data name="ID4007" xml:space="preserve">
    <value>The response shouldn't be null at this point.</value>
  </data>
  <data name="ID4008" xml:space="preserve">
    <value>The request shouldn't be null at this point.</value>
  </data>
  <data name="ID4009" xml:space="preserve">
    <value>The token type shouldn't be null or empty.</value>
  </data>
  <data name="ID4010" xml:space="preserve">
    <value>The token shouldn't be null or empty at this point.</value>
  </data>
  <data name="ID4011" xml:space="preserve">
    <value>EC-based keys shouldn't have a null OID.</value>
  </data>
  <data name="ID4012" xml:space="preserve">
    <value>EC-based keys should have a non-null OID raw value or friendly name.</value>
  </data>
  <data name="ID4013" xml:space="preserve">
    <value>The issuer should be a valid absolute URI at this point.</value>
  </data>
  <data name="ID4014" xml:space="preserve">
    <value>The username shouldn't be null or empty at this point.</value>
  </data>
  <data name="ID4015" xml:space="preserve">
    <value>The password shouldn't be null or empty at this point.</value>
  </data>
  <data name="ID4016" xml:space="preserve">
    <value>The number of written bytes ({0}) doesn't match the expected value ({1}).</value>
  </data>
  <data name="ID4017" xml:space="preserve">
    <value>The token identifier shouldn't be null or empty at this point.</value>
  </data>
  <data name="ID4018" xml:space="preserve">
    <value>The authorization identifier shouldn't be null or empty at this point.</value>
  </data>
  <data name="ID4019" xml:space="preserve">
    <value>The nonce shouldn't be null or empty at this point.</value>
  </data>
  <data name="ID6000" xml:space="preserve">
    <value>An error occurred while validating the token '{Token}'.</value>
  </data>
  <data name="ID6001" xml:space="preserve">
    <value>The token '{Token}' was successfully validated and the following claims could be extracted: {Claims}.</value>
  </data>
  <data name="ID6002" xml:space="preserve">
    <value>The token '{Identifier}' has already been redeemed.</value>
  </data>
  <data name="ID6003" xml:space="preserve">
    <value>The token '{Identifier}' is not active yet.</value>
  </data>
  <data name="ID6004" xml:space="preserve">
    <value>The token '{Identifier}' was marked as rejected.</value>
  </data>
  <data name="ID6005" xml:space="preserve">
    <value>The token '{Identifier}' was no longer valid.</value>
  </data>
  <data name="ID6006" xml:space="preserve">
    <value>The authorization '{Identifier}' was no longer valid.</value>
  </data>
  <data name="ID6007" xml:space="preserve">
    <value>An ad hoc authorization was automatically created and associated with an unknown application: {Identifier}.</value>
  </data>
  <data name="ID6008" xml:space="preserve">
    <value>An ad hoc authorization was automatically created and associated with the '{ClientId}' application: {Identifier}.</value>
  </data>
  <data name="ID6009" xml:space="preserve">
    <value>'{Claim}' was excluded from the access token claims.</value>
  </data>
  <data name="ID6010" xml:space="preserve">
    <value>The access token scopes will be limited to the scopes requested by the client application: {Scopes}.</value>
  </data>
  <data name="ID6011" xml:space="preserve">
    <value>'{Claim}' was excluded from the identity token claims.</value>
  </data>
  <data name="ID6012" xml:space="preserve">
    <value>The token entry for '{Type}' token '{Identifier}' was successfully created.</value>
  </data>
  <data name="ID6013" xml:space="preserve">
    <value>A new '{Type}' JSON Web Token was successfully created: {Payload}.
The principal used to create the token contained the following claims: {Claims}.</value>
  </data>
  <data name="ID6014" xml:space="preserve">
    <value>The token payload ({Payload}) was successfully attached to the token entry '{Identifier}' of type '{Type}'.</value>
  </data>
  <data name="ID6015" xml:space="preserve">
    <value>The reference identifier ({ReferenceId}) was successfully attached to the token entry '{Identifier}' of type '{Type}'.</value>
  </data>
  <data name="ID6016" xml:space="preserve">
    <value>A new '{Type}' ASP.NET Core Data Protection token was successfully created: {Payload}.
The principal used to create the token contained the following claims: {Claims}.</value>
  </data>
  <data name="ID6021" xml:space="preserve">
    <value>The token entry for device code '{Identifier}' was successfully updated with the new payload.</value>
  </data>
  <data name="ID6030" xml:space="preserve">
    <value>The authorization request was successfully extracted: {Request}.</value>
  </data>
  <data name="ID6031" xml:space="preserve">
    <value>The authorization request was successfully validated.</value>
  </data>
  <data name="ID6032" xml:space="preserve">
    <value>The authorization request was rejected because it contained an unsupported parameter: {Parameter}.</value>
  </data>
  <data name="ID6033" xml:space="preserve">
    <value>The authorization request was rejected because the mandatory '{Parameter}' parameter was missing.</value>
  </data>
  <data name="ID6034" xml:space="preserve">
    <value>The authorization request was rejected because the '{Parameter}' parameter wasn't a valid absolute URI: {RedirectUri}.</value>
  </data>
  <data name="ID6035" xml:space="preserve">
    <value>The authorization request was rejected because the '{Parameter}' contained a URI fragment: {RedirectUri}.</value>
  </data>
  <data name="ID6036" xml:space="preserve">
    <value>The authorization request was rejected because the '{ResponseType}' response type is not supported.</value>
  </data>
  <data name="ID6037" xml:space="preserve">
    <value>The authorization request was rejected because the 'response_type'/'response_mode' combination was invalid: {ResponseType} ; {ResponseMode}.</value>
  </data>
  <data name="ID6038" xml:space="preserve">
    <value>The authorization request was rejected because the '{ResponseMode}' response mode is not supported.</value>
  </data>
  <data name="ID6039" xml:space="preserve">
    <value>The authorization request was rejected because the '{Scope}' scope was missing.</value>
  </data>
  <data name="ID6040" xml:space="preserve">
    <value>The authorization request was rejected because an invalid prompt combination was specified.</value>
  </data>
  <data name="ID6041" xml:space="preserve">
    <value>The authorization request was rejected because the specified code challenge method was not supported.</value>
  </data>
  <data name="ID6042" xml:space="preserve">
    <value>The authorization request was rejected because the response type was not compatible with 'code_challenge'/'code_challenge_method'.</value>
  </data>
  <data name="ID6043" xml:space="preserve">
    <value>The authorization request was rejected because the specified response type was not compatible with PKCE.</value>
  </data>
  <data name="ID6045" xml:space="preserve">
    <value>The authorization request was rejected because the confidential application '{ClientId}' was not allowed to retrieve an access token from the authorization endpoint.</value>
  </data>
  <data name="ID6046" xml:space="preserve">
    <value>The authorization request was rejected because the redirect_uri was invalid: '{RedirectUri}'.</value>
  </data>
  <data name="ID6047" xml:space="preserve">
    <value>The authentication request was rejected because invalid scopes were specified: {Scopes}.</value>
  </data>
  <data name="ID6048" xml:space="preserve">
    <value>The authorization request was rejected because the application '{ClientId}' was not allowed to use the authorization endpoint.</value>
  </data>
  <data name="ID6049" xml:space="preserve">
    <value>The authorization request was rejected because the application '{ClientId}' was not allowed to use the authorization code flow.</value>
  </data>
  <data name="ID6050" xml:space="preserve">
    <value>The authorization request was rejected because the application '{ClientId}' was not allowed to use the implicit flow.</value>
  </data>
  <data name="ID6051" xml:space="preserve">
    <value>The authorization request was rejected because the application '{ClientId}' was not allowed to use the hybrid flow.</value>
  </data>
  <data name="ID6052" xml:space="preserve">
    <value>The authorization request was rejected because the application '{ClientId}' was not allowed to use the '{Scope}' scope.</value>
  </data>
  <data name="ID6053" xml:space="preserve">
    <value>The request URI matched a server endpoint: {Endpoint}.</value>
  </data>
  <data name="ID6054" xml:space="preserve">
    <value>The device authorization request was successfully extracted: {Request}.</value>
  </data>
  <data name="ID6055" xml:space="preserve">
    <value>The device authorization request was successfully validated.</value>
  </data>
  <data name="ID6057" xml:space="preserve">
    <value>The device authorization request was rejected because invalid scopes were specified: {Scopes}.</value>
  </data>
  <data name="ID6062" xml:space="preserve">
    <value>The device authorization request was rejected because the application '{ClientId}' was not allowed to use the device authorization endpoint.</value>
  </data>
  <data name="ID6063" xml:space="preserve">
    <value>The device authorization request was rejected because the application '{ClientId}' was not allowed to use the scope {Scope}.</value>
  </data>
  <data name="ID6064" xml:space="preserve">
    <value>The verification request was successfully extracted: {Request}.</value>
  </data>
  <data name="ID6065" xml:space="preserve">
    <value>The verification request was successfully validated.</value>
  </data>
  <data name="ID6066" xml:space="preserve">
    <value>The configuration request was successfully extracted: {Request}.</value>
  </data>
  <data name="ID6067" xml:space="preserve">
    <value>The configuration request was successfully validated.</value>
  </data>
  <data name="ID6068" xml:space="preserve">
    <value>The JSON Web Key Set request was successfully extracted: {Request}.</value>
  </data>
  <data name="ID6069" xml:space="preserve">
    <value>The JSON Web Key Set request was successfully validated.</value>
  </data>
  <data name="ID6070" xml:space="preserve">
    <value>A JSON Web Key was excluded from the key set because it didn't contain the mandatory '{Parameter}' parameter.</value>
  </data>
  <data name="ID6071" xml:space="preserve">
    <value>An unsupported signing key of type '{Type}' was ignored and excluded from the key set. Only RSA and ECDSA asymmetric security keys can be exposed via the JSON Web Key Set endpoint.</value>
  </data>
  <data name="ID6072" xml:space="preserve">
    <value>An unsupported signing key of type '{Type}' was ignored and excluded from the key set. Only RSA asymmetric security keys can be exposed via the JSON Web Key Set endpoint.</value>
  </data>
  <data name="ID6073" xml:space="preserve">
    <value>A signing key of type '{Type}' was ignored because its RSA public parameters couldn't be extracted.</value>
  </data>
  <data name="ID6074" xml:space="preserve">
    <value>A signing key of type '{Type}' was ignored because its EC public parameters couldn't be extracted.</value>
  </data>
  <data name="ID6075" xml:space="preserve">
    <value>The token request was successfully extracted: {Request}.</value>
  </data>
  <data name="ID6076" xml:space="preserve">
    <value>The token request was successfully validated.</value>
  </data>
  <data name="ID6077" xml:space="preserve">
    <value>The token request was rejected because the mandatory '{Parameter}' parameter was missing.</value>
  </data>
  <data name="ID6078" xml:space="preserve">
    <value>The token request was rejected because the '{GrantType}' grant type is not supported.</value>
  </data>
  <data name="ID6079" xml:space="preserve">
    <value>The token request was rejected because the resource owner credentials were missing.</value>
  </data>
  <data name="ID6080" xml:space="preserve">
    <value>The token request was rejected because invalid scopes were specified: {Scopes}.</value>
  </data>
  <data name="ID6086" xml:space="preserve">
    <value>The token request was rejected because the application '{ClientId}' was not allowed to use the token endpoint.</value>
  </data>
  <data name="ID6087" xml:space="preserve">
    <value>The token request was rejected because the application '{ClientId}' was not allowed to use the specified grant type: {GrantType}.</value>
  </data>
  <data name="ID6088" xml:space="preserve">
    <value>The token request was rejected because the application '{ClientId}' was not allowed to request the '{Scope}' scope.</value>
  </data>
  <data name="ID6089" xml:space="preserve">
    <value>The token request was rejected because the application '{ClientId}' was not allowed to use the scope {Scope}.</value>
  </data>
  <data name="ID6090" xml:space="preserve">
    <value>The token request was rejected because the client identifier of the application was not available and could not be compared to the presenters list stored in the authorization code, the device code or the refresh token.</value>
  </data>
  <data name="ID6091" xml:space="preserve">
    <value>The token request was rejected because the authorization code, the device code or the refresh token was issued to a different client application.</value>
  </data>
  <data name="ID6092" xml:space="preserve">
    <value>The token request was rejected because the '{Parameter}' parameter didn't correspond to the expected value.</value>
  </data>
  <data name="ID6093" xml:space="preserve">
    <value>The token request was rejected because a '{0}' parameter was presented with an authorization code to which no code challenge was attached when processing the initial authorization request.</value>
  </data>
  <data name="ID6094" xml:space="preserve">
    <value>The token request was rejected because the '{Parameter}' parameter was not allowed.</value>
  </data>
  <data name="ID6095" xml:space="preserve">
    <value>The token request was rejected because the '{Parameter}' parameter was not valid.</value>
  </data>
  <data name="ID6096" xml:space="preserve">
    <value>The introspection request was successfully extracted: {Request}.</value>
  </data>
  <data name="ID6097" xml:space="preserve">
    <value>The introspection request was successfully validated.</value>
  </data>
  <data name="ID6098" xml:space="preserve">
    <value>The introspection request was rejected because the mandatory '{Parameter}' parameter was missing.</value>
  </data>
  <data name="ID6103" xml:space="preserve">
    <value>The introspection request was rejected because the application '{ClientId}' was not allowed to use the introspection endpoint.</value>
  </data>
  <data name="ID6104" xml:space="preserve">
    <value>The introspection request was rejected because the received token was of an unsupported type.</value>
  </data>
  <data name="ID6105" xml:space="preserve">
    <value>Potentially sensitive application claims were excluded from the introspection response as the client '{ClientId}' was not explicitly listed as an audience.</value>
  </data>
  <data name="ID6106" xml:space="preserve">
    <value>The introspection request was rejected because the access token was issued to a different client or for another resource server.</value>
  </data>
  <data name="ID6107" xml:space="preserve">
    <value>Potentially sensitive application claims were excluded from the introspection response as the client '{ClientId}' is a public application.</value>
  </data>
  <data name="ID6108" xml:space="preserve">
    <value>The introspection request was rejected because the refresh token was issued to a different client.</value>
  </data>
  <data name="ID6109" xml:space="preserve">
    <value>The revocation request was successfully extracted: {Request}.</value>
  </data>
  <data name="ID6110" xml:space="preserve">
    <value>The revocation request was successfully validated.</value>
  </data>
  <data name="ID6111" xml:space="preserve">
    <value>The revocation request was rejected because the mandatory '{Parameter}' parameter was missing.</value>
  </data>
  <data name="ID6116" xml:space="preserve">
    <value>The revocation request was rejected because the application '{ClientId}' was not allowed to use the revocation endpoint.</value>
  </data>
  <data name="ID6117" xml:space="preserve">
    <value>The revocation request was rejected because the received token was of an unsupported type.</value>
  </data>
  <data name="ID6118" xml:space="preserve">
    <value>The device authorization request was rejected because the application '{ClientId}' was not allowed to use the device authorization flow.</value>
  </data>
  <data name="ID6119" xml:space="preserve">
    <value>The revocation request was rejected because the access token was issued to a different client or for another resource server.</value>
  </data>
  <data name="ID6120" xml:space="preserve">
    <value>The device authorization request was rejected because the application '{ClientId}' was not allowed to request the '{Scope}' scope.</value>
  </data>
  <data name="ID6121" xml:space="preserve">
    <value>The revocation request was rejected because the refresh token was issued to a different client.</value>
  </data>
  <data name="ID6122" xml:space="preserve">
    <value>The revocation request was rejected because the token had no internal identifier.</value>
  </data>
  <data name="ID6123" xml:space="preserve">
    <value>The token '{Identifier}' was not revoked because it couldn't be found.</value>
  </data>
  <data name="ID6124" xml:space="preserve">
    <value>The end session request was successfully extracted: {Request}.</value>
  </data>
  <data name="ID6125" xml:space="preserve">
    <value>The end session request was successfully validated.</value>
  </data>
  <data name="ID6126" xml:space="preserve">
    <value>The end session request was rejected because the '{Parameter}' parameter wasn't a valid absolute URI: {PostLogoutRedirectUri}.</value>
  </data>
  <data name="ID6127" xml:space="preserve">
    <value>The end session request was rejected because the '{Parameter}' contained a URI fragment: {PostLogoutRedirectUri}.</value>
  </data>
  <data name="ID6128" xml:space="preserve">
    <value>The end session request was rejected because the specified post_logout_redirect_uri was invalid: {PostLogoutRedirectUri}.</value>
  </data>
  <data name="ID6129" xml:space="preserve">
    <value>The userinfo request was successfully extracted: {Request}.</value>
  </data>
  <data name="ID6130" xml:space="preserve">
    <value>The userinfo request was successfully validated.</value>
  </data>
  <data name="ID6131" xml:space="preserve">
    <value>The userinfo request was rejected because the mandatory '{Parameter}' parameter was missing.</value>
  </data>
  <data name="ID6132" xml:space="preserve">
    <value>An exception was thrown by {HandlerName} while handling the {EventName} event.</value>
  </data>
  <data name="ID6133" xml:space="preserve">
    <value>The event {EventName} was successfully processed by {HandlerName}.</value>
  </data>
  <data name="ID6134" xml:space="preserve">
    <value>The event {EventName} was marked as handled by {HandlerName}.</value>
  </data>
  <data name="ID6135" xml:space="preserve">
    <value>The event {EventName} was marked as skipped by {HandlerName}.</value>
  </data>
  <data name="ID6136" xml:space="preserve">
    <value>The event {EventName} was marked as rejected by {HandlerName}.</value>
  </data>
  <data name="ID6137" xml:space="preserve">
    <value>The request was rejected because an invalid HTTP method was specified: {Method}.</value>
  </data>
  <data name="ID6138" xml:space="preserve">
    <value>The request was rejected because the mandatory '{Header}' header was missing.</value>
  </data>
  <data name="ID6139" xml:space="preserve">
    <value>The request was rejected because an invalid '{Header}' header was specified: {Value}.</value>
  </data>
  <data name="ID6140" xml:space="preserve">
    <value>The request was rejected because multiple client credentials were specified.</value>
  </data>
  <data name="ID6141" xml:space="preserve">
    <value>The response was successfully returned as a challenge response: {Response}.</value>
  </data>
  <data name="ID6142" xml:space="preserve">
    <value>The response was successfully returned as a JSON document: {Response}.</value>
  </data>
  <data name="ID6143" xml:space="preserve">
    <value>The response was successfully returned as a plain-text document: {Response}.</value>
  </data>
  <data name="ID6144" xml:space="preserve">
    <value>The response was successfully returned as a 302 response.</value>
  </data>
  <data name="ID6145" xml:space="preserve">
    <value>The response was successfully returned as an empty 200 response.</value>
  </data>
  <data name="ID6146" xml:space="preserve">
    <value>The authorization request was rejected because an unknown or invalid '{Parameter}' was specified.</value>
  </data>
  <data name="ID6147" xml:space="preserve">
    <value>The authorization response was successfully returned to '{RedirectUri}' using the form post response mode: {Response}.</value>
  </data>
  <data name="ID6148" xml:space="preserve">
    <value>The authorization response was successfully returned to '{RedirectUri}' using the query response mode: {Response}.</value>
  </data>
  <data name="ID6149" xml:space="preserve">
    <value>The authorization response was successfully returned to '{RedirectUri}' using the fragment response mode: {Response}.</value>
  </data>
  <data name="ID6150" xml:space="preserve">
    <value>The end session request was rejected because an unknown or invalid '{Parameter}' was specified.</value>
  </data>
  <data name="ID6151" xml:space="preserve">
    <value>The end session response was successfully returned to '{PostLogoutRedirectUri}': {Response}.</value>
  </data>
  <data name="ID6152" xml:space="preserve">
    <value>The ASP.NET Core Data Protection token '{Token}' was successfully validated and the following claims could be extracted: {Claims}.</value>
  </data>
  <data name="ID6153" xml:space="preserve">
    <value>An exception occured while deserializing the token '{Token}'.</value>
  </data>
  <data name="ID6154" xml:space="preserve">
    <value>The token '{Token}' was successfully introspected and the following claims could be extracted: {Claims}.</value>
  </data>
  <data name="ID6155" xml:space="preserve">
    <value>An error occurred while introspecting the token.</value>
  </data>
  <data name="ID6156" xml:space="preserve">
    <value>The authentication demand was rejected because the token was expired.</value>
  </data>
  <data name="ID6157" xml:space="preserve">
    <value>The authentication demand was rejected because the token had no audience attached.</value>
  </data>
  <data name="ID6158" xml:space="preserve">
    <value>The authentication demand was rejected because the token had no valid audience.</value>
  </data>
  <data name="ID6159" xml:space="preserve">
    <value>Client authentication cannot be enforced for public applications.</value>
  </data>
  <data name="ID6160" xml:space="preserve">
    <value>Client authentication failed for {ClientId} because no client secret was associated with the application.</value>
  </data>
  <data name="ID6161" xml:space="preserve">
    <value>Client authentication failed for {ClientId}.</value>
  </data>
  <data name="ID6162" xml:space="preserve">
    <value>Client validation failed because '{RedirectUri}' was not a valid redirect_uri for {Client}.</value>
  </data>
  <data name="ID6163" xml:space="preserve">
    <value>An error occurred while trying to verify a client secret.
This may indicate that the hashed entry is corrupted or malformed.</value>
  </data>
  <data name="ID6164" xml:space="preserve">
    <value>The authorization '{Identifier}' was successfully revoked.</value>
  </data>
  <data name="ID6165" xml:space="preserve">
    <value>A concurrency exception occurred while trying to revoke the authorization '{Identifier}'.</value>
  </data>
  <data name="ID6166" xml:space="preserve">
    <value>An exception occurred while trying to revoke the authorization '{Identifier}'.</value>
  </data>
  <data name="ID6167" xml:space="preserve">
    <value>A signing key of type '{Type}' was ignored because its EC curve couldn't be inferred.</value>
  </data>
  <data name="ID6168" xml:space="preserve">
    <value>The token '{Identifier}' was successfully marked as redeemed.</value>
  </data>
  <data name="ID6169" xml:space="preserve">
    <value>A concurrency exception occurred while trying to redeem the token '{Identifier}'.</value>
  </data>
  <data name="ID6170" xml:space="preserve">
    <value>An exception occurred while trying to redeem the token '{Identifier}'.</value>
  </data>
  <data name="ID6171" xml:space="preserve">
    <value>The token '{Identifier}' was successfully marked as rejected.</value>
  </data>
  <data name="ID6172" xml:space="preserve">
    <value>A concurrency exception occurred while trying to reject the token '{Identifier}'.</value>
  </data>
  <data name="ID6173" xml:space="preserve">
    <value>An exception occurred while trying to reject the token '{Identifier}'.</value>
  </data>
  <data name="ID6174" xml:space="preserve">
    <value>The token '{Identifier}' was successfully revoked.</value>
  </data>
  <data name="ID6175" xml:space="preserve">
    <value>A concurrency exception occurred while trying to revoke the token '{Identifier}'.</value>
  </data>
  <data name="ID6176" xml:space="preserve">
    <value>An exception occurred while trying to revoke the token '{Identifier}'.</value>
  </data>
  <data name="ID6177" xml:space="preserve">
    <value>The authorization request was rejected because the application '{ClientId}' was not allowed to use the '{ResponseType}' response type.</value>
  </data>
  <data name="ID6178" xml:space="preserve">
    <value>The redirection request was successfully extracted: {Request}.</value>
  </data>
  <data name="ID6179" xml:space="preserve">
    <value>The redirection request was successfully validated.</value>
  </data>
  <data name="ID6181" xml:space="preserve">
    <value>The authorization request was rejected because the '{Parameter}' contained a forbidden parameter: {Name}.</value>
  </data>
  <data name="ID6182" xml:space="preserve">
    <value>A network error occured while communicating with the remote HTTP server.</value>
  </data>
  <data name="ID6183" xml:space="preserve">
    <value>An invalid JSON payload was returned by the remote HTTP server: {Payload}.</value>
  </data>
  <data name="ID6184" xml:space="preserve">
    <value>A generic {StatusCode} response was returned by the remote HTTP server: {Payload}.</value>
  </data>
  <data name="ID6185" xml:space="preserve">
    <value>An unsupported {StatusCode} response was returned by the remote HTTP server: {ContentType} {Payload}.</value>
  </data>
  <data name="ID6186" xml:space="preserve">
    <value>The configuration request was successfully sent to {Uri}: {Request}.</value>
  </data>
  <data name="ID6187" xml:space="preserve">
    <value>The configuration response returned by {Uri} was successfully extracted: {Response}.</value>
  </data>
  <data name="ID6188" xml:space="preserve">
    <value>The JSON Web Key Set request was successfully sent to {Uri}: {Request}.</value>
  </data>
  <data name="ID6189" xml:space="preserve">
    <value>The JSON Web Key Set response returned by {Uri} was successfully extracted: {Response}.</value>
  </data>
  <data name="ID6190" xml:space="preserve">
    <value>The introspection request was successfully sent to {Uri}: {Request}.</value>
  </data>
  <data name="ID6191" xml:space="preserve">
    <value>The introspection response returned by {Uri} was successfully extracted: {Response}.</value>
  </data>
  <data name="ID6192" xml:space="preserve">
    <value>The token request was successfully sent to {Uri}: {Request}.</value>
  </data>
  <data name="ID6193" xml:space="preserve">
    <value>The token response returned by {Uri} was successfully extracted: {Response}.</value>
  </data>
  <data name="ID6194" xml:space="preserve">
    <value>The userinfo request was successfully sent to {Uri}: {Request}.</value>
  </data>
  <data name="ID6195" xml:space="preserve">
    <value>The userinfo response returned by {Uri} was successfully extracted: {Response}.</value>
  </data>
  <data name="ID6197" xml:space="preserve">
    <value>The authorization request was rejected because the identity token used as a hint was issued to a different client.</value>
  </data>
  <data name="ID6198" xml:space="preserve">
    <value>The end session request was rejected because the identity token used as a hint was issued to a different client.</value>
  </data>
  <data name="ID6199" xml:space="preserve">
    <value>The post-logout redirection request was successfully extracted: {Request}.</value>
  </data>
  <data name="ID6200" xml:space="preserve">
    <value>The post-logout redirection request was successfully validated.</value>
  </data>
  <data name="ID6202" xml:space="preserve">
    <value>Client validation failed because '{PostLogoutRedirectUri}' was not a valid post_logout_redirect_uri for {Client}.</value>
  </data>
  <data name="ID6203" xml:space="preserve">
    <value>The configuration request was rejected by the remote authorization server: {Response}.</value>
  </data>
  <data name="ID6204" xml:space="preserve">
    <value>The JSON Web Key Set request was rejected by the remote authorization server: {Response}.</value>
  </data>
  <data name="ID6205" xml:space="preserve">
    <value>The introspection request was rejected by the remote authorization server: {Response}.</value>
  </data>
  <data name="ID6206" xml:space="preserve">
    <value>The token request was rejected by the remote authorization server: {Response}.</value>
  </data>
  <data name="ID6207" xml:space="preserve">
    <value>The userinfo request was rejected by the remote authorization server: {Response}.</value>
  </data>
  <data name="ID6208" xml:space="preserve">
    <value>The authorization request was rejected by the remote authorization server: {Response}.</value>
  </data>
  <data name="ID6209" xml:space="preserve">
    <value>The request forgery protection is missing or doesn't contain the expected value, which may indicate a session fixation attack.</value>
  </data>
  <data name="ID6210" xml:space="preserve">
    <value>The nonce claim present in the frontchannel identity token doesn't contain the expected value, which may indicate a replay or token injection attack.</value>
  </data>
  <data name="ID6211" xml:space="preserve">
    <value>The nonce claim present in the backchannel identity doesn't contain the expected value, which may indicate a replay or token injection attack.</value>
  </data>
  <data name="ID6212" xml:space="preserve">
    <value>The authorization request was rejected because the '{ResponseType}' response type is not a valid combination.</value>
  </data>
  <data name="ID6213" xml:space="preserve">
    <value>An error occurred while handling an inter-process message.</value>
  </data>
  <data name="ID6214" xml:space="preserve">
    <value>An error occurred while handling an HTTP listener request.</value>
  </data>
  <data name="ID6215" xml:space="preserve">
    <value>An error occurred while redirecting a protocol activation to the '{Identifier}' instance.</value>
  </data>
  <data name="ID6216" xml:space="preserve">
    <value>The device authorization request was rejected by the remote authorization server: {Response}.</value>
  </data>
  <data name="ID6217" xml:space="preserve">
    <value>The device authorization request was successfully sent to {Uri}: {Request}.</value>
  </data>
  <data name="ID6218" xml:space="preserve">
    <value>The device authorization response returned by {Uri} was successfully extracted: {Response}.</value>
  </data>
  <data name="ID6219" xml:space="preserve">
    <value>An error occurred while retrieving the configuration of the remote authorization server.</value>
  </data>
  <data name="ID6220" xml:space="preserve">
    <value>The authentication demand was rejected because the mandatory '{Parameter}' parameter was missing.</value>
  </data>
  <data name="ID6221" xml:space="preserve">
    <value>The authentication demand was rejected because the client application was not found: '{ClientId}'.</value>
  </data>
  <data name="ID6222" xml:space="preserve">
    <value>The authentication demand was rejected because the public client application '{ClientId}' was not allowed to use the client credentials grant.</value>
  </data>
  <data name="ID6223" xml:space="preserve">
    <value>The authentication demand was rejected because the public application '{ClientId}' was not allowed to send a client secret.</value>
  </data>
  <data name="ID6224" xml:space="preserve">
    <value>The authentication demand was rejected because the confidential application '{ClientId}' didn't specify a client secret or a client assertion.</value>
  </data>
  <data name="ID6225" xml:space="preserve">
    <value>The authentication demand was rejected because the confidential application '{ClientId}' didn't specify valid client credentials.</value>
  </data>
  <data name="ID6226" xml:space="preserve">
    <value>The authentication demand was rejected because the public application '{ClientId}' was not allowed to send a client assertion.</value>
  </data>
  <data name="ID6227" xml:space="preserve">
    <value>The request was rejected because the '{Method}' client authentication method that was used by the client application is not enabled in the server options.</value>
  </data>
  <data name="ID6228" xml:space="preserve">
    <value>{Count} tokens associated with the authorization '{Identifier}' were revoked to prevent a potential token replay attack.</value>
  </data>
  <data name="ID6229" xml:space="preserve">
    <value>An error occurred while trying to revoke the tokens associated with the authorization '{Identifier}'.</value>
  </data>
  <data name="ID6230" xml:space="preserve">
    <value>The revocation request was rejected by the remote authorization server: {Response}.</value>
  </data>
  <data name="ID6231" xml:space="preserve">
    <value>An error was returned by ASWebAuthenticationSession while trying to start a challenge operation.</value>
  </data>
  <data name="ID6232" xml:space="preserve">
    <value>An error was returned by ASWebAuthenticationSession while trying to start a sign-out operation.</value>
  </data>
  <data name="ID6233" xml:space="preserve">
    <value>The authorization request was rejected because an unsupported prompt parameter was specified.</value>
  </data>
  <data name="ID6234" xml:space="preserve">
    <value>The pushed authorization request was rejected by the remote authorization server: {Response}.</value>
  </data>
  <data name="ID6235" xml:space="preserve">
    <value>The pushed authorization request was successfully sent to {Uri}: {Request}.</value>
  </data>
  <data name="ID6236" xml:space="preserve">
    <value>The pushed authorization response returned by {Uri} was successfully extracted: {Response}.</value>
  </data>
  <data name="ID6237" xml:space="preserve">
    <value>The pushed authorization request was successfully extracted: {Request}.</value>
  </data>
  <data name="ID6238" xml:space="preserve">
    <value>The pushed authorization request was successfully validated.</value>
  </data>
  <data name="ID6239" xml:space="preserve">
    <value>The pushed authorization request was rejected because it contained an unsupported parameter: {Parameter}.</value>
  </data>
  <data name="ID6240" xml:space="preserve">
    <value>The pushed authorization request was rejected because the mandatory '{Parameter}' parameter was missing.</value>
  </data>
  <data name="ID6241" xml:space="preserve">
    <value>The pushed authorization request was rejected because the '{Parameter}' parameter wasn't a valid absolute URI: {RedirectUri}.</value>
  </data>
  <data name="ID6242" xml:space="preserve">
    <value>The pushed authorization request was rejected because the '{Parameter}' contained a URI fragment: {RedirectUri}.</value>
  </data>
  <data name="ID6243" xml:space="preserve">
    <value>The pushed authorization request was rejected because the '{ResponseType}' response type is not supported.</value>
  </data>
  <data name="ID6244" xml:space="preserve">
    <value>The pushed authorization request was rejected because the 'response_type'/'response_mode' combination was invalid: {ResponseType} ; {ResponseMode}.</value>
  </data>
  <data name="ID6245" xml:space="preserve">
    <value>The pushed authorization request was rejected because the '{ResponseMode}' response mode is not supported.</value>
  </data>
  <data name="ID6246" xml:space="preserve">
    <value>The pushed authorization request was rejected because the '{Scope}' scope was missing.</value>
  </data>
  <data name="ID6247" xml:space="preserve">
    <value>The pushed authorization request was rejected because an invalid prompt combination was specified.</value>
  </data>
  <data name="ID6248" xml:space="preserve">
    <value>The pushed authorization request was rejected because the specified code challenge method was not supported.</value>
  </data>
  <data name="ID6249" xml:space="preserve">
    <value>The pushed authorization request was rejected because the response type was not compatible with 'code_challenge'/'code_challenge_method'.</value>
  </data>
  <data name="ID6250" xml:space="preserve">
    <value>The pushed authorization request was rejected because the specified response type was not compatible with PKCE.</value>
  </data>
  <data name="ID6251" xml:space="preserve">
    <value>The pushed authorization request was rejected because the confidential application '{ClientId}' was not allowed to retrieve an access token from the authorization endpoint.</value>
  </data>
  <data name="ID6252" xml:space="preserve">
    <value>The pushed authorization request was rejected because the redirect_uri was invalid: '{RedirectUri}'.</value>
  </data>
  <data name="ID6253" xml:space="preserve">
    <value>The authentication request was rejected because invalid scopes were specified: {Scopes}.</value>
  </data>
  <data name="ID6254" xml:space="preserve">
    <value>The pushed authorization request was rejected because the application '{ClientId}' was not allowed to use the pushed authorization endpoint.</value>
  </data>
  <data name="ID6255" xml:space="preserve">
    <value>The pushed authorization request was rejected because the application '{ClientId}' was not allowed to use the authorization code flow.</value>
  </data>
  <data name="ID6256" xml:space="preserve">
    <value>The pushed authorization request was rejected because the application '{ClientId}' was not allowed to use the implicit flow.</value>
  </data>
  <data name="ID6257" xml:space="preserve">
    <value>The pushed authorization request was rejected because the application '{ClientId}' was not allowed to use the hybrid flow.</value>
  </data>
  <data name="ID6258" xml:space="preserve">
    <value>The pushed authorization request was rejected because the application '{ClientId}' was not allowed to use the '{Scope}' scope.</value>
  </data>
  <data name="ID6259" xml:space="preserve">
    <value>The pushed authorization request was rejected because the '{Parameter}' contained a forbidden parameter: {Name}.</value>
  </data>
  <data name="ID6260" xml:space="preserve">
    <value>The pushed authorization request was rejected because the '{ResponseType}' response type is not a valid combination.</value>
  </data>
  <data name="ID6261" xml:space="preserve">
    <value>The pushed authorization request was rejected because an unsupported prompt parameter was specified.</value>
  </data>
  <data name="ID6262" xml:space="preserve">
    <value>The pushed authorization request was rejected because the application '{ClientId}' was not allowed to use the '{ResponseType}' response type.</value>
  </data>
  <data name="ID6263" xml:space="preserve">
    <value>The pushed authorization request was rejected because the identity token used as a hint was issued to a different client.</value>
  </data>
  <data name="ID8000" xml:space="preserve">
    <value>https://documentation.openiddict.com/errors/{0}</value>
  </data>
  <data name="ID8001" xml:space="preserve">
    <value>Removes orphaned tokens and authorizations from the database.</value>
  </data>
  <data name="ID8002" xml:space="preserve">
    <value>Starts the scheduled task at regular intervals.</value>
  </data>
  <data name="ID8003" xml:space="preserve">
    <value>OpenIddict job</value>
  </data>
  <data name="ID8004" xml:space="preserve">
    <value>Built-in automatic trigger</value>
  </data>
  <data name="ID8005" xml:space="preserve">
    <value>OpenIddict/Quartz.NET integration</value>
  </data>
</root>